From c62af1a434ab9d80a0f1028797e2eadd2b11b649 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lex=20Ruiz?= Date: Tue, 24 Sep 2024 17:15:24 +0200 Subject: [PATCH 1/6] Init repo (#3) * Migrate from #2 * Rename plugin --- .github/CODEOWNERS | 3 +- .../ISSUE_TEMPLATE/compatibility_request.md | 23 +++ .github/ISSUE_TEMPLATE/config.yml | 9 +- .github/dependabot.yml | 8 ++ .github/workflows/build.yml | 69 +++++++++ .github/workflows/build_on_push.yml | 14 ++ ...orts-scheduler-test-and-build-workflow.yml | 6 +- .idea/.name | 2 +- ADMINS.md | 7 - CONTRIBUTING.md | 107 +++----------- MAINTAINERS.md | 12 -- README.md | 133 +++++++----------- SECURITY.md | 46 +++++- VERSION | 1 + build.gradle | 13 +- settings.gradle | 2 +- .../ReportsSchedulerPlugin.kt | 2 +- .../integTest/ReportsSchedulerPluginIT.kt | 2 +- 18 files changed, 247 insertions(+), 212 deletions(-) create mode 100644 .github/ISSUE_TEMPLATE/compatibility_request.md create mode 100644 .github/dependabot.yml create mode 100644 .github/workflows/build.yml create mode 100644 .github/workflows/build_on_push.yml delete mode 100644 ADMINS.md delete mode 100644 MAINTAINERS.md create mode 100644 VERSION diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 685b0bec..3167451c 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,2 +1 @@ -# This should match the owning team set up in https://github.com/orgs/opensearch-project/teams -* @opensearch-project/dashboards-reports \ No newline at end of file +* @wazuh/devel-indexer diff --git a/.github/ISSUE_TEMPLATE/compatibility_request.md b/.github/ISSUE_TEMPLATE/compatibility_request.md new file mode 100644 index 00000000..37b498ac --- /dev/null +++ b/.github/ISSUE_TEMPLATE/compatibility_request.md @@ -0,0 +1,23 @@ +--- +name: Compatibility request +about: Suggest supporting a new version of OpenSearch +title: 'Compatibility with OpenSearch (version)' +labels: compatibility, level/task, type/research +assignees: '' + +--- + +## Description +We need to ensure the compatibility with the next version of OpenSearch vX.X. +This update is still being discussed, but we need to be aware of potential issues. + +For that, we need to: + +- [ ] Review opensearch's release notes. +- [ ] Identify improvements and potential impact. +- [ ] Create new development branch. +- [ ] Develop a testing environment to verify our components would work under this new build. + + +## Issues +- _List here the detected issues_ \ No newline at end of file diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index a8199a10..0db72d2a 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -1,7 +1,2 @@ -contact_links: - - name: OpenSearch Community Support - url: https://discuss.opendistrocommunity.dev/ - about: Please ask and answer questions here. - - name: AWS/Amazon Security - url: https://aws.amazon.com/security/vulnerability-reporting/ - about: Please report security vulnerabilities here. \ No newline at end of file +# disable blank issue creation +blank_issues_enabled: false diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..06b837dd --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,8 @@ +updates: + - directory: /src + open-pull-requests-limit: 1 + package-ecosystem: gradle + schedule: + interval: weekly + day: "friday" +version: 2 \ No newline at end of file diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 00000000..7aa70cde --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,69 @@ +run-name: Build Wazuh Indexer Reporting plugin | ${{ inputs.id}} +name: Build packages + +# This workflow runs when any of the following occur: +# - Run manually +# - Invoked from another workflow +on: + workflow_dispatch: + inputs: + revision: + description: "Revision" + type: string + default: "0" + id: + description: "ID used to identify the workflow uniquely." + type: string + required: false + workflow_call: + inputs: + revision: + description: "Revision" + type: string + default: "0" + id: + description: "ID used to identify the workflow uniquely." + type: string + required: false + +# ========================== +# Bibliography +# ========================== +# +# * Reusable workflows: limitations +# | https://docs.github.com/en/actions/using-workflows/reusing-workflows#limitations +# * Using matrix in reusable workflows: +# | https://docs.github.com/en/actions/using-workflows/reusing-workflows#using-a-matrix-strategy-with-a-reusable-workflow +# * Reading input from the called workflow +# | https://docs.github.com/en/enterprise-cloud@latest/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_callinputs +# * Ternary operator +# | https://docs.github.com/en/actions/learn-github-actions/expressions#example + +jobs: + build: + runs-on: ubuntu-latest + env: + plugin_name: wazuh-indexer-reporting + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-java@v4 + with: + distribution: temurin + java-version: 21 + + - name: Setup Gradle # Used for caching + uses: gradle/actions/setup-gradle@v4 + + - name: Get version + id: version + run: echo "version=$(> "$GITHUB_OUTPUT" + + - name: Build with Gradle + run: ./gradlew build -Dversion=${{ steps.version.outputs.version }} -Drevision=${{ inputs.revision }} + + - name: Upload artifact + uses: actions/upload-artifact@v4 + with: + name: ${{ env.plugin_name }}-${{ steps.version.outputs.version }}.${{ inputs.revision }}.zip + path: build/distributions/wazuh-indexer-${{ env.plugin_name }}-${{ steps.version.outputs.version }}.${{ inputs.revision }}.zip + if-no-files-found: error diff --git a/.github/workflows/build_on_push.yml b/.github/workflows/build_on_push.yml new file mode 100644 index 00000000..bc278450 --- /dev/null +++ b/.github/workflows/build_on_push.yml @@ -0,0 +1,14 @@ +name: Build packages (on push) + +# This workflow runs when any of the following occur: +# - On push to branches named after ci/* +on: + push: + # Sequence of patterns matched against refs/heads + branches: + - "ci/*" + +jobs: + call-build-workflow: + uses: ./.github/workflows/build.yml + secrets: inherit \ No newline at end of file diff --git a/.github/workflows/reports-scheduler-test-and-build-workflow.yml b/.github/workflows/reports-scheduler-test-and-build-workflow.yml index ce324719..d52432ec 100644 --- a/.github/workflows/reports-scheduler-test-and-build-workflow.yml +++ b/.github/workflows/reports-scheduler-test-and-build-workflow.yml @@ -59,7 +59,7 @@ jobs: chown -R 1000:1000 `pwd` - name: Upload Artifacts - uses: actions/upload-artifact@v1 + uses: actions/upload-artifact@v4 with: name: reports-scheduler-linux path: reports-scheduler-builds @@ -90,7 +90,7 @@ jobs: cp -r ./build/distributions/*.zip reports-scheduler-builds/ - name: Upload Artifacts - uses: actions/upload-artifact@v1 + uses: actions/upload-artifact@v4 with: name: reports-scheduler-windows path: reports-scheduler-builds @@ -122,7 +122,7 @@ jobs: cp -r ./build/distributions/*.zip reports-scheduler-builds/ - name: Upload Artifacts - uses: actions/upload-artifact@v1 + uses: actions/upload-artifact@v4 with: name: reports-scheduler-macos path: reports-scheduler-builds diff --git a/.idea/.name b/.idea/.name index a5b02101..4322d30f 100644 --- a/.idea/.name +++ b/.idea/.name @@ -1 +1 @@ -opensearch-reports-scheduler \ No newline at end of file +wazuh-indexer-reports-scheduler \ No newline at end of file diff --git a/ADMINS.md b/ADMINS.md deleted file mode 100644 index bcdc8f2a..00000000 --- a/ADMINS.md +++ /dev/null @@ -1,7 +0,0 @@ -## Admins - -| Admin | GitHub ID | Affiliation | -| --------------- | --------------------------------------- | ----------- | -| Henri Yandell | [hyandell](https://github.com/hyandell) | Amazon | - -[This document](https://github.com/opensearch-project/.github/blob/main/ADMINS.md) explains what admins do in this repo, and how they should be doing it. If you're interested in becoming a maintainer, see [MAINTAINERS](MAINTAINERS.md). If you're interested in contributing, see [CONTRIBUTING](CONTRIBUTING.md). diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index b234f675..d0ea8dad 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,96 +1,23 @@ -# Contributing Guidelines +# Contributing to Wazuh Indexer Plugins +Depending on the plugin relationship with the Wazuh organization we currently recommend the following naming conventions and optional follow-up checks: -Thank you for your interest in contributing to our project. Whether it's a bug report, new feature, correction, or additional -documentation, we greatly value feedback and contributions from our community. +### Official plugins -Please read through this document before submitting any issues or pull requests to ensure we have all the necessary -information to effectively respond to your bug report or contribution. +For the **official plugins** that live within the Wazuh organization (i.e. they are included in [wazuh/wazuh-indexer-plugins/](https://github.com/wazuh/wazuh-indexer-plugins) or [wazuh/wazuh-indexer-reporting/](https://github.com/wazuh/wazuh-indexer-reporting) folder), and **which share the same release cycle as the Wazuh Indexer** itself: -## Reporting Bugs/Feature Requests +- Do not include the word `plugin` in the repo name (e.g. [job-scheduler](https://github.com/opensearch-project/job-scheduler)) +- Use lowercase repo names +- Use spinal case for repo names (e.g. [job-scheduler](https://github.com/opensearch-project/job-scheduler)) +- Do not include the word `Wazuh Indexer` or `Wazuh Dashboard` in the repo name +- Provide a meaningful description, e.g. `A Wazuh Dashboard plugin to perform real-time and historical anomaly detection on Wazuh Indexer data`. -We welcome you to use the GitHub issue tracker to report bugs or suggest features. +### Thirdparty plugins -When filing an issue, please check existing open, or recently closed, issues to make sure somebody else hasn't already -reported the issue. Please try to include as much information as you can. Details like these are incredibly useful: +For the **3rd party plugins** that are maintained as independent projects in separate GitHub repositories **with their own release cycles** the recommended naming convention should follow the same rules as official plugins with some exceptions and few follow-up checks: -- A reproducible test case or series of steps -- The version of our code being used -- Any modifications you've made relevant to the bug -- Anything unusual about your environment or deployment - -## Sign your work -The sign-off is a simple line at the end of each commit, which certifies that you wrote it or otherwise have the right to pass it on as an open-source patch. if you can certify the below -``` -By making a contribution to this project, I certify that: -(a) The contribution was created in whole or in part by me and I -have the right to submit it under the open source license -indicated in the file; or -(b) The contribution is based upon previous work that, to the best -of my knowledge, is covered under an appropriate open source -license and I have the right under that license to submit that -work with modifications, whether created in whole or in part -by me, under the same open source license (unless I am -permitted to submit under a different license), as indicated -in the file; or -(c) The contribution was provided directly to me by some other -person who certified (a), (b) or (c) and I have not modified -it. -(d) I understand and agree that this project and the contribution -are public and that a record of the contribution (including all -personal information I submit with it, including my sign-off) is -maintained indefinitely and may be redistributed consistent with -this project or the open source license(s) involved. -``` -then you just add a line to every git commit message: -``` -Signed-off-by: Bob Sanders -``` -You can sign off your work easily by adding the configuration in github -``` -git config user.name "Bob Sanders" -git config user.email "bob.sanders@email.com" -``` -Then, you could sign off commits automatically by adding `-s` or `-=signoff` parameter to your usual git commits commands. e.g. -``` -git commit -s -m "my first commit" -``` - -## Contributing via Pull Requests - -Contributions via pull requests are much appreciated. Before sending us a pull request, please ensure that: - -1. You are working against the latest source on the _dev_ branch. -2. You check existing open, and recently merged, pull requests to make sure someone else hasn't addressed the problem already. -3. You open an issue to discuss any significant work - we would hate for your time to be wasted. - -To send us a pull request, please: - -1. Fork the repository. -2. Modify the source; please focus on the specific change you are contributing. If you also reformat all the code, it will be hard for us to focus on your change. -3. Ensure local tests pass. -4. Commit to your fork using clear commit messages. -5. Send us a pull request, answering any default questions in the pull request interface. -6. Pay attention to any automated CI failures reported in the pull request, and stay involved in the conversation. - -GitHub provides additional document on [forking a repository](https://help.github.com/articles/fork-a-repo/) and -[creating a pull request](https://help.github.com/articles/creating-a-pull-request/). - -## Finding contributions to work on - -Looking at the existing issues is a great way to find something to contribute on. As our projects, by default, use the default GitHub issue labels (enhancement/bug/duplicate/help wanted/invalid/question/wontfix), looking at any 'help wanted' issues is a great place to start. - -## Code of Conduct - -This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). -For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact -opensource-codeofconduct@amazon.com with any additional questions or comments. - -## Security issue notifications - -If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public github issue. - -## Licensing - -See the [LICENSE](LICENSE) file for our project's licensing. We will ask you to confirm the licensing of your contribution. - -We may ask you to sign a [Contributor License Agreement (CLA)](http://en.wikipedia.org/wiki/Contributor_License_Agreement) for larger changes. +- Inclusion of the words like `Wazuh Indexer` or `Wazuh Dashboard` (and in reasonable cases even `plugin`) are welcome because they can increase the chance of discoverability of the repository +- Check the plugin versioning policy is documented and help users know which versions of the plugin are compatible and recommended for specific versions of OpenSearch +- Review [CONTRIBUTING.md](CONTRIBUTING.md) document which is by default tailored to the needs of Amazon Web Services developer teams. You might want to update or further customize specific parts related to: + - **Code of Conduct** (if you do not already have CoC policy then there are several options to start with, such as [Contributor Covenant](https://www.contributor-covenant.org/)), + - **Security Policy** (you should let users know how they can safely report security vulnerabilities), + - Check if you need explicit part about **Trademarks and Attributions** (if you use any registered or non-registered trademarks we recommend following applicable "trademark-use" documents provided by respective trademark owners) diff --git a/MAINTAINERS.md b/MAINTAINERS.md deleted file mode 100644 index a2282fd4..00000000 --- a/MAINTAINERS.md +++ /dev/null @@ -1,12 +0,0 @@ -## Overview - -This document contains a list of maintainers in this repo. See [opensearch-project/.github/RESPONSIBILITIES.md](https://github.com/opensearch-project/.github/blob/main/RESPONSIBILITIES.md#maintainer-responsibilities) that explains what the role of maintainer means, what maintainers do in this and other repos, and how they should be doing it. If you're interested in contributing, and becoming a maintainer, see [CONTRIBUTING](CONTRIBUTING.md). - -## Current Maintainers - -| Maintainer | GitHub ID | Affiliation | -| ---------------------- | ------------------------------------------------- | ----------- | -| Anantha Krishna Bhatta | [akbhatta](https://github.com/akbhatta) | Amazon | -| David Cui | [davidcui-amzn](https://github.com/davidcui-amzn) | Amazon | -| Joshua Li | [joshuali925](https://github.com/joshuali925) | Amazon | -| Zhongnan Su | [zhongnansu](https://github.com/zhongnansu) | Amazon | diff --git a/README.md b/README.md index 099317f4..89709e29 100644 --- a/README.md +++ b/README.md @@ -1,104 +1,75 @@ - - -- [OpenSearch Dashboards Reports](#opensearch-dashboards-reports) -- [Code Summary](#code-summary) -- [Documentation](#documentation) -- [Contributing](#contributing) -- [Setup](#setup-&-build) -- [Notifications Integration](#notifications-integration) -- [Code of Conduct](#code-of-conduct) +

+ +

+ +[![Chat](https://img.shields.io/badge/chat-on%20forums-blue)](https://groups.google.com/forum/#!forum/wazuh) +[![Slack](https://img.shields.io/badge/slack-join-blue.svg)](https://wazuh.com/community/join-us-on-slack) +[![Documentation](https://img.shields.io/badge/documentation-reference-blue)](https://documentation.wazuh.com) + +- [Welcome!](#welcome) +- [Project Resources](#project-resources) - [Security](#security) - [License](#license) - [Copyright](#copyright) +- [Trademark](#trademark) -# OpenSearch Dashboards Reports - -OpenSearch Dashboards Reports allows ‘Report Owner’ (engineers, including but not limited to developers, DevOps, IT Engineer, and IT admin) export and share reports from OpenSearch Dashboards dashboards, saved search, alerts and visualizations. It helps automate the process of scheduling reports on an on-demand or a periodical basis (on cron schedules as well). Further, it also automates the process of exporting and sharing reports triggered for various alerts. The feature is present in the Dashboard, Discover, and Visualization tabs. We are currently working on integrating Dashboards Reports with Notifications to enable sharing functionality. After the support is introduced, scheduled reports can be sent to (shared with) self or various stakeholders within the organization. These stakeholders include but are not limited to, executives, managers, engineers (developers, DevOps, IT Engineer) in the form of pdf, hyperlinks, csv, excel via various channels such as email, Slack, and Amazon Chime. However, in order to export, schedule and share reports, report owners should have the necessary permissions as defined under Roles and Privileges. - -## Code Summary - -### Reports-Scheduler - -| | | -| ---------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Test and build | [![Observability OpenSearch Build CI][reports-scheduler-build-badge]][reports-scheduler-build-link] | -| Code coverage | [![codecov][reports-scheduler-codecov-badge]][codecov-link] | -| Distribution build tests | [![OpenSearch IT tests][reports-scheduler-it-badge]][reports-scheduler-it-link] [![OpenSearch IT code][reports-scheduler-it-code-badge]][reports-scheduler-it-code-link] | -| Backward compatibility tests | [![BWC tests][bwc-tests-badge]][bwc-tests-link] | - - -### Repository Checks - -| | | -| ------------ | --------------------------------------------------------------- | -| DCO Checker | [![Developer certificate of origin][dco-badge]][dco-badge-link] | -| Link Checker | [![Link Checker][link-check-badge]][link-check-link] | - -### Issues - -| | -| -------------------------------------------------------------- | -| [![good first issues open][good-first-badge]][good-first-link] | -| [![features open][feature-badge]][feature-link] | -| [![enhancements open][enhancement-badge]][enhancement-link] | -| [![bugs open][bug-badge]][bug-link] | -| [![untriaged open][untriaged-badge]][untriaged-link] | -| [![nolabel open][nolabel-badge]][nolabel-link] | - -[dco-badge]: https://github.com/opensearch-project/dashboards-reports/actions/workflows/dco.yml/badge.svg -[dco-badge-link]: https://github.com/opensearch-project/dashboards-reports/actions/workflows/dco.yml -[link-check-badge]: https://github.com/opensearch-project/dashboards-reports/actions/workflows/link-checker.yml/badge.svg -[link-check-link]: https://github.com/opensearch-project/dashboards-reports/actions/workflows/link-checker.yml -[reports-scheduler-build-badge]: https://github.com/opensearch-project/dashboards-reports/actions/workflows/reports-scheduler-test-and-build-workflow.yml/badge.svg -[reports-scheduler-build-link]: https://github.com/opensearch-project/dashboards-reports/actions/workflows/reports-scheduler-test-and-build-workflow.yml -[reports-scheduler-codecov-badge]: https://codecov.io/gh/opensearch-project/dashboards-reports/branch/main/graphs/badge.svg?flag=reports-scheduler -[codecov-link]: https://codecov.io/gh/opensearch-project/dashboards-reports -[cypress-test-badge]: https://img.shields.io/badge/Cypress%20tests-in%20progress-yellow -[cypress-test-link]: https://github.com/opensearch-project/opensearch-build/issues/1124 -[cypress-code-badge]: https://img.shields.io/badge/Cypress%20code-blue -[cypress-code-link]: https://github.com/opensearch-project/dashboards-reports/tree/main/dashboards-reports/.cypress/integration -[reports-scheduler-it-badge]: https://img.shields.io/badge/Reports%20Scheduler%20IT%20tests-in%20progress-yellow -[reports-scheduler-it-link]: https://github.com/opensearch-project/opensearch-build/issues/1124 -[reports-scheduler-it-code-badge]: https://img.shields.io/badge/Reports%20Scheduler%20code-blue -[reports-scheduler-it-code-link]: https://github.com/opensearch-project/reporting/blob/main/src/test/kotlin/org/opensearch/integTest/ReportsSchedulerPluginIT.kt -[bwc-tests-badge]: https://img.shields.io/badge/BWC%20tests-in%20progress-yellow -[bwc-tests-link]: https://github.com/opensearch-project/dashboards-reports/pull/244/files -[good-first-badge]: https://img.shields.io/github/issues/opensearch-project/dashboards-reports/good%20first%20issue.svg -[good-first-link]: https://github.com/opensearch-project/dashboards-reports/issues?q=is%3Aopen+is%3Aissue+label%3A%22good+first+issue%22+ -[feature-badge]: https://img.shields.io/github/issues/opensearch-project/dashboards-reports/feature%20request.svg -[feature-link]: https://github.com/opensearch-project/dashboards-reports/issues?q=is%3Aopen+is%3Aissue+label%3A%22feature+request%22+ -[bug-badge]: https://img.shields.io/github/issues/opensearch-project/dashboards-reports/bug.svg -[bug-link]: https://github.com/opensearch-project/dashboards-reports/issues?q=is%3Aopen+is%3Aissue+label%3Abug+ -[enhancement-badge]: https://img.shields.io/github/issues/opensearch-project/dashboards-reports/enhancement.svg -[enhancement-link]: https://github.com/opensearch-project/dashboards-reports/issues?q=is%3Aopen+is%3Aissue+label%3Aenhancement+ -[untriaged-badge]: https://img.shields.io/github/issues/opensearch-project/dashboards-reports/untriaged.svg -[untriaged-link]: https://github.com/opensearch-project/dashboards-reports/issues?q=is%3Aopen+is%3Aissue+label%3Auntriaged+ -[nolabel-badge]: https://img.shields.io/github/issues-search/opensearch-project/dashboards-reports?color=yellow&label=no%20label%20issues&query=is%3Aopen%20is%3Aissue%20no%3Alabel -[nolabel-link]: https://github.com/opensearch-project/dashboards-reports/issues?q=is%3Aopen+is%3Aissue+no%3Alabel+ +## Welcome! -## Documentation +The Wazuh Indexer is a highly scalable, full-text search and analytics engine. This Wazuh central component indexes and stores alerts generated by the Wazuh server and provides near real-time data search and analytics capabilities. -Please see our technical [documentation](https://opensearch.org/docs/dashboards/reporting/) to learn more about its features. +Wazuh Indexer is an open source fork of [OpenSearch](https://github.com/opensearch-project/opensearch). -## Contributing +This repository stores the source code of the Wazuh Indexer Reporting Plugin and its configurations. + +## Wazuh Indexer Reporting Plugin -We welcome you to get involved in development, documentation, testing the OpenSearch Dashboards reports plugin. See our [CONTRIBUTING.md](./CONTRIBUTING.md) and join in. +Wazuh Indexer Reporting allows ‘Report Owner’ (engineers, including but not limited to developers, DevOps, IT Engineer, and IT admin) export and share reports from Wazuh Dashboard's dashboards, saved search, alerts and visualizations. It helps automate the process of scheduling reports on an on-demand or a periodical basis (on cron schedules as well). Further, it also automates the process of exporting and sharing reports triggered for various alerts. The feature is present in the Dashboard, Discover, and Visualization tabs. We are currently working on integrating Dashboards Reports with Notifications to enable sharing functionality. After the support is introduced, scheduled reports can be sent to (shared with) self or various stakeholders within the organization. These stakeholders include but are not limited to, executives, managers, engineers (developers, DevOps, IT Engineer) in the form of PDF, hyperlinks, CSV, excel via various channels such as email, Slack, and Amazon Chime. However, in order to export, schedule and share reports, report owners should have the necessary permissions as defined under Roles and Privileges. -## Notifications Integration +## Project Resources -OpenSearch Dashboards Reports integration with [Notifications](https://github.com/opensearch-project/notifications) is currently in progress. Tracking [here](https://github.com/opensearch-project/dashboards-reports/issues/72) +* [Project Website](https://wazuh.com) +* [Quickstart](https://documentation.wazuh.com/current/quickstart.html) +* [Documentation](https://documentation.wazuh.com) +* Need help? Try [Slack](https://wazuh.com/community/join-us-on-slack) +* [Security](SECURITY.md) + +## Documentation + +Please see the technical [documentation](https://opensearch.org/docs/dashboards/reporting) to learn more about its features. For additional help with the plugin, including questions about opening an issue, try the Wazuh [Community](https://wazuh.com/community/). + +## Contributing + +We welcome you to get involved in development, documentation, testing the Wazuh Dashboard reports plugin. See our [CONTRIBUTING.md](./CONTRIBUTING.md) and join in. ## Code of Conduct This project has adopted the [Amazon Open Source Code of Conduct](CODE_OF_CONDUCT.md). For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq), or contact [opensource-codeofconduct@amazon.com](mailto:opensource-codeofconduct@amazon.com) with any additional questions or comments. + ## Security -If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public GitHub issue. +To report a possible vulnerability or security issue you can: +- Email us to security@wazuh.com. +- Open a new security report under the security tab on this repository. + +**PLEASE DO NOT OPEN A PUBLIC ISSUE ABOUT SECURITY** + +We want to protect our community, so please give us time to fix a vulnerability +before publishing it. ## License -See the [LICENSE](./LICENSE) file for our project's licensing. We will ask you to confirm the licensing of your contribution. +This project is licensed under the [AGPL v3.0 License](LICENSE.txt). ## Copyright +- Copyright Wazuh, Inc. + +## Trademark + +OpenSearch is a registered trademark of Amazon Web Services. + +OpenSearch includes certain Apache-licensed Elasticsearch code from Elasticsearch B.V. and other source code. Elasticsearch B.V. is not the source of that other source code. ELASTICSEARCH is a registered trademark of Elasticsearch B.V. + +Check Wazuh's [trademark and Brand policy](https://wazuh.com/trademark-and-brand-policy/). + diff --git a/SECURITY.md b/SECURITY.md index 0b85ca04..4d35ef4f 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,3 +1,45 @@ -## Reporting a Vulnerability +# Wazuh Open Source Project Security Policy -If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) or directly via email to aws-security@amazon.com. Please do **not** create a public GitHub issue. \ No newline at end of file +Version: 2023-06-12 + +## Introduction +This document outlines the Security Policy for Wazuh's open source projects. It emphasizes our commitment to maintain a secure environment for our users and contributors, and reflects our belief in the power of collaboration to identify and resolve security vulnerabilities. + +## Scope +This policy applies to all open source projects developed, maintained, or hosted by Wazuh. + +## Reporting Security Vulnerabilities +If you believe you've discovered a potential security vulnerability in one of our open source projects, we strongly encourage you to report it to us responsibly. + +Please submit your findings as security advisories under the "Security" tab in the relevant GitHub repository. Alternatively, you may send the details of your findings to [security@wazuh.com](mailto:security@wazuh.com). + +## Vulnerability Disclosure Policy +Upon receiving a report of a potential vulnerability, our team will initiate an investigation. If the reported issue is confirmed as a vulnerability, we will take the following steps: + +1. Acknowledgment: We will acknowledge the receipt of your vulnerability report and begin our investigation. +2. Validation: We will validate the issue and work on reproducing it in our environment. +3. Remediation: We will work on a fix and thoroughly test it +4. Release & Disclosure: After 90 days from the discovery of the vulnerability, or as soon as a fix is ready and thoroughly tested (whichever comes first), we will release a security update for the affected project. We will also publicly disclose the vulnerability by publishing a CVE (Common Vulnerabilities and Exposures) and acknowledging the discovering party. +5. Exceptions: In order to preserve the security of the Wazuh community at large, we might extend the disclosure period to allow users to patch their deployments. + +This 90-day period allows for end-users to update their systems and minimizes the risk of widespread exploitation of the vulnerability. + +## Automatic Scanning +We leverage GitHub Actions to perform automated scans of our supply chain. These scans assist us in identifying vulnerabilities and outdated dependencies in a proactive and timely manner. + +## Credit +We believe in giving credit where credit is due. If you report a security vulnerability to us, and we determine that it is a valid vulnerability, we will publicly credit you for the discovery when we disclose the vulnerability. If you wish to remain anonymous, please indicate so in your initial report. + +We do appreciate and encourage feedback from our community, but currently we do not have a bounty program. We might start bounty programs in the future. + +## Compliance with this Policy +We consider the discovery and reporting of security vulnerabilities an important public service. We encourage responsible reporting of any vulnerabilities that may be found in our site or applications. + +Furthermore, we will not take legal action against or suspend or terminate access to the site or services of those who discover and report security vulnerabilities in accordance with this policy because of the fact. + +We ask that all users and contributors respect this policy and the security of our community's users by disclosing vulnerabilities to us in accordance with this policy. + +## Changes to this Security Policy +This policy may be revised from time to time. Each version of the policy will be identified at the top of the page by its effective date. + +If you have any questions about this Security Policy, please contact us at [security@wazuh.com](mailto:security@wazuh.com) diff --git a/VERSION b/VERSION new file mode 100644 index 00000000..28cbf7c0 --- /dev/null +++ b/VERSION @@ -0,0 +1 @@ +5.0.0 \ No newline at end of file diff --git a/build.gradle b/build.gradle index 5829a9a1..e7e5d1f1 100644 --- a/build.gradle +++ b/build.gradle @@ -14,6 +14,8 @@ buildscript { isSnapshot = "true" == System.getProperty("build.snapshot", "true") opensearch_version = System.getProperty("opensearch.version", "2.17.1-SNAPSHOT") buildVersionQualifier = System.getProperty("build.version_qualifier", "") + wazuh_version = System.getProperty("version", "5.0.0") + revision = System.getProperty("build.revision", "0") // 2.0.0-rc1-SNAPSHOT -> 2.0.0.0-rc1-SNAPSHOT version_tokens = opensearch_version.tokenize('-') opensearch_build = version_tokens[0] + '.0' @@ -68,7 +70,7 @@ def usingMultiNode = project.properties.containsKey('numNodes') check.dependsOn jacocoTestReport opensearchplugin { - name 'opensearch-reports-scheduler' + name 'wazuh-indexer-reports-scheduler' description 'Scheduler for Dashboards Reports Plugin' classname "org.opensearch.reportsscheduler.ReportsSchedulerPlugin" extendedPlugins = ['opensearch-job-scheduler'] @@ -78,9 +80,8 @@ publishing { publications { pluginZip(MavenPublication) { publication -> pom { - name = 'opensearch-reports-scheduler' + name = 'wazuh-indexer-scheduler' description = 'Scheduler for Dashboards Reports Plugin' - groupId = "org.opensearch.plugin" licenses { license { name = 'The Apache License, Version 2.0' @@ -92,6 +93,10 @@ publishing { name = 'OpenSearch' url = 'https://github.com/opensearch-project/reporting' } + developer { + name = 'Wazuh' + url = 'https://github.com/wazuh/wazuh-indexer-reporting' + } } } } @@ -159,7 +164,7 @@ plugins.withId('org.jetbrains.kotlin.jvm') { allprojects { group = "org.opensearch" - version = "${opensearch_build}" + version = "${wazuh_version}" + ".${revision}" plugins.withId('java') { sourceCompatibility = targetCompatibility = "11" } diff --git a/settings.gradle b/settings.gradle index 65cef7a2..aa3179ce 100644 --- a/settings.gradle +++ b/settings.gradle @@ -3,5 +3,5 @@ * SPDX-License-Identifier: Apache-2.0 */ -rootProject.name = 'opensearch-reports-scheduler' +rootProject.name = 'wazuh-indexer-reports-scheduler' diff --git a/src/main/kotlin/org/opensearch/reportsscheduler/ReportsSchedulerPlugin.kt b/src/main/kotlin/org/opensearch/reportsscheduler/ReportsSchedulerPlugin.kt index 016a47d6..e97135f2 100644 --- a/src/main/kotlin/org/opensearch/reportsscheduler/ReportsSchedulerPlugin.kt +++ b/src/main/kotlin/org/opensearch/reportsscheduler/ReportsSchedulerPlugin.kt @@ -65,7 +65,7 @@ import java.util.function.Supplier class ReportsSchedulerPlugin : Plugin(), ActionPlugin, SystemIndexPlugin, JobSchedulerExtension { companion object { - const val PLUGIN_NAME = "opensearch-reports-scheduler" + const val PLUGIN_NAME = "wazuh-indexer-reports-scheduler" const val LOG_PREFIX = "reports" const val BASE_REPORTS_URI = "/_plugins/_reports" const val LEGACY_BASE_REPORTS_URI = "/_opendistro/_reports" diff --git a/src/test/kotlin/org/opensearch/integTest/ReportsSchedulerPluginIT.kt b/src/test/kotlin/org/opensearch/integTest/ReportsSchedulerPluginIT.kt index e8931189..b7ee4591 100644 --- a/src/test/kotlin/org/opensearch/integTest/ReportsSchedulerPluginIT.kt +++ b/src/test/kotlin/org/opensearch/integTest/ReportsSchedulerPluginIT.kt @@ -29,7 +29,7 @@ class ReportsSchedulerPluginIT : OpenSearchIntegTestCase() { ) assertTrue( pluginInfos.stream() - .anyMatch { pluginInfo: PluginInfo -> pluginInfo.name == "opensearch-reports-scheduler" } + .anyMatch { pluginInfo: PluginInfo -> pluginInfo.name == "wazuh-indexer-reports-scheduler" } ) } } From dfda1d566d454b4cab2ed1927ed337dae8dc686b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lex=20Ruiz?= Date: Tue, 24 Sep 2024 17:23:14 +0200 Subject: [PATCH 2/6] 1 initialize reporting repository (#4) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Migrate from #2 * Rename plugin * Fix path --------- Signed-off-by: Álex Ruiz --- .github/workflows/build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 7aa70cde..ade4ab48 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -43,7 +43,7 @@ jobs: build: runs-on: ubuntu-latest env: - plugin_name: wazuh-indexer-reporting + plugin_name: wazuh-indexer-reports-scheduler steps: - uses: actions/checkout@v4 - uses: actions/setup-java@v4 @@ -65,5 +65,5 @@ jobs: uses: actions/upload-artifact@v4 with: name: ${{ env.plugin_name }}-${{ steps.version.outputs.version }}.${{ inputs.revision }}.zip - path: build/distributions/wazuh-indexer-${{ env.plugin_name }}-${{ steps.version.outputs.version }}.${{ inputs.revision }}.zip + path: build/distributions/${{ env.plugin_name }}-${{ steps.version.outputs.version }}.${{ inputs.revision }}.zip if-no-files-found: error From b4dea5334caefac34ac2180331b7dec61301f230 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lex=20Ruiz?= Date: Tue, 24 Sep 2024 18:33:04 +0200 Subject: [PATCH 3/6] Fix build.yml (#5) * List artifacts folder * Fix revision in Gradle --- .github/workflows/build.yml | 2 ++ build-tools/pkgbuild.gradle | 17 ++++++++--------- build.gradle | 10 ++-------- 3 files changed, 12 insertions(+), 17 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ade4ab48..fd88d9eb 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -61,6 +61,8 @@ jobs: - name: Build with Gradle run: ./gradlew build -Dversion=${{ steps.version.outputs.version }} -Drevision=${{ inputs.revision }} + - run: ls -la build/distributions + - name: Upload artifact uses: actions/upload-artifact@v4 with: diff --git a/build-tools/pkgbuild.gradle b/build-tools/pkgbuild.gradle index 89358425..723acaa1 100644 --- a/build-tools/pkgbuild.gradle +++ b/build-tools/pkgbuild.gradle @@ -9,10 +9,9 @@ apply plugin: 'com.netflix.nebula.ospackage' afterEvaluate { ospackage { packageName = "${name}" - release = isSnapshot ? "0.1" : '1' - version = "${project.version}" - "-SNAPSHOT" + version = "${project.version}" - into '/usr/share/opensearch/plugins' + into '/usr/share/wazuh-indexer/plugins' from(zipTree(bundlePlugin.archivePath)) { into opensearchplugin.name } @@ -23,17 +22,17 @@ afterEvaluate { dirMode 0755 requires('opensearch-oss', versions.opensearch, EQUAL) - packager = 'Amazon' - vendor = 'Amazon' + packager = 'Wazuh' + vendor = 'Wazuh' os = 'LINUX' prefix '/usr' license 'ASL-2.0' - maintainer 'OpenSearch Team ' - url 'https://opensearch.org/downloads.html' + maintainer 'Wazuh Team ' + url 'https://wazuh.com' summary ''' - OpenSearch reports scheduler. - Reference documentation can be found at https://docs-beta.opensearch.org/. + Wazuh Indexer reports scheduler. + Reference documentation can be found at https://opensearch.org/docs/latest/reporting/report-dashboard-index/. '''.stripIndent().replace('\n', ' ').trim() } diff --git a/build.gradle b/build.gradle index e7e5d1f1..d2c2ce54 100644 --- a/build.gradle +++ b/build.gradle @@ -15,16 +15,10 @@ buildscript { opensearch_version = System.getProperty("opensearch.version", "2.17.1-SNAPSHOT") buildVersionQualifier = System.getProperty("build.version_qualifier", "") wazuh_version = System.getProperty("version", "5.0.0") - revision = System.getProperty("build.revision", "0") + revision = System.getProperty("revision", "0") // 2.0.0-rc1-SNAPSHOT -> 2.0.0.0-rc1-SNAPSHOT version_tokens = opensearch_version.tokenize('-') opensearch_build = version_tokens[0] + '.0' - if (buildVersionQualifier) { - opensearch_build += "-${buildVersionQualifier}" - } - if (isSnapshot) { - opensearch_build += "-SNAPSHOT" - } common_utils_version = System.getProperty("common_utils.version", opensearch_build) job_scheduler_version = System.getProperty("job_scheduler.version", opensearch_build) @@ -40,7 +34,7 @@ buildscript { } dependencies { - classpath "${opensearch_group}.gradle:build-tools:${opensearch_version}" + classpath "org.opensearch.gradle:build-tools:${opensearch_version}" classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:${kotlin_version}" classpath "org.jetbrains.kotlin:kotlin-allopen:${kotlin_version}" classpath "io.gitlab.arturbosch.detekt:detekt-gradle-plugin:1.23.4" From 2dfa8857a0faaac812b0d7f66ae658de48e04b4f Mon Sep 17 00:00:00 2001 From: Federico Rodriguez Date: Wed, 25 Sep 2024 20:33:43 +0200 Subject: [PATCH 4/6] Apply POC email notification (#6) * Apply POC email notification * Roll back changes to IDEs config files * Roll back changes to IDEs config files * Refactor --------- Co-authored-by: Alex Ruiz --- .gitignore | 1 + .idea/kotlinc.xml | 3 + .idea/misc.xml | 2 +- .project | 2 +- build.gradle | 40 ++++-- .../ReportsSchedulerPlugin.kt | 1 + .../scheduler/ReportDefinitionJobRunner.kt | 87 +++++++++++++ .../util/NotificationApiUtils.kt | 121 ++++++++++++++++++ 8 files changed, 247 insertions(+), 10 deletions(-) create mode 100644 src/main/kotlin/org/opensearch/reportsscheduler/util/NotificationApiUtils.kt diff --git a/.gitignore b/.gitignore index 8c03270c..d954410c 100644 --- a/.gitignore +++ b/.gitignore @@ -159,6 +159,7 @@ $RECYCLE.BIN/ .idea/modules.xml .idea/*.iml .idea/modules +.idea/*.xml *.iml *.ipr diff --git a/.idea/kotlinc.xml b/.idea/kotlinc.xml index 0dd4b354..951989e5 100644 --- a/.idea/kotlinc.xml +++ b/.idea/kotlinc.xml @@ -3,4 +3,7 @@ + + \ No newline at end of file diff --git a/.idea/misc.xml b/.idea/misc.xml index 08bcbb84..6d5ded36 100644 --- a/.idea/misc.xml +++ b/.idea/misc.xml @@ -7,7 +7,7 @@ - + \ No newline at end of file diff --git a/.project b/.project index 3f751dd9..6746ef3a 100644 --- a/.project +++ b/.project @@ -1,6 +1,6 @@ - opensearch-reports-scheduler + wazuh-indexer-reports-scheduler Project reports-scheduler created by Buildship. diff --git a/build.gradle b/build.gradle index d2c2ce54..fc219a07 100644 --- a/build.gradle +++ b/build.gradle @@ -172,6 +172,9 @@ repositories { } dependencies { + // Needed for integ tests + zipArchive group: 'org.opensearch.plugin', name:'opensearch-notifications-core', version: "${opensearch_build}" + zipArchive group: 'org.opensearch.plugin', name:'notifications', version: "${opensearch_build}" zipArchive group: 'org.opensearch.plugin', name:'opensearch-job-scheduler', version: "${opensearch_build}" implementation "org.opensearch:opensearch:${opensearch_version}" implementation "org.jetbrains.kotlin:kotlin-stdlib:${kotlin_version}" @@ -301,14 +304,35 @@ integTest.getClusters().forEach{c -> c.plugin(project.getObjects().fileProperty( testClusters.integTest { testDistribution = "INTEG_TEST" // need to install job-scheduler first, need to assemble job-scheduler first - plugin(provider(new Callable(){ - @Override - RegularFile call() throws Exception { - return new RegularFile() { - @Override - File getAsFile() { - return configurations.zipArchive.asFileTree.getSingleFile() - } + plugin(provider({ + new RegularFile() { + @Override + File getAsFile() { + return configurations.zipArchive.asFileTree.matching { + include '**/opensearch-job-scheduler*' + }.singleFile + } + } + })) + + plugin(provider({ + new RegularFile() { + @Override + File getAsFile() { + return configurations.zipArchive.asFileTree.matching { + include '**/opensearch-notifications-core*' + }.singleFile + } + } + })) + + plugin(provider({ + new RegularFile() { + @Override + File getAsFile() { + return configurations.zipArchive.asFileTree.matching { + include '**/notifications*' + }.singleFile } } })) diff --git a/src/main/kotlin/org/opensearch/reportsscheduler/ReportsSchedulerPlugin.kt b/src/main/kotlin/org/opensearch/reportsscheduler/ReportsSchedulerPlugin.kt index e97135f2..7a1fd80d 100644 --- a/src/main/kotlin/org/opensearch/reportsscheduler/ReportsSchedulerPlugin.kt +++ b/src/main/kotlin/org/opensearch/reportsscheduler/ReportsSchedulerPlugin.kt @@ -104,6 +104,7 @@ class ReportsSchedulerPlugin : Plugin(), ActionPlugin, SystemIndexPlugin, JobSch repositoriesServiceSupplier: Supplier ): Collection { PluginSettings.addSettingsUpdateConsumer(clusterService) + ReportDefinitionJobRunner.initialize(client, clusterService) ReportDefinitionsIndex.initialize(client, clusterService) ReportInstancesIndex.initialize(client, clusterService) return emptyList() diff --git a/src/main/kotlin/org/opensearch/reportsscheduler/scheduler/ReportDefinitionJobRunner.kt b/src/main/kotlin/org/opensearch/reportsscheduler/scheduler/ReportDefinitionJobRunner.kt index 35af1b78..b1f6624d 100644 --- a/src/main/kotlin/org/opensearch/reportsscheduler/scheduler/ReportDefinitionJobRunner.kt +++ b/src/main/kotlin/org/opensearch/reportsscheduler/scheduler/ReportDefinitionJobRunner.kt @@ -8,6 +8,13 @@ package org.opensearch.reportsscheduler.scheduler import kotlinx.coroutines.CoroutineScope import kotlinx.coroutines.Dispatchers import kotlinx.coroutines.launch +import org.opensearch.action.search.SearchRequest +import org.opensearch.action.search.SearchResponse +import org.opensearch.client.Client +import org.opensearch.client.node.NodeClient +import org.opensearch.cluster.service.ClusterService +import org.opensearch.commons.notifications.model.NotificationConfigInfo +import org.opensearch.index.query.QueryBuilders import org.opensearch.jobscheduler.spi.JobExecutionContext import org.opensearch.jobscheduler.spi.ScheduledJobParameter import org.opensearch.jobscheduler.spi.ScheduledJobRunner @@ -15,13 +22,58 @@ import org.opensearch.reportsscheduler.ReportsSchedulerPlugin.Companion.LOG_PREF import org.opensearch.reportsscheduler.index.ReportInstancesIndex import org.opensearch.reportsscheduler.model.ReportDefinitionDetails import org.opensearch.reportsscheduler.model.ReportInstance +import org.opensearch.reportsscheduler.util.NotificationApiUtils.getNotificationConfigInfo +import org.opensearch.reportsscheduler.util.SecureIndexClient +import org.opensearch.reportsscheduler.util.buildReportLink import org.opensearch.reportsscheduler.util.logger +import org.opensearch.reportsscheduler.util.sendNotificationWithHTML +import org.opensearch.search.builder.SearchSourceBuilder import java.time.Instant internal object ReportDefinitionJobRunner : ScheduledJobRunner { private val log by logger(ReportDefinitionJobRunner::class.java) private val scope: CoroutineScope = CoroutineScope(Dispatchers.IO) + private lateinit var client: Client + private lateinit var clusterService: ClusterService + + /** + * Initialize the class + * @param client The ES client + * @param clusterService The ES cluster service + */ + fun initialize(client: Client, clusterService: ClusterService) { + this.client = SecureIndexClient(client) + this.clusterService = clusterService + } + + private suspend fun createNotification( + configInfo: NotificationConfigInfo, + reportDefinitionDetails: ReportDefinitionDetails, + id: String, + hits: Long? + ) { + val title: String = reportDefinitionDetails.reportDefinition.delivery!!.title + val textMessage: String = reportDefinitionDetails.reportDefinition.delivery.textDescription + val htmlMessage: String? = reportDefinitionDetails.reportDefinition.delivery.htmlDescription + + val urlDefinition: String = + buildReportLink(reportDefinitionDetails.reportDefinition.source.origin, reportDefinitionDetails.tenant, id) + + val textWithURL: String = + textMessage.replace("{{urlDefinition}}", urlDefinition).replace("{{hits}}", hits.toString()) + val htmlWithURL: String? = + htmlMessage?.replace("{{urlDefinition}}", urlDefinition)?.replace("{{hits}}", hits.toString()) + + log.info("esto es el mensaje html $htmlMessage") + configInfo.sendNotificationWithHTML( + this.client, + title, + textWithURL, + htmlWithURL + ) + } + override fun runJob(job: ScheduledJobParameter, context: JobExecutionContext) { if (job !is ReportDefinitionDetails) { log.warn("$LOG_PREFIX:job is not of type ReportDefinitionDetails:${job.javaClass.name}") @@ -48,6 +100,41 @@ internal object ReportDefinitionJobRunner : ScheduledJobRunner { log.warn("$LOG_PREFIX:runJob-job creation failed for $reportInstance") } else { log.info("$LOG_PREFIX:runJob-created job:$id") + + // Wazuh - Make queries + val builderSearchResponse: SearchSourceBuilder = SearchSourceBuilder() + .query( + QueryBuilders.boolQuery() + .must( + QueryBuilders.rangeQuery("timestamp") + .gt(beginTime) + .lte(currentTime) + ) + .must( + QueryBuilders.matchQuery("agent.id", "001") + ) + ) + val jobSearchRequest: SearchRequest = + SearchRequest().indices("wazuh-alerts-*").source(builderSearchResponse) + val response: SearchResponse = client.search(jobSearchRequest).actionGet() + + val reportDefinitionId = reportDefinitionDetails.reportDefinition.delivery!!.configIds[0] + val configInfo: NotificationConfigInfo? = getNotificationConfigInfo( + client as NodeClient, + reportDefinitionId + ) + + if (configInfo != null) { + createNotification( + configInfo, + reportDefinitionDetails, + id, + response.hits.totalHits?.value + ) + log.info("Notification with id $id was sent.") + } else { + log.error("NotificationConfigInfo with id $reportDefinitionId was not found.") + } } } } diff --git a/src/main/kotlin/org/opensearch/reportsscheduler/util/NotificationApiUtils.kt b/src/main/kotlin/org/opensearch/reportsscheduler/util/NotificationApiUtils.kt new file mode 100644 index 00000000..414db187 --- /dev/null +++ b/src/main/kotlin/org/opensearch/reportsscheduler/util/NotificationApiUtils.kt @@ -0,0 +1,121 @@ +/* + * Copyright OpenSearch Contributors + * SPDX-License-Identifier: Apache-2.0 + */ + +package org.opensearch.reportsscheduler.util + +import org.apache.logging.log4j.LogManager +import org.opensearch.OpenSearchSecurityException +import org.opensearch.OpenSearchStatusException +import org.opensearch.client.Client +import org.opensearch.client.node.NodeClient +import org.opensearch.commons.notifications.NotificationsPluginInterface +import org.opensearch.commons.notifications.action.GetNotificationConfigRequest +import org.opensearch.commons.notifications.action.GetNotificationConfigResponse +import org.opensearch.commons.notifications.action.SendNotificationResponse +import org.opensearch.commons.notifications.model.ChannelMessage +import org.opensearch.commons.notifications.model.EventSource +import org.opensearch.commons.notifications.model.NotificationConfigInfo +import org.opensearch.commons.notifications.model.SeverityType +import org.opensearch.core.action.ActionListener +import org.opensearch.core.rest.RestStatus +import kotlin.coroutines.resume +import kotlin.coroutines.resumeWithException +import kotlin.coroutines.suspendCoroutine + +object NotificationApiUtils { + + private val logger = LogManager.getLogger(NotificationApiUtils::class) + + /** + * Gets a NotificationConfigInfo object by ID if it exists. + */ + suspend fun getNotificationConfigInfo(client: NodeClient, id: String): NotificationConfigInfo? { + return try { + val res: GetNotificationConfigResponse = + getNotificationConfig(client, GetNotificationConfigRequest(setOf(id))) + res.searchResult.objectList.firstOrNull() + } catch (e: OpenSearchSecurityException) { + throw e + } catch (e: OpenSearchStatusException) { + if (e.status() == RestStatus.NOT_FOUND) { + logger.debug("Notification config [$id] was not found") + } + null + } + } + + private suspend fun getNotificationConfig( + client: NodeClient, + getNotificationConfigRequest: GetNotificationConfigRequest + ): GetNotificationConfigResponse { + val getNotificationConfigResponse: GetNotificationConfigResponse = + NotificationsPluginInterface.suspendUntil { + this.getNotificationConfig( + client, + getNotificationConfigRequest, + it + ) + } + return getNotificationConfigResponse + } +} + +/** + * Extension function for publishing a notification to a channel in the Notification plugin. + */ +suspend fun NotificationConfigInfo.sendNotificationWithHTML( + client: Client, + title: String, + compiledMessage: String, + compiledMessageHTML: String? +): String { + val config = this + val res: SendNotificationResponse = NotificationsPluginInterface.suspendUntil { + this.sendNotification( + (client as NodeClient), + EventSource(title, config.configId, SeverityType.INFO), + ChannelMessage(compiledMessage, compiledMessageHTML, null), + listOf(config.configId), + it + ) + } + validateResponseStatus(res.getStatus(), res.notificationEvent.toString()) + return res.notificationEvent.toString() +} + +/** + * Converts [NotificationsPluginInterface] methods that take a callback into a kotlin suspending function. + * + * @param block - a block of code that is passed an [ActionListener] that should be passed to the NotificationsPluginInterface API. + */ +suspend fun NotificationsPluginInterface.suspendUntil(block: NotificationsPluginInterface.(ActionListener) -> Unit): T = + suspendCoroutine { cont -> + block(object : ActionListener { + override fun onResponse(response: T) = cont.resume(response) + + override fun onFailure(e: Exception) = cont.resumeWithException(e) + }) + } + +/** + * All valid response statuses. + */ +private val VALID_RESPONSE_STATUS = setOf( + RestStatus.OK.status, + RestStatus.CREATED.status, + RestStatus.ACCEPTED.status, + RestStatus.NON_AUTHORITATIVE_INFORMATION.status, + RestStatus.NO_CONTENT.status, + RestStatus.RESET_CONTENT.status, + RestStatus.PARTIAL_CONTENT.status, + RestStatus.MULTI_STATUS.status +) + +@Throws(OpenSearchStatusException::class) +fun validateResponseStatus(restStatus: RestStatus, responseContent: String) { + if (!VALID_RESPONSE_STATUS.contains(restStatus.status)) { + throw OpenSearchStatusException("Failed: $responseContent", restStatus) + } +} From 66014fcb0a4cde12debc9dc030ff6e031824a7a1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lex=20Ruiz?= Date: Wed, 2 Oct 2024 14:46:59 +0200 Subject: [PATCH 5/6] Fix invalid cast from SecureIndexClient to NodeClient (#8) * Fix invalid cast from SecureIndexClient to NodeClient * Add labels to issue templates --- .github/ISSUE_TEMPLATE/bug_report.md | 2 +- .github/ISSUE_TEMPLATE/feature_request.md | 4 ++-- .../reportsscheduler/scheduler/ReportDefinitionJobRunner.kt | 5 ++--- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index 29eddb95..4dceb58b 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -2,7 +2,7 @@ name: 🐛 Bug report about: Create a report to help us improve title: '[BUG]' -labels: 'bug, untriaged' +labels: ["type/bug", "level/task"] assignees: '' --- diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md index 6198f338..e7a0a49c 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -1,8 +1,8 @@ --- name: 🎆 Feature request about: Request a feature in this project -title: '[FEATURE]' -labels: 'enhancement, untriaged' +title: '' +labels: ["type/enhancement", "level/task"] assignees: '' --- **Is your feature request related to a problem?** diff --git a/src/main/kotlin/org/opensearch/reportsscheduler/scheduler/ReportDefinitionJobRunner.kt b/src/main/kotlin/org/opensearch/reportsscheduler/scheduler/ReportDefinitionJobRunner.kt index b1f6624d..f2331e28 100644 --- a/src/main/kotlin/org/opensearch/reportsscheduler/scheduler/ReportDefinitionJobRunner.kt +++ b/src/main/kotlin/org/opensearch/reportsscheduler/scheduler/ReportDefinitionJobRunner.kt @@ -23,7 +23,6 @@ import org.opensearch.reportsscheduler.index.ReportInstancesIndex import org.opensearch.reportsscheduler.model.ReportDefinitionDetails import org.opensearch.reportsscheduler.model.ReportInstance import org.opensearch.reportsscheduler.util.NotificationApiUtils.getNotificationConfigInfo -import org.opensearch.reportsscheduler.util.SecureIndexClient import org.opensearch.reportsscheduler.util.buildReportLink import org.opensearch.reportsscheduler.util.logger import org.opensearch.reportsscheduler.util.sendNotificationWithHTML @@ -43,7 +42,7 @@ internal object ReportDefinitionJobRunner : ScheduledJobRunner { * @param clusterService The ES cluster service */ fun initialize(client: Client, clusterService: ClusterService) { - this.client = SecureIndexClient(client) + this.client = client this.clusterService = clusterService } @@ -65,7 +64,7 @@ internal object ReportDefinitionJobRunner : ScheduledJobRunner { val htmlWithURL: String? = htmlMessage?.replace("{{urlDefinition}}", urlDefinition)?.replace("{{hits}}", hits.toString()) - log.info("esto es el mensaje html $htmlMessage") + log.debug("HTML message: $htmlMessage") // TODO remove configInfo.sendNotificationWithHTML( this.client, title, From 83900553b2453f9b167b662a0a0b43112a3e9f5c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lex=20Ruiz?= Date: Fri, 8 Nov 2024 09:57:46 +0100 Subject: [PATCH 6/6] Update CI workflow (#10) * Format files * Update CI workflow --- .github/workflows/build_on_push.yml | 14 -------------- .github/workflows/ci.yml | 20 ++++++++++++++++++++ 2 files changed, 20 insertions(+), 14 deletions(-) delete mode 100644 .github/workflows/build_on_push.yml create mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/build_on_push.yml b/.github/workflows/build_on_push.yml deleted file mode 100644 index bc278450..00000000 --- a/.github/workflows/build_on_push.yml +++ /dev/null @@ -1,14 +0,0 @@ -name: Build packages (on push) - -# This workflow runs when any of the following occur: -# - On push to branches named after ci/* -on: - push: - # Sequence of patterns matched against refs/heads - branches: - - "ci/*" - -jobs: - call-build-workflow: - uses: ./.github/workflows/build.yml - secrets: inherit \ No newline at end of file diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 00000000..04d0347b --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,20 @@ +name: Build packages (on push) + +# This workflow runs when any of the following occur: +# - On push to branches named after ci/* +on: + pull_request: + # Sequence of patterns matched against refs/heads + branches: + - "migrate-*" + - "ci/*" + +jobs: + call-test-workflow: + runs-on: ubuntu-22.04 + steps: + - run: | + ./gradlew check + call-build-workflow: + uses: ./.github/workflows/build.yml + secrets: inherit