Closed jmv74211 closed 3 months ago
Development Branch |
---|
3760-setuptools-dep |
Testing framework installation
OS | Ubuntu | Windows Server | centOS | Solaris | macOS | |
---|---|---|---|---|---|---|
Python Version | 3.6 | [:red_circle:](https://ci.wazuh.info/job/Test_integration/35596/console) | [:red_circle:](https://ci.wazuh.info/job/Test_integration/35596/console) | [:red_circle:](https://ci.wazuh.info/job/Test_integration/35596/console) | :black_circle: | :black_circle: |
3.10 | :green_circle: | :green_circle: | :green_circle: | NA | NA |
Ubuntu
``` Successfully installed charset-normalizer-3.0.1 prettytable-3.6.0 pytest-7.1.2 requests-2.28.2 setuptools-66.0.0 tomli-2.0.1 urllib3-1.26.14 wcwidth-0.2.6 WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv WARNING: You are using pip version 22.0.4; however, version 22.3.1 is available. You should consider upgrading via the '/usr/local/bin/python3.10 -m pip install --upgrade pip' command. root@ip-172-31-1-53:/home/qa/wazuh-qa# ```Debian
``` Requirement already satisfied: mypy-extensions>=0.3.0 in /usr/local/lib/python3.10/site-packages (from typing-inspect>=0.4.0->libcst>=0.3.10->google-cloud-pubsub==2.3.0->-r requirements.txt (line 10)) (0.4.3) Requirement already satisfied: pyasn1<0.5.0,>=0.4.6 in /usr/local/lib/python3.10/site-packages (from pyasn1-modules>=0.2.1->google-auth<2.0dev,>=1.25.0->google-api-core[grpc]<2.0.0dev,>=1.22.2->google-cloud-pubsub==2.3.0->-r requirements.txt (line 10)) (0.4.8) WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv WARNING: There was an error checking the latest version of pip. ```centOS
``` Successfully installed charset-normalizer-3.0.1 prettytable-3.6.0 pytest-7.1.2 requests-2.28.2 setuptools-66.0.0 tomli-2.0.1 urllib3-1.26.14 wcwidth-0.2.6 WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv WARNING: There was an error checking the latest version of pip. ```RHEL
``` Successfully installed charset-normalizer-3.0.1 prettytable-3.6.0 pytest-7.1.2 requests-2.28.2 setuptools-66.0.0 tomli-2.0.1 urllib3-1.26.14 wcwidth-0.2.6 WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv [root@ip-172-31-6-63 wazuh-qa]# uname -a Linux ip-172-31-6-63.ec2.internal 5.10.126-117.518.amzn2.x86_64 #1 SMP Wed Jun 29 23:49:26 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux [root@ip-172-31-6-63 wazuh-qa]# ```Windows Server
``` Successfully installed charset-normalizer-3.0.1 docker-6.0.1 pytest-7.1.2 requests-2.28.2 setuptools-66.0.0 tomli-2.0.1 urllib3-1.26.14 websocket-client-1.4.2 WARNING: You are using pip version 22.0.4; however, version 22.3.1 is available. You should consider upgrading via the 'C:\Users\qa\AppData\Local\Programs\Python\Python310\python.exe -m pip install --upgrade pip' command. ```
It is not possible to use version `65.5.1` of setuptools for python 3.6 ``` 16:32:06 Downloading scipy-1.5.4-cp36-cp36m-manylinux1_x86_64.whl (25.9 MB) 16:32:06 Collecting seaborn>=0.11.1 16:32:06 Downloading seaborn-0.11.2-py3-none-any.whl (292 kB) 16:32:06 16:32:06 16:32:06 STDERR: 16:32:06 16:32:06 ERROR: Could not find a version that satisfies the requirement setuptools>65.5.1 (from versions: 0.6b1, 0.6b2, 0.6b3, 0.6b4, 0.6rc1, 0.6rc2, 0.6rc3, 0.6rc4, 0.6rc5, 0.6rc6, 0.6rc7, 0.6rc8, 0.6rc9, 0.6rc10, 0.6rc11, 0.7.2, 0.7.3, 0.7.4, 0.7.5, 0.7.6, 0.7.7, 0.7.8, 0.8, 0.9, 0.9.1, 0.9.2, 0.9.3, 0.9.4, 0.9.5, 0.9.6, 0.9.7, 0.9.8, 1.0, 1.1, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 1.1.5, 1.1.6, 1.1.7, 1.2, 1.3, 1.3.1, 1.3.2, 1.4, 1.4.1, 1.4.2, 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.2, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, 3.3, 3.4, 3.4.1, 3.4.2, 3.4.3, 3.4.4, 3.5, 3.5.1, 3.5.2, 3.6, 3.7, 3.7.1, 3.8, 3.8.1, 4.0, 4.0.1, 5.0, 5.0.1, 5.0.2, 5.1, 5.2, 5.3, 5.4, 5.4.1, 5.4.2, 5.5, 5.5.1, 5.6, 5.7, 5.8, 6.0.1, 6.0.2, 6.1, 7.0, 8.0, 8.0.1, 8.0.2, 8.0.3, 8.0.4, 8.1, 8.2, 8.2.1, 8.3, 9.0, 9.0.1, 9.1, 10.0, 10.0.1, 10.1, 10.2, 10.2.1, 11.0, 11.1, 11.2, 11.3, 11.3.1, 12.0, 12.0.1, 12.0.2, 12.0.3, 12.0.4, 12.0.5, 12.1, 12.2, 12.3, 12.4, 13.0.1, 13.0.2, 14.0, 14.1, 14.1.1, 14.2, 14.3, 14.3.1, 15.0, 15.1, 15.2, 16.0, 17.0, 17.1, 17.1.1, 18.0, 18.0.1, 18.1, 18.2, 18.3, 18.3.1, 18.3.2, 18.4, 18.5, 18.6, 18.6.1, 18.7, 18.7.1, 18.8, 18.8.1, 19.0, 19.1, 19.1.1, 19.2, 19.3, 19.4, 19.4.1, 19.5, 19.6, 19.6.1, 19.6.2, 19.7, 20.0, 20.1, 20.1.1, 20.2.2, 20.3, 20.3.1, 20.4, 20.6.6, 20.6.7, 20.6.8, 20.7.0, 20.8.0, 20.8.1, 20.9.0, 20.10.1, 21.0.0, 21.1.0, 21.2.0, 21.2.1, 21.2.2, 22.0.0, 22.0.1, 22.0.2, 22.0.4, 22.0.5, 23.0.0, 23.1.0, 23.2.0, 23.2.1, 24.0.0, 24.0.1, 24.0.2, 24.0.3, 24.1.0, 24.1.1, 24.2.0, 24.2.1, 24.3.0, 24.3.1, 25.0.0, 25.0.1, 25.0.2, 25.1.0, 25.1.1, 25.1.2, 25.1.3, 25.1.4, 25.1.5, 25.1.6, 25.2.0, 25.3.0, 25.4.0, 26.0.0, 26.1.0, 26.1.1, 27.0.0, 27.1.0, 27.1.2, 27.2.0, 27.3.0, 27.3.1, 28.0.0, 28.1.0, 28.2.0, 28.3.0, 28.4.0, 28.5.0, 28.6.0, 28.6.1, 28.7.0, 28.7.1, 28.8.0, 28.8.1, 29.0.0, 29.0.1, 30.0.0, 30.1.0, 30.2.0, 30.2.1, 30.3.0, 30.4.0, 31.0.0, 31.0.1, 32.0.0, 32.1.0, 32.1.1, 32.1.2, 32.1.3, 32.2.0, 32.3.0, 32.3.1, 33.1.0, 33.1.1, 34.0.0, 34.0.1, 34.0.2, 34.0.3, 34.1.0, 34.1.1, 34.2.0, 34.3.0, 34.3.1, 34.3.2, 34.3.3, 34.4.0, 34.4.1, 35.0.0, 35.0.1, 35.0.2, 36.0.1, 36.1.0, 36.1.1, 36.2.0, 36.2.1, 36.2.2, 36.2.3, 36.2.4, 36.2.5, 36.2.6, 36.2.7, 36.3.0, 36.4.0, 36.5.0, 36.6.0, 36.6.1, 36.7.0, 36.7.1, 36.7.2, 36.8.0, 37.0.0, 38.0.0, 38.1.0, 38.2.0, 38.2.1, 38.2.3, 38.2.4, 38.2.5, 38.3.0, 38.4.0, 38.4.1, 38.5.0, 38.5.1, 38.5.2, 38.6.0, 38.6.1, 38.7.0, 39.0.0, 39.0.1, 39.1.0, 39.2.0, 40.0.0, 40.1.0, 40.1.1, 40.2.0, 40.3.0, 40.4.0, 40.4.1, 40.4.2, 40.4.3, 40.5.0, 40.6.0, 40.6.1, 40.6.2, 40.6.3, 40.7.0, 40.7.1, 40.7.2, 40.7.3, 40.8.0, 40.9.0, 41.0.0, 41.0.1, 41.1.0, 41.2.0, 41.3.0, 41.4.0, 41.5.0, 41.5.1, 41.6.0, 42.0.0, 42.0.1, 42.0.2, 43.0.0, 44.0.0, 44.1.0, 44.1.1, 45.0.0, 45.1.0, 45.2.0, 45.3.0, 46.0.0, 46.1.0, 46.1.1, 46.1.2, 46.1.3, 46.2.0, 46.3.0, 46.3.1, 46.4.0, 47.0.0, 47.1.0, 47.1.1, 47.2.0, 47.3.0, 47.3.1, 47.3.2, 48.0.0, 49.0.0, 49.0.1, 49.1.0, 49.1.1, 49.1.2, 49.1.3, 49.2.0, 49.2.1, 49.3.0, 49.3.1, 49.3.2, 49.4.0, 49.5.0, 49.6.0, 50.0.0, 50.0.1, 50.0.2, 50.0.3, 50.1.0, 50.2.0, 50.3.0, 50.3.1, 50.3.2, 51.0.0, 51.1.0, 51.1.0.post20201221, 51.1.1, 51.1.2, 51.2.0, 51.3.0, 51.3.1, 51.3.2, 51.3.3, 52.0.0, 53.0.0, 53.1.0, 54.0.0, 54.1.0, 54.1.1, 54.1.2, 54.1.3, 54.2.0, 56.0.0, 56.1.0, 56.2.0, 57.0.0, 57.1.0, 57.2.0, 57.3.0, 57.4.0, 57.5.0, 58.0.0, 58.0.1, 58.0.2, 58.0.3, 58.0.4, 58.1.0, 58.2.0, 58.3.0, 58.4.0, 58.5.0, 58.5.1, 58.5.2, 58.5.3, 59.0.1, 59.1.0, 59.1.1, 59.2.0, 59.3.0, 59.4.0, 59.5.0, 59.6.0) 16:32:06 ERROR: No matching distribution found for setuptools>65.5.1 ``` It is required to upgrade IT instances to allow an increase in the version of the dependency.
Normal markdown text
Note Evidence was taken manually python3.10 instances
Setuptools upgrade will be blocked until python upgrade in the IT instances https://github.com/wazuh/wazuh-qa/issues/3770
The proposed setuptools
version was setuptools>65.5.1
, installing in Ubuntu22 agents the last 66.1.0
version.
This change produces pkg_resources.extern.packaging.version.InvalidVersion
This is a bug in which python3-distro-info
does not fit with the PEP 440-compliant versions, making the parser fails.
It is proposed to use the setuptools=65.6.0
to avoid it.
Build: https://ci.wazuh.info/job/Test_integration/35823/console
Python310 installed in the instances fail importing SSL
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/local/lib/python3.8/ssl.py", line 98, in <module>
import _ssl # if we can't import it, let the error propagate
ModuleNotFoundError: No module named '_ssl'
This was solved following these steps:
156 wget https://www.openssl.org/source/openssl-1.1.1g.tar.gz
157 tar -zxf openssl-1.1.1g.tar.gz && cd openssl-1.1.1g
158 ./config
159 ./config --prefix=/usr/local/custom-openssl --openssldir=/etc/ssl
160 make -j1 depend
161 make -j8
162 make install_sw
166 cd Python-3.10.9
167 ./configure -C --with-openssl=/usr/local/custom-openssl --with-openssl-rpath=auto --prefix=/usr/local/python-3.version
168 make -j8
169 make alt install
207 /usr/local/python-3.version/bin/python3.10
ValueError: underlying buffer has been detached
in Windows hosts
17:04:23 File "C:\Python37\lib\logging\__init__.py", line 1028, in emit
17:04:23 stream.write(msg + self.terminator)
17:04:23 ValueError: underlying buffer has been detached
Regarding this error, it seems that it is fixed after upgrading windows' python to 3.10. It is required to reopen https://github.com/wazuh/wazuh-qa/issues/3770 and upgrade also windows agent.
17:04:13 DEPRECATION: python-vagrant is being installed using the legacy 'setup.py install' method, because it does not have a 'pyproject.toml' and the 'wheel' package is not installed. pip 23.1 will enforce this behaviour change. A possible replacement is to enable the '--use-pep517' option. Discussion can be found at https://github.com/pypa/pip/issues/8559
17:04:13 DEPRECATION: progress is being installed using the legacy 'setup.py install' method, because it does not have a 'pyproject.toml' and the 'wheel' package is not installed. pip 23.1 will enforce this behaviour change. A possible replacement is to enable the '--use-pep517' option. Discussion can be found at https://github.com/pypa/pip/issues/8559
17:04:13 DEPRECATION: docopt is being installed using the legacy 'setup.py install' method, because it does not have a 'pyproject.toml' and the 'wheel' package is not installed. pip 23.1 will enforce this behaviour change. A possible replacement is to enable the '--use-pep517' option. Discussion can be found at https://github.com/pypa/pip/issues/8559
17:04:13 DEPRECATION: ordered-set is being installed using the legacy 'setup.py install' method, because it does not have a 'pyproject.toml' and the 'wheel' package is not installed. pip 23.1 will enforce this behaviour change. A possible replacement is to enable the '--use-pep517' option. Discussion can be found at https://github.com/pypa/pip/issues/8559
17:04:13 DEPRECATION: future is being installed using the legacy 'setup.py install' method, because it does not have a 'pyproject.toml' and the 'wheel' package is not installed. pip 23.1 will enforce this behaviour change. A possible replacement is to enable the '--use-pep517' option. Discussion can be found at https://github.com/pypa/pip/issues/8559
17:04:13 DEPRECATION: configobj is being installed using the legacy 'setup.py install' method, because it does not have a 'pyproject.toml' and the 'wheel' package is not installed. pip 23.1 will enforce this behaviour change. A possible replacement is to enable the '--use-pep517' option. Discussion can be found at https://github.com/pypa/pip/issues/8559
17:04:13 DEPRECATION: treelib is being installed using the legacy 'setup.py install' method, because it does not have a 'pyproject.toml' and the 'wheel' package is not installed. pip 23.1 will enforce this behaviour change. A possible replacement is to enable the '--use-pep517' option. Discussion can be found at https://github.com/pypa/pip/issues/8559
17:04:13 DEPRECATION: pybitbucket-fork is being installed using the legacy 'setup.py install' method, because it does not have a 'pyproject.toml' and the 'wheel' package is not installed. pip 23.1 will enforce this behaviour change. A possible replacement is to enable the '--use-pep517' option. Discussion can be found at https://github.com/pypa/pip/issues/8559
Regarding this error, we should try to integrate the `--use-pep517` option in the setup script
- Packages would be ignored
17:01:15 ############################
17:01:15 # Package would be ignored #
17:01:15 ############################
17:01:15 Python recognizes 'wazuh_testing.data' as an importable package,
17:01:15 but it is not listed in the packages
configuration of setuptools.
17:01:15
17:01:15 'wazuh_testing.data' has been automatically added to the distribution only
17:01:15 because it may contain data files, but this behavior is likely to change
17:01:15 in future versions of setuptools (and therefore is considered deprecated).
17:01:15
17:01:15 Please make sure that 'wazuh_testing.data' is included as a package by using
17:01:15 the packages
configuration field or the proper discovery methods
17:01:15 (for example by using find_namespace_packages(...)
/find_namespace:
17:01:15 instead of find_packages(...)
/find:
).
17:01:15
17:01:15 You can read more about "package discovery" and "data files" on setuptools
17:01:15 documentation page.
17:01:15
Regarding this error, it seems that since PEP 420, there is no way for differentiating a folder from a package in Python. So, directories of the repository are considered as namespace packages. It should be necessary to replace the `find_packages`
of the setup script with `find_namespace_packages`
**Build**: https://ci.wazuh.info/job/Test_integration/36708/console
Deprecation warnings in the windows endpoint
C:\Python37\lib\site-packages\setuptools\command\install.py:37: SetuptoolsDeprecationWarning: setup.py install is deprec
ated. Use build and pip and other standards-based tools.
setuptools.SetuptoolsDeprecationWarning,
C:\Python37\lib\site-packages\setuptools\command\easy_install.py:147: EasyInstallDeprecationWarning: easy_install comman
d is deprecated. Use build and pip and other standards-based tools.
In order to avoid produced errors and warnings is required to migrate to pyproject.toml
schema. Further research is required
Solve conflict
New AMI to avoid setup installation error
Agentd IT: https://ci.wazuh.info/view/Tests/job/Test_integration/40708/
Detected new error.
14:24:23 Traceback (most recent call last):
14:24:23 File "C:\Python311\Lib\site-packages\py_vendored_packages\apipkg__init.py", line 145, in makeattr
14:24:23 modpath, attrname = self.map[name]
14:24:23 ~~~~^^^^^^
14:24:23 KeyError: 'spec'
It seems that error is fixed when py is upgraded to 1.11.0
***
- Solved installation errors
- Open Wazuh Jenkins PR to upgrade Windows IT ami and change setup.py deprecated installation method (https://github.com/wazuh/wazuh-jenkins/pull/5342)
- Testing IT pipeline using logcollector module: https://ci.wazuh.info/view/Tests/job/Test_integration/40719/
Reopening this issue and rescheduling it to 4.8.0 to propper implementation among other wazuh-qa repo consumers like wazuh-jenkins
Understanding that the setuptool has security issues (mentioned in https://github.com/wazuh/wazuh/issues/16473)
Researching https://scout.docker.com/vulnerabilities/id/CVE-2022-40897
CVE-2022-40897 SOURCE - github Summary
Python Packaging Authority (PyPA)'s setuptools is a library designed to facilitate packaging Python projects. Setuptools version 65.5.0 and earlier could allow remote attackers to cause a denial of service by fetching malicious HTML from a PyPI package or custom PackageIndex page due to a vulnerable Regular Expression in package_index. This has been patched in version 65.5.1.
On the other hand: https://github.com/wazuh/wazuh-jenkins/issues/5695 shows that the changes done in wazuh-qa affected functionalities of other pipelines/repositories requiring a deeper understanding of its influence.
It seems that test_service pipeline is affected in all its options of test.
It could potentially exist in the following files where the requirement.txt file is utilized. Therefore, if there is a change in setuptools
, all tests, pipelines, or deployments involving these files may fail.
On the other hand, setuptools > 65.5.1
requires Python >=3.7
This would imply modifying the Python version of all products that consume requirements.txt (many of them are working on Python 3.6). It will be important to weigh whether these products are deliverables and if they can be exposed to an attack, versus the work involved in retesting all the sectors that use that list of libraries after the update.
Checking the current version of Python in each of the products where requirements.txt is consumed:
file | python-vers |
---|---|
doc>Dockerfile | 3.7-alpine |
dockers>repositories>wazuh>api_performance>Dockerfile | 3.9 |
dockers>repositories>wazuh-jenkins>data_visualization>Dockerfile | 3.9 |
dockers>repositories>wazuh-jenkins>log_parser>Dockerfile | 3.9 |
dockers>repositories |
3.9-buster |
dockers>repositories>wazuh>simulate_agents>Dockerfile | 3.9 |
quality>tests>performance>fim>roles>test-fim>tasks>configure_agent.yaml | 3.7? |
dockers>repositories>wazuh>api_performance>run_api_performance_test.sh | NA |
dockers>repositories>wazuh>simulate_agents>run_simulated_agents.sh | NA |
dockers>repositories>wazuh>simulate_api>Dockerfile | NA |
dockers>repositories>wazuh>simulate_api>run_api_simulation.sh | NA |
dockers>repositories>wazuh-jenkins>aws_docker_instance>Dockerfile | NA |
dockers>repositories>wazuh-jenkins>data_visualization>data_visualizacion.sh | NA |
dockers>repositories>wazuh-jenkins>log_parser>log_parser.sh | NA |
dockers>repositories>wazuh-jenkins>report_generator>report_generator.sh | NA |
jenkins-files>tests>test_e2e_system.groovy | NA |
jenkins-files>tests>test_integration.groovy | NA |
quality>tests>generic>08-service>linux>test>conf>test-manager>tasks>main.yaml | NA |
quality>tests>generic>08-service>linux>test>conf>test-agent>tasks>main.yaml | NA |
quality>tests>performance>cluster>cluster_tests.sh | NA |
quality>tests>cluster>manager.provision.yaml | NA |
quality>tests>performance>fim>roles>test-fim>tasks>configure_manager.yaml | NA |
quality>tests>performance>fim>roles>test-fim>tasks>configure_win_agent.yaml | NA |
quality>tests>reliability>agent_provision.yaml | NA |
quality>tests>reliability>manager_privision.yaml | NA |
quality>tests>reliability>test_reliability.yaml | NA |
quality>tests>system>playbooks>provision.yaml | NA |
where:
are involved in test_service.
The update of Python in test_service is being evaluated initially.
When attempting to change the version of setuptools, it was necessary to install Python version 3.7 or higher. During this installation, messages related to other libraries conflicting with the new version appeared, and it also became challenging to set the path for pip3 and Python.
The decision is made to work locally to avoid conflicts between existing libraries and the Python version to be installed. Afterwards, the same will be utilized in an ECR/AMI, where tests will be executed, thus simplifying provisioning and eliminating ambiguous steps in each of the tests. Therefore, progress is made in the research of the ideal Python version, ranging from LTS to older versions.
Following steps will be followed:
Python version | Status | Conflict |
---|---|---|
3.10 | :green_circle: | |
3.11 | :red_circle: | netifaces |
3.12 | :red_circle: | git-repo |
Python version | Status | Conflict |
---|---|---|
3.10 | :green_circle: | |
3.11 | :red_circle: | jq |
3.12 | :red_circle: | git-subprocess |
Creating Dockerfile and testing python 3.10 install in different OS
Issues around:
netifaces.c:1:10: fatal error: Python.h: No such file or directory 1 | #include <Python.h> | ^~~~~~~~~~
Docker is not working as Vagrant environment.
Tested Dockerfiles for ECR:
Ubuntu:
Centos:
Repositories created in ECR. Starting testing stage
Test_service pipeline:
Creating CentOS 6 and 7, Ubuntu bionic and trusty AMIs with python3.10
Some issues running CentOS 6 and 7 https://ci.wazuh.info/job/Test_service/6877/ https://ci.wazuh.info/job/Test_service/6874/
Also in Ubuntu Bionic and Trusty: https://ci.wazuh.info/job/Test_service/6875/ https://ci.wazuh.info/job/Test_service/6880/
with the following error:
After reviewing the AMIs: CentOS 7 was handled: manually the installation of dependencies worked however during the pipeline action https://ci.wazuh.info/job/Test_service/6887/console
Moved to on-hold for release testing
CentOS 7 :green_circle: build: https://ci.wazuh.info/job/Test_service/6889/
Ubuntu bionic :green_circle: build: https://ci.wazuh.info/job/Test_service/6907/console
CentOS6 and trusty :red_circle:
AMIs require adjustments.
The problem in CentOS6 and trusty openssl11 is not available and the following error appears:
tests/pipelines
in wazuh-jenkins that consume wazuh-qa/requirements.txt.Python version
used in these tests/pipelines.3.10
).test_service
pipeline and created ECRs and AMIs for testing purposes.Ubuntu Bionic
, Ubuntu Jammy Jellyfish
, CentOS 7
, and CentOS 8
.CentOS 6
and Ubuntu Trusty
, both have issues generating images with Python 3.10
due to the unavailability of openssl11
, so find a replacement of it.CentOS 6
and Ubuntu Trusty
with Python versions higher than 3.6, but not dependent on openssl11
.CentOS 6: Solving openssl issue by installing openssl11 separately Now new problem is appearing
After solving the problem of GCC installing GCC packages from scratch, now this new problem has appeared
Ubuntu trusty: Python3.10 install presents the following problem
While I am trying to find the setting to run Python > 3.7 in Ubuntu trusty and Centos 6, the Reliability test will be research
test/pipeline | status |
---|---|
quality>tests>generic>08-service>linux>test>conf>test-manager>tasks>main.yaml | :yellow_circle: |
quality>tests>generic>08-service>linux>test>conf>test-agent>tasks>main.yaml | :yellow_circle: |
quality>tests>reliability>agent_provision.yaml | :yellow_circle: |
quality>tests>reliability>manager_privision.yaml | :yellow_circle: |
quality>tests>reliability>test_reliability.yam | :yellow_circle: |
Working on release testing. Moved to on hold
After some additional research
file | python-vers |
---|---|
quality>tests>generic>08-service>linux>test>conf>test-manager>tasks>main.yaml | NA |
quality>tests>generic>08-service>linux>test>conf>test-agent>tasks>main.yaml | NA |
CentOS6 and Ubuntu Trusty have problems installing new versions >=3.7 of python :red_circle:
file | python-vers |
---|---|
quality>tests>performance>fim>roles>test-fim>tasks>configure_agent.yaml | |
quality>tests>performance>fim>roles>test-fim>tasks>configure_manager.yaml | NA |
quality>tests>performance>fim>roles>test-fim>tasks>configure_win_agent.yaml | NA |
quality>tests>performance>cluster>cluster_tests.sh | NA |
quality>tests>performance>cluster>manager_provision.yaml | NA |
jenkins-files>tests>test_e2e_system.groovy | NA |
jenkins-files>tests>test_integration.groovy | NA |
file | python-vers |
---|---|
dockers>repositories>wazuh-jenkins>aws_docker_instance>Dockerfile | 3.716 |
doc>Dockerfile | 3.7-alpine |
dockers>repositories>wazuh-jenkins>data_visualization>Dockerfile | 3.9 |
dockers>repositories>wazuh-jenkins>data_visualization>data_visualizacion.sh | NA |
dockers>repositories>wazuh>api_performance>Dockerfile | 3.9 |
dockers>repositories>wazuh>api_performance>run_api_performance_test.sh | NA |
dockers>repositories>wazuh>simulate_agents>Dockerfile | 3.9 |
dockers>repositories>wazuh>simulate_agents>run_simulated_agents.sh | NA |
dockers>repositories>wazuh>simulate_api>Dockerfile | 3.9 |
dockers>repositories>wazuh>simulate_api>run_api_simulation.sh | NA |
dockers>repositories |
3.9-buster |
dockers>repositories>wazuh-jenkins>report_generator>report_generator.sh | NA |
dockers>repositories>wazuh-jenkins>log_parser>Dockerfile | 3.9 |
dockers>repositories>wazuh-jenkins>log_parser>log_parser.sh | NA |
file | python-vers |
---|---|
quality>tests>system>playbooks>provision.yaml | NA |
file | python-vers |
---|---|
quality>tests>reliability>agent_provision.yaml | NA |
quality>tests>reliability>manager_privision.yaml | NA |
quality>tests>reliability>test_reliability.yaml | NA |
Test_reliability and CLUSTER-Workload_benchmarks_metrics are deprecated, then fixes on them are going to be skipped
Researching the following pipeline
file | python-vers |
---|---|
quality>tests>performance>fim>roles>test-fim>tasks>configure_agent.yaml | |
quality>tests>performance>fim>roles>test-fim>tasks>configure_manager.yaml | NA |
quality>tests>performance>fim>roles>test-fim>tasks>configure_win_agent.yaml | NA |
quality>tests>performance>cluster>manager_provision.yaml | NA |
It is possible to confirm the following python version in test_e2e_system and test_integration
file | python-vers |
---|---|
jenkins-files>tests>test_e2e_system.groovy | 3.9/3.11 |
jenkins-files>tests>test_integration.groovy | 3.10.9 |
After some additional research
file | python-vers |
---|---|
quality>tests>generic>08-service>linux>test>conf>test-manager>tasks>main.yaml | NA |
quality>tests>generic>08-service>linux>test>conf>test-agent>tasks>main.yaml | NA |
CentOS6 and Ubuntu Trusty have problems installing new versions >=3.7 of python :red_circle:
file | python-vers |
---|---|
dockers>repositories>wazuh-jenkins>aws_docker_instance>Dockerfile | 3.716 |
doc>Dockerfile | 3.7-alpine |
dockers>repositories>wazuh-jenkins>data_visualization>Dockerfile | 3.9 |
dockers>repositories>wazuh-jenkins>data_visualization>data_visualizacion.sh | NA |
dockers>repositories>wazuh>api_performance>Dockerfile | 3.9 |
dockers>repositories>wazuh>api_performance>run_api_performance_test.sh | NA |
dockers>repositories>wazuh>simulate_agents>Dockerfile | 3.9 |
dockers>repositories>wazuh>simulate_agents>run_simulated_agents.sh | NA |
dockers>repositories>wazuh>simulate_api>Dockerfile | 3.9 |
dockers>repositories>wazuh>simulate_api>run_api_simulation.sh | NA |
dockers>repositories |
3.9-buster |
dockers>repositories>wazuh-jenkins>report_generator>report_generator.sh | NA |
dockers>repositories>wazuh-jenkins>log_parser>Dockerfile | 3.9 |
dockers>repositories>wazuh-jenkins>log_parser>log_parser.sh | NA |
jenkins-files>tests>test_e2e_system.groovy | 3.9/3.11 |
jenkins-files>tests>test_integration.groovy | 3.10.9 |
file | python-vers |
---|---|
quality>tests>system>playbooks>provision.yaml | NA |
file | python-vers |
---|---|
quality>tests>reliability>agent_provision.yaml | NA |
quality>tests>reliability>manager_privision.yaml | NA |
quality>tests>reliability>test_reliability.yaml | NA |
quality>tests>performance>fim>roles>test-fim>tasks>configure_agent.yaml | |
quality>tests>performance>fim>roles>test-fim>tasks>configure_manager.yaml | NA |
quality>tests>performance>fim>roles>test-fim>tasks>configure_win_agent.yaml | NA |
quality>tests>performance>cluster>cluster_tests.sh | NA |
quality>tests>performance>cluster>manager_provision.yaml | NA |
AMI for Ubuntu trusty could be created.
Centos6 is still showing WARNING: pip is configured with locations that require TLS/SSL, however the ssl module in Python is not available.
error
Considering the following documents in order to work on openssl
issue:
https://serverok.in/install-python-3-8-on-centos-6-from-source https://techglimpse.com/install-python-openssl-support-tutorial/
Some tests were done but some errors appeared while python is being installed changing /Modules/Setup
information
Openssl is being installed successfully, only using yum install openssl
and yum install openssl-devel
Working on CentOS6 it was possible to install openssl in docker, however, the following error is showed installing pip libraries
Test_service AMI has GCC 7.3.1
Ubuntu Trusty build was successful: https://ci.wazuh.info/job/Test_service/6999/console
In case of CentOS:
After update GCC. During the python libraries installation:
Then it was installed gcc-gfortran
Then it was installed openblas
Then trying to install cmake >3.4
During GCC update
Then new EC2 with 150gb has created
However, same error has raised by the EC2
Same problems installing cmake. Research about the error demonstrates that the version of GLIBCXX CXXABI is present in libstdc++.so.6.
When examining Centos 6 AMIs, it was observed that the current AMI already includes Python 3.8. When attempting to install the requirements.txt with the fixed 'setuptools' library, an error surfaced as follows:
../../meson.build:26:4: ERROR: Encountered an issue: SciPy necessitates GCC >= 8.0
Trying to install GCC >= 8.0 resulted in the same space shortage issue: link to the issue
It is possible to see that AMIs have a specific defined volume for the EC2 root user. It should be changed manually in case that the idea is still install GCC>8.0
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/recognize-expanded-volume-linux.html
The same issue persists when trying to install GCC on the instances launched from AMI.
I don't have access to CentOS 6 AMI, the task will resume when possible.
akim@akim-PC:~/Desktop/personal$ ssh -i "xx.pem" centos@ec2-xx.compute-1.amazonaws.com
}sign_and_send_pubkey: no mutual signature supported
centos@ec2-xx.compute-1.amazonaws.com: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
It will not be worked on until there is a migration of the QA framework.
Based on the comment above:
It will not be worked on until there is a migration of the QA framework.
We will decide what to do with the repository dependencies once the migration is completed, but the solution might be different to the proposed here.
It is necessary to upgrade the setuptools dependency to a version >
65.5.1
.