search

wazuh / wazuh-qa

Wazuh - Quality Assurance
GNU General Public License v2.0
60 stars 30 forks source link

DTT1 - Allocation Module - MacMini requires Fingerprint manual validation in order to have access. #5235

Closed pro-akim closed 2 weeks ago

pro-akim commented 2 weeks ago

Trying to access to the MacMini host, I could find the following validation which I had to do it manually first (because of the fingerprint validation)

(deplo_test) akim@akim-PC:~/Desktop/test/wazuh-qa/deployability$ ssh user@xx.xx.xxx.xxx
The authenticity of host 'xx.xx.x.xxx (xx.xx.x.xxx)' can't be established.
ED25xxxx key fingerprint is SHAxx:xxx
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'xx.xx.x.xxx' (ED25519) to the list of known hosts.
(user@xx.xx.x.xxx) Password:
Last login: Tue Apr 16 23:45:31 2024 from xxx.xx.xx.xxx
jenkins@66460 ~ % ls
Desktop                 Downloads               Movies                  Parallels               Public                  deployer.pem            net.pcap                testing                 testing-macos1207       vagrant_test
Documents               Library                 Music                   Pictures                Vagrantfile             free.py                 qa_manual_testing       testing-idr-580         vagrant_boxes           vagrant_vagrantfile
user@66xx0 ~ % exit
Connection to xx.xx.x.xxx closed.
c-bordon commented 2 weeks ago

The -o "StrictHostKeyChecking no" parameter is added to ssh executions to avoid this problem:

After applying this, despite not having the host in the known_hosts file, the connection is made correctly

cbordon@cbordon-MS-7C88:~/Documents/wazuh/repositorios/wazuh-qa$ ssh jenkins@10.10.0.250
The authenticity of host '10.10.0.250 (10.10.0.250)' can't be established.
ED25519 key fingerprint is SHA256:9k32hxf9z5GFf3Bm3HlsO/mnvJIJxLwe186+2hyyo5A.
This host key is known by the following other names/addresses:
    ~/.ssh/known_hosts:361: [hashed name]
Are you sure you want to continue connecting (yes/no/[fingerprint])? ^C
cbordon@cbordon-MS-7C88:~/Documents/wazuh/repositorios/wazuh-qa$ python3 deployability/modules/allocation/main.py --provider vagrant --size small --composite-name macos-ventura-13.4.1-arm64
[2024-04-17 14:38:49] [INFO] ALLOCATOR: Creating instance at /tmp/wazuh-qa
[2024-04-17 14:38:49] [DEBUG] ALLOCATOR: Creating instance directory on remote host
Traceback (most recent call last):
  File "/home/cbordon/Documents/wazuh/repositorios/wazuh-qa/deployability/modules/allocation/main.py", line 39, in <module>
    main()
  File "/home/cbordon/Documents/wazuh/repositorios/wazuh-qa/deployability/modules/allocation/main.py", line 35, in main
    Allocator.run(InputPayload(**vars(parse_arguments())))
  File "/home/cbordon/Documents/wazuh/repositorios/wazuh-qa/deployability/modules/allocation/allocation.py", line 37, in run
    return cls.__create(payload)
  File "/home/cbordon/Documents/wazuh/repositorios/wazuh-qa/deployability/modules/allocation/allocation.py", line 56, in __create
    instance = provider.create_instance(
  File "/home/cbordon/Documents/wazuh/repositorios/wazuh-qa/deployability/modules/allocation/generic/provider.py", line 70, in create_instance
    return cls._create_instance(base_dir, params, config, ssh_key)
  File "/home/cbordon/Documents/wazuh/repositorios/wazuh-qa/deployability/modules/allocation/vagrant/provider.py", line 64, in _create_instance
    remote_host_parameters = cls.__remote_host(arch, 'create')
  File "/home/cbordon/Documents/wazuh/repositorios/wazuh-qa/deployability/modules/allocation/vagrant/provider.py", line 308, in __remote_host
    raise ValueError(f"macStadium server is full capacity, use AWS provider.")
ValueError: macStadium server is full capacity, use AWS provider.
c-bordon commented 2 weeks ago

Test macOS Intel

cbordon@cbordon-MS-7C88:~/Documents/wazuh/repositorios/wazuh-qa$ ssh-keygen -f "/home/cbordon/.ssh/known_hosts" -R "10.10.0.251"
# Host 10.10.0.251 found: line 1272
# Host 10.10.0.251 found: line 1273
/home/cbordon/.ssh/known_hosts updated.
Original contents retained as /home/cbordon/.ssh/known_hosts.old
cbordon@cbordon-MS-7C88:~/Documents/wazuh/repositorios/wazuh-qa$ ssh jenkins@10.10.0.251
The authenticity of host '10.10.0.251 (10.10.0.251)' can't be established.
ED25519 key fingerprint is SHA256:4feW2oj5wA3sVac9Nzu/YSHyUyH8+UOnXHkGsIgAIE0.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? ^C
cbordon@cbordon-MS-7C88:~/Documents/wazuh/repositorios/wazuh-qa$ python3 deployability/modules/allocation/main.py --provider vagrant --size small --composite-name macos-catalina-10.15.1-amd64
[2024-04-18 08:55:18] [INFO] ALLOCATOR: Creating instance at /tmp/wazuh-qa
[2024-04-18 08:55:18] [DEBUG] ALLOCATOR: Creating instance directory on remote host
[2024-04-18 08:55:32] [INFO] ALLOCATOR: Using the black mini server to deploy.
[2024-04-18 08:55:36] [DEBUG] ALLOCATOR: No config provided. Generating from payload
[2024-04-18 08:55:36] [DEBUG] ALLOCATOR: Generating new key pair
[2024-04-18 08:55:44] [DEBUG] ALLOCATOR: Vagrantfile created. Creating instance.
[2024-04-18 08:55:49] [INFO] ALLOCATOR: Instance VAGRANT-EF4B135A-96A5-49A9-84ED-494B68379214 created.
[2024-04-18 08:58:48] [ERROR] ALLOCATOR: Command failed: Sorry, don't know how to check guest version of Virtualbox Guest Additions on this platform. Stopping installation.

[2024-04-18 08:58:48] [INFO] ALLOCATOR: Instance VAGRANT-EF4B135A-96A5-49A9-84ED-494B68379214 started.
[2024-04-18 08:59:01] [INFO] ALLOCATOR: Inventory file generated at /tmp/wazuh-qa/VAGRANT-EF4B135A-96A5-49A9-84ED-494B68379214/inventory.yml
[2024-04-18 08:59:03] [INFO] ALLOCATOR: SSH connection successful.
[2024-04-18 08:59:16] [INFO] ALLOCATOR: Track file generated at /tmp/wazuh-qa/VAGRANT-EF4B135A-96A5-49A9-84ED-494B68379214/track.yml
c-bordon commented 2 weeks ago

Test macOS ARM

cbordon@cbordon-MS-7C88:~/Documents/wazuh/repositorios/wazuh-qa$ ssh-keygen -f "/home/cbordon/.ssh/known_hosts" -R "10.10.0.250"
Host 10.10.0.250 not found in /home/cbordon/.ssh/known_hosts
cbordon@cbordon-MS-7C88:~/Documents/wazuh/repositorios/wazuh-qa$ python3 deployability/modules/allocation/main.py --provider vagrant --size small --composite-name macos-ventura-13.4.1-arm64
[2024-04-18 08:21:33] [INFO] ALLOCATOR: Creating instance at /tmp/wazuh-qa
[2024-04-18 08:21:33] [DEBUG] ALLOCATOR: Creating instance directory on remote host
Traceback (most recent call last):
  File "/home/cbordon/Documents/wazuh/repositorios/wazuh-qa/deployability/modules/allocation/main.py", line 39, in <module>
    main()
  File "/home/cbordon/Documents/wazuh/repositorios/wazuh-qa/deployability/modules/allocation/main.py", line 35, in main
    Allocator.run(InputPayload(**vars(parse_arguments())))
  File "/home/cbordon/Documents/wazuh/repositorios/wazuh-qa/deployability/modules/allocation/allocation.py", line 37, in run
    return cls.__create(payload)
  File "/home/cbordon/Documents/wazuh/repositorios/wazuh-qa/deployability/modules/allocation/allocation.py", line 56, in __create
    instance = provider.create_instance(
  File "/home/cbordon/Documents/wazuh/repositorios/wazuh-qa/deployability/modules/allocation/generic/provider.py", line 70, in create_instance
    return cls._create_instance(base_dir, params, config, ssh_key)
  File "/home/cbordon/Documents/wazuh/repositorios/wazuh-qa/deployability/modules/allocation/vagrant/provider.py", line 64, in _create_instance
    remote_host_parameters = cls.__remote_host(arch, 'create')
  File "/home/cbordon/Documents/wazuh/repositorios/wazuh-qa/deployability/modules/allocation/vagrant/provider.py", line 311, in __remote_host
    raise ValueError(f"macStadium server is full capacity, use AWS provider.")
ValueError: macStadium server is full capacity, use AWS provider.
cbordon@cbordon-MS-7C88:~/Documents/wazuh/repositorios/wazuh-qa$ ssh jenkins@10.10.0.250 sudo /usr/local/bin/prlctl list -j
(jenkins@10.10.0.250) Password:
[
        {
                "uuid": "a0bbbacd-84eb-4b26-8848-6c77988d7de6",
                "status": "running",
                "ip_configured": "-",
                "name": "VAGRANT-2D15AD11-1D06-433D-9C95-BC05E678F174"
        },
        {
                "uuid": "dcd556c1-5569-4cb7-8727-57e42a890a80",
                "status": "running",
                "ip_configured": "-",
                "name": "Wazuh_QA_environment_1102_20240418112732_macos_1400_7_0"
        }
]

The response we received tells us that the ssh connection was successful.

fcaffieri commented 2 weeks ago

LGTM