Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adapt command structure to new definition #394

Closed
Tracked by #241
, #587
...
TomasTurina opened this issue Dec 5, 2024 · 4 comments · Fixed by #408
Closed
Tracked by #241
, #587
...

Adapt command structure to new definition #394

TomasTurina opened this issue Dec 5, 2024 · 4 comments · Fixed by #408
Assignees
@sdvendramini
Labels
level/task Task issue module/command mvp Minimum Viable Product refinement type/enhancement Enhancement issue

Comments

@TomasTurina
Copy link
Member

TomasTurina commented Dec 5, 2024
edited by vikman90
Loading

Parent Issue: #241

Description

After the latest changes introduced in the server side, it was decided that the structure of the messages that the agent receives with commands will be as follows:

  "commands": [
    {
      "document_id" : "SuyTlZIBRVsFsWNvvx6f",
      "request_id": "aeyvlZIBRVsFNWNvvj6f",
      "order_id": "auyvlZIBRVsFNWNvvj6f",
      "source": "Users/Services",
      "user": "Management API",
      "target": {
        "id": "0a96a0ab-5bef-415c-bb3c-ea3e294215a0",
        "type": "agent"
      },
      "action": {
        "name": "restart",
        "version": "v5.0.0",
        "args": []
      },
      "timeout": 100,
      "status": "pending"
    }
]

Besides, the structure of the response should be as following:

{"module": "command", "id": "SuyTlZIBRVsFsWNvvx6f", "operation": "update"}
{"command":{"result":{"code":4,"message":"Agent stopped during execution"}}}

This issue consists in adapt the agent code to these new specifications.

Since the new message doesn't specify a module where the command should be executed, we also need to change the logic and make the command handler responsible of distribute the commands based on the name of the command and the arguments. This will require to make changes in the centralized configuration component as well.

It is mandatory to test all these changes with a real server to verify that the command feature works E2E.
@wazuhci wazuhci moved this to Backlog in Release 5.0.0 Dec 5, 2024
@wazuhci wazuhci moved this from Backlog to In progress in Release 5.0.0 Dec 9, 2024
@sdvendramini sdvendramini linked a pull request Dec 10, 2024 that will close this issue
Adapt command structure to new definition #408
Merged
@sdvendramini sdvendramini mentioned this issue Dec 10, 2024
Merged
@sdvendramini
Copy link
Member

sdvendramini commented Dec 10, 2024
edited
Loading

09/12/2024

The necessary modifications to adapt the code to the new command structure have been started.

10/12/2024

Work on the modifications continued, tests were fixed, and testing was performed. The Draft PR was opened.

11/12/2024

I have been adding commands cases to the mock based on Imposter. Additionally, I started deploying an E2E testing environment. Minor corrections were made to the code, and the PR was opened for review.

12/12/2024

Corrections made to PR comments, further testing performed. PR comments have been fixed, testing continued, and an unrelated issue was identified and fixed in this commit. Minimal adjustments were subsequently made to align with design changes.

@AlexRuiz7 AlexRuiz7 mentioned this issue Dec 10, 2024
Closed
12 tasks
@vikman90 vikman90 added the mvp Minimum Viable Product refinement label Dec 11, 2024
@vikman90 vikman90 mentioned this issue Dec 11, 2024
Open
53 tasks
@AlexRuiz7 AlexRuiz7 mentioned this issue Dec 11, 2024
Closed
@GGP1 GGP1 mentioned this issue Dec 11, 2024
Closed
@wazuhci wazuhci moved this from In progress to In review in Release 5.0.0 Dec 11, 2024
@wazuhci wazuhci moved this from In review to Done in Release 5.0.0 Dec 12, 2024
@sdvendramini
Copy link
Member

sdvendramini commented Dec 13, 2024
edited
Loading

Tests with python mock

set-group

Case 1
  • command
{
    "commands":
    [
        {
            "document_id": "1193bf02-fad7-7bae-93c7-51c6fbaf62e2",
            "action":
            {
                "name": "set-group",
                "version": "v5.0.0",
                "args":
                [
                    "validYaml",
                    "invalidYaml"
                ]
            },
            "target":
            {
                "type": "agent",
                "id": "agentID"
            },
            "status": "sent"
        }
    ]
}
  • logs
[2024-12-13 09:07:41.822] [wazuh-agent] [info] [INFO] [command_handler_utils.cpp:77] [DispatchCommand] Dispatching command set-group(CentralizedConfiguration)
[2024-12-13 09:07:41.826] [wazuh-agent] [warning] [WARN] [centralized_configuration.cpp:91] [ExecuteCommand] Failed to validate the file for group 'invalidYaml', invalid group file received: /tmp/invalidYaml.yml
[2024-12-13 09:07:41.827] [wazuh-agent] [info] [INFO] [command_handler.hpp:98] [operator()] Done processing command: set-group(CentralizedConfiguration)
  • command db
0193bf02-fad7-7bae-93c7-51c6fbaf62e2|CentralizedConfiguration|set-group|["validYaml","invalidYaml"]|CentralizedConfiguration validate file failed, invalid file received.|1|1734077261.812
  • groups db
empty
Case 2
  • command
{
    "commands":
    [
        {
            "document_id": "0193bf03-4994-7fe4-9bcb-2946208df4d7",
            "action":
            {
                "name": "set-group",
                "version": "v5.0.0",
                "args":
                []
            },
            "target":
            {
                "type": "agent",
                "id": "agentID"
            },
            "status": "sent"
        }
    ]
}
  • logs
[2024-12-13 09:13:47.907] [wazuh-agent] [info] [INFO] [command_handler_utils.cpp:77] [DispatchCommand] Dispatching command set-group(CentralizedConfiguration)
[2024-12-13 09:13:47.910] [wazuh-agent] [info] [INFO] [agent.cpp:80] [ReloadModules] Reloading Modules
[2024-12-13 09:13:47.910] [wazuh-agent] [info] [INFO] [configuration_parser.cpp:177] [ReloadConfiguration] Reload configuration.
[2024-12-13 09:13:47.910] [wazuh-agent] [info] [INFO] [configuration_parser.cpp:188] [ReloadConfiguration] Reload configuration done.
[2024-12-13 09:13:47.910] [wazuh-agent] [info] [INFO] [inventory.cpp:62] [Stop] Inventory module stopped.
[2024-12-13 09:13:47.910] [wazuh-agent] [info] [INFO] [logcollector.cpp:62] [Stop] Logcollector module stopped.
[2024-12-13 09:13:47.911] [wazuh-agent] [info] [INFO] [command_handler.hpp:98] [operator()] Done processing command: set-group(CentralizedConfiguration)
  • command db
0193bf03-4994-7fe4-9bcb-2946208df4d7|CentralizedConfiguration|set-group|[]|CentralizedConfiguration set-group done.|0|1734077627.898
  • groups db
empty
Case 3
  • command
{
    "commands":
    [
        {
            "document_id": "0193bf03-991f-7b51-b722-d9f9382f3215",
            "action":
            {
                "name": "set-group",
                "version": "v5.0.0",
                "args": null
            },
            "target":
            {
                "type": "agent",
                "id": "agentID"
            },
            "status": "sent"
        }
    ]
}
  • logs
[2024-12-13 09:19:53.998] [wazuh-agent] [info] [INFO] [command_handler_utils.cpp:77] [DispatchCommand] Dispatching command set-group(CentralizedConfiguration)
[2024-12-13 09:19:54.000] [wazuh-agent] [info] [INFO] [agent.cpp:80] [ReloadModules] Reloading Modules
[2024-12-13 09:19:54.000] [wazuh-agent] [info] [INFO] [configuration_parser.cpp:177] [ReloadConfiguration] Reload configuration.
[2024-12-13 09:19:54.000] [wazuh-agent] [info] [INFO] [configuration_parser.cpp:188] [ReloadConfiguration] Reload configuration done.
[2024-12-13 09:19:54.000] [wazuh-agent] [info] [INFO] [inventory.cpp:62] [Stop] Inventory module stopped.
[2024-12-13 09:19:54.000] [wazuh-agent] [info] [INFO] [logcollector.cpp:62] [Stop] Logcollector module stopped.
[2024-12-13 09:19:54.002] [wazuh-agent] [info] [INFO] [command_handler.hpp:98] [operator()] Done processing command: set-group(CentralizedConfiguration)
  • command db
0193bf03-991f-7b51-b722-d9f9382f3215|CentralizedConfiguration|set-group|[]|CentralizedConfiguration set-group done.|0|1734077993.989
  • groups db
empty
Case 4
  • command
{
    "commands":
    [
        {
            "document_id": "0193bf03-f732-7ee5-8647-5d381c256458",
            "action":
            {
                "name": "set-group",
                "version": "v5.0.0",
                "args":
                [
                    ""
                ]
            },
            "target":
            {
                "type": "agent",
                "id": "agentID"
            },
            "status": "sent"
        }
    ]
}
  • logs
[2024-12-13 09:23:58.053] [wazuh-agent] [error] [ERROR] [command_handler.cpp:24] [CheckCommand] The command set-group parameters must be non-empty strings.
[2024-12-13 09:23:58.053] [wazuh-agent] [error] [ERROR] [command_handler.hpp:68] [CommandsProcessingTask] Error checking module and args for command: 0193bf03-f732-7ee5-8647-5d381c256458 set-group. Error: Command is not valid
  • command db
empty
  • groups db
empty
Case 5
  • command
{
    "commands":
    [
        {
            "document_id": "0193bf04-62e4-73fe-a223-81d1af7ab6f1",
            "action":
            {
                "name": "set-group",
                "version": "v5.0.0",
                "args":
                [
                    "validYaml",
                    8
                ]
            },
            "target":
            {
                "type": "agent",
                "id": "agentID"
            },
            "status": "sent"
        }
    ]
}
  • logs
[2024-12-13 09:28:02.114] [wazuh-agent] [error] [ERROR] [command_handler.cpp:24] [CheckCommand] The command set-group parameters must be non-empty strings.
[2024-12-13 09:28:02.114] [wazuh-agent] [error] [ERROR] [command_handler.hpp:68] [CommandsProcessingTask] Error checking module and args for command: 0193bf04-62e4-73fe-a223-81d1af7ab6f1 set-group. Error: Command is not valid
  • command db
empty
  • groups db
empty
Case 6
  • command
{
    "commands":
    [
        {
            "document_id": "0193bf04-923d-72f9-a587-630cbf2c4b07",
            "action":
            {
                "name": "set-group",
                "version": "v5.0.0",
                "args":
                [
                    "validYaml"
                ]
            },
            "target":
            {
                "type": "agent",
                "id": "agentID"
            },
            "status": "sent"
        }
    ]
}
  • logs
[2024-12-13 09:32:06.178] [wazuh-agent] [info] [INFO] [command_handler_utils.cpp:77] [DispatchCommand] Dispatching command set-group(CentralizedConfiguration)
[2024-12-13 09:32:06.181] [wazuh-agent] [info] [INFO] [agent.cpp:80] [ReloadModules] Reloading Modules
[2024-12-13 09:32:06.181] [wazuh-agent] [info] [INFO] [configuration_parser.cpp:177] [ReloadConfiguration] Reload configuration.
[2024-12-13 09:32:06.181] [wazuh-agent] [info] [INFO] [configuration_parser.cpp:188] [ReloadConfiguration] Reload configuration done.
[2024-12-13 09:32:06.181] [wazuh-agent] [info] [INFO] [inventory.cpp:62] [Stop] Inventory module stopped.
[2024-12-13 09:32:06.181] [wazuh-agent] [info] [INFO] [logcollector.cpp:62] [Stop] Logcollector module stopped.
[2024-12-13 09:32:06.182] [wazuh-agent] [info] [INFO] [command_handler.hpp:98] [operator()] Done processing command: set-group(CentralizedConfiguration)
  • command db
0193bf04-923d-72f9-a587-630cbf2c4b07|CentralizedConfiguration|set-group|["validYaml"]|CentralizedConfiguration set-group done.|0|1734078726.177
  • groups db
4856|validYaml

@sdvendramini
Copy link
Member

sdvendramini commented Dec 13, 2024
edited
Loading

Tests with python mock

update-group

Case 1
  • command
{
    "commands":
    [
        {
            "document_id": "0193bf04-bf77-7427-bfea-4cf7cb2e310e",
            "action":
            {
                "name": "update-group",
                "version": "v5.0.0",
                "args":
                [
                    "noNeedArgs"
                ]
            },
            "target":
            {
                "type": "agent",
                "id": "agentID"
            },
            "status": "sent"
        }
    ]
}
  • logs
[2024-12-13 09:36:11.236] [wazuh-agent] [info] [INFO] [command_handler_utils.cpp:77] [DispatchCommand] Dispatching command update-group(CentralizedConfiguration)
[2024-12-13 09:36:11.237] [wazuh-agent] [info] [INFO] [agent.cpp:80] [ReloadModules] Reloading Modules
[2024-12-13 09:36:11.237] [wazuh-agent] [info] [INFO] [configuration_parser.cpp:177] [ReloadConfiguration] Reload configuration.
[2024-12-13 09:36:11.237] [wazuh-agent] [info] [INFO] [configuration_parser.cpp:188] [ReloadConfiguration] Reload configuration done.
[2024-12-13 09:36:11.237] [wazuh-agent] [info] [INFO] [inventory.cpp:62] [Stop] Inventory module stopped.
[2024-12-13 09:36:11.237] [wazuh-agent] [info] [INFO] [logcollector.cpp:62] [Stop] Logcollector module stopped.
[2024-12-13 09:36:11.239] [wazuh-agent] [info] [INFO] [command_handler.hpp:98] [operator()] Done processing command: update-group(CentralizedConfiguration)
  • command db
0193bf04-bf77-7427-bfea-4cf7cb2e310e|CentralizedConfiguration|update-group|["noNeedArgs"]|CentralizedConfiguration update-group done.|0|1734078971.227
Case 2
  • command
{
    "commands":
    [
        {
            "document_id": "0193bf05-32f0-7a49-9021-c9692feebf33",
            "action":
            {
                "name": "update-group",
                "version": "v5.0.0"
            },
            "target":
            {
                "type": "agent",
                "id": "agentID"
            },
            "status": "sent"
        }
    ]
}
  • logs
[2024-12-13 09:39:14.287] [wazuh-agent] [info] [INFO] [command_handler_utils.cpp:77] [DispatchCommand] Dispatching command update-group(CentralizedConfiguration)
[2024-12-13 09:39:14.288] [wazuh-agent] [info] [INFO] [agent.cpp:80] [ReloadModules] Reloading Modules
[2024-12-13 09:39:14.288] [wazuh-agent] [info] [INFO] [configuration_parser.cpp:177] [ReloadConfiguration] Reload configuration.
[2024-12-13 09:39:14.288] [wazuh-agent] [info] [INFO] [configuration_parser.cpp:188] [ReloadConfiguration] Reload configuration done.
[2024-12-13 09:39:14.288] [wazuh-agent] [info] [INFO] [inventory.cpp:62] [Stop] Inventory module stopped.
[2024-12-13 09:39:14.288] [wazuh-agent] [info] [INFO] [logcollector.cpp:62] [Stop] Logcollector module stopped.
[2024-12-13 09:39:14.290] [wazuh-agent] [info] [INFO] [command_handler.hpp:98] [operator()] Done processing command: update-group(CentralizedConfiguration)
  • command db
0193bf05-32f0-7a49-9021-c9692feebf33|CentralizedConfiguration|update-group|[]|CentralizedConfiguration update-group done.|0|1734079154.277
  • groups db
4856|validYaml

@sdvendramini
Copy link
Member

sdvendramini commented Dec 13, 2024
edited
Loading

Tests with Imposter mock

In these tests, various commands are used, some valid and others invalid. The cases can be reviewed at https://github.com/wazuh/wazuh-agent/blob/cdfd7468096ece59f4692eb993e880f4489145a7/src/tests/mock-server/config/commands.groovy#L13). The goal is to ensure that under high traffic of received commands, the segmentation fault no longer occurs.

Sending 5 commands per second

Video
5commandsPerSecond.webm

Sending 100 commands per second

Video
100commandsPerSecond.webm

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sdvendramini sdvendramini

Labels
level/task Task issue module/command mvp Minimum Viable Product refinement type/enhancement Enhancement issue
Projects
Release 5.0.0
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Adapt command structure to new definition wazuh/wazuh-agent
3 participants
@vikman90 @sdvendramini @TomasTurina