diff --git a/.github/actions/passwords-tool/tests-stack-failure.sh b/.github/actions/passwords-tool/tests-stack-failure.sh index b78242f..4ecaa8d 100644 --- a/.github/actions/passwords-tool/tests-stack-failure.sh +++ b/.github/actions/passwords-tool/tests-stack-failure.sh @@ -14,7 +14,7 @@ elif ! curl -s -u wazuh:wazuh -k -X POST "https://127.0.0.1:55000/security/user/ elif ! curl -s -u wazuuh:"${apiPass}" -k -X POST "https://127.0.0.1:55000/security/user/authenticate" | grep "Invalid credentials"; then exit 1 elif ! curl -s -XGET https://127.0.0.1:9200/ -u admin:admin -k | grep "Unauthorized"; then - curl -s -XGET https://127.0.0.1:9200/ -u admin:admin -k + echo "testing curl -s -XGET https://127.0.0.1:9200/ -u admin:admin -k | grep "Unauthorized"" elif ! curl -s -XGET https://127.0.0.1:9200/ -u adminnnn:"${adminPass}" -k | grep "Unauthorized"; then - curl -s -XGET https://127.0.0.1:9200/ -u adminnnn:"${adminPass}" -k + echo "testing curl -s -XGET https://127.0.0.1:9200/ -u adminnnn:"${adminPass}" -k" fi diff --git a/.github/actions/passwords-tool/tests-stack-success.sh b/.github/actions/passwords-tool/tests-stack-success.sh index cb74c59..ddb0ea6 100644 --- a/.github/actions/passwords-tool/tests-stack-success.sh +++ b/.github/actions/passwords-tool/tests-stack-success.sh @@ -3,6 +3,23 @@ users=( admin anomalyadmin kibanaserver kibanaro logstash readall snapshotrestore ) api_users=( wazuh wazuh-wui ) +echo '::group:: Change indexer password, password providing it.' + +bash wazuh-passwords-tool.sh -u admin -p LN*X1v.VNtCZ5sESEtLfijPAd39LXGAI +if curl -s -XGET https://127.0.0.1:9200/ -u admin:LN*X1v.VNtCZ5sESEtLfijPAd39LXGAI -k -w %{http_code} | grep "401"; then + exit 1 +fi +echo '::endgroup::' + +echo '::group:: Change indexer password without providing it.' + +indx_pass="$(bash wazuh-passwords-tool.sh -u admin | awk '/admin/{ print $NF }' | tr -d \' )" +if curl -s -XGET https://127.0.0.1:9200/ -u admin:"${indx_pass}" -k -w %{http_code} | grep "401"; then + exit 1 +fi + +echo '::endgroup::' + echo '::group:: Change all passwords except Wazuh API ones.' mapfile -t pass < <(bash wazuh-passwords-tool.sh -a | grep 'The password for' | awk '{ print $NF }')