WPK

Wazuh provides an automated way of building WPK packages using docker so there is no need for any other dependency.

To generate a WPK package, you need an X509 certificate, and CA, see Custom WPK packages creation to learn more.

To create a WPK package, follow these steps:

Requirements

  • Docker

  • Git

Download our wazuh repository from GitHub and go to the wpk directory.

$ git clone https://github.com/wazuh/wazuh && cd wazuh/packages/wpk && git checkout v4.9.1

Execute the generate_wpk_package.sh script, with the different options you desire. This script will build a Docker image with all the necessary tools to create the WPK and run a container that will build it:

$ ./generate_wpk_package.sh -h

Usage: packages/wpk/generate_wpk_package.sh [OPTIONS]
It is required to use -k or --aws-wpk-key, --aws-wpk-cert parameters

  -t,   --target-system <target> [Required] Select target wpk to build [linux/windows/macos].
  -b,   --branch <branch>        [Required] Select Git branch.
  -d,   --destination <path>     [Required] Set the destination path of package.
  -pn,  --package-name <name>    [Required] Path to package file (rpm, deb, msi, pkg) to pack in wpk.
  -o,   --output <name>          [Required] Name to the output package.
  -k,   --key-dir <path>         [Optional] Set the WPK key path to sign package.
  --aws-wpk-key                  [Optional] AWS Secrets manager Name/ARN to get WPK private key.
  --aws-wpk-cert                 [Optional] AWS secrets manager Name/ARN to get WPK certificate.
  --aws-wpk-key-region           [Optional] AWS Region where secrets are stored.
  -c,   --checksum               [Optional] Generate checksum on destination folder. By default: no.
  --dont-build-docker            [Optional] Locally built docker image will be used instead of generating a new one. By default: yes.
  --tag <name>                   [Optional] Tag to use with the docker image.
  -h,   --help                   Show this help.

To use this tool, the previously required certificate and the key must be in the same directory.

Linux WPK

To build a WPK for Linux, you need to first download a package of the desired version.

The following example demonstrates the process for Debian amd64, but you can follow similar steps for RPM-based distributions and other supported architectures:

# curl -O https://packages.wazuh.com/4.x/apt/pool/main/w/wazuh-agent/wazuh-agent_4.9.1-1_amd64.deb

Below, you will find an example of Linux WPK package building.

# ./generate_wpk_package.sh -t linux -b v4.9.1 -d /tmp/wpk -k /tmp/keys -o LinuxAgent.wpk -pn /tmp/wazuh-agent_4.9.1-1_amd64.deb

This script builds a Wazuh 4.9.1 Linux WPK package named LinuxAgent.wpk and stores it in /tmp/wpk. This action is done using the previously generated keys that are saved in /tmp/keys.

If you use the -c or --checksum option, a file containing the SHA512 checksum is created in the same output path. This location is configurable, allowing you to indicate where you want to store it.

Windows WPK

To build a WPK for Windows, you need to first download an MSI package of the desired version:

# curl -O https://packages.wazuh.com/4.x/windows/wazuh-agent-4.9.1-1.msi

Below, you will find an example of Windows WPK package building.

# ./generate_wpk_package.sh -t windows -b v4.9.1 -d /tmp/wpk -k /tmp/keys -o WindowsAgent.wpk -pn /tmp/wazuh-agent-4.9.1-1.msi

This script builds a Wazuh 4.9.1 Windows WPK package named WindowsAgent.wpk and stores it in /tmp/wpk. This action is done using the previously generated keys that are saved in /tmp/keys.

If the -c or --checksum option is used, a file is created containing the SHA512 checksum in the same output path. This location is configurable and you can indicate where you want to store it.

macOS WPK

To build a WPK for macOS you need to first download a PKG package of the desired version:

The following example demonstrates the process for an intel64 architecture, but you can follow similar steps for arm64:

# curl -O https://packages.wazuh.com/4.x/macos/wazuh-agent-4.9.1-1.intel64.pkg

Below, you will find an example of macOS WPK package building.

# ./generate_wpk_package.sh -t macos -b v4.9.1 -d /tmp/wpk -k /tmp/keys -o macOSAgent.wpk -pn /tmp/wazuh-agent-4.9.1-1.intel64.pkg

This script builds a Wazuh 4.9.1 macOS WPK package named macOSAgent.wpk and stores it in /tmp/wpk. This action is done using the previously generated keys that are saved in /tmp/keys.

If the -c or --checksum option is used, a file is created containing the SHA512 checksum in the same output path. This location is configurable and you can indicate where you want to store it.

Using checksums

Here you can see an example of how to build a WPK with checksum:

# ./generate_wpk_package.sh -t linux -b v4.9.1 -d /tmp/wpk -k /tmp/keys -o LinuxAgent.wpk -pn /tmp/wazuh-agent_4.9.1-1_amd64.deb -c /tmp/wpk_checksum