1783 words
9 minutes
OpenSearch Dashboards Build Configuration: Complete Manifest Guide
Anubhav Gain
2025-02-02
Security
opensearch
/
dashboards
/
build-configuration
/
manifest
/
xdr
/
security-platform

OpenSearch Dashboards Build Configuration#

This guide provides comprehensive documentation for OpenSearch Dashboards build configuration using manifest files, focusing on XDR (Extended Detection and Response) platform integration and enterprise security plugin management.

Table of Contents#

Understanding Build Manifests#

Build manifests are essential configuration files that define how OpenSearch Dashboards should be compiled, which plugins to include, and how components should be integrated. They serve as the blueprint for creating customized OpenSearch Dashboards distributions.

Manifest Schema Overview#

schema-version: "1.2"
build:
  name: OpenSearch Dashboards
  version: 2.18.0
  platform: linux
  architecture: x64
  distribution: [deb|rpm|tar]
  id: unique-build-identifier
components:
  - name: component-name
    repository: git-repository-url
    ref: version-or-branch
    commit_id: specific-commit-hash
    artifacts:
      plugins:
        - plugins/plugin-name-version.zip
    version: semantic-version

Core Build Configuration#

Debian Package Configuration#

---
schema-version: "1.2"
build:
  name: OpenSearch Dashboards
  version: 2.18.0
  platform: linux
  architecture: x64
  distribution: deb
  id: 71d717038f66462ca1c5e49883162343
components:
  - name: OpenSearch-Dashboards
    repository: https://github.com/Infopercept/xdr-dashboard-osd.git
    ref: 2.18.0
    commit_id: 1706584d94159e38a77dc50340786d00d582f4d8
    artifacts:
      dist:
        - dist/opensearch-dashboards-min-2.18.0-amd64.deb
    version: 2.18.0.0

RPM Package Configuration#

---
schema-version: "1.2"
build:
  name: OpenSearch Dashboards
  version: 2.18.0
  platform: linux
  architecture: x64
  distribution: rpm
  id: 71d717038f66462ca1c5e49883162343
components:
  - name: OpenSearch-Dashboards
    repository: https://github.com/Infopercept/xdr-dashboard-osd.git
    ref: 2.18.0
    commit_id: 1706584d94159e38a77dc50340786d00d582f4d8
    artifacts:
      dist:
        - dist/opensearch-dashboards-min-2.18.0-x64.rpm
    version: 2.18.0.0

TAR Archive Configuration#

---
schema-version: "1.2"
build:
  name: OpenSearch Dashboards
  version: 2.18.0
  platform: linux
  architecture: x64
  distribution: tar
  id: 5c1e09cb1e714642ae7ffa9aedb26f40
components:
  - name: OpenSearch-Dashboards
    repository: https://github.com/Infopercept/xdr-dashboard-osd.git
    ref: 2.18.0
    commit_id: a0968a73d9ef7386dcd436f163bf6f5132a2c2f6
    artifacts:
      dist:
        - dist/opensearch-dashboards-min-2.18.0-linux-x64.tar.gz
    version: 2.18.0.0

Plugin Configuration#

Security Plugins#

Core Security Dashboard#

- name: securityDashboards
  repository: https://github.com/Infopercept/xdr-security-dashboard.git
  ref: v4.9.2-abacus
  commit_id: e2426e6158d4a790e37b174ac4b8e4462e86ad2d
  artifacts:
    plugins:
      - plugins/securityDashboards-2.18.0.zip
  version: 2.18.0.0

XDR Core Platform#

- name: wazuhCore
  repository: https://github.com/Infopercept/xdr-core.git
  ref: 4.9.2-abacus
  commit_id: 5cf4fd992a0790b5b43a30080bb8bcf538c59667
  artifacts:
    plugins:
      - plugins/wazuhCore-2.18.0.zip
  version: 2.18.0.0

XDR Plugin Integration#

- name: invinsense
  repository: https://github.com/Infopercept/xdr-plugin.git
  ref: 4.9.2-abacus
  commit_id: 5293d96e57b5b4e0cf35f7f30bdea50cacf07d64
  artifacts:
    plugins:
      - plugins/invinsense-2.18.0.zip
  version: 2.18.0.0

Monitoring and Alerting Plugins#

Alerting Dashboard#

- name: alertingDashboards
  repository: https://github.com/opensearch-project/alerting-dashboards-plugin.git
  ref: tags/2.18.0.0
  commit_id: a545ffc0b8449d36af277a52893908dee86df155
  artifacts:
    plugins:
      - plugins/alertingDashboards-2.18.0.zip
  version: 2.18.0.0

Observability Dashboard#

- name: observabilityDashboards
  repository: https://github.com/opensearch-project/dashboards-observability.git
  ref: tags/2.18.0.0
  commit_id: aa36965b33b682007cb5fe25ad73d3196ca0d69e
  artifacts:
    plugins:
      - plugins/observabilityDashboards-2.18.0.zip
  version: 2.18.0.0

Data Management Plugins#

Index Management#

- name: indexManagementDashboards
  repository: https://github.com/opensearch-project/index-management-dashboards-plugin.git
  ref: tags/2.18.0.0
  commit_id: b4ece9fadb90067fa426a7a107797e20c55a6de3
  artifacts:
    plugins:
      - plugins/indexManagementDashboards-2.18.0.zip
  version: 2.18.0.0

Reporting Dashboard#

- name: reportsDashboards
  repository: https://github.com/opensearch-project/dashboards-reporting.git
  ref: tags/2.18.0.0
  commit_id: aa788230d8b563a4d5d267eb3112cf61bc015cd4
  artifacts:
    plugins:
      - plugins/reportsDashboards-2.18.0.zip
  version: 2.18.0.0

Visualization Plugins#

Maps Dashboard#

- name: customImportMapDashboards
  repository: https://github.com/opensearch-project/dashboards-maps.git
  ref: tags/2.18.0.0
  commit_id: 511840ae5ca900610d521aad311677445269055f
  artifacts:
    plugins:
      - plugins/customImportMapDashboards-2.18.0.zip
  version: 2.18.0.0

Gantt Chart Visualizations#

- name: ganttChartDashboards
  repository: https://github.com/opensearch-project/dashboards-visualizations.git
  ref: tags/2.18.0.0
  commit_id: f106a7920607003522124b905493b305bfc08d3f
  artifacts:
    plugins:
      - plugins/ganttChartDashboards-2.18.0.zip
  version: 2.18.0.0

Communication Plugins#

Notifications Dashboard#

- name: notificationsDashboards
  repository: https://github.com/opensearch-project/dashboards-notifications.git
  ref: tags/2.18.0.0
  commit_id: 84cef988b8b1c7285882bf4473630230aecf8f3b
  artifacts:
    plugins:
      - plugins/notificationsDashboards-2.18.0.zip
  version: 2.18.0.0

Update Management Plugins#

Update Checker#

- name: wazuhCheckUpdates
  repository: https://github.com/Infopercept/xdr-check-updates.git
  ref: 4.9.2-abacus
  commit_id: 5728f62260fbb75d717d8cb8e5a48a5b750034a6
  artifacts:
    plugins:
      - plugins/wazuhCheckUpdates-2.18.0.zip
  version: 2.18.0.0

XDR Platform Integration#

Architecture Overview#

The XDR (Extended Detection and Response) platform integration involves several key components:

  1. XDR Core: Central platform functionality
  2. Security Dashboard: Security-focused visualizations
  3. Invinsense Plugin: XDR-specific capabilities
  4. Update Management: Automated update checking

Component Dependencies#

graph TD
    A[OpenSearch Dashboards Core] --> B[Security Dashboards]
    A --> C[XDR Core]
    C --> D[Invinsense Plugin]
    C --> E[Update Checker]
    B --> F[Alerting Dashboard]
    A --> G[Index Management]
    A --> H[Observability]

Configuration Synchronization#

Ensure all XDR components use compatible versions:

# Version alignment for XDR components
xdr_components:
  ref_version: "4.9.2-abacus"
  opensearch_version: "2.18.0"
  plugin_compatibility: "2.18.0.0"

Build Process Automation#

Build Script Example#

#!/bin/bash


# OpenSearch Dashboards Build Script
# Builds custom XDR-enabled OpenSearch Dashboards


set -e


MANIFEST_FILE="$1"
BUILD_OUTPUT="$2"
DISTRIBUTION_TYPE="${3:-deb}"


# Validate inputs
if [[ -z "$MANIFEST_FILE" || -z "$BUILD_OUTPUT" ]]; then
    echo "Usage: $0 <manifest_file> <build_output> [distribution_type]"
    exit 1
fi


# Parse manifest
echo "📋 Parsing manifest file: $MANIFEST_FILE"
BUILD_VERSION=$(grep -E "^\s+version:" "$MANIFEST_FILE" | head -1 | awk '{print $2}')
BUILD_PLATFORM=$(grep -E "^\s+platform:" "$MANIFEST_FILE" | awk '{print $2}')
BUILD_ARCH=$(grep -E "^\s+architecture:" "$MANIFEST_FILE" | awk '{print $2}')


echo "🔧 Building OpenSearch Dashboards $BUILD_VERSION for $BUILD_PLATFORM/$BUILD_ARCH"


# Create build environment
BUILD_DIR="/tmp/opensearch-build-$(date +%s)"
mkdir -p "$BUILD_DIR"
cd "$BUILD_DIR"


# Clone repositories and checkout specified commits
echo "📥 Cloning repositories..."
while read -r line; do
    if [[ $line =~ repository:.*github\.com ]]; then
        repo_url=$(echo "$line" | sed 's/.*repository: *//g')
        echo "Cloning: $repo_url"
        # Add actual cloning logic here
    fi
done < "$MANIFEST_FILE"


# Build process
echo "🔨 Starting build process..."
./build.sh --distribution="$DISTRIBUTION_TYPE" --platform="$BUILD_PLATFORM" --arch="$BUILD_ARCH"


# Package artifacts
echo "📦 Packaging artifacts..."
mv dist/* "$BUILD_OUTPUT/"


echo "✅ Build completed successfully"
echo "📍 Artifacts available at: $BUILD_OUTPUT"

CI/CD Integration#

GitHub Actions Workflow#

name: Build OpenSearch Dashboards XDR


on:
  push:
    paths:
      - "manifests/*.yml"
  workflow_dispatch:
    inputs:
      distribution:
        description: "Distribution type"
        required: true
        default: "deb"
        type: choice
        options:
          - deb
          - rpm
          - tar


jobs:
  build:
    runs-on: ubuntu-latest


    strategy:
      matrix:
        distribution: [deb, rpm, tar]


    steps:
      - uses: actions/checkout@v3


      - name: Setup Node.js
        uses: actions/setup-node@v3
        with:
          node-version: "18"


      - name: Setup Build Environment
        run: |
          sudo apt-get update
          sudo apt-get install -y build-essential


      - name: Build OpenSearch Dashboards
        run: |
          ./scripts/build.sh manifests/opensearch-dashboards-${{ matrix.distribution }}.yml \
                             ./artifacts \
                             ${{ matrix.distribution }}


      - name: Upload Artifacts
        uses: actions/upload-artifact@v3
        with:
          name: opensearch-dashboards-${{ matrix.distribution }}
          path: ./artifacts/*

Security Considerations#

Repository Security#

Access Control#

# Secure repository configuration
repositories:
  private_repos:
    - name: "xdr-security-dashboard"
      access_token: "${GITHUB_TOKEN}"
      verification: "signature_required"
    - name: "xdr-core"
      access_token: "${GITHUB_TOKEN}"
      verification: "signature_required"


  public_repos:
    - name: "opensearch-project/*"
      verification: "checksum_validation"

Commit Verification#

Terminal window
# Verify commit signatures
verify_commit() {
    local repo=$1
    local commit=$2


    cd "$repo"
    if git verify-commit "$commit" 2>/dev/null; then
        echo "✅ Commit $commit verified"
        return 0
    else
        echo "❌ Commit $commit verification failed"
        return 1
    fi
}

Build Security#

Checksum Validation#

# Artifact validation
validation:
  checksums:
    enabled: true
    algorithm: "sha256"
  signatures:
    enabled: true
    gpg_key: "build-signing-key"
  vulnerability_scanning:
    enabled: true
    scanner: "trivy"

Secure Build Environment#

# Secure build container
FROM ubuntu:20.04


RUN apt-get update && apt-get install -y \
    build-essential \
    git \
    nodejs \
    npm \
    && rm -rf /var/lib/apt/lists/*


# Create non-root build user
RUN useradd -m -u 1000 builder
USER builder
WORKDIR /home/builder


# Copy build scripts
COPY --chown=builder:builder scripts/ ./scripts/
COPY --chown=builder:builder manifests/ ./manifests/


# Set security flags
ENV NODE_OPTIONS="--max-old-space-size=4096"
ENV BUILD_SECURITY_MODE="strict"

Testing and Validation#

Manifest Validation#

#!/bin/bash


# Manifest validation script
validate_manifest() {
    local manifest_file="$1"


    echo "🔍 Validating manifest: $manifest_file"


    # Check schema version
    if ! grep -q "schema-version: '1.2'" "$manifest_file"; then
        echo "❌ Invalid schema version"
        return 1
    fi


    # Validate component structure
    if ! yq eval '.components | length > 0' "$manifest_file" > /dev/null; then
        echo "❌ No components defined"
        return 1
    fi


    # Check for required fields
    required_fields=("name" "version" "platform" "architecture")
    for field in "${required_fields[@]}"; do
        if ! yq eval ".build.${field}" "$manifest_file" > /dev/null; then
            echo "❌ Missing required field: build.${field}"
            return 1
        fi
    done


    echo "✅ Manifest validation passed"
    return 0
}

Plugin Compatibility Testing#

Terminal window
# Plugin compatibility test
test_plugin_compatibility() {
    local plugin_path="$1"
    local opensearch_version="$2"


    echo "🧪 Testing plugin compatibility: $plugin_path"


    # Extract plugin.json
    unzip -q "$plugin_path" -d /tmp/plugin_test


    # Check opensearch version compatibility
    required_version=$(jq -r '.opensearch.version' /tmp/plugin_test/plugin.json)


    if [[ "$required_version" != "$opensearch_version" ]]; then
        echo "❌ Version mismatch: plugin requires $required_version, build uses $opensearch_version"
        return 1
    fi


    echo "✅ Plugin compatibility verified"
    rm -rf /tmp/plugin_test
    return 0
}

Deployment Strategies#

Production Deployment#

Package Installation#

Terminal window
# Debian/Ubuntu installation
wget https://artifacts.opensearch.org/releases/bundle/opensearch-dashboards/2.18.0/opensearch-dashboards-2.18.0-amd64.deb
sudo dpkg -i opensearch-dashboards-2.18.0-amd64.deb


# RHEL/CentOS installation
wget https://artifacts.opensearch.org/releases/bundle/opensearch-dashboards/2.18.0/opensearch-dashboards-2.18.0-x86_64.rpm
sudo rpm -ivh opensearch-dashboards-2.18.0-x86_64.rpm

Configuration Management#

# Ansible playbook for deployment
- name: Deploy OpenSearch Dashboards XDR
  hosts: dashboard_servers
  become: yes


  vars:
    opensearch_version: "2.18.0"
    xdr_plugins:
      - securityDashboards
      - wazuhCore
      - invinsense
      - wazuhCheckUpdates


  tasks:
    - name: Install OpenSearch Dashboards
      package:
        name: "opensearch-dashboards={{ opensearch_version }}"
        state: present


    - name: Install XDR plugins
      command: >
        /usr/share/opensearch-dashboards/bin/opensearch-dashboards-plugin install
        file:///opt/plugins/{{ item }}-{{ opensearch_version }}.zip
      loop: "{{ xdr_plugins }}"


    - name: Configure dashboards
      template:
        src: opensearch_dashboards.yml.j2
        dest: /etc/opensearch-dashboards/opensearch_dashboards.yml
        backup: yes
      notify: restart opensearch-dashboards


    - name: Start and enable service
      systemd:
        name: opensearch-dashboards
        state: started
        enabled: yes

Docker Deployment#

# Multi-stage build for production
FROM node:18-alpine AS builder


WORKDIR /usr/share/opensearch-dashboards
COPY manifests/opensearch-dashboards-tar.yml ./manifest.yml
COPY scripts/ ./scripts/


RUN ./scripts/build.sh manifest.yml ./dist tar


FROM opensearchproject/opensearch-dashboards:2.18.0


# Copy custom build
COPY --from=builder /usr/share/opensearch-dashboards/dist/* /usr/share/opensearch-dashboards/


# Install additional dependencies
USER root
RUN apt-get update && apt-get install -y \
    curl \
    && rm -rf /var/lib/apt/lists/*


USER opensearch-dashboards


# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
    CMD curl -f http://localhost:5601/api/status || exit 1


EXPOSE 5601

Monitoring and Maintenance#

Health Monitoring#

#!/bin/bash


# OpenSearch Dashboards health check
check_dashboard_health() {
    local host="${1:-localhost}"
    local port="${2:-5601}"


    echo "🔍 Checking OpenSearch Dashboards health at $host:$port"


    # Check service status
    response=$(curl -s -o /dev/null -w "%{http_code}" "http://$host:$port/api/status")


    if [[ "$response" == "200" ]]; then
        echo "✅ OpenSearch Dashboards is healthy"
        return 0
    else
        echo "❌ OpenSearch Dashboards health check failed (HTTP $response)"
        return 1
    fi
}


# Plugin status check
check_plugin_status() {
    local host="${1:-localhost}"
    local port="${2:-5601}"


    echo "🔌 Checking plugin status"


    # Get plugin list
    plugins=$(curl -s "http://$host:$port/api/status" | jq -r '.status.statuses[] | select(.id | startswith("plugin:")) | .id')


    for plugin in $plugins; do
        status=$(curl -s "http://$host:$port/api/status" | jq -r ".status.statuses[] | select(.id == \"$plugin\") | .state")
        if [[ "$status" == "green" ]]; then
            echo "✅ $plugin: $status"
        else
            echo "⚠️ $plugin: $status"
        fi
    done
}

Update Management#

Terminal window
# Update process automation
update_opensearch_dashboards() {
    local new_version="$1"
    local backup_dir="/opt/opensearch-dashboards/backups/$(date +%Y%m%d_%H%M%S)"


    echo "🔄 Updating OpenSearch Dashboards to version $new_version"


    # Create backup
    sudo mkdir -p "$backup_dir"
    sudo cp -r /etc/opensearch-dashboards "$backup_dir/"
    sudo cp -r /usr/share/opensearch-dashboards/plugins "$backup_dir/"


    # Stop service
    sudo systemctl stop opensearch-dashboards


    # Update package
    if command -v apt &> /dev/null; then
        sudo apt update
        sudo apt install -y "opensearch-dashboards=$new_version"
    elif command -v yum &> /dev/null; then
        sudo yum update -y "opensearch-dashboards-$new_version"
    fi


    # Restore custom configurations
    sudo cp "$backup_dir/opensearch_dashboards.yml" /etc/opensearch-dashboards/


    # Start service
    sudo systemctl start opensearch-dashboards


    # Verify update
    if check_dashboard_health; then
        echo "✅ Update completed successfully"
    else
        echo "❌ Update failed, consider rollback"
        return 1
    fi
}

Troubleshooting#

Common Issues#

Plugin Installation Failures#

Terminal window
# Plugin troubleshooting
debug_plugin_installation() {
    local plugin_name="$1"


    echo "🔧 Debugging plugin installation: $plugin_name"


    # Check plugin directory permissions
    ls -la /usr/share/opensearch-dashboards/plugins/


    # Check opensearch-dashboards logs
    sudo journalctl -u opensearch-dashboards -n 50


    # Verify plugin compatibility
    /usr/share/opensearch-dashboards/bin/opensearch-dashboards-plugin list


    # Check for conflicting plugins
    grep -r "$plugin_name" /usr/share/opensearch-dashboards/plugins/
}

Build Process Debugging#

Terminal window
# Build debugging
debug_build_process() {
    local manifest_file="$1"


    echo "🐛 Debugging build process"


    # Validate manifest syntax
    if ! yq eval '.' "$manifest_file" > /dev/null; then
        echo "❌ Invalid YAML syntax in manifest"
        return 1
    fi


    # Check repository access
    while read -r repo; do
        if git ls-remote "$repo" > /dev/null 2>&1; then
            echo "✅ Repository accessible: $repo"
        else
            echo "❌ Repository not accessible: $repo"
        fi
    done < <(yq eval '.components[].repository' "$manifest_file")


    # Check disk space
    available_space=$(df /tmp | awk 'NR==2 {print $4}')
    if [[ $available_space -lt 5000000 ]]; then  # 5GB in KB
        echo "❌ Insufficient disk space for build"
        return 1
    fi
}

Best Practices#

Version Management#

  1. Semantic Versioning: Use semantic versioning for all components
  2. Compatibility Matrix: Maintain compatibility matrix between OpenSearch and plugins
  3. Release Coordination: Coordinate releases across all XDR components

Security Practices#

  1. Access Control: Implement strict access controls for private repositories
  2. Signature Verification: Verify all commits and artifacts
  3. Vulnerability Scanning: Regular vulnerability scans of all components
  4. Secrets Management: Use secure secrets management for tokens and keys

Build Optimization#

  1. Caching: Implement build caching for faster builds
  2. Parallel Builds: Use parallel processing where possible
  3. Resource Allocation: Optimize resource allocation for build processes
  4. Artifact Management: Implement proper artifact versioning and storage

Conclusion#

This comprehensive guide provides the foundation for managing OpenSearch Dashboards build configurations with XDR platform integration. The manifest-driven approach ensures consistent, reproducible builds while maintaining security and operational excellence.

Key benefits of this approach:

  • Reproducible Builds: Consistent results across environments
  • Version Control: Complete traceability of components and versions
  • Security Integration: Built-in security controls and verification
  • Automation Ready: Designed for CI/CD integration
  • Scalable: Supports enterprise deployment scenarios

By following these practices and configurations, organizations can successfully deploy and maintain OpenSearch Dashboards with custom XDR capabilities while ensuring security, reliability, and maintainability.

OpenSearch Dashboards Build Configuration: Complete Manifest Guide
https://mranv.pages.dev/posts/opensearch-dashboards-build-configuration/
Author
Anubhav Gain
Published at
2025-02-02
License
CC BY-NC-SA 4.0
Automating Safari Configuration on macOS: Complete Scripting Guide
Wazuh Monitoring Index Patterns: Complete Guide to XDR Data Management
© 2025 Anubhav Gain. All Rights Reserved. / RSS / Sitemap
Built with Astro | View Source