From 1ae6f15a1ad8195dba9dd086a6e0a89ba3cce2e6 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 24 Oct 2024 15:53:59 -0500 Subject: [PATCH 01/74] Use docker-buildx and make smoke tests run --- .github/workflows/build-test-push-workflow.yml | 18 ++++-------------- .github/workflows/helm-test-workflow.yml | 2 +- .github/workflows/int-test-azure-workflow.yml | 2 +- .github/workflows/int-test-workflow.yml | 2 +- .github/workflows/manual-int-test-workflow.yml | 2 +- .../merge-develop-to-main-workflow.yml | 2 +- .../workflows/namespace-scope-int-workflow.yml | 2 +- .../workflows/nightly-int-test-workflow.yml | 2 +- README.md | 1 + test/run-tests.sh | 18 +++++++++--------- 10 files changed, 21 insertions(+), 30 deletions(-) diff --git a/.github/workflows/build-test-push-workflow.yml b/.github/workflows/build-test-push-workflow.yml index 77338e9a3..2f6140b46 100644 --- a/.github/workflows/build-test-push-workflow.yml +++ b/.github/workflows/build-test-push-workflow.yml @@ -87,15 +87,9 @@ jobs: - name: Login to Amazon ECR id: login-ecr uses: aws-actions/amazon-ecr-login@v1 - #- name: Login to Redhat registry - # uses: docker/login-action@v3 - # with: - # registry: registry.redhat.io - # username: ${{ secrets.REDHAT_REGISTRY_ID }} - # password: ${{ secrets.REDHAT_REGISTRY_PASSWORD }} - name: Make Splunk Operator Image run: | - make docker-build IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Push Splunk Operator Image to ECR run: | echo "Uploading Image to ECR:: ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" @@ -178,6 +172,7 @@ jobs: SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_RELEASE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + SPLUNK_OPERATOR_IMAGE: splunk/splunk-operator:$GITHUB_SHA SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing smoke keyword @@ -266,9 +261,6 @@ jobs: - name: Pull Splunk Operator Image Locally run: | docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - - name: Change Operator Image Tag to latest - run: | - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:latest - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} @@ -343,11 +335,9 @@ jobs: aws-region: ${{ secrets.AWS_DEFAULT_REGION }} - name: Login to Amazon ECR uses: aws-actions/amazon-ecr-login@v1 - - name: Pull Splunk Operator Image Locally + - name: Re-tag Splunk Operator Image run: | docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - - name: Change Operator Image Tag to latest - run: | - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} + docker buildx imagetools create -t ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Push Splunk Operator Image to Docker Hub run: docker push ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} \ No newline at end of file diff --git a/.github/workflows/helm-test-workflow.yml b/.github/workflows/helm-test-workflow.yml index 9271ca640..9c1d6241d 100644 --- a/.github/workflows/helm-test-workflow.yml +++ b/.github/workflows/helm-test-workflow.yml @@ -43,7 +43,7 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Make Splunk Operator Image run: | - make docker-build IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Push Splunk Operator Image to ECR run: | echo "Uploading Image to ECR:: ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" diff --git a/.github/workflows/int-test-azure-workflow.yml b/.github/workflows/int-test-azure-workflow.yml index 97b2e7da7..eb9b573f6 100644 --- a/.github/workflows/int-test-azure-workflow.yml +++ b/.github/workflows/int-test-azure-workflow.yml @@ -38,7 +38,7 @@ jobs: password: ${{ secrets.AZURE_ACR_DOCKER_PASSWORD }} - name: Make Splunk Operator Image run: | - make docker-build IMG=${{ secrets.AZURE_ACR_LOGIN_SERVER }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ secrets.AZURE_ACR_LOGIN_SERVER }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Push Splunk Operator Image to the Container Registry run: | echo "Uploading Image to the Container Registry :: ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" diff --git a/.github/workflows/int-test-workflow.yml b/.github/workflows/int-test-workflow.yml index 9df3ee5be..cb806213a 100644 --- a/.github/workflows/int-test-workflow.yml +++ b/.github/workflows/int-test-workflow.yml @@ -44,7 +44,7 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Make Splunk Operator Image run: | - make docker-build IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Push Splunk Operator Image to ECR run: | echo "Uploading Image to ECR:: ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" diff --git a/.github/workflows/manual-int-test-workflow.yml b/.github/workflows/manual-int-test-workflow.yml index f358f75a5..f67ea7fc0 100644 --- a/.github/workflows/manual-int-test-workflow.yml +++ b/.github/workflows/manual-int-test-workflow.yml @@ -116,7 +116,7 @@ jobs: - name: Make Splunk Operator Image run: | docker pull registry.access.redhat.com/ubi8/ubi-minimal:latest - make docker-build IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Push Splunk Operator Image to ECR run: | echo "Uploading Image to ECR:: ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" diff --git a/.github/workflows/merge-develop-to-main-workflow.yml b/.github/workflows/merge-develop-to-main-workflow.yml index a5c115fd2..6bfe67c49 100644 --- a/.github/workflows/merge-develop-to-main-workflow.yml +++ b/.github/workflows/merge-develop-to-main-workflow.yml @@ -85,7 +85,7 @@ jobs: - name: Build Splunk Operator Image run: | - make docker-build IMG=splunk/splunk-operator-rc:${{ github.event.inputs.release_version }}-RC${{ github.event.inputs.release_candiate_version }} + make docker-buildx IMG=splunk/splunk-operator-rc:${{ github.event.inputs.release_version }}-RC${{ github.event.inputs.release_candiate_version }} - name: Generate Release Artifacts run: | diff --git a/.github/workflows/namespace-scope-int-workflow.yml b/.github/workflows/namespace-scope-int-workflow.yml index 62103d8cb..98819dcd1 100644 --- a/.github/workflows/namespace-scope-int-workflow.yml +++ b/.github/workflows/namespace-scope-int-workflow.yml @@ -113,7 +113,7 @@ jobs: - name: Make Splunk Operator Image run: | docker pull registry.access.redhat.com/ubi8/ubi-minimal:latest - make docker-build IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Push Splunk Operator Image to ECR run: | echo "Uploading Image to ECR:: ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" diff --git a/.github/workflows/nightly-int-test-workflow.yml b/.github/workflows/nightly-int-test-workflow.yml index fa018be67..10df9a980 100644 --- a/.github/workflows/nightly-int-test-workflow.yml +++ b/.github/workflows/nightly-int-test-workflow.yml @@ -42,7 +42,7 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Make Splunk Operator Image run: | - make docker-build IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Push Splunk Operator Image to ECR run: | echo "Uploading Image to ECR:: ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" diff --git a/README.md b/README.md index 539d8a366..7ea7809f0 100644 --- a/README.md +++ b/README.md @@ -104,6 +104,7 @@ Other make targets include (more info below): * `make scorecard`: Runs operator-sdk scorecard tests using OLM installation bundle * `make generate`: runs operator-generate k8s, crds and csv commands, updating installation YAML files and OLM bundle * `make docker-build`: generates `splunk-operator` container image example `make docker-build IMG=docker.io/splunk/splunk-operator:` +* `make docker-buildx`: generates `splunk-operator` container image for multiple platforms, example `make docker-buildx IMG=docker.io/splunk/splunk-operator:` * `make docker-push`: push docker image to given repository example `make docker-push IMG=docker.io/splunk/splunk-operator:` * `make clean`: removes the binary build output and `splunk-operator` container image example `make docker-push IMG=docker.io/splunk/splunk-operator:` * `make run`: runs the Splunk Operator locally, monitoring the Kubernetes cluster configured in your current `kubectl` context diff --git a/test/run-tests.sh b/test/run-tests.sh index a5069cf83..429a6e84c 100755 --- a/test/run-tests.sh +++ b/test/run-tests.sh @@ -20,22 +20,22 @@ if [ -n "${PRIVATE_REGISTRY}" ]; then PRIVATE_SPLUNK_OPERATOR_IMAGE=${PRIVATE_REGISTRY}/${SPLUNK_OPERATOR_IMAGE} PRIVATE_SPLUNK_ENTERPRISE_IMAGE=${PRIVATE_REGISTRY}/${SPLUNK_ENTERPRISE_IMAGE} - echo "docker images -q ${SPLUNK_OPERATOR_IMAGE}" + echo "docker images -q ${PRIVATE_SPLUNK_OPERATOR_IMAGE}" # Don't pull splunk operator if exists locally since we maybe building it locally - if [ -z $(docker images -q ${SPLUNK_OPERATOR_IMAGE}) ]; then - docker pull ${SPLUNK_OPERATOR_IMAGE} + if [ -z $(docker images -q ${PRIVATE_SPLUNK_OPERATOR_IMAGE}) ]; then + docker pull ${PRIVATE_SPLUNK_OPERATOR_IMAGE} if [ $? -ne 0 ]; then echo "Unable to pull ${SPLUNK_OPERATOR_IMAGE}. Exiting..." exit 1 fi fi - docker tag ${SPLUNK_OPERATOR_IMAGE} ${PRIVATE_SPLUNK_OPERATOR_IMAGE} - docker push ${PRIVATE_SPLUNK_OPERATOR_IMAGE} - if [ $? -ne 0 ]; then - echo "Unable to push ${PRIVATE_SPLUNK_OPERATOR_IMAGE}. Exiting..." - exit 1 - fi + #docker tag ${SPLUNK_OPERATOR_IMAGE} ${PRIVATE_SPLUNK_OPERATOR_IMAGE} + #docker push ${PRIVATE_SPLUNK_OPERATOR_IMAGE} + #if [ $? -ne 0 ]; then + # echo "Unable to push ${PRIVATE_SPLUNK_OPERATOR_IMAGE}. Exiting..." + # exit 1 + #fi # Always attempt to pull splunk enterprise image docker pull ${SPLUNK_ENTERPRISE_IMAGE} From 52ce30c139f86eb68e26738d22f98863cbfa4ba9 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 24 Oct 2024 16:25:42 -0500 Subject: [PATCH 02/74] Add a '.' --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 94853d581..1e4e1e23c 100644 --- a/Makefile +++ b/Makefile @@ -156,7 +156,7 @@ docker-buildx: test ## Build and push docker image for the manager for cross-pla sed -e '1 s/\(^FROM\)/FROM --platform=\$$\{BUILDPLATFORM\}/; t' -e ' 1,// s//FROM --platform=\$$\{BUILDPLATFORM\}/' Dockerfile > Dockerfile.cross - docker buildx create --name project-v3-builder docker buildx use project-v3-builder - - docker buildx build --push --platform=$(PLATFORMS) --tag ${IMG} -f Dockerfile.cross + - docker buildx build --push --platform=$(PLATFORMS) --tag ${IMG} -f Dockerfile.cross . - docker buildx rm project-v3-builder rm Dockerfile.cross From 05400a3e33bf3bb306a203bfca202ad29e5ebb38 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 24 Oct 2024 16:50:45 -0500 Subject: [PATCH 03/74] Test again --- .github/workflows/build-test-push-workflow.yml | 9 +-------- test/run-tests.sh | 10 ++-------- 2 files changed, 3 insertions(+), 16 deletions(-) diff --git a/.github/workflows/build-test-push-workflow.yml b/.github/workflows/build-test-push-workflow.yml index 2f6140b46..0fa02a8d2 100644 --- a/.github/workflows/build-test-push-workflow.yml +++ b/.github/workflows/build-test-push-workflow.yml @@ -87,13 +87,9 @@ jobs: - name: Login to Amazon ECR id: login-ecr uses: aws-actions/amazon-ecr-login@v1 - - name: Make Splunk Operator Image + - name: Build and push Splunk Operator Image run: | make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - - name: Push Splunk Operator Image to ECR - run: | - echo "Uploading Image to ECR:: ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" - make docker-push IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} - name: Sign Splunk Operator image with a key run: | cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} @@ -258,9 +254,6 @@ jobs: run: | docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - - name: Pull Splunk Operator Image Locally - run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} diff --git a/test/run-tests.sh b/test/run-tests.sh index 429a6e84c..96b714c43 100755 --- a/test/run-tests.sh +++ b/test/run-tests.sh @@ -20,9 +20,10 @@ if [ -n "${PRIVATE_REGISTRY}" ]; then PRIVATE_SPLUNK_OPERATOR_IMAGE=${PRIVATE_REGISTRY}/${SPLUNK_OPERATOR_IMAGE} PRIVATE_SPLUNK_ENTERPRISE_IMAGE=${PRIVATE_REGISTRY}/${SPLUNK_ENTERPRISE_IMAGE} - echo "docker images -q ${PRIVATE_SPLUNK_OPERATOR_IMAGE}" + echo "Checking to see if image exists, docker images -q ${PRIVATE_SPLUNK_OPERATOR_IMAGE}" # Don't pull splunk operator if exists locally since we maybe building it locally if [ -z $(docker images -q ${PRIVATE_SPLUNK_OPERATOR_IMAGE}) ]; then + echo "Doesn't exist, pulling ${PRIVATE_SPLUNK_OPERATOR_IMAGE}..." docker pull ${PRIVATE_SPLUNK_OPERATOR_IMAGE} if [ $? -ne 0 ]; then echo "Unable to pull ${SPLUNK_OPERATOR_IMAGE}. Exiting..." @@ -30,13 +31,6 @@ if [ -n "${PRIVATE_REGISTRY}" ]; then fi fi - #docker tag ${SPLUNK_OPERATOR_IMAGE} ${PRIVATE_SPLUNK_OPERATOR_IMAGE} - #docker push ${PRIVATE_SPLUNK_OPERATOR_IMAGE} - #if [ $? -ne 0 ]; then - # echo "Unable to push ${PRIVATE_SPLUNK_OPERATOR_IMAGE}. Exiting..." - # exit 1 - #fi - # Always attempt to pull splunk enterprise image docker pull ${SPLUNK_ENTERPRISE_IMAGE} if [ $? -ne 0 ]; then From f6bef931b592d5faeb97f9a3087a878d7921f9f0 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 24 Oct 2024 17:37:54 -0500 Subject: [PATCH 04/74] Change env variable value --- .github/workflows/build-test-push-workflow.yml | 4 +++- .github/workflows/int-test-workflow.yml | 17 +++++------------ 2 files changed, 8 insertions(+), 13 deletions(-) diff --git a/.github/workflows/build-test-push-workflow.yml b/.github/workflows/build-test-push-workflow.yml index 0fa02a8d2..924c55982 100644 --- a/.github/workflows/build-test-push-workflow.yml +++ b/.github/workflows/build-test-push-workflow.yml @@ -168,7 +168,6 @@ jobs: SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_RELEASE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator - SPLUNK_OPERATOR_IMAGE: splunk/splunk-operator:$GITHUB_SHA SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing smoke keyword @@ -239,6 +238,9 @@ jobs: with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Set Splunk Operator image + run: | + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV - name: Pull Splunk Enterprise Image run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Configure AWS credentials diff --git a/.github/workflows/int-test-workflow.yml b/.github/workflows/int-test-workflow.yml index cb806213a..ca148dca8 100644 --- a/.github/workflows/int-test-workflow.yml +++ b/.github/workflows/int-test-workflow.yml @@ -42,13 +42,9 @@ jobs: - name: Login to Amazon ECR id: login-ecr uses: aws-actions/amazon-ecr-login@v1 - - name: Make Splunk Operator Image + - name: Build and push Splunk Operator Image run: | make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - - name: Push Splunk Operator Image to ECR - run: | - echo "Uploading Image to ECR:: ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" - make docker-push IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA int-tests: strategy: fail-fast: false @@ -143,6 +139,9 @@ jobs: with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Set Splunk Operator image + run: | + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV - name: Pull Splunk Enterprise Image run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Configure AWS credentials @@ -157,17 +156,11 @@ jobs: - name: Pull Splunk Operator Image Locally and change name run: | docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + docker buildx imagetools create -t ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Tag and Push Splunk Enterprise Image to ECR run: | docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - - name: Pull Splunk Operator Image Locally - run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - - name: Change Operator Image Tag to latest - run: | - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:latest - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} From f2fc5f8b06b41ccbc1c80841acabf0fbc02270a6 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Fri, 25 Oct 2024 08:28:16 -0500 Subject: [PATCH 05/74] Trigger int testing --- .github/workflows/int-test-workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/int-test-workflow.yml b/.github/workflows/int-test-workflow.yml index ca148dca8..410c555c1 100644 --- a/.github/workflows/int-test-workflow.yml +++ b/.github/workflows/int-test-workflow.yml @@ -4,7 +4,7 @@ on: branches: - develop - main - - feature** + - CSPL_2920 jobs: build-operator-image: runs-on: ubuntu-latest From 68e49c45caa8ba3f4acf94ef854357762d013053 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Fri, 25 Oct 2024 16:30:50 -0500 Subject: [PATCH 06/74] Minimize changes only to smoke tests to start with --- .../graviton-build-test-push-workflow-ubi.yml | 274 ++++++++++++++++++ .github/workflows/helm-test-workflow.yml | 2 +- .github/workflows/int-test-azure-workflow.yml | 2 +- .../workflows/manual-int-test-workflow.yml | 2 +- .../merge-develop-to-main-workflow.yml | 2 +- .../namespace-scope-int-workflow.yml | 2 +- .../workflows/nightly-int-test-workflow.yml | 2 +- 7 files changed, 280 insertions(+), 6 deletions(-) create mode 100644 .github/workflows/graviton-build-test-push-workflow-ubi.yml diff --git a/.github/workflows/graviton-build-test-push-workflow-ubi.yml b/.github/workflows/graviton-build-test-push-workflow-ubi.yml new file mode 100644 index 000000000..f5787a996 --- /dev/null +++ b/.github/workflows/graviton-build-test-push-workflow-ubi.yml @@ -0,0 +1,274 @@ +name: UBI Graviton Build and Test +on: + push: + branches: + - feature** + - graviton-sok +jobs: + check-formating: + runs-on: macos-14 + steps: + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Check Source formatting + run: make fmt && if [[ $? -ne 0 ]]; then false; fi + - name: Lint source code + run: make vet && if [[ $? -ne 0 ]]; then false; fi + #unit-tests: + # runs-on: macos-14 + # needs: check-formating + # steps: + # - uses: actions/checkout@v2 + # - name: Dotenv Action + # id: dotenv + # uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + # - name: Setup Go + # uses: actions/setup-go@v2 + # with: + # go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + # - name: Install goveralls + # run: | + # go version + # go install github.com/mattn/goveralls@latest + # - name: Install Ginkgo + # run: | + # make setup/ginkgo + # go mod tidy + # - name: Run Unit Tests + # run: make test + # - name: Run Code Coverage + # run: goveralls -coverprofile=coverage.out -service=circle-ci -repotoken ${{ secrets.COVERALLS_TOKEN }} + # - name: Upload Coverage artifacts + # uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2 + # with: + # name: coverage.out + # path: coverage.out + build-graviton-operator-image: + runs-on: ubuntu-latest + needs: check-formating + env: + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + steps: + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install Ginkgo + run: | + make setup/ginkgo + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Install Operator SDK + run: | + export ARCH=$(case $(uname -m) in x86_64) echo -n amd64 ;; aarch64) echo -n arm64 ;; *) echo -n $(uname -m) ;; esac) + export OS=$(uname | awk '{print tolower($0)}') + export OPERATOR_SDK_DL_URL=https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }} + sudo curl -LO ${OPERATOR_SDK_DL_URL}/operator-sdk_${OS}_${ARCH} + sudo chmod +x operator-sdk_${OS}_${ARCH} + sudo mv operator-sdk_${OS}_${ARCH} /usr/local/bin/operator-sdk + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Make Splunk Operator Image and Push to ECR + run: | + docker buildx build --push --platform linux/arm64,linux/amd64 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:ubi-$GITHUB_SHA -f Dockerfile.ubi . + smoke-tests: + needs: build-graviton-operator-image + strategy: + fail-fast: false + matrix: + test: [ + basic, + appframeworks1, + managerappframeworkc3, + managerappframeworkm4, + managersecret, + managermc, + ] + runs-on: ubuntu-latest + env: + CLUSTER_NODES: 1 + CLUSTER_WORKERS: 3 + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_RELEASE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + TEST_FOCUS: "${{ matrix.test }}" + # This regex matches any string not containing smoke keyword + TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" + TEST_CLUSTER_PLATFORM: eks + EKS_INSTANCE_TYPE: m5.2xlarge + EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} + EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} + TEST_BUCKET: ${{ secrets.TEST_BUCKET }} + TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} + EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} + CLUSTER_WIDE: "true" + DEPLOYMENT_TYPE: "" + steps: + - name: Set Test Cluster Name + run: | + echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV + - name: Chekcout code + uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Change splunk enterprise to release image on main branches + if: github.ref == 'refs/heads/main' + run: | + echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV + - name: Install Kubectl + uses: Azure/setup-kubectl@v3 + with: + version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} + - name: Install Python + uses: actions/setup-python@v2 + - name: Install AWS CLI + run: | + curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" + unzip awscliv2.zip + sudo ./aws/install --update + aws --version + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install Ginkgo + run: | + make setup/ginkgo + - name: Install Helm + run: | + curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 + chmod 700 get_helm.sh + ./get_helm.sh + DESIRED_VERSION=v3.8.2 bash get_helm.sh + - name: Install EKS CTL + run: | + curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp + sudo mv /tmp/eksctl /usr/local/bin + eksctl version + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Install Operator SDK + run: | + sudo curl -L -o /usr/local/bin/operator-sdk https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}/operator-sdk-${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}-x86_64-linux-gnu + sudo chmod +x /usr/local/bin/operator-sdk + - name: Configure Docker Hub credentials + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Create EKS cluster + run: | + export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + export PLATFORMS=linux/arm64 + export BUILDPLATFORM=linux/arm64 + export TARGETOS=linux + export TARGETARCH=arm64 + export EKS_INSTANCE_TYPE=c6g.4xlarge + make cluster-up + - name: install metric server + run: | + kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml + - name: install k8s dashboard + run: | + kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml + #- name: Setup Kustomize + # run: | + # sudo snap install kustomize + # mkdir -p ./bin + # cp /snap/bin/kustomize ./bin/kustomize + - name: Install Kustomize + uses: multani/action-setup-kustomize@v1 + with: + version: 4.5.4 + - name: Run smoke test + id: smoketest + run: | + export SPLUNK_OPERATOR_IMAGE_GRAVITON=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:ubi-$GITHUB_SHA + export SPLUNK_ENTERPRISE_IMAGE_GRAVITON=${{ secrets.ECR_REPOSITORY }}/${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }} + make int-test + - name: Collect Test Logs + if: ${{ always() }} + run: | + mkdir -p /tmp/pod_logs + find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; + - name: Archive Pod Logs + if: ${{ always() }} + uses: actions/upload-artifact@v2 + with: + name: "splunk-pods-logs--artifacts-${{ matrix.test }}" + path: "/tmp/pod_logs/**" + - name: Cleanup Test Case artifacts + if: ${{ always() }} + run: | + make cleanup + make clean + - name: Cleanup up EKS cluster + if: ${{ always() }} + run: | + make cluster-down + push-latest: + needs: smoke-tests + if: github.ref == 'refs/heads/main' + runs-on: ubuntu-latest + env: + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + TAG: latest + steps: + - name: Checkout Code + uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Configure Docker Hub credentials + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_PUSH_TOKEN}} + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Operator Image Locally and Push to docker hub + run: | + docker buildx build --push --platform linux/arm64,linux/amd64 --tag ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:ubi-${{ env.TAG }} -f Dockerfile.ubi . \ No newline at end of file diff --git a/.github/workflows/helm-test-workflow.yml b/.github/workflows/helm-test-workflow.yml index 9c1d6241d..9271ca640 100644 --- a/.github/workflows/helm-test-workflow.yml +++ b/.github/workflows/helm-test-workflow.yml @@ -43,7 +43,7 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Make Splunk Operator Image run: | - make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-build IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Push Splunk Operator Image to ECR run: | echo "Uploading Image to ECR:: ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" diff --git a/.github/workflows/int-test-azure-workflow.yml b/.github/workflows/int-test-azure-workflow.yml index eb9b573f6..97b2e7da7 100644 --- a/.github/workflows/int-test-azure-workflow.yml +++ b/.github/workflows/int-test-azure-workflow.yml @@ -38,7 +38,7 @@ jobs: password: ${{ secrets.AZURE_ACR_DOCKER_PASSWORD }} - name: Make Splunk Operator Image run: | - make docker-buildx IMG=${{ secrets.AZURE_ACR_LOGIN_SERVER }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-build IMG=${{ secrets.AZURE_ACR_LOGIN_SERVER }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Push Splunk Operator Image to the Container Registry run: | echo "Uploading Image to the Container Registry :: ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" diff --git a/.github/workflows/manual-int-test-workflow.yml b/.github/workflows/manual-int-test-workflow.yml index f67ea7fc0..f358f75a5 100644 --- a/.github/workflows/manual-int-test-workflow.yml +++ b/.github/workflows/manual-int-test-workflow.yml @@ -116,7 +116,7 @@ jobs: - name: Make Splunk Operator Image run: | docker pull registry.access.redhat.com/ubi8/ubi-minimal:latest - make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-build IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Push Splunk Operator Image to ECR run: | echo "Uploading Image to ECR:: ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" diff --git a/.github/workflows/merge-develop-to-main-workflow.yml b/.github/workflows/merge-develop-to-main-workflow.yml index 6bfe67c49..a5c115fd2 100644 --- a/.github/workflows/merge-develop-to-main-workflow.yml +++ b/.github/workflows/merge-develop-to-main-workflow.yml @@ -85,7 +85,7 @@ jobs: - name: Build Splunk Operator Image run: | - make docker-buildx IMG=splunk/splunk-operator-rc:${{ github.event.inputs.release_version }}-RC${{ github.event.inputs.release_candiate_version }} + make docker-build IMG=splunk/splunk-operator-rc:${{ github.event.inputs.release_version }}-RC${{ github.event.inputs.release_candiate_version }} - name: Generate Release Artifacts run: | diff --git a/.github/workflows/namespace-scope-int-workflow.yml b/.github/workflows/namespace-scope-int-workflow.yml index 98819dcd1..62103d8cb 100644 --- a/.github/workflows/namespace-scope-int-workflow.yml +++ b/.github/workflows/namespace-scope-int-workflow.yml @@ -113,7 +113,7 @@ jobs: - name: Make Splunk Operator Image run: | docker pull registry.access.redhat.com/ubi8/ubi-minimal:latest - make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-build IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Push Splunk Operator Image to ECR run: | echo "Uploading Image to ECR:: ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" diff --git a/.github/workflows/nightly-int-test-workflow.yml b/.github/workflows/nightly-int-test-workflow.yml index 10df9a980..fa018be67 100644 --- a/.github/workflows/nightly-int-test-workflow.yml +++ b/.github/workflows/nightly-int-test-workflow.yml @@ -42,7 +42,7 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Make Splunk Operator Image run: | - make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-build IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Push Splunk Operator Image to ECR run: | echo "Uploading Image to ECR:: ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" From b3eb55f5aaec1086f3544240cba4c37e6ba14d01 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Fri, 25 Oct 2024 18:45:44 -0500 Subject: [PATCH 07/74] Initial changes for graviton smoke tests --- .env | 6 +- ... => graviton-build-test-push-workflow.yml} | 162 +++++++++++++----- Dockerfile.graviton | 64 +++++++ Makefile | 5 +- test/deploy-eks-cluster.sh | 4 +- test/env.sh | 2 + 6 files changed, 194 insertions(+), 49 deletions(-) rename .github/workflows/{graviton-build-test-push-workflow-ubi.yml => graviton-build-test-push-workflow.yml} (63%) create mode 100644 Dockerfile.graviton diff --git a/.env b/.env index 7c166b57a..2484988b6 100644 --- a/.env +++ b/.env @@ -4,6 +4,8 @@ GO_VERSION=1.23.0 AWSCLI_URL=https://awscli.amazonaws.com/awscli-exe-linux-x86_64-2.8.6.zip KUBECTL_VERSION=v1.29.1 AZ_CLI_VERSION=2.30.0 -EKSCTL_VERSION=v0.143.0 -EKS_CLUSTER_K8_VERSION=1.27 +EKSCTL_VERSION=v0.191.0 +EKS_CLUSTER_K8_VERSION=1.31 SPLUNK_ENTERPRISE_RELEASE_IMAGE=splunk/splunk:9.3.0 +EKS_INSTANCE_TYPE=m5.2xlarge +EKS_INSTANCE_TYPE_GRAVITON=c6g.4xlarge \ No newline at end of file diff --git a/.github/workflows/graviton-build-test-push-workflow-ubi.yml b/.github/workflows/graviton-build-test-push-workflow.yml similarity index 63% rename from .github/workflows/graviton-build-test-push-workflow-ubi.yml rename to .github/workflows/graviton-build-test-push-workflow.yml index f5787a996..c42bcef1b 100644 --- a/.github/workflows/graviton-build-test-push-workflow-ubi.yml +++ b/.github/workflows/graviton-build-test-push-workflow.yml @@ -1,12 +1,11 @@ -name: UBI Graviton Build and Test +name: Build and Test on: push: branches: - - feature** - - graviton-sok + - CSPL_2920 jobs: check-formating: - runs-on: macos-14 + runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - name: Dotenv Action @@ -21,7 +20,7 @@ jobs: - name: Lint source code run: make vet && if [[ $? -ne 0 ]]; then false; fi #unit-tests: - # runs-on: macos-14 + # runs-on: ubuntu-latest # needs: check-formating # steps: # - uses: actions/checkout@v2 @@ -45,19 +44,22 @@ jobs: # - name: Run Code Coverage # run: goveralls -coverprofile=coverage.out -service=circle-ci -repotoken ${{ secrets.COVERALLS_TOKEN }} # - name: Upload Coverage artifacts - # uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2 + # uses: actions/upload-artifact@v4.4.0 # with: # name: coverage.out # path: coverage.out - build-graviton-operator-image: + build-operator-image: runs-on: ubuntu-latest - needs: check-formating + #needs: unit-tests env: SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} steps: + - name: Set up cosign + uses: sigstore/cosign-installer@main + - uses: actions/checkout@v2 - name: Dotenv Action id: dotenv @@ -88,35 +90,97 @@ jobs: - name: Login to Amazon ECR id: login-ecr uses: aws-actions/amazon-ecr-login@v1 - - name: Make Splunk Operator Image and Push to ECR + - name: Build and push Splunk Operator Image + run: | + export PLATFORMS=linux/arm64 + export BUILDPLATFORM=linux/arm64 + export TARGETOS=linux + export TARGETARCH=arm64 + export TARGET_OS_IMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 + docker buildx build --push --platform=linux/arm64,linux/amd64 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . + - name: Sign Splunk Operator image with a key + run: | + cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} + env: + COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} + COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} + vulnerability-scan: + permissions: + actions: read + contents: read + security-events: write + runs-on: ubuntu-latest + needs: build-operator-image + env: + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + IMAGE_NAME: ${{ secrets.ECR_REPOSITORY }}/splunk/splunk-operator:${{ github.sha }} + steps: + - name: Set up cosign + uses: sigstore/cosign-installer@main + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + + - name: Login to Amazon ECR + uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Operator Image Locally run: | - docker buildx build --push --platform linux/arm64,linux/amd64 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:ubi-$GITHUB_SHA -f Dockerfile.ubi . + docker pull ${{ env.IMAGE_NAME }} + - name: Verify Signed Splunk Operator image + run: | + cosign verify --key env://COSIGN_PUBLIC_KEY ${{ env.IMAGE_NAME }} + env: + COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }} + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + image-ref: '${{ env.IMAGE_NAME }}' + format: sarif + #exit-code: 1 + severity: 'CRITICAL' + ignore-unfixed: true + output: 'trivy-results.sarif' + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: 'trivy-results.sarif' smoke-tests: - needs: build-graviton-operator-image + needs: vulnerability-scan strategy: fail-fast: false matrix: test: [ basic, - appframeworks1, - managerappframeworkc3, - managerappframeworkm4, - managersecret, - managermc, - ] + #appframeworks1, + #managerappframeworkc3, + #managerappframeworkm4, + #managersecret, + #managermc, + ] runs-on: ubuntu-latest env: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_RELEASE_IMAGE }} + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }} + SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing smoke keyword TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" TEST_CLUSTER_PLATFORM: eks - EKS_INSTANCE_TYPE: m5.2xlarge EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} TEST_BUCKET: ${{ secrets.TEST_BUCKET }} @@ -168,7 +232,7 @@ jobs: DESIRED_VERSION=v3.8.2 bash get_helm.sh - name: Install EKS CTL run: | - curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp + curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp sudo mv /tmp/eksctl /usr/local/bin eksctl version - name: Set up Docker Buildx @@ -182,6 +246,11 @@ jobs: with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Set Splunk Operator image + run: | + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV + - name: Pull Splunk Enterprise Image + run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: @@ -191,35 +260,34 @@ jobs: - name: Login to Amazon ECR id: login-ecr uses: aws-actions/amazon-ecr-login@v1 + - name: Tag and Push Splunk Enterprise Image to ECR + run: | + docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Create EKS cluster run: | - export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} - export PLATFORMS=linux/arm64 - export BUILDPLATFORM=linux/arm64 - export TARGETOS=linux - export TARGETARCH=arm64 - export EKS_INSTANCE_TYPE=c6g.4xlarge - make cluster-up + export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + export PLATFORMS=linux/arm64 + export BUILDPLATFORM=linux/arm64 + export TARGETOS=linux + export TARGETARCH=arm64 + export TARGET_OS_IMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 + export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_GRAVITON }} + make cluster-up - name: install metric server run: | kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml - name: install k8s dashboard run: | kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml - #- name: Setup Kustomize - # run: | - # sudo snap install kustomize - # mkdir -p ./bin - # cp /snap/bin/kustomize ./bin/kustomize - - name: Install Kustomize - uses: multani/action-setup-kustomize@v1 - with: - version: 4.5.4 + - name: Setup Kustomize + run: | + sudo snap install kustomize + mkdir -p ./bin + cp /snap/bin/kustomize ./bin/kustomize - name: Run smoke test id: smoketest run: | - export SPLUNK_OPERATOR_IMAGE_GRAVITON=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:ubi-$GITHUB_SHA - export SPLUNK_ENTERPRISE_IMAGE_GRAVITON=${{ secrets.ECR_REPOSITORY }}/${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }} make int-test - name: Collect Test Logs if: ${{ always() }} @@ -228,7 +296,7 @@ jobs: find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; - name: Archive Pod Logs if: ${{ always() }} - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v4.4.0 with: name: "splunk-pods-logs--artifacts-${{ matrix.test }}" path: "/tmp/pod_logs/**" @@ -241,6 +309,13 @@ jobs: if: ${{ always() }} run: | make cluster-down + #- name: Test Report + # uses: dorny/test-reporter@v1 + # if: success() || failure() # run this step even if previous step failed + # with: + # name: Integration Tests # Name of the check run which will be created + # path: inttest-*.xml # Path to test results + # reporter: jest-junit # Format of test results push-latest: needs: smoke-tests if: github.ref == 'refs/heads/main' @@ -269,6 +344,9 @@ jobs: aws-region: ${{ secrets.AWS_DEFAULT_REGION }} - name: Login to Amazon ECR uses: aws-actions/amazon-ecr-login@v1 - - name: Pull Splunk Operator Image Locally and Push to docker hub + - name: Re-tag Splunk Operator Image run: | - docker buildx build --push --platform linux/arm64,linux/amd64 --tag ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:ubi-${{ env.TAG }} -f Dockerfile.ubi . \ No newline at end of file + docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + docker buildx imagetools create -t ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + - name: Push Splunk Operator Image to Docker Hub + run: docker push ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} \ No newline at end of file diff --git a/Dockerfile.graviton b/Dockerfile.graviton new file mode 100644 index 000000000..f1c540954 --- /dev/null +++ b/Dockerfile.graviton @@ -0,0 +1,64 @@ +# Build the manager binary +FROM --platform=${BUILDPLATFORM:-linux/amd64} golang:1.23.0 as builder + +ARG TARGETPLATFORM +ARG BUILDPLATFORM +ARG TARGETOS +ARG TARGETARCH +ARG TARGET_OS_IMAGE + +WORKDIR /workspace +# Copy the Go Modules manifests +COPY go.mod go.mod +COPY go.sum go.sum +# cache deps before building and copying source so that we don't need to re-download as much +# and so that source changes don't invalidate our downloaded layer +RUN go mod download + +# Copy the go source +COPY main.go main.go +COPY api/ api/ +COPY controllers/ controllers/ +COPY pkg/ pkg/ +COPY tools/ tools/ +COPY hack hack/ + +# Build +RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -a -o manager main.go + +# Use distroless as minimal base image to package the manager binary +# Refer to https://github.com/GoogleContainerTools/distroless for more details +FROM --platform=${BUILDPLATFORM:-linux/amd64} ${TARGET_OS_IMAGE} +ENV OPERATOR=/manager \ + USER_UID=1001 \ + USER_NAME=nonroot + +RUN yum -y install shadow-utils +RUN useradd -ms /bin/bash nonroot -u 1001 +RUN yum update -y krb5-libs && yum clean all +RUN yum -y update-minimal --security --sec-severity=Important --sec-severity=Critical +RUN yum -y update-minimal --security --sec-severity=Moderate +RUN yum -y update-minimal --security --sec-severity=Low + +LABEL name="splunk" \ + maintainer="support@splunk.com" \ + vendor="splunk" \ + version="2.2.1" \ + release="1" \ + summary="Simplify the Deployment & Management of Splunk Products on Kubernetes" \ + description="The Splunk Operator for Kubernetes (SOK) makes it easy for Splunk Administrators to deploy and operate Enterprise deployments in a Kubernetes infrastructure. Packaged as a container, it uses the operator pattern to manage Splunk-specific custom resources, following best practices to manage all the underlying Kubernetes objects for you." + +WORKDIR / +RUN mkdir /licenses +RUN mkdir -p /tools/k8_probes + +COPY --from=builder /workspace/manager . +COPY tools/EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf /licenses +COPY LICENSE /licenses/LICENSE-2.0.txt +COPY tools/k8_probes/livenessProbe.sh /tools/k8_probes/ +COPY tools/k8_probes/readinessProbe.sh /tools/k8_probes/ +COPY tools/k8_probes/startupProbe.sh /tools/k8_probes/ + +USER 1001 + +ENTRYPOINT ["/manager"] diff --git a/Makefile b/Makefile index 1e4e1e23c..f1da25e71 100644 --- a/Makefile +++ b/Makefile @@ -152,13 +152,10 @@ docker-push: ## Push docker image with the manager. PLATFORMS ?= linux/arm64,linux/amd64,linux/s390x,linux/ppc64le .PHONY: docker-buildx docker-buildx: test ## Build and push docker image for the manager for cross-platform support - # copy existing Dockerfile and insert --platform=${BUILDPLATFORM} into Dockerfile.cross, and preserve the original Dockerfile - sed -e '1 s/\(^FROM\)/FROM --platform=\$$\{BUILDPLATFORM\}/; t' -e ' 1,// s//FROM --platform=\$$\{BUILDPLATFORM\}/' Dockerfile > Dockerfile.cross - docker buildx create --name project-v3-builder docker buildx use project-v3-builder - - docker buildx build --push --platform=$(PLATFORMS) --tag ${IMG} -f Dockerfile.cross . + - docker buildx build --push --platform=$(PLATFORMS) --tag ${IMG} . - docker buildx rm project-v3-builder - rm Dockerfile.cross ##@ Deployment diff --git a/test/deploy-eks-cluster.sh b/test/deploy-eks-cluster.sh index c5c405a22..bef9d7bf8 100755 --- a/test/deploy-eks-cluster.sh +++ b/test/deploy-eks-cluster.sh @@ -57,7 +57,7 @@ function createCluster() { found=$(eksctl get cluster --name "${TEST_CLUSTER_NAME}" -v 0) if [ -z "${found}" ]; then - eksctl create cluster --name=${TEST_CLUSTER_NAME} --nodes=${CLUSTER_WORKERS} --vpc-public-subnets=${EKS_VPC_PUBLIC_SUBNET_STRING} --vpc-private-subnets=${EKS_VPC_PRIVATE_SUBNET_STRING} --instance-types=m5.2xlarge --version=${EKS_CLUSTER_K8_VERSION} + eksctl create cluster --name=${TEST_CLUSTER_NAME} --nodes=${CLUSTER_WORKERS} --vpc-public-subnets=${EKS_VPC_PUBLIC_SUBNET_STRING} --vpc-private-subnets=${EKS_VPC_PRIVATE_SUBNET_STRING} --instance-types=${EKS_CLUSTER_INSTANCE_TYPE} --version=${EKS_CLUSTER_K8_VERSION} if [ $? -ne 0 ]; then echo "Unable to create cluster - ${TEST_CLUSTER_NAME}" return 1 @@ -93,6 +93,8 @@ function createCluster() { kubectl annotate serviceaccount -n $namespace $service_account eks.amazonaws.com/role-arn=arn:aws:iam::$account_id:role/${rolename} eksctl create addon --name aws-ebs-csi-driver --cluster ${TEST_CLUSTER_NAME} --service-account-role-arn arn:aws:iam::$account_id:role/${rolename} --force eksctl utils update-cluster-logging --cluster ${TEST_CLUSTER_NAME} + # CSPL-2887 - Patch the default storage class to gp2 + kubectl patch storageclass gp2 -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}' else echo "Retrieving kubeconfig for ${TEST_CLUSTER_NAME}" # Cluster exists but kubeconfig may not diff --git a/test/env.sh b/test/env.sh index d374cdd13..b064b0215 100644 --- a/test/env.sh +++ b/test/env.sh @@ -9,6 +9,8 @@ : "${COMMIT_HASH:=}" # AWS specific variables : "${ECR_REGISTRY:=}" +# CSPL-2920 - default instance type, use .env to set specific types to use in workflows +: "${EKS_INSTANCE_TYPE:=m5.2xlarge}" : "${VPC_PUBLIC_SUBNET_STRING:=}" : "${VPC_PRIVATE_SUBNET_STRING:=}" : "${EKS_CLUSTER_K8_VERSION:=1.31}" From dfd08766c6af38aee9970c440ecec27f5ad8aeb3 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Mon, 28 Oct 2024 11:56:27 -0500 Subject: [PATCH 08/74] Try this --- .github/workflows/graviton-build-test-push-workflow.yml | 6 +++--- .github/workflows/int-test-workflow.yml | 1 - Dockerfile.graviton | 4 ++-- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/.github/workflows/graviton-build-test-push-workflow.yml b/.github/workflows/graviton-build-test-push-workflow.yml index c42bcef1b..20bf1f7c7 100644 --- a/.github/workflows/graviton-build-test-push-workflow.yml +++ b/.github/workflows/graviton-build-test-push-workflow.yml @@ -1,4 +1,4 @@ -name: Build and Test +name: Graviton Build and Test on: push: branches: @@ -96,7 +96,7 @@ jobs: export BUILDPLATFORM=linux/arm64 export TARGETOS=linux export TARGETARCH=arm64 - export TARGET_OS_IMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 + export TARGETOSIMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 docker buildx build --push --platform=linux/arm64,linux/amd64 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . - name: Sign Splunk Operator image with a key run: | @@ -271,7 +271,7 @@ jobs: export BUILDPLATFORM=linux/arm64 export TARGETOS=linux export TARGETARCH=arm64 - export TARGET_OS_IMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 + export TARGETOSIMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_GRAVITON }} make cluster-up - name: install metric server diff --git a/.github/workflows/int-test-workflow.yml b/.github/workflows/int-test-workflow.yml index 410c555c1..0c47475f1 100644 --- a/.github/workflows/int-test-workflow.yml +++ b/.github/workflows/int-test-workflow.yml @@ -4,7 +4,6 @@ on: branches: - develop - main - - CSPL_2920 jobs: build-operator-image: runs-on: ubuntu-latest diff --git a/Dockerfile.graviton b/Dockerfile.graviton index f1c540954..d4539cb12 100644 --- a/Dockerfile.graviton +++ b/Dockerfile.graviton @@ -5,7 +5,7 @@ ARG TARGETPLATFORM ARG BUILDPLATFORM ARG TARGETOS ARG TARGETARCH -ARG TARGET_OS_IMAGE +ARG TARGETOSIMAGE WORKDIR /workspace # Copy the Go Modules manifests @@ -28,7 +28,7 @@ RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -a -o manager m # Use distroless as minimal base image to package the manager binary # Refer to https://github.com/GoogleContainerTools/distroless for more details -FROM --platform=${BUILDPLATFORM:-linux/amd64} ${TARGET_OS_IMAGE} +FROM --platform=${BUILDPLATFORM:-linux/amd64} ${TARGETOSIMAGE} ENV OPERATOR=/manager \ USER_UID=1001 \ USER_NAME=nonroot From f7a2648f4f8ff07d86d0dda376320cd488d052ff Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Mon, 28 Oct 2024 12:28:11 -0500 Subject: [PATCH 09/74] Add the argument again --- Dockerfile.graviton | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Dockerfile.graviton b/Dockerfile.graviton index d4539cb12..051142215 100644 --- a/Dockerfile.graviton +++ b/Dockerfile.graviton @@ -29,6 +29,10 @@ RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -a -o manager m # Use distroless as minimal base image to package the manager binary # Refer to https://github.com/GoogleContainerTools/distroless for more details FROM --platform=${BUILDPLATFORM:-linux/amd64} ${TARGETOSIMAGE} + +ARG BUILDPLATFORM +ARG TARGETOSIMAGE + ENV OPERATOR=/manager \ USER_UID=1001 \ USER_NAME=nonroot From 3f745cf4bd6072a16585626eb32b0672feedf1b2 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Mon, 28 Oct 2024 13:00:07 -0500 Subject: [PATCH 10/74] Try passing build arguments --- .github/workflows/graviton-build-test-push-workflow.yml | 3 +-- Dockerfile.graviton | 5 +---- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/.github/workflows/graviton-build-test-push-workflow.yml b/.github/workflows/graviton-build-test-push-workflow.yml index 20bf1f7c7..8ba0bafe5 100644 --- a/.github/workflows/graviton-build-test-push-workflow.yml +++ b/.github/workflows/graviton-build-test-push-workflow.yml @@ -96,8 +96,7 @@ jobs: export BUILDPLATFORM=linux/arm64 export TARGETOS=linux export TARGETARCH=arm64 - export TARGETOSIMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 - docker buildx build --push --platform=linux/arm64,linux/amd64 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . + docker buildx build --push --platform=linux/arm64,linux/amd64 --build-arg TARGETOSIMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . - name: Sign Splunk Operator image with a key run: | cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} diff --git a/Dockerfile.graviton b/Dockerfile.graviton index 051142215..33d4319b5 100644 --- a/Dockerfile.graviton +++ b/Dockerfile.graviton @@ -5,7 +5,6 @@ ARG TARGETPLATFORM ARG BUILDPLATFORM ARG TARGETOS ARG TARGETARCH -ARG TARGETOSIMAGE WORKDIR /workspace # Copy the Go Modules manifests @@ -28,10 +27,8 @@ RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -a -o manager m # Use distroless as minimal base image to package the manager binary # Refer to https://github.com/GoogleContainerTools/distroless for more details -FROM --platform=${BUILDPLATFORM:-linux/amd64} ${TARGETOSIMAGE} - -ARG BUILDPLATFORM ARG TARGETOSIMAGE +FROM --platform=${BUILDPLATFORM:-linux/amd64} ${TARGETOSIMAGE} ENV OPERATOR=/manager \ USER_UID=1001 \ From 3d9e4e7d0799987cf4f609cd618056ba15d57e64 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Mon, 28 Oct 2024 13:14:51 -0500 Subject: [PATCH 11/74] Add a default value --- Dockerfile.graviton | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.graviton b/Dockerfile.graviton index 33d4319b5..a49601b06 100644 --- a/Dockerfile.graviton +++ b/Dockerfile.graviton @@ -27,7 +27,7 @@ RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -a -o manager m # Use distroless as minimal base image to package the manager binary # Refer to https://github.com/GoogleContainerTools/distroless for more details -ARG TARGETOSIMAGE +ARG TARGETOSIMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 FROM --platform=${BUILDPLATFORM:-linux/amd64} ${TARGETOSIMAGE} ENV OPERATOR=/manager \ From 36ac76c76fadba0d3d1e22e7af3727872067ef66 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Mon, 28 Oct 2024 14:39:19 -0500 Subject: [PATCH 12/74] Hardcode --- Dockerfile.graviton | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Dockerfile.graviton b/Dockerfile.graviton index a49601b06..436dc4c5d 100644 --- a/Dockerfile.graviton +++ b/Dockerfile.graviton @@ -27,8 +27,7 @@ RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -a -o manager m # Use distroless as minimal base image to package the manager binary # Refer to https://github.com/GoogleContainerTools/distroless for more details -ARG TARGETOSIMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 -FROM --platform=${BUILDPLATFORM:-linux/amd64} ${TARGETOSIMAGE} +FROM --platform=${BUILDPLATFORM:-linux/amd64} public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 ENV OPERATOR=/manager \ USER_UID=1001 \ From 34379dc38d05ab683bc54a756b01cc27cbb5f87e Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Mon, 28 Oct 2024 15:04:51 -0500 Subject: [PATCH 13/74] Change tag --- Dockerfile.graviton | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.graviton b/Dockerfile.graviton index 436dc4c5d..3443beaea 100644 --- a/Dockerfile.graviton +++ b/Dockerfile.graviton @@ -27,7 +27,7 @@ RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -a -o manager m # Use distroless as minimal base image to package the manager binary # Refer to https://github.com/GoogleContainerTools/distroless for more details -FROM --platform=${BUILDPLATFORM:-linux/amd64} public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 +FROM --platform=${BUILDPLATFORM:-linux/amd64} amazonlinux:2023.6.20241010.0 ENV OPERATOR=/manager \ USER_UID=1001 \ From 40d8f66fede0207094c9f585a38cfd2d7950e51f Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Mon, 28 Oct 2024 15:19:56 -0500 Subject: [PATCH 14/74] Pull locally --- .../workflows/graviton-build-test-push-workflow.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/graviton-build-test-push-workflow.yml b/.github/workflows/graviton-build-test-push-workflow.yml index 8ba0bafe5..23ccfedf6 100644 --- a/.github/workflows/graviton-build-test-push-workflow.yml +++ b/.github/workflows/graviton-build-test-push-workflow.yml @@ -248,8 +248,6 @@ jobs: - name: Set Splunk Operator image run: | echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV - - name: Pull Splunk Enterprise Image - run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: @@ -259,10 +257,12 @@ jobs: - name: Login to Amazon ECR id: login-ecr uses: aws-actions/amazon-ecr-login@v1 - - name: Tag and Push Splunk Enterprise Image to ECR - run: | - docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + - name: Pull Splunk Enterprise Image + run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} + #- name: Tag and Push Splunk Enterprise Image to ECR + # run: | + # docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + # docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} From a391b10b31c383c2374c2e7b727ebb04cf56bdf3 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Tue, 29 Oct 2024 16:26:44 -0500 Subject: [PATCH 15/74] Don't push for graviton --- .../graviton-build-test-push-workflow.yml | 1 + test/run-tests.sh | 14 ++++++++++---- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/.github/workflows/graviton-build-test-push-workflow.yml b/.github/workflows/graviton-build-test-push-workflow.yml index 23ccfedf6..b95e6f00b 100644 --- a/.github/workflows/graviton-build-test-push-workflow.yml +++ b/.github/workflows/graviton-build-test-push-workflow.yml @@ -191,6 +191,7 @@ jobs: EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" + GRAVITON: "true" steps: - name: Set Test Cluster Name run: | diff --git a/test/run-tests.sh b/test/run-tests.sh index 96b714c43..57e1b283a 100755 --- a/test/run-tests.sh +++ b/test/run-tests.sh @@ -38,10 +38,16 @@ if [ -n "${PRIVATE_REGISTRY}" ]; then exit 1 fi docker tag ${SPLUNK_ENTERPRISE_IMAGE} ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} - docker push ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} - if [ $? -ne 0 ]; then - echo "Unable to push ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}. Exiting..." - exit 1 + + if [ "$GRAVITON" == "true" ]; then + echo "Graviton, push unnecessary" + else + echo "Pushing ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}" + docker push ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} + if [ $? -ne 0 ]; then + echo "Unable to push ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}. Exiting..." + exit 1 + fi fi # Output From bc3e661197264c47b35d1ea682ecfd12a2f68925 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 31 Oct 2024 12:45:47 -0500 Subject: [PATCH 16/74] Display operator image --- test/run-tests.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/test/run-tests.sh b/test/run-tests.sh index 57e1b283a..6cd5af22d 100755 --- a/test/run-tests.sh +++ b/test/run-tests.sh @@ -80,6 +80,10 @@ if [ $? -ne 0 ]; then exit 1 fi +echo "Dumping operator config here..." +kubectl describe deployment splunk-operator-controller-manager -n splunk-operator + + if [ "${CLUSTER_WIDE}" == "true" ]; then echo "wait for operator pod to be ready..." # sleep before checking for deployment, in slow clusters deployment call may not even started From 12531e7711f9139f9177453fc698129d445fa4be Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 31 Oct 2024 13:19:17 -0500 Subject: [PATCH 17/74] Change eks instance type --- test/deploy-eks-cluster.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/deploy-eks-cluster.sh b/test/deploy-eks-cluster.sh index bef9d7bf8..4e7ef122f 100755 --- a/test/deploy-eks-cluster.sh +++ b/test/deploy-eks-cluster.sh @@ -57,7 +57,7 @@ function createCluster() { found=$(eksctl get cluster --name "${TEST_CLUSTER_NAME}" -v 0) if [ -z "${found}" ]; then - eksctl create cluster --name=${TEST_CLUSTER_NAME} --nodes=${CLUSTER_WORKERS} --vpc-public-subnets=${EKS_VPC_PUBLIC_SUBNET_STRING} --vpc-private-subnets=${EKS_VPC_PRIVATE_SUBNET_STRING} --instance-types=${EKS_CLUSTER_INSTANCE_TYPE} --version=${EKS_CLUSTER_K8_VERSION} + eksctl create cluster --name=${TEST_CLUSTER_NAME} --nodes=${CLUSTER_WORKERS} --vpc-public-subnets=${EKS_VPC_PUBLIC_SUBNET_STRING} --vpc-private-subnets=${EKS_VPC_PRIVATE_SUBNET_STRING} --instance-types=${EKS_INSTANCE_TYPE} --version=${EKS_CLUSTER_K8_VERSION} if [ $? -ne 0 ]; then echo "Unable to create cluster - ${TEST_CLUSTER_NAME}" return 1 From 3e7345f6d8e6aee2c061ba4d11ce1bd2506e7838 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 31 Oct 2024 15:03:35 -0500 Subject: [PATCH 18/74] Dump version --- .github/workflows/graviton-build-test-push-workflow.yml | 2 +- test/testenv/verificationutils.go | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/graviton-build-test-push-workflow.yml b/.github/workflows/graviton-build-test-push-workflow.yml index b95e6f00b..e8852a6f3 100644 --- a/.github/workflows/graviton-build-test-push-workflow.yml +++ b/.github/workflows/graviton-build-test-push-workflow.yml @@ -162,7 +162,7 @@ jobs: matrix: test: [ basic, - #appframeworks1, + appframeworks1, #managerappframeworkc3, #managerappframeworkm4, #managersecret, diff --git a/test/testenv/verificationutils.go b/test/testenv/verificationutils.go index e62d6e5b9..3aab3416b 100644 --- a/test/testenv/verificationutils.go +++ b/test/testenv/verificationutils.go @@ -95,6 +95,7 @@ func StandaloneReady(ctx context.Context, deployment *Deployment, deploymentName testenvInstance.Log.Info("Waiting for Standalone phase to be ready", "instance", standalone.ObjectMeta.Name, "Phase", standalone.Status.Phase) DumpGetPods(testenvInstance.GetName()) DumpGetTopPods(testenvInstance.GetName()) + DumpGetSplunkVersion(ctx, testenvInstance.GetName(), deployment, "standalone") DumpGetTopNodes() return standalone.Status.Phase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) From a3c190875e96d0af9f9a4ce0ee0ffa44ad83834f Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 31 Oct 2024 15:59:49 -0500 Subject: [PATCH 19/74] Describe --- test/testenv/util.go | 18 ++++++++++++++++++ test/testenv/verificationutils.go | 2 +- 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/test/testenv/util.go b/test/testenv/util.go index a12dbd174..72f51c853 100644 --- a/test/testenv/util.go +++ b/test/testenv/util.go @@ -736,6 +736,24 @@ func DumpGetPods(ns string) []string { return splunkPods } +// DumpDescribePods prints and returns list of pods in the namespace +func DumpDescribePods(ns string) []string { + output, err := exec.Command("kubectl", "describe", "pods", "-n", ns).Output() + var splunkPods []string + if err != nil { + //cmd := fmt.Sprintf("kubectl get pods -n %s", ns) + //logf.Log.Error(err, "Failed to execute command", "command", cmd) + return nil + } + for _, line := range strings.Split(string(output), "\n") { + logf.Log.Info(line) + if strings.HasPrefix(line, "splunk") && !strings.HasPrefix(line, "splunk-op") { + splunkPods = append(splunkPods, strings.Fields(line)[0]) + } + } + return splunkPods +} + // DumpGetTopNodes prints and returns Node load information func DumpGetTopNodes() []string { output, err := exec.Command("kubectl", "top", "nodes").Output() diff --git a/test/testenv/verificationutils.go b/test/testenv/verificationutils.go index 3aab3416b..e8bee5b50 100644 --- a/test/testenv/verificationutils.go +++ b/test/testenv/verificationutils.go @@ -94,8 +94,8 @@ func StandaloneReady(ctx context.Context, deployment *Deployment, deploymentName } testenvInstance.Log.Info("Waiting for Standalone phase to be ready", "instance", standalone.ObjectMeta.Name, "Phase", standalone.Status.Phase) DumpGetPods(testenvInstance.GetName()) + DumpDescribePods(testenvInstance.GetName()) DumpGetTopPods(testenvInstance.GetName()) - DumpGetSplunkVersion(ctx, testenvInstance.GetName(), deployment, "standalone") DumpGetTopNodes() return standalone.Status.Phase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) From 9be9090b5340fe59a7b429913c8a31ba9a7d9abf Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Fri, 1 Nov 2024 09:35:26 -0500 Subject: [PATCH 20/74] Don't need to tag for graviton --- test/run-tests.sh | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/test/run-tests.sh b/test/run-tests.sh index 6cd5af22d..cf27c93f4 100755 --- a/test/run-tests.sh +++ b/test/run-tests.sh @@ -19,7 +19,10 @@ if [ -n "${PRIVATE_REGISTRY}" ]; then echo "Using private registry at ${PRIVATE_REGISTRY}" PRIVATE_SPLUNK_OPERATOR_IMAGE=${PRIVATE_REGISTRY}/${SPLUNK_OPERATOR_IMAGE} - PRIVATE_SPLUNK_ENTERPRISE_IMAGE=${PRIVATE_REGISTRY}/${SPLUNK_ENTERPRISE_IMAGE} + # CSPL-2920: Graviton support + if [ "$GRAVITON" != "true" ]; then + PRIVATE_SPLUNK_ENTERPRISE_IMAGE=${PRIVATE_REGISTRY}/${SPLUNK_ENTERPRISE_IMAGE} + fi echo "Checking to see if image exists, docker images -q ${PRIVATE_SPLUNK_OPERATOR_IMAGE}" # Don't pull splunk operator if exists locally since we maybe building it locally if [ -z $(docker images -q ${PRIVATE_SPLUNK_OPERATOR_IMAGE}) ]; then @@ -32,17 +35,19 @@ if [ -n "${PRIVATE_REGISTRY}" ]; then fi # Always attempt to pull splunk enterprise image + echo "Pulling SPLUNK_ENTERPRISE_IMAGE=${SPLUNK_ENTERPRISE_IMAGE}..." docker pull ${SPLUNK_ENTERPRISE_IMAGE} if [ $? -ne 0 ]; then echo "Unable to pull ${SPLUNK_ENTERPRISE_IMAGE}. Exiting..." exit 1 fi - docker tag ${SPLUNK_ENTERPRISE_IMAGE} ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} if [ "$GRAVITON" == "true" ]; then - echo "Graviton, push unnecessary" + echo "Graviton, enterprise tag and push unnecessary" else - echo "Pushing ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}" + echo "Tagging to privat repo ${PRIVATE_SPLUNK_OPERATOR_IMAGE}..." + docker tag ${SPLUNK_ENTERPRISE_IMAGE} ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} + echo "Pushing to private repo ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}" docker push ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} if [ $? -ne 0 ]; then echo "Unable to push ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}. Exiting..." From 6aafeb70b910ea7d415128077d4a2bc0a1fbb042 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Fri, 1 Nov 2024 12:21:23 -0500 Subject: [PATCH 21/74] Re-run change kust --- config/default/kustomization.yaml | 2 +- test/run-tests.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index 7a400f81d..fa36d8a21 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -124,7 +124,7 @@ patches: - name: WATCH_NAMESPACE value: WATCH_NAMESPACE_VALUE - name: RELATED_IMAGE_SPLUNK_ENTERPRISE - value: docker.io/splunk/splunk:9.3.0 + value: SPLUNK_ENTERPRISE_IMAGE - name: OPERATOR_NAME value: splunk-operator - name: POD_NAME diff --git a/test/run-tests.sh b/test/run-tests.sh index cf27c93f4..a8be70480 100755 --- a/test/run-tests.sh +++ b/test/run-tests.sh @@ -75,7 +75,7 @@ elif [ "${CLUSTER_WIDE}" != "true" ]; then make uninstall bin/kustomize build config/crd | kubectl create -f - else - echo "Installing enterprise operator from ${PRIVATE_SPLUNK_OPERATOR_IMAGE}..." + echo "Installing enterprise operator from ${PRIVATE_SPLUNK_OPERATOR_IMAGE} using enterprise image from ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}..." make deploy IMG=${PRIVATE_SPLUNK_OPERATOR_IMAGE} SPLUNK_ENTERPRISE_IMAGE=${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} WATCH_NAMESPACE="" fi From ec29b76987664e4cc5e1d45bba9693ebc66cdd47 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Fri, 1 Nov 2024 13:52:51 -0500 Subject: [PATCH 22/74] Avoid describe --- test/testenv/verificationutils.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/testenv/verificationutils.go b/test/testenv/verificationutils.go index e8bee5b50..8ff179919 100644 --- a/test/testenv/verificationutils.go +++ b/test/testenv/verificationutils.go @@ -94,7 +94,7 @@ func StandaloneReady(ctx context.Context, deployment *Deployment, deploymentName } testenvInstance.Log.Info("Waiting for Standalone phase to be ready", "instance", standalone.ObjectMeta.Name, "Phase", standalone.Status.Phase) DumpGetPods(testenvInstance.GetName()) - DumpDescribePods(testenvInstance.GetName()) + //DumpDescribePods(testenvInstance.GetName()) DumpGetTopPods(testenvInstance.GetName()) DumpGetTopNodes() return standalone.Status.Phase From dd88888c2e40de7bc3e9420b0caff0ba6e185b15 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Mon, 4 Nov 2024 10:42:28 -0600 Subject: [PATCH 23/74] Enable everything and try again --- .../workflows/graviton-build-test-push-workflow.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/graviton-build-test-push-workflow.yml b/.github/workflows/graviton-build-test-push-workflow.yml index e8852a6f3..84bd26b86 100644 --- a/.github/workflows/graviton-build-test-push-workflow.yml +++ b/.github/workflows/graviton-build-test-push-workflow.yml @@ -48,7 +48,7 @@ jobs: # with: # name: coverage.out # path: coverage.out - build-operator-image: + build-operator-image-graviton: runs-on: ubuntu-latest #needs: unit-tests env: @@ -109,7 +109,7 @@ jobs: contents: read security-events: write runs-on: ubuntu-latest - needs: build-operator-image + needs: build-operator-image-graviton env: SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator @@ -163,10 +163,10 @@ jobs: test: [ basic, appframeworks1, - #managerappframeworkc3, - #managerappframeworkm4, - #managersecret, - #managermc, + managerappframeworkc3, + managerappframeworkm4, + managersecret, + managermc, ] runs-on: ubuntu-latest env: From 456d86aab44861f57ba7579ede4a47cc50b6bcf7 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Mon, 4 Nov 2024 12:01:10 -0600 Subject: [PATCH 24/74] Remove push-latest, re-run pipelines --- .../graviton-build-test-push-workflow.yml | 38 +------------------ 1 file changed, 2 insertions(+), 36 deletions(-) diff --git a/.github/workflows/graviton-build-test-push-workflow.yml b/.github/workflows/graviton-build-test-push-workflow.yml index 84bd26b86..8963e8ea2 100644 --- a/.github/workflows/graviton-build-test-push-workflow.yml +++ b/.github/workflows/graviton-build-test-push-workflow.yml @@ -155,7 +155,7 @@ jobs: uses: github/codeql-action/upload-sarif@v3 with: sarif_file: 'trivy-results.sarif' - smoke-tests: + smoke-tests-graviton: needs: vulnerability-scan strategy: fail-fast: false @@ -315,38 +315,4 @@ jobs: # with: # name: Integration Tests # Name of the check run which will be created # path: inttest-*.xml # Path to test results - # reporter: jest-junit # Format of test results - push-latest: - needs: smoke-tests - if: github.ref == 'refs/heads/main' - runs-on: ubuntu-latest - env: - SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator - TAG: latest - steps: - - name: Checkout Code - uses: actions/checkout@v2 - - name: Dotenv Action - id: dotenv - uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2.5.0 - - name: Configure Docker Hub credentials - uses: docker/login-action@v1 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_PUSH_TOKEN}} - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: ${{ secrets.AWS_DEFAULT_REGION }} - - name: Login to Amazon ECR - uses: aws-actions/amazon-ecr-login@v1 - - name: Re-tag Splunk Operator Image - run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - docker buildx imagetools create -t ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - - name: Push Splunk Operator Image to Docker Hub - run: docker push ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} \ No newline at end of file + # reporter: jest-junit # Format of test results \ No newline at end of file From a18b2e77be1e1daa43f58fb0fd4addf35778f82a Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Wed, 6 Nov 2024 09:03:39 -0600 Subject: [PATCH 25/74] Re-run tests --- .../workflows/graviton-build-test-push-workflow.yml | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/.github/workflows/graviton-build-test-push-workflow.yml b/.github/workflows/graviton-build-test-push-workflow.yml index 8963e8ea2..13c1db108 100644 --- a/.github/workflows/graviton-build-test-push-workflow.yml +++ b/.github/workflows/graviton-build-test-push-workflow.yml @@ -260,10 +260,6 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Pull Splunk Enterprise Image run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} - #- name: Tag and Push Splunk Enterprise Image to ECR - # run: | - # docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - # docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} @@ -308,11 +304,4 @@ jobs: - name: Cleanup up EKS cluster if: ${{ always() }} run: | - make cluster-down - #- name: Test Report - # uses: dorny/test-reporter@v1 - # if: success() || failure() # run this step even if previous step failed - # with: - # name: Integration Tests # Name of the check run which will be created - # path: inttest-*.xml # Path to test results - # reporter: jest-junit # Format of test results \ No newline at end of file + make cluster-down \ No newline at end of file From 789e47884cfee5cff24ce8c40de531f24c0a0d65 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Wed, 6 Nov 2024 12:21:25 -0600 Subject: [PATCH 26/74] Enable int tests --- .../workflows/graviton-int-test-workflow.yml | 209 ++++++++++++++++++ 1 file changed, 209 insertions(+) create mode 100644 .github/workflows/graviton-int-test-workflow.yml diff --git a/.github/workflows/graviton-int-test-workflow.yml b/.github/workflows/graviton-int-test-workflow.yml new file mode 100644 index 000000000..c59d83a47 --- /dev/null +++ b/.github/workflows/graviton-int-test-workflow.yml @@ -0,0 +1,209 @@ +name: Graviton Integration Test WorkFlow +on: + push: + branches: + - CSPL_2920 +jobs: + build-operator-image-graviton: + runs-on: ubuntu-latest + timeout-minutes: 360 + env: + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + steps: + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Install Operator SDK + run: | + export ARCH=$(case $(uname -m) in x86_64) echo -n amd64 ;; aarch64) echo -n arm64 ;; *) echo -n $(uname -m) ;; esac) + export OS=$(uname | awk '{print tolower($0)}') + export OPERATOR_SDK_DL_URL=https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }} + sudo curl -LO ${OPERATOR_SDK_DL_URL}/operator-sdk_${OS}_${ARCH} + sudo chmod +x operator-sdk_${OS}_${ARCH} + sudo mv operator-sdk_${OS}_${ARCH} /usr/local/bin/operator-sdk + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Build and push Splunk Operator Image + run: | + export PLATFORMS=linux/arm64 + export BUILDPLATFORM=linux/arm64 + export TARGETOS=linux + export TARGETARCH=arm64 + docker buildx build --push --platform=linux/arm64,linux/amd64 --build-arg TARGETOSIMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . + int-tests-graviton: + strategy: + fail-fast: false + matrix: + test: + [ + appframeworks1, + managerappframeworkc3, + managerappframeworkm4, + managersecret, + managersmartstore, + managermc, + managercrcrud, + licensemanager, + managerdeletecr, + ] + runs-on: ubuntu-latest + needs: build-operator-image-graviton + env: + CLUSTER_NODES: 1 + CLUSTER_WORKERS: 3 + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }} + SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + TEST_FOCUS: "${{ matrix.test }}" + # This regex matches any string not containing integration keyword + TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" + TEST_CLUSTER_PLATFORM: eks + EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} + EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} + TEST_BUCKET: ${{ secrets.TEST_BUCKET }} + TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} + CLUSTER_WIDE: "true" + DEPLOYMENT_TYPE: "" + steps: + - name: Set Test Cluster Name + run: | + echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV + - name: Set Test Cluster Nodes and Parallel Runs + run: >- + if grep -q "appframework" <<< "${{ matrix.test }}"; then + echo "CLUSTER_WORKERS=5" >> $GITHUB_ENV + echo "CLUSTER_NODES=2" >> $GITHUB_ENV + fi + - name: Checkcout code + uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Change splunk enterprise to release image on main branches + if: github.ref == 'refs/heads/main' + run: | + echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV + - name: Install Kubectl + uses: Azure/setup-kubectl@v3 + with: + version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} + - name: Install Python + uses: actions/setup-python@v2 + - name: Install AWS CLI + run: | + curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" + unzip awscliv2.zip + sudo ./aws/install --update + aws --version + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install Ginkgo + run: | + make setup/ginkgo + - name: Install Helm + run: | + curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 + chmod 700 get_helm.sh + ./get_helm.sh + DESIRED_VERSION=v3.8.2 bash get_helm.sh + - name: Install EKS CTL + run: | + curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp + sudo mv /tmp/eksctl /usr/local/bin + eksctl version + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Configure Docker Hub credentials + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Set Splunk Operator image + run: | + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV + - name: Pull Splunk Enterprise Image + run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Create EKS cluster + run: | + export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + export PLATFORMS=linux/arm64 + export BUILDPLATFORM=linux/arm64 + export TARGETOS=linux + export TARGETARCH=arm64 + export TARGETOSIMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 + export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_GRAVITON }} + make cluster-up + - name: install metric server + run: | + kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml + - name: install k8s dashboard + run: | + kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml + - name: Setup Kustomize + run: | + sudo snap install kustomize + mkdir -p ./bin + cp /snap/bin/kustomize ./bin/kustomize + - name: Run Integration test + run: | + make int-test + - name: Collect Test Logs + if: ${{ always() }} + run: | + mkdir -p /tmp/pod_logs + find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; + - name: Archive Pod Logs + if: ${{ always() }} + uses: actions/upload-artifact@v4.4.0 + with: + name: "splunk-pods-logs--artifacts-${{ matrix.test }}" + path: "/tmp/pod_logs/**" + - name: Cleanup Test Case artifacts + if: ${{ always() }} + run: | + make cleanup + make clean + - name: Cleanup up EKS cluster + if: ${{ always() }} + run: | + make cluster-down + #- name: Test Report + # uses: dorny/test-reporter@v1 + # if: success() || failure() # run this step even if previous step failed + # with: + # name: Integration Tests # Name of the check run which will be created + # path: inttest-*.xml # Path to test results + # reporter: jest-junit # Format of test results \ No newline at end of file From 45ea9da0df6dbcf3f5f3fc190cede163c3b082f7 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Wed, 6 Nov 2024 12:25:42 -0600 Subject: [PATCH 27/74] Update error logs --- test/testenv/util.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/testenv/util.go b/test/testenv/util.go index 72f51c853..6304850db 100644 --- a/test/testenv/util.go +++ b/test/testenv/util.go @@ -897,7 +897,7 @@ func ExecuteCommandOnOperatorPod(ctx context.Context, deployment *Deployment, po command := []string{"/bin/sh"} stdout, stderr, err := deployment.OperatorPodExecCommand(ctx, podName, command, stdin, false) if err != nil { - logf.Log.Error(err, "Failed to execute command on pod", "pod", podName, "command", command) + logf.Log.Error(err, "Failed to execute command on pod", "pod", podName, "shell", command, "command", stdin) return "", err } logf.Log.Info("Command executed", "on pod", podName, "command", command, "stdin", stdin, "stdout", stdout, "stderr", stderr) From a5d7225b776f44f57e0335dd288d4dc97bfa9aea Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Wed, 6 Nov 2024 12:28:10 -0600 Subject: [PATCH 28/74] Further enhance --- test/testenv/util.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/testenv/util.go b/test/testenv/util.go index 6304850db..d2d6c8741 100644 --- a/test/testenv/util.go +++ b/test/testenv/util.go @@ -897,7 +897,7 @@ func ExecuteCommandOnOperatorPod(ctx context.Context, deployment *Deployment, po command := []string{"/bin/sh"} stdout, stderr, err := deployment.OperatorPodExecCommand(ctx, podName, command, stdin, false) if err != nil { - logf.Log.Error(err, "Failed to execute command on pod", "pod", podName, "shell", command, "command", stdin) + logf.Log.Error(err, "Failed to execute command on pod", "pod", podName, "shell", command, "command", stdin, "error", err.Error()) return "", err } logf.Log.Info("Command executed", "on pod", podName, "command", command, "stdin", stdin, "stdout", stdout, "stderr", stderr) From 1555d21644f2ca6e9e09a9022d0b31b6e0757786 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Wed, 6 Nov 2024 18:07:55 -0600 Subject: [PATCH 29/74] Don't use platform in FROM in dockerfile, remove TARGETOSIMAGE, ignore int tests for now --- .../graviton-build-test-push-workflow.yml | 2 +- .../workflows/graviton-int-test-workflow.yml | 4 ++-- Dockerfile.graviton | 20 +++++++++---------- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/graviton-build-test-push-workflow.yml b/.github/workflows/graviton-build-test-push-workflow.yml index 13c1db108..a9a963862 100644 --- a/.github/workflows/graviton-build-test-push-workflow.yml +++ b/.github/workflows/graviton-build-test-push-workflow.yml @@ -96,7 +96,7 @@ jobs: export BUILDPLATFORM=linux/arm64 export TARGETOS=linux export TARGETARCH=arm64 - docker buildx build --push --platform=linux/arm64,linux/amd64 --build-arg TARGETOSIMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . + docker buildx build --push --platform=linux/arm64,linux/amd64 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . - name: Sign Splunk Operator image with a key run: | cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} diff --git a/.github/workflows/graviton-int-test-workflow.yml b/.github/workflows/graviton-int-test-workflow.yml index c59d83a47..d1f47e436 100644 --- a/.github/workflows/graviton-int-test-workflow.yml +++ b/.github/workflows/graviton-int-test-workflow.yml @@ -2,7 +2,7 @@ name: Graviton Integration Test WorkFlow on: push: branches: - - CSPL_2920 + - CSPL_2920_xxxx jobs: build-operator-image-graviton: runs-on: ubuntu-latest @@ -46,7 +46,7 @@ jobs: export BUILDPLATFORM=linux/arm64 export TARGETOS=linux export TARGETARCH=arm64 - docker buildx build --push --platform=linux/arm64,linux/amd64 --build-arg TARGETOSIMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . + docker buildx build --push --platform=linux/arm64,linux/amd64 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . int-tests-graviton: strategy: fail-fast: false diff --git a/Dockerfile.graviton b/Dockerfile.graviton index 3443beaea..f74653097 100644 --- a/Dockerfile.graviton +++ b/Dockerfile.graviton @@ -1,5 +1,5 @@ # Build the manager binary -FROM --platform=${BUILDPLATFORM:-linux/amd64} golang:1.23.0 as builder +FROM golang:1.23.0 as builder ARG TARGETPLATFORM ARG BUILDPLATFORM @@ -27,18 +27,18 @@ RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -a -o manager m # Use distroless as minimal base image to package the manager binary # Refer to https://github.com/GoogleContainerTools/distroless for more details -FROM --platform=${BUILDPLATFORM:-linux/amd64} amazonlinux:2023.6.20241010.0 +FROM public.ecr.aws/amazonlinux/amazonlinux:2023 ENV OPERATOR=/manager \ USER_UID=1001 \ USER_NAME=nonroot -RUN yum -y install shadow-utils -RUN useradd -ms /bin/bash nonroot -u 1001 -RUN yum update -y krb5-libs && yum clean all -RUN yum -y update-minimal --security --sec-severity=Important --sec-severity=Critical -RUN yum -y update-minimal --security --sec-severity=Moderate -RUN yum -y update-minimal --security --sec-severity=Low +RUN yum -y install shadow-utils && \ + useradd -ms /bin/bash nonroot -u 1001 && \ + yum update -y krb5-libs && yum clean all && \ + yum -y update-minimal --security --sec-severity=Important --sec-severity=Critical && \ + yum -y update-minimal --security --sec-severity=Moderate && \ + yum -y update-minimal --security --sec-severity=Low LABEL name="splunk" \ maintainer="support@splunk.com" \ @@ -49,8 +49,8 @@ LABEL name="splunk" \ description="The Splunk Operator for Kubernetes (SOK) makes it easy for Splunk Administrators to deploy and operate Enterprise deployments in a Kubernetes infrastructure. Packaged as a container, it uses the operator pattern to manage Splunk-specific custom resources, following best practices to manage all the underlying Kubernetes objects for you." WORKDIR / -RUN mkdir /licenses -RUN mkdir -p /tools/k8_probes +RUN mkdir /licenses && \ + mkdir -p /tools/k8_probes COPY --from=builder /workspace/manager . COPY tools/EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf /licenses From 8d9dfdb5397fedaabd9033bf460bd37f6977dda6 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 7 Nov 2024 12:44:41 -0600 Subject: [PATCH 30/74] Trigger int and smoke as well --- .../workflows/graviton-int-test-workflow.yml | 2 +- Dockerfile | 18 +++++++++--------- Dockerfile.graviton | 2 +- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/graviton-int-test-workflow.yml b/.github/workflows/graviton-int-test-workflow.yml index d1f47e436..1a186cb72 100644 --- a/.github/workflows/graviton-int-test-workflow.yml +++ b/.github/workflows/graviton-int-test-workflow.yml @@ -2,7 +2,7 @@ name: Graviton Integration Test WorkFlow on: push: branches: - - CSPL_2920_xxxx + - CSPL_2920 jobs: build-operator-image-graviton: runs-on: ubuntu-latest diff --git a/Dockerfile b/Dockerfile index 98557025e..60145de2d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -27,24 +27,24 @@ ENV OPERATOR=/manager \ USER_UID=1001 \ USER_NAME=nonroot -RUN yum -y install shadow-utils -RUN useradd -ms /bin/bash nonroot -u 1001 -RUN yum update -y krb5-libs && yum clean all -RUN yum -y update-minimal --security --sec-severity=Important --sec-severity=Critical -RUN yum -y update-minimal --security --sec-severity=Moderate -RUN yum -y update-minimal --security --sec-severity=Low +RUN yum -y install shadow-utils && \ + useradd -ms /bin/bash nonroot -u 1001 && \ + yum update -y krb5-libs && yum clean all && \ + yum -y update-minimal --security --sec-severity=Important --sec-severity=Critical && \ + yum -y update-minimal --security --sec-severity=Moderate && \ + yum -y update-minimal --security --sec-severity=Low LABEL name="splunk" \ maintainer="support@splunk.com" \ vendor="splunk" \ - version="2.2.1" \ + version="2.6.1" \ release="1" \ summary="Simplify the Deployment & Management of Splunk Products on Kubernetes" \ description="The Splunk Operator for Kubernetes (SOK) makes it easy for Splunk Administrators to deploy and operate Enterprise deployments in a Kubernetes infrastructure. Packaged as a container, it uses the operator pattern to manage Splunk-specific custom resources, following best practices to manage all the underlying Kubernetes objects for you." WORKDIR / -RUN mkdir /licenses -RUN mkdir -p /tools/k8_probes +RUN mkdir /licenses && \ + mkdir -p /tools/k8_probes COPY --from=builder /workspace/manager . COPY tools/EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf /licenses diff --git a/Dockerfile.graviton b/Dockerfile.graviton index f74653097..609a6dc28 100644 --- a/Dockerfile.graviton +++ b/Dockerfile.graviton @@ -43,7 +43,7 @@ RUN yum -y install shadow-utils && \ LABEL name="splunk" \ maintainer="support@splunk.com" \ vendor="splunk" \ - version="2.2.1" \ + version="2.6.1" \ release="1" \ summary="Simplify the Deployment & Management of Splunk Products on Kubernetes" \ description="The Splunk Operator for Kubernetes (SOK) makes it easy for Splunk Administrators to deploy and operate Enterprise deployments in a Kubernetes infrastructure. Packaged as a container, it uses the operator pattern to manage Splunk-specific custom resources, following best practices to manage all the underlying Kubernetes objects for you." From 133bec4906317054eec83a41dad5136939fc144f Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 7 Nov 2024 13:03:40 -0600 Subject: [PATCH 31/74] Pull image fix - int tests --- .github/workflows/build-test-push-workflow.yml | 2 +- .github/workflows/graviton-build-test-push-workflow.yml | 2 +- .github/workflows/graviton-int-test-workflow.yml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-test-push-workflow.yml b/.github/workflows/build-test-push-workflow.yml index 924c55982..22f4e98f7 100644 --- a/.github/workflows/build-test-push-workflow.yml +++ b/.github/workflows/build-test-push-workflow.yml @@ -1,4 +1,4 @@ -name: Build and Test +name: Smoke Test on: push jobs: check-formating: diff --git a/.github/workflows/graviton-build-test-push-workflow.yml b/.github/workflows/graviton-build-test-push-workflow.yml index a9a963862..b64b350ca 100644 --- a/.github/workflows/graviton-build-test-push-workflow.yml +++ b/.github/workflows/graviton-build-test-push-workflow.yml @@ -1,4 +1,4 @@ -name: Graviton Build and Test +name: Graviton Smoke Test on: push: branches: diff --git a/.github/workflows/graviton-int-test-workflow.yml b/.github/workflows/graviton-int-test-workflow.yml index 1a186cb72..23e4aa109 100644 --- a/.github/workflows/graviton-int-test-workflow.yml +++ b/.github/workflows/graviton-int-test-workflow.yml @@ -145,8 +145,6 @@ jobs: - name: Set Splunk Operator image run: | echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV - - name: Pull Splunk Enterprise Image - run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: @@ -156,6 +154,8 @@ jobs: - name: Login to Amazon ECR id: login-ecr uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Enterprise Image + run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} From 11d1d3f9506d9b747c602c5ab9ced88a42088f2f Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 7 Nov 2024 15:40:38 -0600 Subject: [PATCH 32/74] Set graviton to true int tests --- .github/workflows/build-test-push-workflow.yml | 2 +- .github/workflows/graviton-build-test-push-workflow.yml | 2 +- .github/workflows/graviton-int-test-workflow.yml | 1 + 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-test-push-workflow.yml b/.github/workflows/build-test-push-workflow.yml index 22f4e98f7..783067688 100644 --- a/.github/workflows/build-test-push-workflow.yml +++ b/.github/workflows/build-test-push-workflow.yml @@ -1,4 +1,4 @@ -name: Smoke Test +name: Smoke Test Workflow on: push jobs: check-formating: diff --git a/.github/workflows/graviton-build-test-push-workflow.yml b/.github/workflows/graviton-build-test-push-workflow.yml index b64b350ca..c882cc744 100644 --- a/.github/workflows/graviton-build-test-push-workflow.yml +++ b/.github/workflows/graviton-build-test-push-workflow.yml @@ -1,4 +1,4 @@ -name: Graviton Smoke Test +name: Graviton Smoke Test WorkFlow on: push: branches: diff --git a/.github/workflows/graviton-int-test-workflow.yml b/.github/workflows/graviton-int-test-workflow.yml index 23e4aa109..f7a7281ec 100644 --- a/.github/workflows/graviton-int-test-workflow.yml +++ b/.github/workflows/graviton-int-test-workflow.yml @@ -86,6 +86,7 @@ jobs: ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" + GRAVITON: "true" steps: - name: Set Test Cluster Name run: | From 879ed3353f64668917b11b28bd6b822199f54410 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 7 Nov 2024 21:17:01 -0600 Subject: [PATCH 33/74] Re-trigger --- .github/workflows/graviton-build-test-push-workflow.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/graviton-build-test-push-workflow.yml b/.github/workflows/graviton-build-test-push-workflow.yml index c882cc744..d0e51607c 100644 --- a/.github/workflows/graviton-build-test-push-workflow.yml +++ b/.github/workflows/graviton-build-test-push-workflow.yml @@ -3,6 +3,7 @@ on: push: branches: - CSPL_2920 + - CSPL_xxxx jobs: check-formating: runs-on: ubuntu-latest From 991d80e1d1a75197e8015af43e1a466cdba4ae12 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Fri, 8 Nov 2024 09:42:31 -0600 Subject: [PATCH 34/74] Trigger --- .github/workflows/graviton-build-test-push-workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/graviton-build-test-push-workflow.yml b/.github/workflows/graviton-build-test-push-workflow.yml index d0e51607c..d6f5cdbcb 100644 --- a/.github/workflows/graviton-build-test-push-workflow.yml +++ b/.github/workflows/graviton-build-test-push-workflow.yml @@ -3,7 +3,7 @@ on: push: branches: - CSPL_2920 - - CSPL_xxxx + - CSPL_xxx jobs: check-formating: runs-on: ubuntu-latest From f2de2397f611b76dfd464431afd45c66db3915e8 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Fri, 8 Nov 2024 16:25:20 -0600 Subject: [PATCH 35/74] Re-trigger --- .github/workflows/graviton-build-test-push-workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/graviton-build-test-push-workflow.yml b/.github/workflows/graviton-build-test-push-workflow.yml index d6f5cdbcb..6613d22bb 100644 --- a/.github/workflows/graviton-build-test-push-workflow.yml +++ b/.github/workflows/graviton-build-test-push-workflow.yml @@ -3,7 +3,7 @@ on: push: branches: - CSPL_2920 - - CSPL_xxx + - CSPL_xx jobs: check-formating: runs-on: ubuntu-latest From 945e14956d3e209e77cf5c26023783de762e7408 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Tue, 12 Nov 2024 09:58:47 -0600 Subject: [PATCH 36/74] Disable int tests for now. --- .github/workflows/graviton-int-test-workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/graviton-int-test-workflow.yml b/.github/workflows/graviton-int-test-workflow.yml index f7a7281ec..eeec0d4fa 100644 --- a/.github/workflows/graviton-int-test-workflow.yml +++ b/.github/workflows/graviton-int-test-workflow.yml @@ -2,7 +2,7 @@ name: Graviton Integration Test WorkFlow on: push: branches: - - CSPL_2920 + - CSPL_2920_xx jobs: build-operator-image-graviton: runs-on: ubuntu-latest From aa6ec96d9a39101184da55f7a1956025023eb6ce Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Tue, 12 Nov 2024 10:30:08 -0600 Subject: [PATCH 37/74] Avoid vul testing for graviton for now --- .../graviton-build-test-push-workflow.yml | 104 +++++++++--------- 1 file changed, 52 insertions(+), 52 deletions(-) diff --git a/.github/workflows/graviton-build-test-push-workflow.yml b/.github/workflows/graviton-build-test-push-workflow.yml index 6613d22bb..ee608cfd2 100644 --- a/.github/workflows/graviton-build-test-push-workflow.yml +++ b/.github/workflows/graviton-build-test-push-workflow.yml @@ -104,60 +104,60 @@ jobs: env: COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} - vulnerability-scan: - permissions: - actions: read - contents: read - security-events: write - runs-on: ubuntu-latest - needs: build-operator-image-graviton - env: - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} - SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator - ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} - IMAGE_NAME: ${{ secrets.ECR_REPOSITORY }}/splunk/splunk-operator:${{ github.sha }} - steps: - - name: Set up cosign - uses: sigstore/cosign-installer@main - - uses: actions/checkout@v2 - - name: Dotenv Action - id: dotenv - uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2.5.0 - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + # vulnerability-scan: + # permissions: + # actions: read + # contents: read + # security-events: write + # runs-on: ubuntu-latest + # needs: build-operator-image-graviton + # env: + # SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + # SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + # ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + # S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + # IMAGE_NAME: ${{ secrets.ECR_REPOSITORY }}/splunk/splunk-operator:${{ github.sha }} + # steps: + # - name: Set up cosign + # uses: sigstore/cosign-installer@main + # - uses: actions/checkout@v2 + # - name: Dotenv Action + # id: dotenv + # uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + # - name: Set up Docker Buildx + # uses: docker/setup-buildx-action@v2.5.0 + # - name: Configure AWS credentials + # uses: aws-actions/configure-aws-credentials@v1 + # with: + # aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + # aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + # aws-region: ${{ secrets.AWS_DEFAULT_REGION }} - - name: Login to Amazon ECR - uses: aws-actions/amazon-ecr-login@v1 - - name: Pull Splunk Operator Image Locally - run: | - docker pull ${{ env.IMAGE_NAME }} - - name: Verify Signed Splunk Operator image - run: | - cosign verify --key env://COSIGN_PUBLIC_KEY ${{ env.IMAGE_NAME }} - env: - COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }} - - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@master - with: - image-ref: '${{ env.IMAGE_NAME }}' - format: sarif - #exit-code: 1 - severity: 'CRITICAL' - ignore-unfixed: true - output: 'trivy-results.sarif' - - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v3 - with: - sarif_file: 'trivy-results.sarif' + # - name: Login to Amazon ECR + # uses: aws-actions/amazon-ecr-login@v1 + # - name: Pull Splunk Operator Image Locally + # run: | + # docker pull ${{ env.IMAGE_NAME }} + # - name: Verify Signed Splunk Operator image + # run: | + # cosign verify --key env://COSIGN_PUBLIC_KEY ${{ env.IMAGE_NAME }} + # env: + # COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }} + # - name: Run Trivy vulnerability scanner + # uses: aquasecurity/trivy-action@master + # with: + # image-ref: '${{ env.IMAGE_NAME }}' + # format: sarif + # #exit-code: 1 + # severity: 'CRITICAL' + # ignore-unfixed: true + # output: 'trivy-results.sarif' + # - name: Upload Trivy scan results to GitHub Security tab + # uses: github/codeql-action/upload-sarif@v3 + # with: + # sarif_file: 'trivy-results.sarif' smoke-tests-graviton: - needs: vulnerability-scan + #needs: vulnerability-scan strategy: fail-fast: false matrix: From d2d124c7a6b79412168664d4ba076684de67eec9 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 14 Nov 2024 12:14:12 -0600 Subject: [PATCH 38/74] Add support for Ubuntu --- ...aviton-build-test-push-workflow-AL2023.yml | 309 ++++++++++++++++++ ...viton-build-test-push-workflow-Ubuntu.yml} | 3 +- .../graviton-int-test-workflow-AL2023.yml | 211 ++++++++++++ ... => graviton-int-test-workflow-Ubuntu.yml} | 3 +- Dockerfile.graviton | 3 +- Dockerfile.graviton.ubuntu | 64 ++++ 6 files changed, 590 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/graviton-build-test-push-workflow-AL2023.yml rename .github/workflows/{graviton-build-test-push-workflow.yml => graviton-build-test-push-workflow-Ubuntu.yml} (99%) create mode 100644 .github/workflows/graviton-int-test-workflow-AL2023.yml rename .github/workflows/{graviton-int-test-workflow.yml => graviton-int-test-workflow-Ubuntu.yml} (99%) create mode 100644 Dockerfile.graviton.ubuntu diff --git a/.github/workflows/graviton-build-test-push-workflow-AL2023.yml b/.github/workflows/graviton-build-test-push-workflow-AL2023.yml new file mode 100644 index 000000000..03f240411 --- /dev/null +++ b/.github/workflows/graviton-build-test-push-workflow-AL2023.yml @@ -0,0 +1,309 @@ +name: Graviton Smoke Test WorkFlow AL2023 +on: + push: + branches: + - CSPL_2920 + - CSPL_xx +jobs: + check-formating: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Check Source formatting + run: make fmt && if [[ $? -ne 0 ]]; then false; fi + - name: Lint source code + run: make vet && if [[ $? -ne 0 ]]; then false; fi + #unit-tests: + # runs-on: ubuntu-latest + # needs: check-formating + # steps: + # - uses: actions/checkout@v2 + # - name: Dotenv Action + # id: dotenv + # uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + # - name: Setup Go + # uses: actions/setup-go@v2 + # with: + # go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + # - name: Install goveralls + # run: | + # go version + # go install github.com/mattn/goveralls@latest + # - name: Install Ginkgo + # run: | + # make setup/ginkgo + # go mod tidy + # - name: Run Unit Tests + # run: make test + # - name: Run Code Coverage + # run: goveralls -coverprofile=coverage.out -service=circle-ci -repotoken ${{ secrets.COVERALLS_TOKEN }} + # - name: Upload Coverage artifacts + # uses: actions/upload-artifact@v4.4.0 + # with: + # name: coverage.out + # path: coverage.out + build-operator-image-graviton: + runs-on: ubuntu-latest + #needs: unit-tests + env: + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + steps: + - name: Set up cosign + uses: sigstore/cosign-installer@main + + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install Ginkgo + run: | + make setup/ginkgo + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Install Operator SDK + run: | + export ARCH=$(case $(uname -m) in x86_64) echo -n amd64 ;; aarch64) echo -n arm64 ;; *) echo -n $(uname -m) ;; esac) + export OS=$(uname | awk '{print tolower($0)}') + export OPERATOR_SDK_DL_URL=https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }} + sudo curl -LO ${OPERATOR_SDK_DL_URL}/operator-sdk_${OS}_${ARCH} + sudo chmod +x operator-sdk_${OS}_${ARCH} + sudo mv operator-sdk_${OS}_${ARCH} /usr/local/bin/operator-sdk + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Build and push Splunk Operator Image + run: | + export PLATFORMS=linux/arm64 + export BUILDPLATFORM=linux/arm64 + export TARGETOS=linux + export TARGETARCH=arm64 + export BASE_OS=public.ecr.aws/amazonlinux/amazonlinux:2023 + docker buildx build --push --platform=linux/arm64,linux/amd64 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . + - name: Sign Splunk Operator image with a key + run: | + cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} + env: + COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} + COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} + # vulnerability-scan: + # permissions: + # actions: read + # contents: read + # security-events: write + # runs-on: ubuntu-latest + # needs: build-operator-image-graviton + # env: + # SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + # SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + # ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + # S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + # IMAGE_NAME: ${{ secrets.ECR_REPOSITORY }}/splunk/splunk-operator:${{ github.sha }} + # steps: + # - name: Set up cosign + # uses: sigstore/cosign-installer@main + # - uses: actions/checkout@v2 + # - name: Dotenv Action + # id: dotenv + # uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + # - name: Set up Docker Buildx + # uses: docker/setup-buildx-action@v2.5.0 + # - name: Configure AWS credentials + # uses: aws-actions/configure-aws-credentials@v1 + # with: + # aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + # aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + # aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + + # - name: Login to Amazon ECR + # uses: aws-actions/amazon-ecr-login@v1 + # - name: Pull Splunk Operator Image Locally + # run: | + # docker pull ${{ env.IMAGE_NAME }} + # - name: Verify Signed Splunk Operator image + # run: | + # cosign verify --key env://COSIGN_PUBLIC_KEY ${{ env.IMAGE_NAME }} + # env: + # COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }} + # - name: Run Trivy vulnerability scanner + # uses: aquasecurity/trivy-action@master + # with: + # image-ref: '${{ env.IMAGE_NAME }}' + # format: sarif + # #exit-code: 1 + # severity: 'CRITICAL' + # ignore-unfixed: true + # output: 'trivy-results.sarif' + # - name: Upload Trivy scan results to GitHub Security tab + # uses: github/codeql-action/upload-sarif@v3 + # with: + # sarif_file: 'trivy-results.sarif' + smoke-tests-graviton: + #needs: vulnerability-scan + strategy: + fail-fast: false + matrix: + test: [ + basic, + appframeworks1, + managerappframeworkc3, + managerappframeworkm4, + managersecret, + managermc, + ] + runs-on: ubuntu-latest + env: + CLUSTER_NODES: 1 + CLUSTER_WORKERS: 3 + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }} + SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + TEST_FOCUS: "${{ matrix.test }}" + # This regex matches any string not containing smoke keyword + TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" + TEST_CLUSTER_PLATFORM: eks + EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} + EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} + TEST_BUCKET: ${{ secrets.TEST_BUCKET }} + TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} + EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} + CLUSTER_WIDE: "true" + DEPLOYMENT_TYPE: "" + GRAVITON: "true" + steps: + - name: Set Test Cluster Name + run: | + echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV + - name: Chekcout code + uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Change splunk enterprise to release image on main branches + if: github.ref == 'refs/heads/main' + run: | + echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV + - name: Install Kubectl + uses: Azure/setup-kubectl@v3 + with: + version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} + - name: Install Python + uses: actions/setup-python@v2 + - name: Install AWS CLI + run: | + curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" + unzip awscliv2.zip + sudo ./aws/install --update + aws --version + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install Ginkgo + run: | + make setup/ginkgo + - name: Install Helm + run: | + curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 + chmod 700 get_helm.sh + ./get_helm.sh + DESIRED_VERSION=v3.8.2 bash get_helm.sh + - name: Install EKS CTL + run: | + curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp + sudo mv /tmp/eksctl /usr/local/bin + eksctl version + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Install Operator SDK + run: | + sudo curl -L -o /usr/local/bin/operator-sdk https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}/operator-sdk-${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}-x86_64-linux-gnu + sudo chmod +x /usr/local/bin/operator-sdk + - name: Configure Docker Hub credentials + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Set Splunk Operator image + run: | + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Enterprise Image + run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} + - name: Create EKS cluster + run: | + export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + export PLATFORMS=linux/arm64 + export BUILDPLATFORM=linux/arm64 + export TARGETOS=linux + export TARGETARCH=arm64 + export TARGETOSIMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 + export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_GRAVITON }} + make cluster-up + - name: install metric server + run: | + kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml + - name: install k8s dashboard + run: | + kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml + - name: Setup Kustomize + run: | + sudo snap install kustomize + mkdir -p ./bin + cp /snap/bin/kustomize ./bin/kustomize + - name: Run smoke test + id: smoketest + run: | + make int-test + - name: Collect Test Logs + if: ${{ always() }} + run: | + mkdir -p /tmp/pod_logs + find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; + - name: Archive Pod Logs + if: ${{ always() }} + uses: actions/upload-artifact@v4.4.0 + with: + name: "splunk-pods-logs--artifacts-${{ matrix.test }}" + path: "/tmp/pod_logs/**" + - name: Cleanup Test Case artifacts + if: ${{ always() }} + run: | + make cleanup + make clean + - name: Cleanup up EKS cluster + if: ${{ always() }} + run: | + make cluster-down \ No newline at end of file diff --git a/.github/workflows/graviton-build-test-push-workflow.yml b/.github/workflows/graviton-build-test-push-workflow-Ubuntu.yml similarity index 99% rename from .github/workflows/graviton-build-test-push-workflow.yml rename to .github/workflows/graviton-build-test-push-workflow-Ubuntu.yml index ee608cfd2..e48aecbb6 100644 --- a/.github/workflows/graviton-build-test-push-workflow.yml +++ b/.github/workflows/graviton-build-test-push-workflow-Ubuntu.yml @@ -1,4 +1,4 @@ -name: Graviton Smoke Test WorkFlow +name: Graviton Smoke Test WorkFlow Ubuntu on: push: branches: @@ -97,6 +97,7 @@ jobs: export BUILDPLATFORM=linux/arm64 export TARGETOS=linux export TARGETARCH=arm64 + export BASE_OS=ubuntu:24.10 docker buildx build --push --platform=linux/arm64,linux/amd64 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . - name: Sign Splunk Operator image with a key run: | diff --git a/.github/workflows/graviton-int-test-workflow-AL2023.yml b/.github/workflows/graviton-int-test-workflow-AL2023.yml new file mode 100644 index 000000000..cf2c91dd3 --- /dev/null +++ b/.github/workflows/graviton-int-test-workflow-AL2023.yml @@ -0,0 +1,211 @@ +name: Graviton Integration Test WorkFlow AL2023 +on: + push: + branches: + - CSPL_2920_xx +jobs: + build-operator-image-graviton: + runs-on: ubuntu-latest + timeout-minutes: 360 + env: + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + steps: + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Install Operator SDK + run: | + export ARCH=$(case $(uname -m) in x86_64) echo -n amd64 ;; aarch64) echo -n arm64 ;; *) echo -n $(uname -m) ;; esac) + export OS=$(uname | awk '{print tolower($0)}') + export OPERATOR_SDK_DL_URL=https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }} + sudo curl -LO ${OPERATOR_SDK_DL_URL}/operator-sdk_${OS}_${ARCH} + sudo chmod +x operator-sdk_${OS}_${ARCH} + sudo mv operator-sdk_${OS}_${ARCH} /usr/local/bin/operator-sdk + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Build and push Splunk Operator Image + run: | + export PLATFORMS=linux/arm64 + export BUILDPLATFORM=linux/arm64 + export TARGETOS=linux + export TARGETARCH=arm64 + export BASE_OS=public.ecr.aws/amazonlinux/amazonlinux:2023 + docker buildx build --push --platform=linux/arm64,linux/amd64 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . + int-tests-graviton: + strategy: + fail-fast: false + matrix: + test: + [ + appframeworks1, + managerappframeworkc3, + managerappframeworkm4, + managersecret, + managersmartstore, + managermc, + managercrcrud, + licensemanager, + managerdeletecr, + ] + runs-on: ubuntu-latest + needs: build-operator-image-graviton + env: + CLUSTER_NODES: 1 + CLUSTER_WORKERS: 3 + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }} + SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + TEST_FOCUS: "${{ matrix.test }}" + # This regex matches any string not containing integration keyword + TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" + TEST_CLUSTER_PLATFORM: eks + EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} + EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} + TEST_BUCKET: ${{ secrets.TEST_BUCKET }} + TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} + CLUSTER_WIDE: "true" + DEPLOYMENT_TYPE: "" + GRAVITON: "true" + steps: + - name: Set Test Cluster Name + run: | + echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV + - name: Set Test Cluster Nodes and Parallel Runs + run: >- + if grep -q "appframework" <<< "${{ matrix.test }}"; then + echo "CLUSTER_WORKERS=5" >> $GITHUB_ENV + echo "CLUSTER_NODES=2" >> $GITHUB_ENV + fi + - name: Checkcout code + uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Change splunk enterprise to release image on main branches + if: github.ref == 'refs/heads/main' + run: | + echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV + - name: Install Kubectl + uses: Azure/setup-kubectl@v3 + with: + version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} + - name: Install Python + uses: actions/setup-python@v2 + - name: Install AWS CLI + run: | + curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" + unzip awscliv2.zip + sudo ./aws/install --update + aws --version + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install Ginkgo + run: | + make setup/ginkgo + - name: Install Helm + run: | + curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 + chmod 700 get_helm.sh + ./get_helm.sh + DESIRED_VERSION=v3.8.2 bash get_helm.sh + - name: Install EKS CTL + run: | + curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp + sudo mv /tmp/eksctl /usr/local/bin + eksctl version + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Configure Docker Hub credentials + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Set Splunk Operator image + run: | + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Enterprise Image + run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} + - name: Create EKS cluster + run: | + export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + export PLATFORMS=linux/arm64 + export BUILDPLATFORM=linux/arm64 + export TARGETOS=linux + export TARGETARCH=arm64 + export TARGETOSIMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 + export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_GRAVITON }} + make cluster-up + - name: install metric server + run: | + kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml + - name: install k8s dashboard + run: | + kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml + - name: Setup Kustomize + run: | + sudo snap install kustomize + mkdir -p ./bin + cp /snap/bin/kustomize ./bin/kustomize + - name: Run Integration test + run: | + make int-test + - name: Collect Test Logs + if: ${{ always() }} + run: | + mkdir -p /tmp/pod_logs + find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; + - name: Archive Pod Logs + if: ${{ always() }} + uses: actions/upload-artifact@v4.4.0 + with: + name: "splunk-pods-logs--artifacts-${{ matrix.test }}" + path: "/tmp/pod_logs/**" + - name: Cleanup Test Case artifacts + if: ${{ always() }} + run: | + make cleanup + make clean + - name: Cleanup up EKS cluster + if: ${{ always() }} + run: | + make cluster-down + #- name: Test Report + # uses: dorny/test-reporter@v1 + # if: success() || failure() # run this step even if previous step failed + # with: + # name: Integration Tests # Name of the check run which will be created + # path: inttest-*.xml # Path to test results + # reporter: jest-junit # Format of test results \ No newline at end of file diff --git a/.github/workflows/graviton-int-test-workflow.yml b/.github/workflows/graviton-int-test-workflow-Ubuntu.yml similarity index 99% rename from .github/workflows/graviton-int-test-workflow.yml rename to .github/workflows/graviton-int-test-workflow-Ubuntu.yml index eeec0d4fa..380d768bc 100644 --- a/.github/workflows/graviton-int-test-workflow.yml +++ b/.github/workflows/graviton-int-test-workflow-Ubuntu.yml @@ -1,4 +1,4 @@ -name: Graviton Integration Test WorkFlow +name: Graviton Integration Test WorkFlow Ubuntu on: push: branches: @@ -46,6 +46,7 @@ jobs: export BUILDPLATFORM=linux/arm64 export TARGETOS=linux export TARGETARCH=arm64 + export BASE_OS=ubuntu:24.10 docker buildx build --push --platform=linux/arm64,linux/amd64 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . int-tests-graviton: strategy: diff --git a/Dockerfile.graviton b/Dockerfile.graviton index 609a6dc28..8f08542be 100644 --- a/Dockerfile.graviton +++ b/Dockerfile.graviton @@ -5,6 +5,7 @@ ARG TARGETPLATFORM ARG BUILDPLATFORM ARG TARGETOS ARG TARGETARCH +ARG BASE_OS WORKDIR /workspace # Copy the Go Modules manifests @@ -27,7 +28,7 @@ RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -a -o manager m # Use distroless as minimal base image to package the manager binary # Refer to https://github.com/GoogleContainerTools/distroless for more details -FROM public.ecr.aws/amazonlinux/amazonlinux:2023 +FROM {BASE_OS} ENV OPERATOR=/manager \ USER_UID=1001 \ diff --git a/Dockerfile.graviton.ubuntu b/Dockerfile.graviton.ubuntu new file mode 100644 index 000000000..0e1b92859 --- /dev/null +++ b/Dockerfile.graviton.ubuntu @@ -0,0 +1,64 @@ +# Build the manager binary +FROM golang:1.23.0 as builder + +ARG TARGETPLATFORM +ARG BUILDPLATFORM +ARG TARGETOS +ARG TARGETARCH + +WORKDIR /workspace +# Copy the Go Modules manifests +COPY go.mod go.mod +COPY go.sum go.sum +# cache deps before building and copying source so that we don't need to re-download as much +# and so that source changes don't invalidate our downloaded layer +RUN go mod download + +# Copy the go source +COPY main.go main.go +COPY api/ api/ +COPY controllers/ controllers/ +COPY pkg/ pkg/ +COPY tools/ tools/ +COPY hack hack/ + +# Build +RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -a -o manager main.go + +# Use distroless as minimal base image to package the manager binary +# Refer to https://github.com/GoogleContainerTools/distroless for more details +FROM ubuntu:24.10 + +ENV OPERATOR=/manager \ + USER_UID=1001 \ + USER_NAME=nonroot + +RUN yum -y install shadow-utils && \ + useradd -ms /bin/bash nonroot -u 1001 && \ + yum update -y krb5-libs && yum clean all && \ + yum -y update-minimal --security --sec-severity=Important --sec-severity=Critical && \ + yum -y update-minimal --security --sec-severity=Moderate && \ + yum -y update-minimal --security --sec-severity=Low + +LABEL name="splunk" \ + maintainer="support@splunk.com" \ + vendor="splunk" \ + version="2.6.1" \ + release="1" \ + summary="Simplify the Deployment & Management of Splunk Products on Kubernetes" \ + description="The Splunk Operator for Kubernetes (SOK) makes it easy for Splunk Administrators to deploy and operate Enterprise deployments in a Kubernetes infrastructure. Packaged as a container, it uses the operator pattern to manage Splunk-specific custom resources, following best practices to manage all the underlying Kubernetes objects for you." + +WORKDIR / +RUN mkdir /licenses && \ + mkdir -p /tools/k8_probes + +COPY --from=builder /workspace/manager . +COPY tools/EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf /licenses +COPY LICENSE /licenses/LICENSE-2.0.txt +COPY tools/k8_probes/livenessProbe.sh /tools/k8_probes/ +COPY tools/k8_probes/readinessProbe.sh /tools/k8_probes/ +COPY tools/k8_probes/startupProbe.sh /tools/k8_probes/ + +USER 1001 + +ENTRYPOINT ["/manager"] From b570cc7e4f33ec34b5b7ca4fea3d336c647cee5a Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 14 Nov 2024 12:24:07 -0600 Subject: [PATCH 39/74] Pass as build arg --- .../workflows/graviton-build-test-push-workflow-AL2023.yml | 4 ++-- .../workflows/graviton-build-test-push-workflow-Ubuntu.yml | 4 ++-- .github/workflows/graviton-int-test-workflow-AL2023.yml | 3 +-- .github/workflows/graviton-int-test-workflow-Ubuntu.yml | 2 +- 4 files changed, 6 insertions(+), 7 deletions(-) diff --git a/.github/workflows/graviton-build-test-push-workflow-AL2023.yml b/.github/workflows/graviton-build-test-push-workflow-AL2023.yml index 03f240411..d601068f2 100644 --- a/.github/workflows/graviton-build-test-push-workflow-AL2023.yml +++ b/.github/workflows/graviton-build-test-push-workflow-AL2023.yml @@ -97,8 +97,7 @@ jobs: export BUILDPLATFORM=linux/arm64 export TARGETOS=linux export TARGETARCH=arm64 - export BASE_OS=public.ecr.aws/amazonlinux/amazonlinux:2023 - docker buildx build --push --platform=linux/arm64,linux/amd64 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . + docker buildx build --push --platform=linux/arm64,linux/amd64 --build-arg BASE_OS=public.ecr.aws/amazonlinux/amazonlinux:2023 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . - name: Sign Splunk Operator image with a key run: | cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} @@ -159,6 +158,7 @@ jobs: # sarif_file: 'trivy-results.sarif' smoke-tests-graviton: #needs: vulnerability-scan + needs: build-operator-image-graviton strategy: fail-fast: false matrix: diff --git a/.github/workflows/graviton-build-test-push-workflow-Ubuntu.yml b/.github/workflows/graviton-build-test-push-workflow-Ubuntu.yml index e48aecbb6..0db043002 100644 --- a/.github/workflows/graviton-build-test-push-workflow-Ubuntu.yml +++ b/.github/workflows/graviton-build-test-push-workflow-Ubuntu.yml @@ -97,8 +97,7 @@ jobs: export BUILDPLATFORM=linux/arm64 export TARGETOS=linux export TARGETARCH=arm64 - export BASE_OS=ubuntu:24.10 - docker buildx build --push --platform=linux/arm64,linux/amd64 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . + docker buildx build --push --platform=linux/arm64,linux/amd64 --build-arg BASE_OS=ubuntu:24.10 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . - name: Sign Splunk Operator image with a key run: | cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} @@ -159,6 +158,7 @@ jobs: # sarif_file: 'trivy-results.sarif' smoke-tests-graviton: #needs: vulnerability-scan + needs: build-operator-image-graviton strategy: fail-fast: false matrix: diff --git a/.github/workflows/graviton-int-test-workflow-AL2023.yml b/.github/workflows/graviton-int-test-workflow-AL2023.yml index cf2c91dd3..09116a31c 100644 --- a/.github/workflows/graviton-int-test-workflow-AL2023.yml +++ b/.github/workflows/graviton-int-test-workflow-AL2023.yml @@ -46,8 +46,7 @@ jobs: export BUILDPLATFORM=linux/arm64 export TARGETOS=linux export TARGETARCH=arm64 - export BASE_OS=public.ecr.aws/amazonlinux/amazonlinux:2023 - docker buildx build --push --platform=linux/arm64,linux/amd64 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . + docker buildx build --push --platform=linux/arm64,linux/amd64 --build-arg BASE_OS=public.ecr.aws/amazonlinux/amazonlinux:2023 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . int-tests-graviton: strategy: fail-fast: false diff --git a/.github/workflows/graviton-int-test-workflow-Ubuntu.yml b/.github/workflows/graviton-int-test-workflow-Ubuntu.yml index 380d768bc..e8702aa7d 100644 --- a/.github/workflows/graviton-int-test-workflow-Ubuntu.yml +++ b/.github/workflows/graviton-int-test-workflow-Ubuntu.yml @@ -47,7 +47,7 @@ jobs: export TARGETOS=linux export TARGETARCH=arm64 export BASE_OS=ubuntu:24.10 - docker buildx build --push --platform=linux/arm64,linux/amd64 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . + docker buildx build --push --platform=linux/arm64,linux/amd64 --build-arg BASE_OS=ubuntu:24.10 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . int-tests-graviton: strategy: fail-fast: false From 87fd60c8a75638b9c465493b51e2e08705407ddc Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 14 Nov 2024 12:38:46 -0600 Subject: [PATCH 40/74] Echo BASE_OS --- Dockerfile.graviton | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Dockerfile.graviton b/Dockerfile.graviton index 8f08542be..f7b76255f 100644 --- a/Dockerfile.graviton +++ b/Dockerfile.graviton @@ -8,6 +8,9 @@ ARG TARGETARCH ARG BASE_OS WORKDIR /workspace + +RUN echo "BASE_OS is set to ${BASE_OS}" + # Copy the Go Modules manifests COPY go.mod go.mod COPY go.sum go.sum From e56a203a8b2862113e64382469d8bb6b8c03906c Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 14 Nov 2024 17:41:19 -0600 Subject: [PATCH 41/74] Address review comments --- .env | 2 +- ...L2023-build-test-push-workflow-AL2023.yml} | 31 ++++----- ...3.yml => arm-AL2023-int-test-workflow.yml} | 29 ++++---- ...> arm-Ubuntu-build-test-push-workflow.yml} | 31 ++++----- ...u.yml => arm-Ubuntu-int-test-workflow.yml} | 30 ++++---- Dockerfile | 28 +++++--- Dockerfile.graviton | 68 ------------------- Dockerfile.graviton.ubuntu | 64 ----------------- Makefile | 25 ++++--- go.mod | 20 +++--- go.sum | 20 ++++++ test/run-tests.sh | 8 +-- 12 files changed, 117 insertions(+), 239 deletions(-) rename .github/workflows/{graviton-build-test-push-workflow-Ubuntu.yml => arm-AL2023-build-test-push-workflow-AL2023.yml} (93%) rename .github/workflows/{graviton-int-test-workflow-AL2023.yml => arm-AL2023-int-test-workflow.yml} (90%) rename .github/workflows/{graviton-build-test-push-workflow-AL2023.yml => arm-Ubuntu-build-test-push-workflow.yml} (93%) rename .github/workflows/{graviton-int-test-workflow-Ubuntu.yml => arm-Ubuntu-int-test-workflow.yml} (90%) delete mode 100644 Dockerfile.graviton delete mode 100644 Dockerfile.graviton.ubuntu diff --git a/.env b/.env index 2484988b6..6c66a6c51 100644 --- a/.env +++ b/.env @@ -8,4 +8,4 @@ EKSCTL_VERSION=v0.191.0 EKS_CLUSTER_K8_VERSION=1.31 SPLUNK_ENTERPRISE_RELEASE_IMAGE=splunk/splunk:9.3.0 EKS_INSTANCE_TYPE=m5.2xlarge -EKS_INSTANCE_TYPE_GRAVITON=c6g.4xlarge \ No newline at end of file +EKS_INSTANCE_TYPE_ARM64=c6g.4xlarge \ No newline at end of file diff --git a/.github/workflows/graviton-build-test-push-workflow-Ubuntu.yml b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml similarity index 93% rename from .github/workflows/graviton-build-test-push-workflow-Ubuntu.yml rename to .github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml index 0db043002..5e337a0cd 100644 --- a/.github/workflows/graviton-build-test-push-workflow-Ubuntu.yml +++ b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml @@ -1,4 +1,4 @@ -name: Graviton Smoke Test WorkFlow Ubuntu +name: Arm AL2023 Smoke Test WorkFlow on: push: branches: @@ -49,7 +49,7 @@ jobs: # with: # name: coverage.out # path: coverage.out - build-operator-image-graviton: + build-operator-image-arm-al2023: runs-on: ubuntu-latest #needs: unit-tests env: @@ -94,10 +94,10 @@ jobs: - name: Build and push Splunk Operator Image run: | export PLATFORMS=linux/arm64 - export BUILDPLATFORM=linux/arm64 - export TARGETOS=linux - export TARGETARCH=arm64 - docker buildx build --push --platform=linux/arm64,linux/amd64 --build-arg BASE_OS=ubuntu:24.10 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . + export BASE_OS=public.ecr.aws/amazonlinux/amazonlinux + export BASE_OS_VERSION=2023 + export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx PLATFORMS=$PLATFORMS BASE_OS=$BASE_OS BASE_OS_VERSION=$BASE_OS_VERSION IMG=$IMG - name: Sign Splunk Operator image with a key run: | cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} @@ -110,7 +110,7 @@ jobs: # contents: read # security-events: write # runs-on: ubuntu-latest - # needs: build-operator-image-graviton + # needs: build-operator-image-arm-al2023 # env: # SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} # SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator @@ -156,9 +156,9 @@ jobs: # uses: github/codeql-action/upload-sarif@v3 # with: # sarif_file: 'trivy-results.sarif' - smoke-tests-graviton: + smoke-tests-arm-al2023: #needs: vulnerability-scan - needs: build-operator-image-graviton + needs: build-operator-image-arm-al2023 strategy: fail-fast: false matrix: @@ -174,8 +174,8 @@ jobs: env: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }} + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator TEST_FOCUS: "${{ matrix.test }}" @@ -193,7 +193,7 @@ jobs: EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" - GRAVITON: "true" + ARM64: "true" steps: - name: Set Test Cluster Name run: | @@ -265,12 +265,7 @@ jobs: - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} - export PLATFORMS=linux/arm64 - export BUILDPLATFORM=linux/arm64 - export TARGETOS=linux - export TARGETARCH=arm64 - export TARGETOSIMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 - export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_GRAVITON }} + export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }} make cluster-up - name: install metric server run: | diff --git a/.github/workflows/graviton-int-test-workflow-AL2023.yml b/.github/workflows/arm-AL2023-int-test-workflow.yml similarity index 90% rename from .github/workflows/graviton-int-test-workflow-AL2023.yml rename to .github/workflows/arm-AL2023-int-test-workflow.yml index 09116a31c..7c3479313 100644 --- a/.github/workflows/graviton-int-test-workflow-AL2023.yml +++ b/.github/workflows/arm-AL2023-int-test-workflow.yml @@ -1,10 +1,10 @@ -name: Graviton Integration Test WorkFlow AL2023 +name: Arm AL2023 Integration Test WorkFlow on: push: branches: - CSPL_2920_xx jobs: - build-operator-image-graviton: + build-operator-image-arm-al2023: runs-on: ubuntu-latest timeout-minutes: 360 env: @@ -43,11 +43,11 @@ jobs: - name: Build and push Splunk Operator Image run: | export PLATFORMS=linux/arm64 - export BUILDPLATFORM=linux/arm64 - export TARGETOS=linux - export TARGETARCH=arm64 - docker buildx build --push --platform=linux/arm64,linux/amd64 --build-arg BASE_OS=public.ecr.aws/amazonlinux/amazonlinux:2023 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . - int-tests-graviton: + export BASE_OS=public.ecr.aws/amazonlinux/amazonlinux + export BASE_OS_VERSION=2023 + export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx PLATFORMS=$PLATFORMS BASE_OS=$BASE_OS BASE_OS_VERSION=$BASE_OS_VERSION IMG=$IMG + int-tests-arm-al2023: strategy: fail-fast: false matrix: @@ -64,12 +64,12 @@ jobs: managerdeletecr, ] runs-on: ubuntu-latest - needs: build-operator-image-graviton + needs: build-operator-image-arm-al2023 env: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }} + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator TEST_FOCUS: "${{ matrix.test }}" @@ -86,7 +86,7 @@ jobs: ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" - GRAVITON: "true" + ARM64: "true" steps: - name: Set Test Cluster Name run: | @@ -160,12 +160,7 @@ jobs: - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} - export PLATFORMS=linux/arm64 - export BUILDPLATFORM=linux/arm64 - export TARGETOS=linux - export TARGETARCH=arm64 - export TARGETOSIMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 - export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_GRAVITON }} + export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }} make cluster-up - name: install metric server run: | diff --git a/.github/workflows/graviton-build-test-push-workflow-AL2023.yml b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml similarity index 93% rename from .github/workflows/graviton-build-test-push-workflow-AL2023.yml rename to .github/workflows/arm-Ubuntu-build-test-push-workflow.yml index d601068f2..4d7d7d2c7 100644 --- a/.github/workflows/graviton-build-test-push-workflow-AL2023.yml +++ b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml @@ -1,4 +1,4 @@ -name: Graviton Smoke Test WorkFlow AL2023 +name: Arm Ubuntu Smoke Test WorkFlow on: push: branches: @@ -49,7 +49,7 @@ jobs: # with: # name: coverage.out # path: coverage.out - build-operator-image-graviton: + build-operator-image-arm-ubuntu: runs-on: ubuntu-latest #needs: unit-tests env: @@ -94,10 +94,10 @@ jobs: - name: Build and push Splunk Operator Image run: | export PLATFORMS=linux/arm64 - export BUILDPLATFORM=linux/arm64 - export TARGETOS=linux - export TARGETARCH=arm64 - docker buildx build --push --platform=linux/arm64,linux/amd64 --build-arg BASE_OS=public.ecr.aws/amazonlinux/amazonlinux:2023 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . + export BASE_OS=ubuntu + export BASE_OS_VERSION=24.10 + export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx PLATFORMS=$PLATFORMS BASE_OS=$BASE_OS BASE_OS_VERSION=$BASE_OS_VERSION IMG=$IMG - name: Sign Splunk Operator image with a key run: | cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} @@ -110,7 +110,7 @@ jobs: # contents: read # security-events: write # runs-on: ubuntu-latest - # needs: build-operator-image-graviton + # needs: build-operator-image-arm-ubuntu # env: # SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} # SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator @@ -156,9 +156,9 @@ jobs: # uses: github/codeql-action/upload-sarif@v3 # with: # sarif_file: 'trivy-results.sarif' - smoke-tests-graviton: + smoke-tests-arm-ubuntu: #needs: vulnerability-scan - needs: build-operator-image-graviton + needs: build-operator-image-arm-ubuntu strategy: fail-fast: false matrix: @@ -174,8 +174,8 @@ jobs: env: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }} + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator TEST_FOCUS: "${{ matrix.test }}" @@ -193,7 +193,7 @@ jobs: EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" - GRAVITON: "true" + ARM64: "true" steps: - name: Set Test Cluster Name run: | @@ -265,12 +265,7 @@ jobs: - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} - export PLATFORMS=linux/arm64 - export BUILDPLATFORM=linux/arm64 - export TARGETOS=linux - export TARGETARCH=arm64 - export TARGETOSIMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 - export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_GRAVITON }} + export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }} make cluster-up - name: install metric server run: | diff --git a/.github/workflows/graviton-int-test-workflow-Ubuntu.yml b/.github/workflows/arm-Ubuntu-int-test-workflow.yml similarity index 90% rename from .github/workflows/graviton-int-test-workflow-Ubuntu.yml rename to .github/workflows/arm-Ubuntu-int-test-workflow.yml index e8702aa7d..e0dd03a78 100644 --- a/.github/workflows/graviton-int-test-workflow-Ubuntu.yml +++ b/.github/workflows/arm-Ubuntu-int-test-workflow.yml @@ -1,10 +1,10 @@ -name: Graviton Integration Test WorkFlow Ubuntu +name: Arm Ubuntu Integration Test WorkFlow Ubuntu on: push: branches: - CSPL_2920_xx jobs: - build-operator-image-graviton: + build-operator-image-arm-ubuntu: runs-on: ubuntu-latest timeout-minutes: 360 env: @@ -43,12 +43,11 @@ jobs: - name: Build and push Splunk Operator Image run: | export PLATFORMS=linux/arm64 - export BUILDPLATFORM=linux/arm64 - export TARGETOS=linux - export TARGETARCH=arm64 - export BASE_OS=ubuntu:24.10 - docker buildx build --push --platform=linux/arm64,linux/amd64 --build-arg BASE_OS=ubuntu:24.10 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton . - int-tests-graviton: + export BASE_OS=ubuntu + export BASE_OS_VERSION=24.10 + export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx PLATFORMS=$PLATFORMS BASE_OS=$BASE_OS BASE_OS_VERSION=$BASE_OS_VERSION IMG=$IMG + int-tests-arm-ubuntu: strategy: fail-fast: false matrix: @@ -65,12 +64,12 @@ jobs: managerdeletecr, ] runs-on: ubuntu-latest - needs: build-operator-image-graviton + needs: build-operator-image-arm-ubuntu env: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }} + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator TEST_FOCUS: "${{ matrix.test }}" @@ -87,7 +86,7 @@ jobs: ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" - GRAVITON: "true" + ARM64: "true" steps: - name: Set Test Cluster Name run: | @@ -161,12 +160,7 @@ jobs: - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} - export PLATFORMS=linux/arm64 - export BUILDPLATFORM=linux/arm64 - export TARGETOS=linux - export TARGETARCH=arm64 - export TARGETOSIMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014 - export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_GRAVITON }} + export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }} make cluster-up - name: install metric server run: | diff --git a/Dockerfile b/Dockerfile index 60145de2d..3eb5f4d81 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,17 @@ +# Setup defaults for build arguments +ARG PLATFORMS ?= linux/amd64 +ARG BASE_OS ?= registry.access.redhat.com/ubi8/ubi +ARG BASE_OS_VERSION ?= 8.10 + # Build the manager binary -FROM golang:1.23.0 AS builder +FROM golang:1.23.0 as builder WORKDIR /workspace + # Copy the Go Modules manifests COPY go.mod go.mod COPY go.sum go.sum -# cache deps before building and copying source so that we don't need to re-download as much -# and so that source changes don't invalidate our downloaded layer +# Cache dependencies before building and copying source to reduce re-downloading RUN go mod download # Copy the go source @@ -18,15 +23,17 @@ COPY tools/ tools/ COPY hack hack/ # Build -RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o manager main.go +# TARGETOS and TARGETARCH are provided(inferred) by buildx via the --platforms flag +RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -a -o manager main.go + +# Use BASE_OS as the base image +FROM ${BASE_OS}:{BASE_OS_VERSION} -# Use distroless as minimal base image to package the manager binary -# Refer to https://github.com/GoogleContainerTools/distroless for more details -FROM registry.access.redhat.com/ubi8/ubi:8.10 ENV OPERATOR=/manager \ USER_UID=1001 \ USER_NAME=nonroot +# Install necessary packages and configure user RUN yum -y install shadow-utils && \ useradd -ms /bin/bash nonroot -u 1001 && \ yum update -y krb5-libs && yum clean all && \ @@ -34,6 +41,7 @@ RUN yum -y install shadow-utils && \ yum -y update-minimal --security --sec-severity=Moderate && \ yum -y update-minimal --security --sec-severity=Low +# Metadata LABEL name="splunk" \ maintainer="support@splunk.com" \ vendor="splunk" \ @@ -42,10 +50,12 @@ LABEL name="splunk" \ summary="Simplify the Deployment & Management of Splunk Products on Kubernetes" \ description="The Splunk Operator for Kubernetes (SOK) makes it easy for Splunk Administrators to deploy and operate Enterprise deployments in a Kubernetes infrastructure. Packaged as a container, it uses the operator pattern to manage Splunk-specific custom resources, following best practices to manage all the underlying Kubernetes objects for you." +# Set up workspace WORKDIR / RUN mkdir /licenses && \ mkdir -p /tools/k8_probes +# Copy necessary files from the builder stage and other resources COPY --from=builder /workspace/manager . COPY tools/EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf /licenses COPY LICENSE /licenses/LICENSE-2.0.txt @@ -53,6 +63,8 @@ COPY tools/k8_probes/livenessProbe.sh /tools/k8_probes/ COPY tools/k8_probes/readinessProbe.sh /tools/k8_probes/ COPY tools/k8_probes/startupProbe.sh /tools/k8_probes/ +# Set the user USER 1001 -ENTRYPOINT ["/manager"] +# Start the manager +ENTRYPOINT ["/manager"] \ No newline at end of file diff --git a/Dockerfile.graviton b/Dockerfile.graviton deleted file mode 100644 index f7b76255f..000000000 --- a/Dockerfile.graviton +++ /dev/null @@ -1,68 +0,0 @@ -# Build the manager binary -FROM golang:1.23.0 as builder - -ARG TARGETPLATFORM -ARG BUILDPLATFORM -ARG TARGETOS -ARG TARGETARCH -ARG BASE_OS - -WORKDIR /workspace - -RUN echo "BASE_OS is set to ${BASE_OS}" - -# Copy the Go Modules manifests -COPY go.mod go.mod -COPY go.sum go.sum -# cache deps before building and copying source so that we don't need to re-download as much -# and so that source changes don't invalidate our downloaded layer -RUN go mod download - -# Copy the go source -COPY main.go main.go -COPY api/ api/ -COPY controllers/ controllers/ -COPY pkg/ pkg/ -COPY tools/ tools/ -COPY hack hack/ - -# Build -RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -a -o manager main.go - -# Use distroless as minimal base image to package the manager binary -# Refer to https://github.com/GoogleContainerTools/distroless for more details -FROM {BASE_OS} - -ENV OPERATOR=/manager \ - USER_UID=1001 \ - USER_NAME=nonroot - -RUN yum -y install shadow-utils && \ - useradd -ms /bin/bash nonroot -u 1001 && \ - yum update -y krb5-libs && yum clean all && \ - yum -y update-minimal --security --sec-severity=Important --sec-severity=Critical && \ - yum -y update-minimal --security --sec-severity=Moderate && \ - yum -y update-minimal --security --sec-severity=Low - -LABEL name="splunk" \ - maintainer="support@splunk.com" \ - vendor="splunk" \ - version="2.6.1" \ - release="1" \ - summary="Simplify the Deployment & Management of Splunk Products on Kubernetes" \ - description="The Splunk Operator for Kubernetes (SOK) makes it easy for Splunk Administrators to deploy and operate Enterprise deployments in a Kubernetes infrastructure. Packaged as a container, it uses the operator pattern to manage Splunk-specific custom resources, following best practices to manage all the underlying Kubernetes objects for you." - -WORKDIR / -RUN mkdir /licenses && \ - mkdir -p /tools/k8_probes - -COPY --from=builder /workspace/manager . -COPY tools/EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf /licenses -COPY LICENSE /licenses/LICENSE-2.0.txt -COPY tools/k8_probes/livenessProbe.sh /tools/k8_probes/ -COPY tools/k8_probes/readinessProbe.sh /tools/k8_probes/ -COPY tools/k8_probes/startupProbe.sh /tools/k8_probes/ - -USER 1001 - -ENTRYPOINT ["/manager"] diff --git a/Dockerfile.graviton.ubuntu b/Dockerfile.graviton.ubuntu deleted file mode 100644 index 0e1b92859..000000000 --- a/Dockerfile.graviton.ubuntu +++ /dev/null @@ -1,64 +0,0 @@ -# Build the manager binary -FROM golang:1.23.0 as builder - -ARG TARGETPLATFORM -ARG BUILDPLATFORM -ARG TARGETOS -ARG TARGETARCH - -WORKDIR /workspace -# Copy the Go Modules manifests -COPY go.mod go.mod -COPY go.sum go.sum -# cache deps before building and copying source so that we don't need to re-download as much -# and so that source changes don't invalidate our downloaded layer -RUN go mod download - -# Copy the go source -COPY main.go main.go -COPY api/ api/ -COPY controllers/ controllers/ -COPY pkg/ pkg/ -COPY tools/ tools/ -COPY hack hack/ - -# Build -RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -a -o manager main.go - -# Use distroless as minimal base image to package the manager binary -# Refer to https://github.com/GoogleContainerTools/distroless for more details -FROM ubuntu:24.10 - -ENV OPERATOR=/manager \ - USER_UID=1001 \ - USER_NAME=nonroot - -RUN yum -y install shadow-utils && \ - useradd -ms /bin/bash nonroot -u 1001 && \ - yum update -y krb5-libs && yum clean all && \ - yum -y update-minimal --security --sec-severity=Important --sec-severity=Critical && \ - yum -y update-minimal --security --sec-severity=Moderate && \ - yum -y update-minimal --security --sec-severity=Low - -LABEL name="splunk" \ - maintainer="support@splunk.com" \ - vendor="splunk" \ - version="2.6.1" \ - release="1" \ - summary="Simplify the Deployment & Management of Splunk Products on Kubernetes" \ - description="The Splunk Operator for Kubernetes (SOK) makes it easy for Splunk Administrators to deploy and operate Enterprise deployments in a Kubernetes infrastructure. Packaged as a container, it uses the operator pattern to manage Splunk-specific custom resources, following best practices to manage all the underlying Kubernetes objects for you." - -WORKDIR / -RUN mkdir /licenses && \ - mkdir -p /tools/k8_probes - -COPY --from=builder /workspace/manager . -COPY tools/EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf /licenses -COPY LICENSE /licenses/LICENSE-2.0.txt -COPY tools/k8_probes/livenessProbe.sh /tools/k8_probes/ -COPY tools/k8_probes/readinessProbe.sh /tools/k8_probes/ -COPY tools/k8_probes/startupProbe.sh /tools/k8_probes/ - -USER 1001 - -ENTRYPOINT ["/manager"] diff --git a/Makefile b/Makefile index f1da25e71..e5d6de230 100644 --- a/Makefile +++ b/Makefile @@ -143,19 +143,18 @@ docker-build: test ## Build docker image with the manager. docker-push: ## Push docker image with the manager. docker push ${IMG} -# PLATFORMS defines the target platforms for the manager image be build to provide support to multiple -# architectures. (i.e. make docker-buildx IMG=myregistry/mypoperator:0.0.1). To use this option you need to: -# - able to use docker buildx . More info: https://docs.docker.com/build/buildx/ -# - have enable BuildKit, More info: https://docs.docker.com/develop/develop-images/build_enhancements/ -# - be able to push the image for your registry (i.e. if you do not inform a valid value via IMG=> than the export will fail) -# To properly provided solutions that supports more than one platform you should use this option. -PLATFORMS ?= linux/arm64,linux/amd64,linux/s390x,linux/ppc64le -.PHONY: docker-buildx -docker-buildx: test ## Build and push docker image for the manager for cross-platform support - - docker buildx create --name project-v3-builder - docker buildx use project-v3-builder - - docker buildx build --push --platform=$(PLATFORMS) --tag ${IMG} . - - docker buildx rm project-v3-builder +# Docker-buildx is used to build the image for multiple OS/platforms +# IMG is a mandatory argument to specify the image name +# Defaults: +# Build Platform: linux/amd64 +# Build Base OS: registry.access.redhat.com/ubi8/ubi +# Build Base OS Version: 8.10 +# Pass only what is required, the rest will be defaulted +docker-buildx: + docker buildx build --push --platform=${PLATFORMS} \ + --build-arg BASE_OS=${BASE_OS} \ + --build-arg BASE_OS_VERSION=${BASE_OS_VERSION} \ + --tag ${IMG} -f Dockerfile . ##@ Deployment diff --git a/go.mod b/go.mod index 2244dbe73..641eeb05b 100644 --- a/go.mod +++ b/go.mod @@ -8,8 +8,8 @@ require ( github.com/google/go-cmp v0.6.0 github.com/joho/godotenv v1.5.1 github.com/minio/minio-go/v7 v7.0.16 - github.com/onsi/ginkgo/v2 v2.20.2 - github.com/onsi/gomega v1.34.2 + github.com/onsi/ginkgo/v2 v2.21.0 + github.com/onsi/gomega v1.35.1 github.com/pkg/errors v0.9.1 github.com/prometheus/client_golang v1.14.0 github.com/stretchr/testify v1.8.4 @@ -44,7 +44,7 @@ require ( github.com/golang/protobuf v1.5.3 // indirect github.com/google/gnostic v0.5.7-v3refs // indirect github.com/google/gofuzz v1.1.0 // indirect - github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5 // indirect + github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db // indirect github.com/google/uuid v1.3.0 // indirect github.com/imdario/mergo v0.3.12 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect @@ -70,17 +70,17 @@ require ( github.com/spf13/pflag v1.0.5 // indirect go.uber.org/atomic v1.7.0 // indirect go.uber.org/multierr v1.6.0 // indirect - golang.org/x/crypto v0.26.0 // indirect - golang.org/x/net v0.28.0 // indirect + golang.org/x/crypto v0.28.0 // indirect + golang.org/x/net v0.30.0 // indirect golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b // indirect - golang.org/x/sys v0.24.0 // indirect - golang.org/x/term v0.23.0 // indirect - golang.org/x/text v0.17.0 // indirect + golang.org/x/sys v0.26.0 // indirect + golang.org/x/term v0.25.0 // indirect + golang.org/x/text v0.19.0 // indirect golang.org/x/time v0.3.0 // indirect - golang.org/x/tools v0.24.0 // indirect + golang.org/x/tools v0.26.0 // indirect gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/protobuf v1.34.1 // indirect + google.golang.org/protobuf v1.35.1 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.66.4 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect diff --git a/go.sum b/go.sum index c7931936e..a6732a725 100644 --- a/go.sum +++ b/go.sum @@ -174,6 +174,8 @@ github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hf github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5 h1:5iH8iuqE5apketRbSFBy+X1V0o+l+8NF1avt4HWl7cA= github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= +github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db h1:097atOisP2aRj7vFgYQBbFN4U4JNXUNYpxael3UzMyo= +github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= @@ -256,8 +258,12 @@ github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWb github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/onsi/ginkgo/v2 v2.20.2 h1:7NVCeyIWROIAheY21RLS+3j2bb52W0W82tkberYytp4= github.com/onsi/ginkgo/v2 v2.20.2/go.mod h1:K9gyxPIlb+aIvnZ8bd9Ak+YP18w3APlR+5coaZoE2ag= +github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM= +github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= github.com/onsi/gomega v1.34.2 h1:pNCwDkzrsv7MS9kpaQvVb1aVLahQXyJ/Tv5oAZMI3i8= github.com/onsi/gomega v1.34.2/go.mod h1:v1xfxRgk0KIsG+QOdm7p8UosrOzPYRo60fd3B/1Dukc= +github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4= +github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= @@ -343,6 +349,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20201216223049-8b5274cf687f/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw= golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54= +golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw= +golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -407,6 +415,8 @@ golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE= golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg= +golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4= +golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -468,11 +478,15 @@ golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg= golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo= +golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.23.0 h1:F6D4vR+EHoL9/sWAWgAR1H2DcHr4PareCbAaCo1RpuU= golang.org/x/term v0.23.0/go.mod h1:DgV24QBUrK6jhZXl+20l6UWznPlwAHm1Q1mGHtydmSk= +golang.org/x/term v0.25.0 h1:WtHI/ltw4NvSUig5KARz9h521QvRC8RmF/cuYqifU24= +golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -482,6 +496,8 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc= golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= +golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM= +golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -533,6 +549,8 @@ golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.24.0 h1:J1shsA93PJUEVaUSaay7UXAyE8aimq3GW0pjlolpa24= golang.org/x/tools v0.24.0/go.mod h1:YhNqVBIfWHdzvTLs0d8LCuMhkKUgSUKldakyV7W/WDQ= +golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ= +golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -619,6 +637,8 @@ google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp0 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg= google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA= +google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/test/run-tests.sh b/test/run-tests.sh index a8be70480..aaf8cd657 100755 --- a/test/run-tests.sh +++ b/test/run-tests.sh @@ -19,8 +19,8 @@ if [ -n "${PRIVATE_REGISTRY}" ]; then echo "Using private registry at ${PRIVATE_REGISTRY}" PRIVATE_SPLUNK_OPERATOR_IMAGE=${PRIVATE_REGISTRY}/${SPLUNK_OPERATOR_IMAGE} - # CSPL-2920: Graviton support - if [ "$GRAVITON" != "true" ]; then + # CSPL-2920: ARM64 support + if [ "$ARM64" != "true" ]; then PRIVATE_SPLUNK_ENTERPRISE_IMAGE=${PRIVATE_REGISTRY}/${SPLUNK_ENTERPRISE_IMAGE} fi echo "Checking to see if image exists, docker images -q ${PRIVATE_SPLUNK_OPERATOR_IMAGE}" @@ -42,8 +42,8 @@ if [ -n "${PRIVATE_REGISTRY}" ]; then exit 1 fi - if [ "$GRAVITON" == "true" ]; then - echo "Graviton, enterprise tag and push unnecessary" + if [ "$ARM64" == "true" ]; then + echo "ARM64, enterprise tag and push unnecessary" else echo "Tagging to privat repo ${PRIVATE_SPLUNK_OPERATOR_IMAGE}..." docker tag ${SPLUNK_ENTERPRISE_IMAGE} ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} From 6c9b7899582ce34fe5318ae5caa24d7fc2a2d75f Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 14 Nov 2024 18:04:59 -0600 Subject: [PATCH 42/74] Fix docker builds --- .../workflows/build-test-push-workflow.yml | 3 +-- .github/workflows/int-test-workflow.yml | 3 +-- Dockerfile | 2 +- Makefile | 19 +++++++++++++------ test/testenv/verificationutils.go | 1 - 5 files changed, 16 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build-test-push-workflow.yml b/.github/workflows/build-test-push-workflow.yml index 783067688..dab0c9569 100644 --- a/.github/workflows/build-test-push-workflow.yml +++ b/.github/workflows/build-test-push-workflow.yml @@ -332,7 +332,6 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Re-tag Splunk Operator Image run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - docker buildx imagetools create -t ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} - name: Push Splunk Operator Image to Docker Hub run: docker push ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} \ No newline at end of file diff --git a/.github/workflows/int-test-workflow.yml b/.github/workflows/int-test-workflow.yml index 0c47475f1..e4b36cea1 100644 --- a/.github/workflows/int-test-workflow.yml +++ b/.github/workflows/int-test-workflow.yml @@ -154,8 +154,7 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Pull Splunk Operator Image Locally and change name run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - docker buildx imagetools create -t ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Tag and Push Splunk Enterprise Image to ECR run: | docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} diff --git a/Dockerfile b/Dockerfile index 3eb5f4d81..91901977b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -27,7 +27,7 @@ COPY hack hack/ RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -a -o manager main.go # Use BASE_OS as the base image -FROM ${BASE_OS}:{BASE_OS_VERSION} +FROM ${BASE_OS}:${BASE_OS_VERSION} ENV OPERATOR=/manager \ USER_UID=1001 \ diff --git a/Makefile b/Makefile index e5d6de230..bc57ee39d 100644 --- a/Makefile +++ b/Makefile @@ -150,14 +150,21 @@ docker-push: ## Push docker image with the manager. # Build Base OS: registry.access.redhat.com/ubi8/ubi # Build Base OS Version: 8.10 # Pass only what is required, the rest will be defaulted -docker-buildx: - docker buildx build --push --platform=${PLATFORMS} \ - --build-arg BASE_OS=${BASE_OS} \ - --build-arg BASE_OS_VERSION=${BASE_OS_VERSION} \ - --tag ${IMG} -f Dockerfile . +# Setup defaults for build arguments +PLATFORMS ?= linux/amd64 +BASE_OS ?= registry.access.redhat.com/ubi8/ubi +BASE_OS_VERSION ?= 8.10 +docker-buildx: + @if [ -z "$(IMG)" ]; then \ + echo "Error: IMG is a mandatory argument. Usage: make docker-buildx IMG= ...."; \ + exit 1; \ + fi + docker buildx build --push --platform="${PLATFORMS}" \ + --build-arg BASE_OS="${BASE_OS}" \ + --build-arg BASE_OS_VERSION="${BASE_OS_VERSION}" \ + --tag "${IMG}" -f Dockerfile . ##@ Deployment - install: manifests kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config. $(KUSTOMIZE) build config/crd | kubectl apply --server-side --force-conflicts -f - diff --git a/test/testenv/verificationutils.go b/test/testenv/verificationutils.go index 8ff179919..e62d6e5b9 100644 --- a/test/testenv/verificationutils.go +++ b/test/testenv/verificationutils.go @@ -94,7 +94,6 @@ func StandaloneReady(ctx context.Context, deployment *Deployment, deploymentName } testenvInstance.Log.Info("Waiting for Standalone phase to be ready", "instance", standalone.ObjectMeta.Name, "Phase", standalone.Status.Phase) DumpGetPods(testenvInstance.GetName()) - //DumpDescribePods(testenvInstance.GetName()) DumpGetTopPods(testenvInstance.GetName()) DumpGetTopNodes() return standalone.Status.Phase From 33f3aba442fc3cda58d308bd085222833afd0dd4 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 14 Nov 2024 19:11:05 -0600 Subject: [PATCH 43/74] Change logic for Ubuntu --- ...AL2023-build-test-push-workflow-AL2023.yml | 6 ++-- .../arm-AL2023-int-test-workflow.yml | 6 ++-- .../arm-Ubuntu-build-test-push-workflow.yml | 6 ++-- .../arm-Ubuntu-int-test-workflow.yml | 6 ++-- Dockerfile | 33 ++++++++++++------- Makefile | 8 ++--- 6 files changed, 38 insertions(+), 27 deletions(-) diff --git a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml index 5e337a0cd..4f9f27a6e 100644 --- a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml +++ b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml @@ -94,10 +94,10 @@ jobs: - name: Build and push Splunk Operator Image run: | export PLATFORMS=linux/arm64 - export BASE_OS=public.ecr.aws/amazonlinux/amazonlinux - export BASE_OS_VERSION=2023 + export BASE_IMAGE=public.ecr.aws/amazonlinux/amazonlinux + export BASE_IMAGE_VERSION=2023 export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - make docker-buildx PLATFORMS=$PLATFORMS BASE_OS=$BASE_OS BASE_OS_VERSION=$BASE_OS_VERSION IMG=$IMG + make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG - name: Sign Splunk Operator image with a key run: | cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} diff --git a/.github/workflows/arm-AL2023-int-test-workflow.yml b/.github/workflows/arm-AL2023-int-test-workflow.yml index 7c3479313..4bb57bfb0 100644 --- a/.github/workflows/arm-AL2023-int-test-workflow.yml +++ b/.github/workflows/arm-AL2023-int-test-workflow.yml @@ -43,10 +43,10 @@ jobs: - name: Build and push Splunk Operator Image run: | export PLATFORMS=linux/arm64 - export BASE_OS=public.ecr.aws/amazonlinux/amazonlinux - export BASE_OS_VERSION=2023 + export BASE_IMAGE=public.ecr.aws/amazonlinux/amazonlinux + export BASE_IMAGE_VERSION=2023 export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - make docker-buildx PLATFORMS=$PLATFORMS BASE_OS=$BASE_OS BASE_OS_VERSION=$BASE_OS_VERSION IMG=$IMG + make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG int-tests-arm-al2023: strategy: fail-fast: false diff --git a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml index 4d7d7d2c7..64c8e0883 100644 --- a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml +++ b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml @@ -94,10 +94,10 @@ jobs: - name: Build and push Splunk Operator Image run: | export PLATFORMS=linux/arm64 - export BASE_OS=ubuntu - export BASE_OS_VERSION=24.10 + export BASE_IMAGE=ubuntu + export BASE_IMAGE_VERSION=24.10 export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - make docker-buildx PLATFORMS=$PLATFORMS BASE_OS=$BASE_OS BASE_OS_VERSION=$BASE_OS_VERSION IMG=$IMG + make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG - name: Sign Splunk Operator image with a key run: | cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} diff --git a/.github/workflows/arm-Ubuntu-int-test-workflow.yml b/.github/workflows/arm-Ubuntu-int-test-workflow.yml index e0dd03a78..fcb2e0350 100644 --- a/.github/workflows/arm-Ubuntu-int-test-workflow.yml +++ b/.github/workflows/arm-Ubuntu-int-test-workflow.yml @@ -43,10 +43,10 @@ jobs: - name: Build and push Splunk Operator Image run: | export PLATFORMS=linux/arm64 - export BASE_OS=ubuntu - export BASE_OS_VERSION=24.10 + export BASE_IMAGE=ubuntu + export BASE_IMAGE_VERSION=24.10 export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - make docker-buildx PLATFORMS=$PLATFORMS BASE_OS=$BASE_OS BASE_OS_VERSION=$BASE_OS_VERSION IMG=$IMG + make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG int-tests-arm-ubuntu: strategy: fail-fast: false diff --git a/Dockerfile b/Dockerfile index 91901977b..fb9f06277 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # Setup defaults for build arguments -ARG PLATFORMS ?= linux/amd64 -ARG BASE_OS ?= registry.access.redhat.com/ubi8/ubi -ARG BASE_OS_VERSION ?= 8.10 +ARG PLATFORMS=linux/amd64 +ARG BASE_IMAGE=registry.access.redhat.com/ubi8/ubi +ARG BASE_IMAGE_VERSION=8.10 # Build the manager binary FROM golang:1.23.0 as builder @@ -26,20 +26,31 @@ COPY hack hack/ # TARGETOS and TARGETARCH are provided(inferred) by buildx via the --platforms flag RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -a -o manager main.go -# Use BASE_OS as the base image -FROM ${BASE_OS}:${BASE_OS_VERSION} +# Use BASE_IMAGE as the base image +FROM ${BASE_IMAGE}:${BASE_IMAGE_VERSION} ENV OPERATOR=/manager \ USER_UID=1001 \ USER_NAME=nonroot # Install necessary packages and configure user -RUN yum -y install shadow-utils && \ - useradd -ms /bin/bash nonroot -u 1001 && \ - yum update -y krb5-libs && yum clean all && \ - yum -y update-minimal --security --sec-severity=Important --sec-severity=Critical && \ - yum -y update-minimal --security --sec-severity=Moderate && \ - yum -y update-minimal --security --sec-severity=Low +RUN if grep -q 'Ubuntu' /etc/os-release; then \ + apt-get update && \ + apt-get install -y --no-install-recommends passwd=1:4.8.1-1ubuntu5.20.04 && \ + useradd -ms /bin/bash nonroot -u 1001 && \ + apt-get install -y --no-install-recommends krb5-locales=1.17-6ubuntu4.1 && \ + apt-get upgrade -y && \ + apt-get install -y --no-install-recommends unattended-upgrades=2.3ubuntu0.1 && \ + unattended-upgrades -v --security && \ + apt-get clean && rm -rf /var/lib/apt/lists/*; \ + else \ + yum -y install shadow-utils && \ + useradd -ms /bin/bash nonroot -u 1001 && \ + yum update -y krb5-libs && yum clean all && \ + yum -y update-minimal --security --sec-severity=Important --sec-severity=Critical && \ + yum -y update-minimal --security --sec-severity=Moderate && \ + yum -y update-minimal --security --sec-severity=Low; \ + fi # Metadata LABEL name="splunk" \ diff --git a/Makefile b/Makefile index bc57ee39d..4a28cdad2 100644 --- a/Makefile +++ b/Makefile @@ -152,16 +152,16 @@ docker-push: ## Push docker image with the manager. # Pass only what is required, the rest will be defaulted # Setup defaults for build arguments PLATFORMS ?= linux/amd64 -BASE_OS ?= registry.access.redhat.com/ubi8/ubi -BASE_OS_VERSION ?= 8.10 +BASE_IMAGE ?= registry.access.redhat.com/ubi8/ubi +BASE_IMAGE_VERSION ?= 8.10 docker-buildx: @if [ -z "$(IMG)" ]; then \ echo "Error: IMG is a mandatory argument. Usage: make docker-buildx IMG= ...."; \ exit 1; \ fi docker buildx build --push --platform="${PLATFORMS}" \ - --build-arg BASE_OS="${BASE_OS}" \ - --build-arg BASE_OS_VERSION="${BASE_OS_VERSION}" \ + --build-arg BASE_IMAGE="${BASE_IMAGE}" \ + --build-arg BASE_IMAGE_VERSION="${BASE_IMAGE_VERSION}" \ --tag "${IMG}" -f Dockerfile . ##@ Deployment From 4ba29e4b7bd3fa614e6aa925c0ba3652cf1bb109 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 14 Nov 2024 19:23:41 -0600 Subject: [PATCH 44/74] Test package version --- Dockerfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index fb9f06277..67c4b97f8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -36,11 +36,11 @@ ENV OPERATOR=/manager \ # Install necessary packages and configure user RUN if grep -q 'Ubuntu' /etc/os-release; then \ apt-get update && \ - apt-get install -y --no-install-recommends passwd=1:4.8.1-1ubuntu5.20.04 && \ + apt-get install -y --no-install-recommends passwd=1:4.13+dfsg1-4ubuntu3 && \ useradd -ms /bin/bash nonroot -u 1001 && \ - apt-get install -y --no-install-recommends krb5-locales=1.17-6ubuntu4.1 && \ + apt-get install -y --no-install-recommends krb5-locales && \ apt-get upgrade -y && \ - apt-get install -y --no-install-recommends unattended-upgrades=2.3ubuntu0.1 && \ + apt-get install -y --no-install-recommends unattended-upgrades && \ unattended-upgrades -v --security && \ apt-get clean && rm -rf /var/lib/apt/lists/*; \ else \ From 2c618525337a2746758ea2b5f16b30d41cb01d89 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 14 Nov 2024 19:31:48 -0600 Subject: [PATCH 45/74] Run without package versions --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 67c4b97f8..fbe7f58c8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -36,7 +36,7 @@ ENV OPERATOR=/manager \ # Install necessary packages and configure user RUN if grep -q 'Ubuntu' /etc/os-release; then \ apt-get update && \ - apt-get install -y --no-install-recommends passwd=1:4.13+dfsg1-4ubuntu3 && \ + apt-get install -y --no-install-recommends passwd && \ useradd -ms /bin/bash nonroot -u 1001 && \ apt-get install -y --no-install-recommends krb5-locales && \ apt-get upgrade -y && \ From 458b751e2531aa2bea58a164458d5db26d461319 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Thu, 14 Nov 2024 19:52:27 -0600 Subject: [PATCH 46/74] Fix unattended-upgrades --- Dockerfile | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index fbe7f58c8..e40f337a1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -37,11 +37,10 @@ ENV OPERATOR=/manager \ RUN if grep -q 'Ubuntu' /etc/os-release; then \ apt-get update && \ apt-get install -y --no-install-recommends passwd && \ - useradd -ms /bin/bash nonroot -u 1001 && \ apt-get install -y --no-install-recommends krb5-locales && \ - apt-get upgrade -y && \ apt-get install -y --no-install-recommends unattended-upgrades && \ - unattended-upgrades -v --security && \ + useradd -ms /bin/bash nonroot -u 1001 && \ + unattended-upgrades -v && \ apt-get clean && rm -rf /var/lib/apt/lists/*; \ else \ yum -y install shadow-utils && \ From 5187f08903917ebb1f2cc6b31e5e8635a394456e Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Fri, 15 Nov 2024 11:14:26 -0600 Subject: [PATCH 47/74] Build for amd64 as well for pipelines --- .../workflows/arm-AL2023-build-test-push-workflow-AL2023.yml | 2 +- .github/workflows/arm-AL2023-int-test-workflow.yml | 2 +- .github/workflows/arm-Ubuntu-build-test-push-workflow.yml | 2 +- .github/workflows/arm-Ubuntu-int-test-workflow.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml index 4f9f27a6e..9ee728898 100644 --- a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml +++ b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml @@ -93,7 +93,7 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Build and push Splunk Operator Image run: | - export PLATFORMS=linux/arm64 + export PLATFORMS=linux/arm64,linux/amd64 export BASE_IMAGE=public.ecr.aws/amazonlinux/amazonlinux export BASE_IMAGE_VERSION=2023 export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA diff --git a/.github/workflows/arm-AL2023-int-test-workflow.yml b/.github/workflows/arm-AL2023-int-test-workflow.yml index 4bb57bfb0..2f6668262 100644 --- a/.github/workflows/arm-AL2023-int-test-workflow.yml +++ b/.github/workflows/arm-AL2023-int-test-workflow.yml @@ -42,7 +42,7 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Build and push Splunk Operator Image run: | - export PLATFORMS=linux/arm64 + export PLATFORMS=linux/arm64, linux/amd64 export BASE_IMAGE=public.ecr.aws/amazonlinux/amazonlinux export BASE_IMAGE_VERSION=2023 export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA diff --git a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml index 64c8e0883..5ca8bf710 100644 --- a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml +++ b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml @@ -93,7 +93,7 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Build and push Splunk Operator Image run: | - export PLATFORMS=linux/arm64 + export PLATFORMS=linux/arm64, linux/amd64 export BASE_IMAGE=ubuntu export BASE_IMAGE_VERSION=24.10 export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA diff --git a/.github/workflows/arm-Ubuntu-int-test-workflow.yml b/.github/workflows/arm-Ubuntu-int-test-workflow.yml index fcb2e0350..e91a5b495 100644 --- a/.github/workflows/arm-Ubuntu-int-test-workflow.yml +++ b/.github/workflows/arm-Ubuntu-int-test-workflow.yml @@ -42,7 +42,7 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Build and push Splunk Operator Image run: | - export PLATFORMS=linux/arm64 + export PLATFORMS=linux/arm64, linux/amd64 export BASE_IMAGE=ubuntu export BASE_IMAGE_VERSION=24.10 export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA From 97c5bec44a1f28761e56c951c66f0288e8fe50c2 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Fri, 15 Nov 2024 11:30:11 -0600 Subject: [PATCH 48/74] Remove space --- .github/workflows/arm-AL2023-int-test-workflow.yml | 2 +- .github/workflows/arm-Ubuntu-build-test-push-workflow.yml | 2 +- .github/workflows/arm-Ubuntu-int-test-workflow.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/arm-AL2023-int-test-workflow.yml b/.github/workflows/arm-AL2023-int-test-workflow.yml index 2f6668262..78b830ee2 100644 --- a/.github/workflows/arm-AL2023-int-test-workflow.yml +++ b/.github/workflows/arm-AL2023-int-test-workflow.yml @@ -42,7 +42,7 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Build and push Splunk Operator Image run: | - export PLATFORMS=linux/arm64, linux/amd64 + export PLATFORMS=linux/arm64,linux/amd64 export BASE_IMAGE=public.ecr.aws/amazonlinux/amazonlinux export BASE_IMAGE_VERSION=2023 export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA diff --git a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml index 5ca8bf710..0a9805286 100644 --- a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml +++ b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml @@ -93,7 +93,7 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Build and push Splunk Operator Image run: | - export PLATFORMS=linux/arm64, linux/amd64 + export PLATFORMS=linux/arm64,linux/amd64 export BASE_IMAGE=ubuntu export BASE_IMAGE_VERSION=24.10 export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA diff --git a/.github/workflows/arm-Ubuntu-int-test-workflow.yml b/.github/workflows/arm-Ubuntu-int-test-workflow.yml index e91a5b495..e88e2754f 100644 --- a/.github/workflows/arm-Ubuntu-int-test-workflow.yml +++ b/.github/workflows/arm-Ubuntu-int-test-workflow.yml @@ -42,7 +42,7 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Build and push Splunk Operator Image run: | - export PLATFORMS=linux/arm64, linux/amd64 + export PLATFORMS=linux/arm64,linux/amd64 export BASE_IMAGE=ubuntu export BASE_IMAGE_VERSION=24.10 export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA From 568290b9f004c65b8759a7c2793c14ab6addf21d Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Fri, 15 Nov 2024 15:29:45 -0600 Subject: [PATCH 49/74] Change to AS --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index e40f337a1..e00645667 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,7 +4,7 @@ ARG BASE_IMAGE=registry.access.redhat.com/ubi8/ubi ARG BASE_IMAGE_VERSION=8.10 # Build the manager binary -FROM golang:1.23.0 as builder +FROM golang:1.23.0 AS builder WORKDIR /workspace From a888197925fba6293c9e236da17d3e4e490ef28d Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Mon, 18 Nov 2024 19:12:36 -0600 Subject: [PATCH 50/74] Trigger for 9.2.4 AL2023 ARM --- .../workflows/arm-AL2023-build-test-push-workflow-AL2023.yml | 1 - .github/workflows/arm-Ubuntu-build-test-push-workflow.yml | 1 - .github/workflows/arm-Ubuntu-int-test-workflow.yml | 2 +- 3 files changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml index 9ee728898..f3c6b4a50 100644 --- a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml +++ b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml @@ -3,7 +3,6 @@ on: push: branches: - CSPL_2920 - - CSPL_xx jobs: check-formating: runs-on: ubuntu-latest diff --git a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml index 0a9805286..aacb199f8 100644 --- a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml +++ b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml @@ -3,7 +3,6 @@ on: push: branches: - CSPL_2920 - - CSPL_xx jobs: check-formating: runs-on: ubuntu-latest diff --git a/.github/workflows/arm-Ubuntu-int-test-workflow.yml b/.github/workflows/arm-Ubuntu-int-test-workflow.yml index e88e2754f..449bb4159 100644 --- a/.github/workflows/arm-Ubuntu-int-test-workflow.yml +++ b/.github/workflows/arm-Ubuntu-int-test-workflow.yml @@ -2,7 +2,7 @@ name: Arm Ubuntu Integration Test WorkFlow Ubuntu on: push: branches: - - CSPL_2920_xx + - CSPL_2920_xxx jobs: build-operator-image-arm-ubuntu: runs-on: ubuntu-latest From 81e750262cdefc719310c7730912e5271234c102 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Tue, 19 Nov 2024 13:10:50 -0600 Subject: [PATCH 51/74] Try installing certificates on SOK container --- .github/workflows/arm-Ubuntu-build-test-push-workflow.yml | 2 +- Dockerfile | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml index aacb199f8..8f8583d5a 100644 --- a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml +++ b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml @@ -2,7 +2,7 @@ name: Arm Ubuntu Smoke Test WorkFlow on: push: branches: - - CSPL_2920 + - CSPL_2920_x jobs: check-formating: runs-on: ubuntu-latest diff --git a/Dockerfile b/Dockerfile index e00645667..25d9eb5e0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -45,6 +45,8 @@ RUN if grep -q 'Ubuntu' /etc/os-release; then \ else \ yum -y install shadow-utils && \ useradd -ms /bin/bash nonroot -u 1001 && \ + yum install -y ca-certificates && \ + update-ca-trust && \ yum update -y krb5-libs && yum clean all && \ yum -y update-minimal --security --sec-severity=Important --sec-severity=Critical && \ yum -y update-minimal --security --sec-severity=Moderate && \ From 354eefeab02659a931a8ba01a084f47c41591ae7 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Tue, 19 Nov 2024 14:15:09 -0600 Subject: [PATCH 52/74] Trigger both arm and ubuntu. Add cert for ubuntu --- .github/workflows/arm-Ubuntu-build-test-push-workflow.yml | 2 +- Dockerfile | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml index 8f8583d5a..aacb199f8 100644 --- a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml +++ b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml @@ -2,7 +2,7 @@ name: Arm Ubuntu Smoke Test WorkFlow on: push: branches: - - CSPL_2920_x + - CSPL_2920 jobs: check-formating: runs-on: ubuntu-latest diff --git a/Dockerfile b/Dockerfile index 25d9eb5e0..9cd788a46 100644 --- a/Dockerfile +++ b/Dockerfile @@ -40,6 +40,8 @@ RUN if grep -q 'Ubuntu' /etc/os-release; then \ apt-get install -y --no-install-recommends krb5-locales && \ apt-get install -y --no-install-recommends unattended-upgrades && \ useradd -ms /bin/bash nonroot -u 1001 && \ + apt-get install -y --no-install-recommends ca-certificates && \ + update-ca-certificates && \ unattended-upgrades -v && \ apt-get clean && rm -rf /var/lib/apt/lists/*; \ else \ From 44e54e0e7067581f85bc2c242b5d809a8d7b347b Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Tue, 26 Nov 2024 09:06:01 -0600 Subject: [PATCH 53/74] Trigger workflows for 9.2.4 AL2023 ARM64 --- .github/workflows/arm-AL2023-int-test-workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/arm-AL2023-int-test-workflow.yml b/.github/workflows/arm-AL2023-int-test-workflow.yml index 78b830ee2..4f88868f9 100644 --- a/.github/workflows/arm-AL2023-int-test-workflow.yml +++ b/.github/workflows/arm-AL2023-int-test-workflow.yml @@ -2,7 +2,7 @@ name: Arm AL2023 Integration Test WorkFlow on: push: branches: - - CSPL_2920_xx + - CSPL_2920_xxx jobs: build-operator-image-arm-al2023: runs-on: ubuntu-latest From 2a07a314915e617a4bcbd95128f2dffecad69349 Mon Sep 17 00:00:00 2001 From: rlieberman-splunk Date: Wed, 4 Dec 2024 07:52:40 -0600 Subject: [PATCH 54/74] trigger AL2023 build for splunk 9.2.4 --- .github/workflows/arm-Ubuntu-build-test-push-workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml index aacb199f8..4285519e7 100644 --- a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml +++ b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml @@ -2,7 +2,7 @@ name: Arm Ubuntu Smoke Test WorkFlow on: push: branches: - - CSPL_2920 + - CSPL_2920_xxx jobs: check-formating: runs-on: ubuntu-latest From a625571d9f7a7b3b7878da9d2174a4498c95d336 Mon Sep 17 00:00:00 2001 From: rlieberman-splunk Date: Wed, 4 Dec 2024 08:38:16 -0600 Subject: [PATCH 55/74] trigger AL2023 build for splunk 9.3.2 --- .github/workflows/arm-Ubuntu-build-test-push-workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml index 4285519e7..6b404dee9 100644 --- a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml +++ b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml @@ -2,7 +2,7 @@ name: Arm Ubuntu Smoke Test WorkFlow on: push: branches: - - CSPL_2920_xxx + - CSPL_2920_xx jobs: check-formating: runs-on: ubuntu-latest From a02f50d759cf0fc8dacc897740e42b5e077ef17d Mon Sep 17 00:00:00 2001 From: rlieberman-splunk Date: Wed, 4 Dec 2024 11:17:39 -0600 Subject: [PATCH 56/74] trigger Ubuntu build for splunk 9.2.4 --- .../workflows/arm-AL2023-build-test-push-workflow-AL2023.yml | 2 +- .github/workflows/arm-Ubuntu-build-test-push-workflow.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml index f3c6b4a50..da2b025cf 100644 --- a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml +++ b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml @@ -2,7 +2,7 @@ name: Arm AL2023 Smoke Test WorkFlow on: push: branches: - - CSPL_2920 + - CSPL_2920_xxx jobs: check-formating: runs-on: ubuntu-latest diff --git a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml index 6b404dee9..aacb199f8 100644 --- a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml +++ b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml @@ -2,7 +2,7 @@ name: Arm Ubuntu Smoke Test WorkFlow on: push: branches: - - CSPL_2920_xx + - CSPL_2920 jobs: check-formating: runs-on: ubuntu-latest From 98df5dd0bbf6c9bc5bd7d0758c5e1d1a2dacf429 Mon Sep 17 00:00:00 2001 From: rlieberman-splunk Date: Wed, 4 Dec 2024 11:43:04 -0600 Subject: [PATCH 57/74] trigger Ubuntu build for splunk 9.3.2 --- .../workflows/arm-AL2023-build-test-push-workflow-AL2023.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml index da2b025cf..42ac1891f 100644 --- a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml +++ b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml @@ -2,7 +2,7 @@ name: Arm AL2023 Smoke Test WorkFlow on: push: branches: - - CSPL_2920_xxx + - CSPL_2920_xx jobs: check-formating: runs-on: ubuntu-latest From 6270cdd687b736d46b93677e249898be7c50a84e Mon Sep 17 00:00:00 2001 From: rlieberman-splunk Date: Thu, 5 Dec 2024 10:31:12 -0600 Subject: [PATCH 58/74] trigger AL2023 build for splunk 9.2.4 --- .../arm-AL2023-build-test-push-workflow-AL2023.yml | 12 ++++++------ .../arm-Ubuntu-build-test-push-workflow.yml | 10 +++++----- .../appframework_aws/c3/manager_appframework_test.go | 2 +- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml index 42ac1891f..412fb7cb6 100644 --- a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml +++ b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml @@ -2,7 +2,7 @@ name: Arm AL2023 Smoke Test WorkFlow on: push: branches: - - CSPL_2920_xx + - CSPL_2920 jobs: check-formating: runs-on: ubuntu-latest @@ -162,12 +162,12 @@ jobs: fail-fast: false matrix: test: [ - basic, - appframeworks1, + # basic, + # appframeworks1, managerappframeworkc3, - managerappframeworkm4, - managersecret, - managermc, + # managerappframeworkm4, + # managersecret, + # managermc, ] runs-on: ubuntu-latest env: diff --git a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml index aacb199f8..ae220aaab 100644 --- a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml +++ b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml @@ -2,7 +2,7 @@ name: Arm Ubuntu Smoke Test WorkFlow on: push: branches: - - CSPL_2920 + - CSPL_2920_xxx jobs: check-formating: runs-on: ubuntu-latest @@ -162,12 +162,12 @@ jobs: fail-fast: false matrix: test: [ - basic, - appframeworks1, + # basic, + # appframeworks1, managerappframeworkc3, managerappframeworkm4, - managersecret, - managermc, + # managersecret, + # managermc, ] runs-on: ubuntu-latest env: diff --git a/test/appframework_aws/c3/manager_appframework_test.go b/test/appframework_aws/c3/manager_appframework_test.go index 7d9272c23..a8c93b0c7 100644 --- a/test/appframework_aws/c3/manager_appframework_test.go +++ b/test/appframework_aws/c3/manager_appframework_test.go @@ -304,7 +304,7 @@ var _ = Describe("c3appfw test", func() { }) }) - Context("Single Site Indexer Cluster with Search Head Cluster (C3) and App Framework and Image Upgrade", func() { + XContext("Single Site Indexer Cluster with Search Head Cluster (C3) and App Framework and Image Upgrade", func() { It("smoke, c3, managerappframeworkc3t, appframework: can deploy a C3 SVA with App Framework enabled, install apps then upgrade the image and apps", func() { //################## SETUP #################### From 8d4568b4079dfe45f17748a806da0a42ff9c41db Mon Sep 17 00:00:00 2001 From: rlieberman-splunk Date: Tue, 10 Dec 2024 09:31:34 -0600 Subject: [PATCH 59/74] use new label to test app framework tests that hang during teardown --- .../workflows/build-test-push-workflow.yml | 10 +++--- .github/workflows/int-test-workflow.yml | 20 +++++------ .../workflows/manual-int-test-workflow.yml | 10 +----- .../namespace-scope-int-workflow.yml | 10 +----- .../workflows/nightly-int-test-workflow.yml | 10 +----- .../s1/appframework_aws_test.go | 34 +++++++++---------- 6 files changed, 35 insertions(+), 59 deletions(-) diff --git a/.github/workflows/build-test-push-workflow.yml b/.github/workflows/build-test-push-workflow.yml index 4ca3b8661..fe0325adc 100644 --- a/.github/workflows/build-test-push-workflow.yml +++ b/.github/workflows/build-test-push-workflow.yml @@ -165,11 +165,11 @@ jobs: matrix: test: [ basic, - appframeworksS1, - managerappframeworkc3, - managerappframeworkm4, - managersecret, - managermc, + testnewlabelforteardown, + # managerappframeworkc3, + # managerappframeworkm4, + # managersecret, + # managermc, ] runs-on: ubuntu-latest env: diff --git a/.github/workflows/int-test-workflow.yml b/.github/workflows/int-test-workflow.yml index cb0dd7d9f..aaed40604 100644 --- a/.github/workflows/int-test-workflow.yml +++ b/.github/workflows/int-test-workflow.yml @@ -55,16 +55,16 @@ jobs: matrix: test: [ - appframeworksS1, - managerappframeworkc3, - managerappframeworkm4, - managersecret, - managersmartstore, - managermc1, - managermc2, - managercrcrud, - licensemanager, - managerdeletecr, + testnewlabelforteardown, + # managerappframeworkc3, + # managerappframeworkm4, + # managersecret, + # managersmartstore, + # managermc1, + # managermc2, + # managercrcrud, + # licensemanager, + # managerdeletecr, ] runs-on: ubuntu-latest needs: build-operator-image diff --git a/.github/workflows/manual-int-test-workflow.yml b/.github/workflows/manual-int-test-workflow.yml index a5cf70cbc..1b7bfbc2e 100644 --- a/.github/workflows/manual-int-test-workflow.yml +++ b/.github/workflows/manual-int-test-workflow.yml @@ -13,7 +13,7 @@ jobs: matrix: test: [ - appframeworksS1, + testnewlabelforteardown, managerappframeworkc3, managerappframeworkm4, managersecret, @@ -23,14 +23,6 @@ jobs: managerscaling, managercrcrud, licensemanager, - masterappframeworkc3, - masterappframeworkm4, - mastersecret, - mastersmartstore, - mastermc, - masterscaling, - mastercrcrud, - licensemaster, ] runs-on: ubuntu-latest env: diff --git a/.github/workflows/namespace-scope-int-workflow.yml b/.github/workflows/namespace-scope-int-workflow.yml index 973b43c13..40f1d1050 100644 --- a/.github/workflows/namespace-scope-int-workflow.yml +++ b/.github/workflows/namespace-scope-int-workflow.yml @@ -9,7 +9,7 @@ jobs: matrix: test: [ - appframeworksS1, + testnewlabelforteardown, managerappframeworkc3, managerappframeworkm4, managersecret, @@ -19,14 +19,6 @@ jobs: managerscaling, managercrcrud, licensemanager, - masterappframeworkc3, - masterappframeworkm4, - mastersecret, - mastersmartstore, - mastermc, - masterscaling, - mastercrcrud, - licensemaster, ] runs-on: ubuntu-latest env: diff --git a/.github/workflows/nightly-int-test-workflow.yml b/.github/workflows/nightly-int-test-workflow.yml index e10aa1120..a997b80e6 100644 --- a/.github/workflows/nightly-int-test-workflow.yml +++ b/.github/workflows/nightly-int-test-workflow.yml @@ -53,7 +53,7 @@ jobs: matrix: test: [ - appframeworksS1, + testnewlabelforteardown, managerappframeworkc3, managerappframeworkm4, managersecret, @@ -63,14 +63,6 @@ jobs: managerscaling, managercrcrud, licensemanager, - masterappframeworkc3, - masterappframeworkm4, - mastersecret, - mastersmartstore, - mastermc, - masterscaling, - mastercrcrud, - licensemaster, ] runs-on: ubuntu-latest needs: build-operator-image diff --git a/test/appframework_aws/s1/appframework_aws_test.go b/test/appframework_aws/s1/appframework_aws_test.go index 51f360820..8f5311e0c 100644 --- a/test/appframework_aws/s1/appframework_aws_test.go +++ b/test/appframework_aws/s1/appframework_aws_test.go @@ -79,7 +79,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("smoke, s1, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, install apps then upgrade them", func() { + It("smoke, s1, testnewlabelforteardown, appframework: can deploy a Standalone instance with App Framework enabled, install apps then upgrade them", func() { /* Test Steps ################## SETUP #################### @@ -250,7 +250,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("smoke, s1, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, install apps then downgrade them", func() { + It("smoke, s1, testnewlabelforteardown, appframework: can deploy a Standalone instance with App Framework enabled, install apps then downgrade them", func() { /* Test Steps ################## SETUP #################### @@ -413,7 +413,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("s1, smoke, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, install apps, scale up, install apps on new pod, scale down", func() { + It("s1, smoke, testnewlabelforteardown, appframework: can deploy a Standalone instance with App Framework enabled, install apps, scale up, install apps on new pod, scale down", func() { /* Test Steps ################## SETUP #################### @@ -608,7 +608,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("s1, integration, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, install apps, scale up, upgrade apps", func() { + It("s1, integration, testnewlabelforteardown, appframework: can deploy a Standalone instance with App Framework enabled, install apps, scale up, upgrade apps", func() { /* Test Steps ################## SETUP #################### @@ -742,7 +742,7 @@ var _ = Describe("s1appfw test", func() { // ES App Installation not supported at the time. Will be added back at a later time. Context("Standalone deployment (S1) with App Framework", func() { - It("s1, integration, appframeworksS1, appframework: can deploy a Standalone and have ES app installed", func() { + It("s1, integration, testnewlabelforteardown, appframework: can deploy a Standalone and have ES app installed", func() { /* Test Steps ################## SETUP #################### @@ -843,7 +843,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled and install around 350MB of apps at once", func() { + It("integration, s1, testnewlabelforteardown, appframework: can deploy a Standalone instance with App Framework enabled and install around 350MB of apps at once", func() { /* Test Steps ################## SETUP #################### @@ -912,7 +912,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("s1, smoke, appframeworksS1, appframework: can deploy a standalone instance with App Framework enabled for manual poll", func() { + It("s1, smoke, testnewlabelforteardown, appframework: can deploy a standalone instance with App Framework enabled for manual poll", func() { /* Test Steps ################## SETUP #################### @@ -1090,7 +1090,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworksS1, appframework: can deploy Several standalone CRs in the same namespace with App Framework enabled", func() { + It("integration, s1, testnewlabelforteardown, appframework: can deploy Several standalone CRs in the same namespace with App Framework enabled", func() { /* Test Steps ################## SETUP #################### @@ -1191,7 +1191,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworksS1, appframework: can add new apps to app source while install is in progress and have all apps installed", func() { + It("integration, s1, testnewlabelforteardown, appframework: can add new apps to app source while install is in progress and have all apps installed", func() { /* Test Steps ################## SETUP #################### @@ -1303,7 +1303,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworksS1, appframework: Deploy a Standalone instance with App Framework enabled and reset operator pod while app install is in progress", func() { + It("integration, s1, testnewlabelforteardown, appframework: Deploy a Standalone instance with App Framework enabled and reset operator pod while app install is in progress", func() { /* Test Steps ################## SETUP #################### @@ -1399,7 +1399,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworksS1, appframework: Deploy a Standalone instance with App Framework enabled and reset operator pod while app download is in progress", func() { + It("integration, s1, testnewlabelforteardown, appframework: Deploy a Standalone instance with App Framework enabled and reset operator pod while app download is in progress", func() { /* Test Steps ################## SETUP #################### @@ -1467,7 +1467,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, install an app then disable it and remove it from app source", func() { + It("integration, s1, testnewlabelforteardown, appframework: can deploy a Standalone instance with App Framework enabled, install an app then disable it and remove it from app source", func() { /* Test Steps ################## SETUP #################### @@ -1561,7 +1561,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, attempt to update using incorrect S3 credentials", func() { + It("integration, s1, testnewlabelforteardown, appframework: can deploy a Standalone instance with App Framework enabled, attempt to update using incorrect S3 credentials", func() { /* Test Steps ################## SETUP #################### @@ -1698,7 +1698,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworksS1, appframework: Deploy a Standalone instance with App Framework enabled and update apps after app download is completed", func() { + It("integration, s1, testnewlabelforteardown, appframework: Deploy a Standalone instance with App Framework enabled and update apps after app download is completed", func() { /* Test Steps ################## SETUP #################### @@ -1782,7 +1782,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworksS1, appframework: can deploy a Standalone instance and install a bigger volume of apps than the operator PV disk space", func() { + It("integration, s1, testnewlabelforteardown, appframework: can deploy a Standalone instance and install a bigger volume of apps than the operator PV disk space", func() { /* Test Steps ################## SETUP #################### @@ -1857,7 +1857,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworksS1, appframework: Deploy a Standalone instance with App Framework enabled and delete apps from app directory when app download is complete", func() { + It("integration, s1, testnewlabelforteardown, appframework: Deploy a Standalone instance with App Framework enabled and delete apps from app directory when app download is complete", func() { /* Test Steps ################## SETUP #################### @@ -1928,7 +1928,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("smoke, s1, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, install apps and check isDeploymentInProgress is set for Standaloen and MC CR's", func() { + It("smoke, s1, testnewlabelforteardown, appframework: can deploy a Standalone instance with App Framework enabled, install apps and check isDeploymentInProgress is set for Standaloen and MC CR's", func() { /* Test Steps ################## SETUP #################### From fc95d7cc105503e54acc1d0e31811513d6acbe8d Mon Sep 17 00:00:00 2001 From: rlieberman-splunk Date: Tue, 10 Dec 2024 09:57:19 -0600 Subject: [PATCH 60/74] use shorter label for testing tag --- .../workflows/build-test-push-workflow.yml | 2 +- .github/workflows/int-test-workflow.yml | 2 +- .../workflows/manual-int-test-workflow.yml | 2 +- .../namespace-scope-int-workflow.yml | 2 +- .../workflows/nightly-int-test-workflow.yml | 2 +- .../s1/appframework_aws_test.go | 34 +++++++++---------- 6 files changed, 22 insertions(+), 22 deletions(-) diff --git a/.github/workflows/build-test-push-workflow.yml b/.github/workflows/build-test-push-workflow.yml index fe0325adc..64eaa8c76 100644 --- a/.github/workflows/build-test-push-workflow.yml +++ b/.github/workflows/build-test-push-workflow.yml @@ -165,7 +165,7 @@ jobs: matrix: test: [ basic, - testnewlabelforteardown, + testnewlabel, # managerappframeworkc3, # managerappframeworkm4, # managersecret, diff --git a/.github/workflows/int-test-workflow.yml b/.github/workflows/int-test-workflow.yml index aaed40604..d69e31a33 100644 --- a/.github/workflows/int-test-workflow.yml +++ b/.github/workflows/int-test-workflow.yml @@ -55,7 +55,7 @@ jobs: matrix: test: [ - testnewlabelforteardown, + testnewlabel, # managerappframeworkc3, # managerappframeworkm4, # managersecret, diff --git a/.github/workflows/manual-int-test-workflow.yml b/.github/workflows/manual-int-test-workflow.yml index 1b7bfbc2e..f805c947b 100644 --- a/.github/workflows/manual-int-test-workflow.yml +++ b/.github/workflows/manual-int-test-workflow.yml @@ -13,7 +13,7 @@ jobs: matrix: test: [ - testnewlabelforteardown, + testnewlabel, managerappframeworkc3, managerappframeworkm4, managersecret, diff --git a/.github/workflows/namespace-scope-int-workflow.yml b/.github/workflows/namespace-scope-int-workflow.yml index 40f1d1050..06ee90c26 100644 --- a/.github/workflows/namespace-scope-int-workflow.yml +++ b/.github/workflows/namespace-scope-int-workflow.yml @@ -9,7 +9,7 @@ jobs: matrix: test: [ - testnewlabelforteardown, + testnewlabel, managerappframeworkc3, managerappframeworkm4, managersecret, diff --git a/.github/workflows/nightly-int-test-workflow.yml b/.github/workflows/nightly-int-test-workflow.yml index a997b80e6..c511a7c8a 100644 --- a/.github/workflows/nightly-int-test-workflow.yml +++ b/.github/workflows/nightly-int-test-workflow.yml @@ -53,7 +53,7 @@ jobs: matrix: test: [ - testnewlabelforteardown, + testnewlabel, managerappframeworkc3, managerappframeworkm4, managersecret, diff --git a/test/appframework_aws/s1/appframework_aws_test.go b/test/appframework_aws/s1/appframework_aws_test.go index 8f5311e0c..1ed330ed7 100644 --- a/test/appframework_aws/s1/appframework_aws_test.go +++ b/test/appframework_aws/s1/appframework_aws_test.go @@ -79,7 +79,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("smoke, s1, testnewlabelforteardown, appframework: can deploy a Standalone instance with App Framework enabled, install apps then upgrade them", func() { + It("smoke, s1, testnewlabel, appframework: can deploy a Standalone instance with App Framework enabled, install apps then upgrade them", func() { /* Test Steps ################## SETUP #################### @@ -250,7 +250,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("smoke, s1, testnewlabelforteardown, appframework: can deploy a Standalone instance with App Framework enabled, install apps then downgrade them", func() { + It("smoke, s1, testnewlabel, appframework: can deploy a Standalone instance with App Framework enabled, install apps then downgrade them", func() { /* Test Steps ################## SETUP #################### @@ -413,7 +413,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("s1, smoke, testnewlabelforteardown, appframework: can deploy a Standalone instance with App Framework enabled, install apps, scale up, install apps on new pod, scale down", func() { + It("s1, smoke, testnewlabel, appframework: can deploy a Standalone instance with App Framework enabled, install apps, scale up, install apps on new pod, scale down", func() { /* Test Steps ################## SETUP #################### @@ -608,7 +608,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("s1, integration, testnewlabelforteardown, appframework: can deploy a Standalone instance with App Framework enabled, install apps, scale up, upgrade apps", func() { + It("s1, integration, testnewlabel, appframework: can deploy a Standalone instance with App Framework enabled, install apps, scale up, upgrade apps", func() { /* Test Steps ################## SETUP #################### @@ -742,7 +742,7 @@ var _ = Describe("s1appfw test", func() { // ES App Installation not supported at the time. Will be added back at a later time. Context("Standalone deployment (S1) with App Framework", func() { - It("s1, integration, testnewlabelforteardown, appframework: can deploy a Standalone and have ES app installed", func() { + It("s1, integration, testnewlabel, appframework: can deploy a Standalone and have ES app installed", func() { /* Test Steps ################## SETUP #################### @@ -843,7 +843,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, testnewlabelforteardown, appframework: can deploy a Standalone instance with App Framework enabled and install around 350MB of apps at once", func() { + It("integration, s1, testnewlabel, appframework: can deploy a Standalone instance with App Framework enabled and install around 350MB of apps at once", func() { /* Test Steps ################## SETUP #################### @@ -912,7 +912,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("s1, smoke, testnewlabelforteardown, appframework: can deploy a standalone instance with App Framework enabled for manual poll", func() { + It("s1, smoke, testnewlabel, appframework: can deploy a standalone instance with App Framework enabled for manual poll", func() { /* Test Steps ################## SETUP #################### @@ -1090,7 +1090,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, testnewlabelforteardown, appframework: can deploy Several standalone CRs in the same namespace with App Framework enabled", func() { + It("integration, s1, testnewlabel, appframework: can deploy Several standalone CRs in the same namespace with App Framework enabled", func() { /* Test Steps ################## SETUP #################### @@ -1191,7 +1191,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, testnewlabelforteardown, appframework: can add new apps to app source while install is in progress and have all apps installed", func() { + It("integration, s1, testnewlabel, appframework: can add new apps to app source while install is in progress and have all apps installed", func() { /* Test Steps ################## SETUP #################### @@ -1303,7 +1303,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, testnewlabelforteardown, appframework: Deploy a Standalone instance with App Framework enabled and reset operator pod while app install is in progress", func() { + It("integration, s1, testnewlabel, appframework: Deploy a Standalone instance with App Framework enabled and reset operator pod while app install is in progress", func() { /* Test Steps ################## SETUP #################### @@ -1399,7 +1399,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, testnewlabelforteardown, appframework: Deploy a Standalone instance with App Framework enabled and reset operator pod while app download is in progress", func() { + It("integration, s1, testnewlabel, appframework: Deploy a Standalone instance with App Framework enabled and reset operator pod while app download is in progress", func() { /* Test Steps ################## SETUP #################### @@ -1467,7 +1467,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, testnewlabelforteardown, appframework: can deploy a Standalone instance with App Framework enabled, install an app then disable it and remove it from app source", func() { + It("integration, s1, testnewlabel, appframework: can deploy a Standalone instance with App Framework enabled, install an app then disable it and remove it from app source", func() { /* Test Steps ################## SETUP #################### @@ -1561,7 +1561,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, testnewlabelforteardown, appframework: can deploy a Standalone instance with App Framework enabled, attempt to update using incorrect S3 credentials", func() { + It("integration, s1, testnewlabel, appframework: can deploy a Standalone instance with App Framework enabled, attempt to update using incorrect S3 credentials", func() { /* Test Steps ################## SETUP #################### @@ -1698,7 +1698,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, testnewlabelforteardown, appframework: Deploy a Standalone instance with App Framework enabled and update apps after app download is completed", func() { + It("integration, s1, testnewlabel, appframework: Deploy a Standalone instance with App Framework enabled and update apps after app download is completed", func() { /* Test Steps ################## SETUP #################### @@ -1782,7 +1782,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, testnewlabelforteardown, appframework: can deploy a Standalone instance and install a bigger volume of apps than the operator PV disk space", func() { + It("integration, s1, testnewlabel, appframework: can deploy a Standalone instance and install a bigger volume of apps than the operator PV disk space", func() { /* Test Steps ################## SETUP #################### @@ -1857,7 +1857,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, testnewlabelforteardown, appframework: Deploy a Standalone instance with App Framework enabled and delete apps from app directory when app download is complete", func() { + It("integration, s1, testnewlabel, appframework: Deploy a Standalone instance with App Framework enabled and delete apps from app directory when app download is complete", func() { /* Test Steps ################## SETUP #################### @@ -1928,7 +1928,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("smoke, s1, testnewlabelforteardown, appframework: can deploy a Standalone instance with App Framework enabled, install apps and check isDeploymentInProgress is set for Standaloen and MC CR's", func() { + It("smoke, s1, testnewlabel, appframework: can deploy a Standalone instance with App Framework enabled, install apps and check isDeploymentInProgress is set for Standaloen and MC CR's", func() { /* Test Steps ################## SETUP #################### From 3a78dfa9d5128814d439bdd447a2df13fa64ea1d Mon Sep 17 00:00:00 2001 From: rlieberman-splunk Date: Tue, 10 Dec 2024 13:13:34 -0600 Subject: [PATCH 61/74] trigger integration test for PR --- .github/workflows/int-test-workflow.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/int-test-workflow.yml b/.github/workflows/int-test-workflow.yml index d69e31a33..234059b66 100644 --- a/.github/workflows/int-test-workflow.yml +++ b/.github/workflows/int-test-workflow.yml @@ -5,6 +5,7 @@ on: - develop - main - feature** + - CSPL_3229_inttests jobs: build-operator-image: runs-on: ubuntu-latest From f70f23d80439838f928f3f5c879cc469b25e23e5 Mon Sep 17 00:00:00 2001 From: rlieberman-splunk Date: Wed, 11 Dec 2024 08:00:18 -0600 Subject: [PATCH 62/74] trigger rebuild of sok images for arm64 architectures --- ...AL2023-build-test-push-workflow-AL2023.yml | 292 ++++++++--------- .../arm-Ubuntu-build-test-push-workflow.yml | 294 +++++++++--------- 2 files changed, 293 insertions(+), 293 deletions(-) diff --git a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml index 412fb7cb6..1fa9b72c4 100644 --- a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml +++ b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml @@ -155,149 +155,149 @@ jobs: # uses: github/codeql-action/upload-sarif@v3 # with: # sarif_file: 'trivy-results.sarif' - smoke-tests-arm-al2023: - #needs: vulnerability-scan - needs: build-operator-image-arm-al2023 - strategy: - fail-fast: false - matrix: - test: [ - # basic, - # appframeworks1, - managerappframeworkc3, - # managerappframeworkm4, - # managersecret, - # managermc, - ] - runs-on: ubuntu-latest - env: - CLUSTER_NODES: 1 - CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} - SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator - SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator - TEST_FOCUS: "${{ matrix.test }}" - # This regex matches any string not containing smoke keyword - TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" - TEST_CLUSTER_PLATFORM: eks - EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} - EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} - TEST_BUCKET: ${{ secrets.TEST_BUCKET }} - TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} - ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} - ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} - EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} - CLUSTER_WIDE: "true" - DEPLOYMENT_TYPE: "" - ARM64: "true" - steps: - - name: Set Test Cluster Name - run: | - echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV - - name: Chekcout code - uses: actions/checkout@v2 - - name: Dotenv Action - id: dotenv - uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - - name: Install Kubectl - uses: Azure/setup-kubectl@v3 - with: - version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} - - name: Install Python - uses: actions/setup-python@v2 - - name: Install AWS CLI - run: | - curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" - unzip awscliv2.zip - sudo ./aws/install --update - aws --version - - name: Setup Go - uses: actions/setup-go@v2 - with: - go-version: ${{ steps.dotenv.outputs.GO_VERSION }} - - name: Install Ginkgo - run: | - make setup/ginkgo - - name: Install Helm - run: | - curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 - chmod 700 get_helm.sh - ./get_helm.sh - DESIRED_VERSION=v3.8.2 bash get_helm.sh - - name: Install EKS CTL - run: | - curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp - sudo mv /tmp/eksctl /usr/local/bin - eksctl version - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2.5.0 - - name: Install Operator SDK - run: | - sudo curl -L -o /usr/local/bin/operator-sdk https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}/operator-sdk-${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}-x86_64-linux-gnu - sudo chmod +x /usr/local/bin/operator-sdk - - name: Configure Docker Hub credentials - uses: docker/login-action@v1 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN}} - - name: Set Splunk Operator image - run: | - echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: ${{ secrets.AWS_DEFAULT_REGION }} - - name: Login to Amazon ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@v1 - - name: Pull Splunk Enterprise Image - run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} - - name: Create EKS cluster - run: | - export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} - export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }} - make cluster-up - - name: install metric server - run: | - kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml - - name: install k8s dashboard - run: | - kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml - - name: Setup Kustomize - run: | - sudo snap install kustomize - mkdir -p ./bin - cp /snap/bin/kustomize ./bin/kustomize - - name: Run smoke test - id: smoketest - run: | - make int-test - - name: Collect Test Logs - if: ${{ always() }} - run: | - mkdir -p /tmp/pod_logs - find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; - - name: Archive Pod Logs - if: ${{ always() }} - uses: actions/upload-artifact@v4.4.0 - with: - name: "splunk-pods-logs--artifacts-${{ matrix.test }}" - path: "/tmp/pod_logs/**" - - name: Cleanup Test Case artifacts - if: ${{ always() }} - run: | - make cleanup - make clean - - name: Cleanup up EKS cluster - if: ${{ always() }} - run: | - make cluster-down \ No newline at end of file + # smoke-tests-arm-al2023: + # #needs: vulnerability-scan + # needs: build-operator-image-arm-al2023 + # strategy: + # fail-fast: false + # matrix: + # test: [ + # # basic, + # # appframeworks1, + # managerappframeworkc3, + # # managerappframeworkm4, + # # managersecret, + # # managermc, + # ] + # runs-on: ubuntu-latest + # env: + # CLUSTER_NODES: 1 + # CLUSTER_WORKERS: 3 + # SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + # SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + # SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + # SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + # TEST_FOCUS: "${{ matrix.test }}" + # # This regex matches any string not containing smoke keyword + # TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" + # TEST_CLUSTER_PLATFORM: eks + # EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} + # EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} + # TEST_BUCKET: ${{ secrets.TEST_BUCKET }} + # TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} + # ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + # PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} + # S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + # ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} + # EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} + # CLUSTER_WIDE: "true" + # DEPLOYMENT_TYPE: "" + # ARM64: "true" + # steps: + # - name: Set Test Cluster Name + # run: | + # echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV + # - name: Chekcout code + # uses: actions/checkout@v2 + # - name: Dotenv Action + # id: dotenv + # uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + # - name: Change splunk enterprise to release image on main branches + # if: github.ref == 'refs/heads/main' + # run: | + # echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV + # - name: Install Kubectl + # uses: Azure/setup-kubectl@v3 + # with: + # version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} + # - name: Install Python + # uses: actions/setup-python@v2 + # - name: Install AWS CLI + # run: | + # curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" + # unzip awscliv2.zip + # sudo ./aws/install --update + # aws --version + # - name: Setup Go + # uses: actions/setup-go@v2 + # with: + # go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + # - name: Install Ginkgo + # run: | + # make setup/ginkgo + # - name: Install Helm + # run: | + # curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 + # chmod 700 get_helm.sh + # ./get_helm.sh + # DESIRED_VERSION=v3.8.2 bash get_helm.sh + # - name: Install EKS CTL + # run: | + # curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp + # sudo mv /tmp/eksctl /usr/local/bin + # eksctl version + # - name: Set up Docker Buildx + # uses: docker/setup-buildx-action@v2.5.0 + # - name: Install Operator SDK + # run: | + # sudo curl -L -o /usr/local/bin/operator-sdk https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}/operator-sdk-${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}-x86_64-linux-gnu + # sudo chmod +x /usr/local/bin/operator-sdk + # - name: Configure Docker Hub credentials + # uses: docker/login-action@v1 + # with: + # username: ${{ secrets.DOCKERHUB_USERNAME }} + # password: ${{ secrets.DOCKERHUB_TOKEN}} + # - name: Set Splunk Operator image + # run: | + # echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV + # - name: Configure AWS credentials + # uses: aws-actions/configure-aws-credentials@v1 + # with: + # aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + # aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + # aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + # - name: Login to Amazon ECR + # id: login-ecr + # uses: aws-actions/amazon-ecr-login@v1 + # - name: Pull Splunk Enterprise Image + # run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} + # - name: Create EKS cluster + # run: | + # export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + # export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }} + # make cluster-up + # - name: install metric server + # run: | + # kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml + # - name: install k8s dashboard + # run: | + # kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml + # - name: Setup Kustomize + # run: | + # sudo snap install kustomize + # mkdir -p ./bin + # cp /snap/bin/kustomize ./bin/kustomize + # - name: Run smoke test + # id: smoketest + # run: | + # make int-test + # - name: Collect Test Logs + # if: ${{ always() }} + # run: | + # mkdir -p /tmp/pod_logs + # find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; + # - name: Archive Pod Logs + # if: ${{ always() }} + # uses: actions/upload-artifact@v4.4.0 + # with: + # name: "splunk-pods-logs--artifacts-${{ matrix.test }}" + # path: "/tmp/pod_logs/**" + # - name: Cleanup Test Case artifacts + # if: ${{ always() }} + # run: | + # make cleanup + # make clean + # - name: Cleanup up EKS cluster + # if: ${{ always() }} + # run: | + # make cluster-down \ No newline at end of file diff --git a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml index ae220aaab..39ef710ba 100644 --- a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml +++ b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml @@ -2,7 +2,7 @@ name: Arm Ubuntu Smoke Test WorkFlow on: push: branches: - - CSPL_2920_xxx + - CSPL_2920 jobs: check-formating: runs-on: ubuntu-latest @@ -155,149 +155,149 @@ jobs: # uses: github/codeql-action/upload-sarif@v3 # with: # sarif_file: 'trivy-results.sarif' - smoke-tests-arm-ubuntu: - #needs: vulnerability-scan - needs: build-operator-image-arm-ubuntu - strategy: - fail-fast: false - matrix: - test: [ - # basic, - # appframeworks1, - managerappframeworkc3, - managerappframeworkm4, - # managersecret, - # managermc, - ] - runs-on: ubuntu-latest - env: - CLUSTER_NODES: 1 - CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} - SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator - SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator - TEST_FOCUS: "${{ matrix.test }}" - # This regex matches any string not containing smoke keyword - TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" - TEST_CLUSTER_PLATFORM: eks - EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} - EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} - TEST_BUCKET: ${{ secrets.TEST_BUCKET }} - TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} - ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} - ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} - EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} - CLUSTER_WIDE: "true" - DEPLOYMENT_TYPE: "" - ARM64: "true" - steps: - - name: Set Test Cluster Name - run: | - echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV - - name: Chekcout code - uses: actions/checkout@v2 - - name: Dotenv Action - id: dotenv - uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - - name: Install Kubectl - uses: Azure/setup-kubectl@v3 - with: - version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} - - name: Install Python - uses: actions/setup-python@v2 - - name: Install AWS CLI - run: | - curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" - unzip awscliv2.zip - sudo ./aws/install --update - aws --version - - name: Setup Go - uses: actions/setup-go@v2 - with: - go-version: ${{ steps.dotenv.outputs.GO_VERSION }} - - name: Install Ginkgo - run: | - make setup/ginkgo - - name: Install Helm - run: | - curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 - chmod 700 get_helm.sh - ./get_helm.sh - DESIRED_VERSION=v3.8.2 bash get_helm.sh - - name: Install EKS CTL - run: | - curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp - sudo mv /tmp/eksctl /usr/local/bin - eksctl version - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2.5.0 - - name: Install Operator SDK - run: | - sudo curl -L -o /usr/local/bin/operator-sdk https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}/operator-sdk-${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}-x86_64-linux-gnu - sudo chmod +x /usr/local/bin/operator-sdk - - name: Configure Docker Hub credentials - uses: docker/login-action@v1 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN}} - - name: Set Splunk Operator image - run: | - echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: ${{ secrets.AWS_DEFAULT_REGION }} - - name: Login to Amazon ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@v1 - - name: Pull Splunk Enterprise Image - run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} - - name: Create EKS cluster - run: | - export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} - export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }} - make cluster-up - - name: install metric server - run: | - kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml - - name: install k8s dashboard - run: | - kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml - - name: Setup Kustomize - run: | - sudo snap install kustomize - mkdir -p ./bin - cp /snap/bin/kustomize ./bin/kustomize - - name: Run smoke test - id: smoketest - run: | - make int-test - - name: Collect Test Logs - if: ${{ always() }} - run: | - mkdir -p /tmp/pod_logs - find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; - - name: Archive Pod Logs - if: ${{ always() }} - uses: actions/upload-artifact@v4.4.0 - with: - name: "splunk-pods-logs--artifacts-${{ matrix.test }}" - path: "/tmp/pod_logs/**" - - name: Cleanup Test Case artifacts - if: ${{ always() }} - run: | - make cleanup - make clean - - name: Cleanup up EKS cluster - if: ${{ always() }} - run: | - make cluster-down \ No newline at end of file + # smoke-tests-arm-ubuntu: + # #needs: vulnerability-scan + # needs: build-operator-image-arm-ubuntu + # strategy: + # fail-fast: false + # matrix: + # test: [ + # # basic, + # # appframeworks1, + # managerappframeworkc3, + # managerappframeworkm4, + # # managersecret, + # # managermc, + # ] + # runs-on: ubuntu-latest + # env: + # CLUSTER_NODES: 1 + # CLUSTER_WORKERS: 3 + # SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + # SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + # SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + # SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + # TEST_FOCUS: "${{ matrix.test }}" + # # This regex matches any string not containing smoke keyword + # TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" + # TEST_CLUSTER_PLATFORM: eks + # EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} + # EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} + # TEST_BUCKET: ${{ secrets.TEST_BUCKET }} + # TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} + # ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + # PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} + # S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + # ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} + # EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} + # CLUSTER_WIDE: "true" + # DEPLOYMENT_TYPE: "" + # ARM64: "true" + # steps: + # - name: Set Test Cluster Name + # run: | + # echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV + # - name: Chekcout code + # uses: actions/checkout@v2 + # - name: Dotenv Action + # id: dotenv + # uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + # - name: Change splunk enterprise to release image on main branches + # if: github.ref == 'refs/heads/main' + # run: | + # echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV + # - name: Install Kubectl + # uses: Azure/setup-kubectl@v3 + # with: + # version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} + # - name: Install Python + # uses: actions/setup-python@v2 + # - name: Install AWS CLI + # run: | + # curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" + # unzip awscliv2.zip + # sudo ./aws/install --update + # aws --version + # - name: Setup Go + # uses: actions/setup-go@v2 + # with: + # go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + # - name: Install Ginkgo + # run: | + # make setup/ginkgo + # - name: Install Helm + # run: | + # curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 + # chmod 700 get_helm.sh + # ./get_helm.sh + # DESIRED_VERSION=v3.8.2 bash get_helm.sh + # - name: Install EKS CTL + # run: | + # curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp + # sudo mv /tmp/eksctl /usr/local/bin + # eksctl version + # - name: Set up Docker Buildx + # uses: docker/setup-buildx-action@v2.5.0 + # - name: Install Operator SDK + # run: | + # sudo curl -L -o /usr/local/bin/operator-sdk https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}/operator-sdk-${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}-x86_64-linux-gnu + # sudo chmod +x /usr/local/bin/operator-sdk + # - name: Configure Docker Hub credentials + # uses: docker/login-action@v1 + # with: + # username: ${{ secrets.DOCKERHUB_USERNAME }} + # password: ${{ secrets.DOCKERHUB_TOKEN}} + # - name: Set Splunk Operator image + # run: | + # echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV + # - name: Configure AWS credentials + # uses: aws-actions/configure-aws-credentials@v1 + # with: + # aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + # aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + # aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + # - name: Login to Amazon ECR + # id: login-ecr + # uses: aws-actions/amazon-ecr-login@v1 + # - name: Pull Splunk Enterprise Image + # run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} + # - name: Create EKS cluster + # run: | + # export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + # export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }} + # make cluster-up + # - name: install metric server + # run: | + # kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml + # - name: install k8s dashboard + # run: | + # kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml + # - name: Setup Kustomize + # run: | + # sudo snap install kustomize + # mkdir -p ./bin + # cp /snap/bin/kustomize ./bin/kustomize + # - name: Run smoke test + # id: smoketest + # run: | + # make int-test + # - name: Collect Test Logs + # if: ${{ always() }} + # run: | + # mkdir -p /tmp/pod_logs + # find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; + # - name: Archive Pod Logs + # if: ${{ always() }} + # uses: actions/upload-artifact@v4.4.0 + # with: + # name: "splunk-pods-logs--artifacts-${{ matrix.test }}" + # path: "/tmp/pod_logs/**" + # - name: Cleanup Test Case artifacts + # if: ${{ always() }} + # run: | + # make cleanup + # make clean + # - name: Cleanup up EKS cluster + # if: ${{ always() }} + # run: | + # make cluster-down \ No newline at end of file From 223a9573278ad9d952fc65a8638c5ff878cae81b Mon Sep 17 00:00:00 2001 From: rlieberman-splunk Date: Wed, 11 Dec 2024 08:46:54 -0600 Subject: [PATCH 63/74] trigger rebuild for sok container on linux arm64 --- .github/workflows/arm-Ubuntu-build-test-push-workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml index 39ef710ba..bdcd49a0d 100644 --- a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml +++ b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml @@ -2,7 +2,7 @@ name: Arm Ubuntu Smoke Test WorkFlow on: push: branches: - - CSPL_2920 + - CSPL_2920_xxx jobs: check-formating: runs-on: ubuntu-latest From 501dea214987e7e5ea509ad43d1e2bec2e70d050 Mon Sep 17 00:00:00 2001 From: rlieberman-splunk Date: Wed, 11 Dec 2024 08:51:13 -0600 Subject: [PATCH 64/74] remove build and test workflow for now --- .github/workflows/build-test-push-workflow.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-test-push-workflow.yml b/.github/workflows/build-test-push-workflow.yml index 355448ccc..de7d50132 100644 --- a/.github/workflows/build-test-push-workflow.yml +++ b/.github/workflows/build-test-push-workflow.yml @@ -1,5 +1,8 @@ name: Smoke Test Workflow -on: push +on: + push: + branches: + - CSPL_2920_xxx jobs: check-formating: runs-on: ubuntu-latest From 44a01d42a9aeba217300698c159ea64d981b22e9 Mon Sep 17 00:00:00 2001 From: rlieberman-splunk Date: Wed, 11 Dec 2024 09:41:51 -0600 Subject: [PATCH 65/74] trigger rebuild for sok container on ubuntu arm64 --- .../workflows/arm-AL2023-build-test-push-workflow-AL2023.yml | 2 +- .github/workflows/arm-Ubuntu-build-test-push-workflow.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml index 1fa9b72c4..c59575ace 100644 --- a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml +++ b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml @@ -2,7 +2,7 @@ name: Arm AL2023 Smoke Test WorkFlow on: push: branches: - - CSPL_2920 + - CSPL_2920_xxx jobs: check-formating: runs-on: ubuntu-latest diff --git a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml index bdcd49a0d..39ef710ba 100644 --- a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml +++ b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml @@ -2,7 +2,7 @@ name: Arm Ubuntu Smoke Test WorkFlow on: push: branches: - - CSPL_2920_xxx + - CSPL_2920 jobs: check-formating: runs-on: ubuntu-latest From 2bee1d03306997fbc4a422e3f0f56fc5c7421617 Mon Sep 17 00:00:00 2001 From: rlieberman-splunk Date: Wed, 11 Dec 2024 14:36:14 -0600 Subject: [PATCH 66/74] separate suite tag for failing test --- .../workflows/build-test-push-workflow.yml | 2 +- .github/workflows/int-test-workflow.yml | 3 +- .../workflows/manual-int-test-workflow.yml | 2 +- .../namespace-scope-int-workflow.yml | 2 +- .../workflows/nightly-int-test-workflow.yml | 2 +- .../s1/appframework_aws_test.go | 34 +++++++++---------- 6 files changed, 23 insertions(+), 22 deletions(-) diff --git a/.github/workflows/build-test-push-workflow.yml b/.github/workflows/build-test-push-workflow.yml index 64eaa8c76..13378e5b3 100644 --- a/.github/workflows/build-test-push-workflow.yml +++ b/.github/workflows/build-test-push-workflow.yml @@ -165,7 +165,7 @@ jobs: matrix: test: [ basic, - testnewlabel, + appframeworksS1, # managerappframeworkc3, # managerappframeworkm4, # managersecret, diff --git a/.github/workflows/int-test-workflow.yml b/.github/workflows/int-test-workflow.yml index 234059b66..074f481fb 100644 --- a/.github/workflows/int-test-workflow.yml +++ b/.github/workflows/int-test-workflow.yml @@ -56,7 +56,8 @@ jobs: matrix: test: [ - testnewlabel, + appframeworksS1, + appframeworkhang, # managerappframeworkc3, # managerappframeworkm4, # managersecret, diff --git a/.github/workflows/manual-int-test-workflow.yml b/.github/workflows/manual-int-test-workflow.yml index f805c947b..6839b2029 100644 --- a/.github/workflows/manual-int-test-workflow.yml +++ b/.github/workflows/manual-int-test-workflow.yml @@ -13,7 +13,7 @@ jobs: matrix: test: [ - testnewlabel, + appframeworksS1, managerappframeworkc3, managerappframeworkm4, managersecret, diff --git a/.github/workflows/namespace-scope-int-workflow.yml b/.github/workflows/namespace-scope-int-workflow.yml index 06ee90c26..855219522 100644 --- a/.github/workflows/namespace-scope-int-workflow.yml +++ b/.github/workflows/namespace-scope-int-workflow.yml @@ -9,7 +9,7 @@ jobs: matrix: test: [ - testnewlabel, + appframeworksS1, managerappframeworkc3, managerappframeworkm4, managersecret, diff --git a/.github/workflows/nightly-int-test-workflow.yml b/.github/workflows/nightly-int-test-workflow.yml index c511a7c8a..6190d258d 100644 --- a/.github/workflows/nightly-int-test-workflow.yml +++ b/.github/workflows/nightly-int-test-workflow.yml @@ -53,7 +53,7 @@ jobs: matrix: test: [ - testnewlabel, + appframeworksS1, managerappframeworkc3, managerappframeworkm4, managersecret, diff --git a/test/appframework_aws/s1/appframework_aws_test.go b/test/appframework_aws/s1/appframework_aws_test.go index 1ed330ed7..48626a800 100644 --- a/test/appframework_aws/s1/appframework_aws_test.go +++ b/test/appframework_aws/s1/appframework_aws_test.go @@ -79,7 +79,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("smoke, s1, testnewlabel, appframework: can deploy a Standalone instance with App Framework enabled, install apps then upgrade them", func() { + It("smoke, s1, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, install apps then upgrade them", func() { /* Test Steps ################## SETUP #################### @@ -250,7 +250,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("smoke, s1, testnewlabel, appframework: can deploy a Standalone instance with App Framework enabled, install apps then downgrade them", func() { + It("smoke, s1, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, install apps then downgrade them", func() { /* Test Steps ################## SETUP #################### @@ -413,7 +413,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("s1, smoke, testnewlabel, appframework: can deploy a Standalone instance with App Framework enabled, install apps, scale up, install apps on new pod, scale down", func() { + It("s1, smoke, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, install apps, scale up, install apps on new pod, scale down", func() { /* Test Steps ################## SETUP #################### @@ -608,7 +608,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("s1, integration, testnewlabel, appframework: can deploy a Standalone instance with App Framework enabled, install apps, scale up, upgrade apps", func() { + It("s1, integration, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, install apps, scale up, upgrade apps", func() { /* Test Steps ################## SETUP #################### @@ -742,7 +742,7 @@ var _ = Describe("s1appfw test", func() { // ES App Installation not supported at the time. Will be added back at a later time. Context("Standalone deployment (S1) with App Framework", func() { - It("s1, integration, testnewlabel, appframework: can deploy a Standalone and have ES app installed", func() { + It("s1, integration, appframeworksS1, appframework: can deploy a Standalone and have ES app installed", func() { /* Test Steps ################## SETUP #################### @@ -843,7 +843,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, testnewlabel, appframework: can deploy a Standalone instance with App Framework enabled and install around 350MB of apps at once", func() { + It("integration, s1, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled and install around 350MB of apps at once", func() { /* Test Steps ################## SETUP #################### @@ -912,7 +912,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("s1, smoke, testnewlabel, appframework: can deploy a standalone instance with App Framework enabled for manual poll", func() { + It("s1, smoke, appframeworksS1, appframework: can deploy a standalone instance with App Framework enabled for manual poll", func() { /* Test Steps ################## SETUP #################### @@ -1090,7 +1090,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, testnewlabel, appframework: can deploy Several standalone CRs in the same namespace with App Framework enabled", func() { + It("integration, s1, appframeworkhang, appframework: can deploy Several standalone CRs in the same namespace with App Framework enabled", func() { /* Test Steps ################## SETUP #################### @@ -1191,7 +1191,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, testnewlabel, appframework: can add new apps to app source while install is in progress and have all apps installed", func() { + It("integration, s1, appframeworksS1, appframework: can add new apps to app source while install is in progress and have all apps installed", func() { /* Test Steps ################## SETUP #################### @@ -1303,7 +1303,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, testnewlabel, appframework: Deploy a Standalone instance with App Framework enabled and reset operator pod while app install is in progress", func() { + It("integration, s1, appframeworksS1, appframework: Deploy a Standalone instance with App Framework enabled and reset operator pod while app install is in progress", func() { /* Test Steps ################## SETUP #################### @@ -1399,7 +1399,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, testnewlabel, appframework: Deploy a Standalone instance with App Framework enabled and reset operator pod while app download is in progress", func() { + It("integration, s1, appframeworksS1, appframework: Deploy a Standalone instance with App Framework enabled and reset operator pod while app download is in progress", func() { /* Test Steps ################## SETUP #################### @@ -1467,7 +1467,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, testnewlabel, appframework: can deploy a Standalone instance with App Framework enabled, install an app then disable it and remove it from app source", func() { + It("integration, s1, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, install an app then disable it and remove it from app source", func() { /* Test Steps ################## SETUP #################### @@ -1561,7 +1561,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, testnewlabel, appframework: can deploy a Standalone instance with App Framework enabled, attempt to update using incorrect S3 credentials", func() { + It("integration, s1, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, attempt to update using incorrect S3 credentials", func() { /* Test Steps ################## SETUP #################### @@ -1698,7 +1698,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, testnewlabel, appframework: Deploy a Standalone instance with App Framework enabled and update apps after app download is completed", func() { + It("integration, s1, appframeworksS1, appframework: Deploy a Standalone instance with App Framework enabled and update apps after app download is completed", func() { /* Test Steps ################## SETUP #################### @@ -1782,7 +1782,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, testnewlabel, appframework: can deploy a Standalone instance and install a bigger volume of apps than the operator PV disk space", func() { + It("integration, s1, appframeworksS1, appframework: can deploy a Standalone instance and install a bigger volume of apps than the operator PV disk space", func() { /* Test Steps ################## SETUP #################### @@ -1857,7 +1857,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, testnewlabel, appframework: Deploy a Standalone instance with App Framework enabled and delete apps from app directory when app download is complete", func() { + It("integration, s1, appframeworksS1, appframework: Deploy a Standalone instance with App Framework enabled and delete apps from app directory when app download is complete", func() { /* Test Steps ################## SETUP #################### @@ -1928,7 +1928,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("smoke, s1, testnewlabel, appframework: can deploy a Standalone instance with App Framework enabled, install apps and check isDeploymentInProgress is set for Standaloen and MC CR's", func() { + It("smoke, s1, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, install apps and check isDeploymentInProgress is set for Standaloen and MC CR's", func() { /* Test Steps ################## SETUP #################### From 68cf212a6e3a56a36d625863acbcf374a16cc073 Mon Sep 17 00:00:00 2001 From: rlieberman-splunk Date: Thu, 12 Dec 2024 09:44:25 -0600 Subject: [PATCH 67/74] get correct standalone for readiness checks --- test/appframework_aws/s1/appframework_aws_test.go | 2 +- test/testenv/verificationutils.go | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/test/appframework_aws/s1/appframework_aws_test.go b/test/appframework_aws/s1/appframework_aws_test.go index 48626a800..51f360820 100644 --- a/test/appframework_aws/s1/appframework_aws_test.go +++ b/test/appframework_aws/s1/appframework_aws_test.go @@ -1090,7 +1090,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworkhang, appframework: can deploy Several standalone CRs in the same namespace with App Framework enabled", func() { + It("integration, s1, appframeworksS1, appframework: can deploy Several standalone CRs in the same namespace with App Framework enabled", func() { /* Test Steps ################## SETUP #################### diff --git a/test/testenv/verificationutils.go b/test/testenv/verificationutils.go index d2fe8e802..5fe554132 100644 --- a/test/testenv/verificationutils.go +++ b/test/testenv/verificationutils.go @@ -87,7 +87,7 @@ func VerifyMonitoringConsoleReady(ctx context.Context, deployment *Deployment, m // StandaloneReady verify Standalone is in ReadyStatus and does not flip-flop func StandaloneReady(ctx context.Context, deployment *Deployment, deploymentName string, standalone *enterpriseApi.Standalone, testenvInstance *TestCaseEnv) { gomega.Eventually(func() enterpriseApi.Phase { - err := deployment.GetInstance(ctx, deploymentName, standalone) + err := deployment.GetInstance(ctx, standalone.Name, standalone) if err != nil { return enterpriseApi.PhaseError } @@ -99,7 +99,7 @@ func StandaloneReady(ctx context.Context, deployment *Deployment, deploymentName // In a steady state, we should stay in Ready and not flip-flop around gomega.Consistently(func() enterpriseApi.Phase { - _ = deployment.GetInstance(ctx, deployment.GetName(), standalone) + _ = deployment.GetInstance(ctx, standalone.Name, standalone) DumpGetSplunkVersion(ctx, testenvInstance.GetName(), deployment, "standalone") return standalone.Status.Phase }, ConsistentDuration, ConsistentPollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) From b116765f58e3329c4c8e92384dcd196ec975dcdb Mon Sep 17 00:00:00 2001 From: rlieberman-splunk Date: Thu, 12 Dec 2024 09:47:33 -0600 Subject: [PATCH 68/74] get correct standalone for readiness checks --- .github/workflows/int-test-workflow.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/int-test-workflow.yml b/.github/workflows/int-test-workflow.yml index 074f481fb..6f0a60678 100644 --- a/.github/workflows/int-test-workflow.yml +++ b/.github/workflows/int-test-workflow.yml @@ -57,7 +57,6 @@ jobs: test: [ appframeworksS1, - appframeworkhang, # managerappframeworkc3, # managerappframeworkm4, # managersecret, From 2d1f4a01e85852cac1edea06434f73904523ef09 Mon Sep 17 00:00:00 2001 From: rlieberman-splunk Date: Thu, 12 Dec 2024 14:48:43 -0600 Subject: [PATCH 69/74] add sleep for managermc1 failing test case --- .github/workflows/build-test-push-workflow.yml | 8 ++++---- .github/workflows/int-test-workflow.yml | 4 ++-- .../monitoring_console/manager_monitoring_console_test.go | 8 ++++++-- 3 files changed, 12 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build-test-push-workflow.yml b/.github/workflows/build-test-push-workflow.yml index 13378e5b3..4ca3b8661 100644 --- a/.github/workflows/build-test-push-workflow.yml +++ b/.github/workflows/build-test-push-workflow.yml @@ -166,10 +166,10 @@ jobs: test: [ basic, appframeworksS1, - # managerappframeworkc3, - # managerappframeworkm4, - # managersecret, - # managermc, + managerappframeworkc3, + managerappframeworkm4, + managersecret, + managermc, ] runs-on: ubuntu-latest env: diff --git a/.github/workflows/int-test-workflow.yml b/.github/workflows/int-test-workflow.yml index 6f0a60678..6f06cba64 100644 --- a/.github/workflows/int-test-workflow.yml +++ b/.github/workflows/int-test-workflow.yml @@ -56,12 +56,12 @@ jobs: matrix: test: [ - appframeworksS1, + # appframeworksS1, # managerappframeworkc3, # managerappframeworkm4, # managersecret, # managersmartstore, - # managermc1, + managermc1, # managermc2, # managercrcrud, # licensemanager, diff --git a/test/monitoring_console/manager_monitoring_console_test.go b/test/monitoring_console/manager_monitoring_console_test.go index 2796f77a3..06b4dbfdb 100644 --- a/test/monitoring_console/manager_monitoring_console_test.go +++ b/test/monitoring_console/manager_monitoring_console_test.go @@ -760,7 +760,11 @@ var _ = Describe("Monitoring Console test", func() { // Verify MC is Ready and stays in ready state // testenv.VerifyMonitoringConsoleReady(ctx, deployment, mcTwoName, mcTwo, testcaseEnvInst) - // ############################ VERIFICATOIN FOR MONITORING CONSOLE TWO POST SHC RECONFIG ############################### + // ############################ VERIFICATION FOR MONITORING CONSOLE TWO POST SHC RECONFIG ############################### + + // Adding a sleep so that SHC can come up correctly + testcaseEnvInst.Log.Info("Sleeping to allow SHC and MC to become ready") + time.Sleep(900 * time.Second) // Check Cluster Manager in Monitoring Console Two Config Map testcaseEnvInst.Log.Info("Verify Cluster Manager on Monitoring Console Two Config Map after SHC Reconfig") @@ -781,7 +785,7 @@ var _ = Describe("Monitoring Console test", func() { testcaseEnvInst.Log.Info("Checking for Indexer Pod on MC TWO after SHC Reconfig") testenv.VerifyPodsInMCConfigString(ctx, deployment, testcaseEnvInst, indexerPods, mcTwoName, true, true) - // ############################ VERIFICATOIN FOR MONITORING CONSOLE ONE POST SHC RECONFIG ############################### + // ############################ VERIFICATION FOR MONITORING CONSOLE ONE POST SHC RECONFIG ############################### // Verify MC ONE is Ready and stays in ready state before running verfications testenv.VerifyMonitoringConsoleReady(ctx, deployment, mcName, mc, testcaseEnvInst) From f620d4b530041205233b21febca8a523dabd0d65 Mon Sep 17 00:00:00 2001 From: rlieberman-splunk Date: Fri, 13 Dec 2024 09:49:02 -0600 Subject: [PATCH 70/74] dump splunk version during consistently check for search head cluster --- test/monitoring_console/manager_monitoring_console_test.go | 6 +----- test/testenv/verificationutils.go | 2 +- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/test/monitoring_console/manager_monitoring_console_test.go b/test/monitoring_console/manager_monitoring_console_test.go index 06b4dbfdb..743ce0a00 100644 --- a/test/monitoring_console/manager_monitoring_console_test.go +++ b/test/monitoring_console/manager_monitoring_console_test.go @@ -755,17 +755,13 @@ var _ = Describe("Monitoring Console test", func() { Expect(err).To(Succeed(), "Failed to get update Monitoring Console in Search Head Cluster CRD") // Ensure Search Head Cluster go to Ready Phase - //testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) // Verify MC is Ready and stays in ready state // testenv.VerifyMonitoringConsoleReady(ctx, deployment, mcTwoName, mcTwo, testcaseEnvInst) // ############################ VERIFICATION FOR MONITORING CONSOLE TWO POST SHC RECONFIG ############################### - // Adding a sleep so that SHC can come up correctly - testcaseEnvInst.Log.Info("Sleeping to allow SHC and MC to become ready") - time.Sleep(900 * time.Second) - // Check Cluster Manager in Monitoring Console Two Config Map testcaseEnvInst.Log.Info("Verify Cluster Manager on Monitoring Console Two Config Map after SHC Reconfig") testenv.VerifyPodsInMCConfigMap(ctx, deployment, testcaseEnvInst, []string{fmt.Sprintf(testenv.ClusterManagerServiceName, deployment.GetName())}, splcommon.ClusterManagerURL, mcTwoName, true) diff --git a/test/testenv/verificationutils.go b/test/testenv/verificationutils.go index 5fe554132..ee1b375e6 100644 --- a/test/testenv/verificationutils.go +++ b/test/testenv/verificationutils.go @@ -139,7 +139,6 @@ func SearchHeadClusterReady(ctx context.Context, deployment *Deployment, testenv testenvInstance.Log.Info("Waiting for Search Head Cluster phase to be ready", "instance", shc.ObjectMeta.Name, "Phase", shc.Status.Phase) DumpGetPods(testenvInstance.GetName()) - DumpGetSplunkVersion(ctx, testenvInstance.GetName(), deployment, "-shc-") return shc.Status.Phase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) @@ -147,6 +146,7 @@ func SearchHeadClusterReady(ctx context.Context, deployment *Deployment, testenv gomega.Consistently(func() enterpriseApi.Phase { _ = deployment.GetInstance(ctx, deployment.GetName(), shc) testenvInstance.Log.Info("Check for Consistency Search Head Cluster phase to be ready", "instance", shc.ObjectMeta.Name, "Phase", shc.Status.Phase) + DumpGetSplunkVersion(ctx, testenvInstance.GetName(), deployment, "-shc-") return shc.Status.Phase }, ConsistentDuration, ConsistentPollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) } From 4b50e13982f289e4d1866a3babe28d57bddf9871 Mon Sep 17 00:00:00 2001 From: rlieberman-splunk Date: Fri, 13 Dec 2024 15:12:04 -0600 Subject: [PATCH 71/74] clean up new workflows --- ...AL2023-build-test-push-workflow-AL2023.yml | 456 +++++++++--------- .../arm-AL2023-int-test-workflow.yml | 8 +- .../arm-Ubuntu-build-test-push-workflow.yml | 456 +++++++++--------- .../arm-Ubuntu-int-test-workflow.yml | 8 +- .../workflows/build-test-push-workflow.yml | 7 +- 5 files changed, 468 insertions(+), 467 deletions(-) diff --git a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml index c59575ace..6d1773619 100644 --- a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml +++ b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml @@ -2,7 +2,8 @@ name: Arm AL2023 Smoke Test WorkFlow on: push: branches: - - CSPL_2920_xxx + - develop + - main jobs: check-formating: runs-on: ubuntu-latest @@ -19,38 +20,38 @@ jobs: run: make fmt && if [[ $? -ne 0 ]]; then false; fi - name: Lint source code run: make vet && if [[ $? -ne 0 ]]; then false; fi - #unit-tests: - # runs-on: ubuntu-latest - # needs: check-formating - # steps: - # - uses: actions/checkout@v2 - # - name: Dotenv Action - # id: dotenv - # uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - # - name: Setup Go - # uses: actions/setup-go@v2 - # with: - # go-version: ${{ steps.dotenv.outputs.GO_VERSION }} - # - name: Install goveralls - # run: | - # go version - # go install github.com/mattn/goveralls@latest - # - name: Install Ginkgo - # run: | - # make setup/ginkgo - # go mod tidy - # - name: Run Unit Tests - # run: make test - # - name: Run Code Coverage - # run: goveralls -coverprofile=coverage.out -service=circle-ci -repotoken ${{ secrets.COVERALLS_TOKEN }} - # - name: Upload Coverage artifacts - # uses: actions/upload-artifact@v4.4.0 - # with: - # name: coverage.out - # path: coverage.out + unit-tests: + runs-on: ubuntu-latest + needs: check-formating + steps: + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install goveralls + run: | + go version + go install github.com/mattn/goveralls@latest + - name: Install Ginkgo + run: | + make setup/ginkgo + go mod tidy + - name: Run Unit Tests + run: make test + - name: Run Code Coverage + run: goveralls -coverprofile=coverage.out -service=circle-ci -repotoken ${{ secrets.COVERALLS_TOKEN }} + - name: Upload Coverage artifacts + uses: actions/upload-artifact@v4.4.0 + with: + name: coverage.out + path: coverage.out build-operator-image-arm-al2023: runs-on: ubuntu-latest - #needs: unit-tests + needs: unit-tests env: SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator @@ -103,201 +104,200 @@ jobs: env: COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} - # vulnerability-scan: - # permissions: - # actions: read - # contents: read - # security-events: write - # runs-on: ubuntu-latest - # needs: build-operator-image-arm-al2023 - # env: - # SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} - # SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator - # ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - # S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} - # IMAGE_NAME: ${{ secrets.ECR_REPOSITORY }}/splunk/splunk-operator:${{ github.sha }} - # steps: - # - name: Set up cosign - # uses: sigstore/cosign-installer@main - # - uses: actions/checkout@v2 - # - name: Dotenv Action - # id: dotenv - # uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - # - name: Set up Docker Buildx - # uses: docker/setup-buildx-action@v2.5.0 - # - name: Configure AWS credentials - # uses: aws-actions/configure-aws-credentials@v1 - # with: - # aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - # aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - # aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + vulnerability-scan: + permissions: + actions: read + contents: read + security-events: write + runs-on: ubuntu-latest + needs: build-operator-image-arm-al2023 + env: + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + IMAGE_NAME: ${{ secrets.ECR_REPOSITORY }}/splunk/splunk-operator:${{ github.sha }} + steps: + - name: Set up cosign + uses: sigstore/cosign-installer@main + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} - # - name: Login to Amazon ECR - # uses: aws-actions/amazon-ecr-login@v1 - # - name: Pull Splunk Operator Image Locally - # run: | - # docker pull ${{ env.IMAGE_NAME }} - # - name: Verify Signed Splunk Operator image - # run: | - # cosign verify --key env://COSIGN_PUBLIC_KEY ${{ env.IMAGE_NAME }} - # env: - # COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }} - # - name: Run Trivy vulnerability scanner - # uses: aquasecurity/trivy-action@master - # with: - # image-ref: '${{ env.IMAGE_NAME }}' - # format: sarif - # #exit-code: 1 - # severity: 'CRITICAL' - # ignore-unfixed: true - # output: 'trivy-results.sarif' - # - name: Upload Trivy scan results to GitHub Security tab - # uses: github/codeql-action/upload-sarif@v3 - # with: - # sarif_file: 'trivy-results.sarif' - # smoke-tests-arm-al2023: - # #needs: vulnerability-scan - # needs: build-operator-image-arm-al2023 - # strategy: - # fail-fast: false - # matrix: - # test: [ - # # basic, - # # appframeworks1, - # managerappframeworkc3, - # # managerappframeworkm4, - # # managersecret, - # # managermc, - # ] - # runs-on: ubuntu-latest - # env: - # CLUSTER_NODES: 1 - # CLUSTER_WORKERS: 3 - # SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} - # SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} - # SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator - # SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator - # TEST_FOCUS: "${{ matrix.test }}" - # # This regex matches any string not containing smoke keyword - # TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" - # TEST_CLUSTER_PLATFORM: eks - # EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} - # EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} - # TEST_BUCKET: ${{ secrets.TEST_BUCKET }} - # TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} - # ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - # PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - # S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} - # ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} - # EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} - # CLUSTER_WIDE: "true" - # DEPLOYMENT_TYPE: "" - # ARM64: "true" - # steps: - # - name: Set Test Cluster Name - # run: | - # echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV - # - name: Chekcout code - # uses: actions/checkout@v2 - # - name: Dotenv Action - # id: dotenv - # uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - # - name: Change splunk enterprise to release image on main branches - # if: github.ref == 'refs/heads/main' - # run: | - # echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - # - name: Install Kubectl - # uses: Azure/setup-kubectl@v3 - # with: - # version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} - # - name: Install Python - # uses: actions/setup-python@v2 - # - name: Install AWS CLI - # run: | - # curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" - # unzip awscliv2.zip - # sudo ./aws/install --update - # aws --version - # - name: Setup Go - # uses: actions/setup-go@v2 - # with: - # go-version: ${{ steps.dotenv.outputs.GO_VERSION }} - # - name: Install Ginkgo - # run: | - # make setup/ginkgo - # - name: Install Helm - # run: | - # curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 - # chmod 700 get_helm.sh - # ./get_helm.sh - # DESIRED_VERSION=v3.8.2 bash get_helm.sh - # - name: Install EKS CTL - # run: | - # curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp - # sudo mv /tmp/eksctl /usr/local/bin - # eksctl version - # - name: Set up Docker Buildx - # uses: docker/setup-buildx-action@v2.5.0 - # - name: Install Operator SDK - # run: | - # sudo curl -L -o /usr/local/bin/operator-sdk https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}/operator-sdk-${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}-x86_64-linux-gnu - # sudo chmod +x /usr/local/bin/operator-sdk - # - name: Configure Docker Hub credentials - # uses: docker/login-action@v1 - # with: - # username: ${{ secrets.DOCKERHUB_USERNAME }} - # password: ${{ secrets.DOCKERHUB_TOKEN}} - # - name: Set Splunk Operator image - # run: | - # echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV - # - name: Configure AWS credentials - # uses: aws-actions/configure-aws-credentials@v1 - # with: - # aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - # aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - # aws-region: ${{ secrets.AWS_DEFAULT_REGION }} - # - name: Login to Amazon ECR - # id: login-ecr - # uses: aws-actions/amazon-ecr-login@v1 - # - name: Pull Splunk Enterprise Image - # run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} - # - name: Create EKS cluster - # run: | - # export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} - # export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }} - # make cluster-up - # - name: install metric server - # run: | - # kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml - # - name: install k8s dashboard - # run: | - # kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml - # - name: Setup Kustomize - # run: | - # sudo snap install kustomize - # mkdir -p ./bin - # cp /snap/bin/kustomize ./bin/kustomize - # - name: Run smoke test - # id: smoketest - # run: | - # make int-test - # - name: Collect Test Logs - # if: ${{ always() }} - # run: | - # mkdir -p /tmp/pod_logs - # find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; - # - name: Archive Pod Logs - # if: ${{ always() }} - # uses: actions/upload-artifact@v4.4.0 - # with: - # name: "splunk-pods-logs--artifacts-${{ matrix.test }}" - # path: "/tmp/pod_logs/**" - # - name: Cleanup Test Case artifacts - # if: ${{ always() }} - # run: | - # make cleanup - # make clean - # - name: Cleanup up EKS cluster - # if: ${{ always() }} - # run: | - # make cluster-down \ No newline at end of file + - name: Login to Amazon ECR + uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Operator Image Locally + run: | + docker pull ${{ env.IMAGE_NAME }} + - name: Verify Signed Splunk Operator image + run: | + cosign verify --key env://COSIGN_PUBLIC_KEY ${{ env.IMAGE_NAME }} + env: + COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }} + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + image-ref: '${{ env.IMAGE_NAME }}' + format: sarif + #exit-code: 1 + severity: 'CRITICAL' + ignore-unfixed: true + output: 'trivy-results.sarif' + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: 'trivy-results.sarif' + smoke-tests-arm-al2023: + needs: vulnerability-scan + strategy: + fail-fast: false + matrix: + test: [ + basic, + appframeworksS1, + managerappframeworkc3, + managerappframeworkm4, + managersecret, + managermc, + ] + runs-on: ubuntu-latest + env: + CLUSTER_NODES: 1 + CLUSTER_WORKERS: 3 + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + TEST_FOCUS: "${{ matrix.test }}" + # This regex matches any string not containing smoke keyword + TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" + TEST_CLUSTER_PLATFORM: eks + EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} + EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} + TEST_BUCKET: ${{ secrets.TEST_BUCKET }} + TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} + EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} + CLUSTER_WIDE: "true" + DEPLOYMENT_TYPE: "" + ARM64: "true" + steps: + - name: Set Test Cluster Name + run: | + echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV + - name: Chekcout code + uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Change splunk enterprise to release image on main branches + if: github.ref == 'refs/heads/main' + run: | + echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV + - name: Install Kubectl + uses: Azure/setup-kubectl@v3 + with: + version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} + - name: Install Python + uses: actions/setup-python@v2 + - name: Install AWS CLI + run: | + curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" + unzip awscliv2.zip + sudo ./aws/install --update + aws --version + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install Ginkgo + run: | + make setup/ginkgo + - name: Install Helm + run: | + curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 + chmod 700 get_helm.sh + ./get_helm.sh + DESIRED_VERSION=v3.8.2 bash get_helm.sh + - name: Install EKS CTL + run: | + curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp + sudo mv /tmp/eksctl /usr/local/bin + eksctl version + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Install Operator SDK + run: | + sudo curl -L -o /usr/local/bin/operator-sdk https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}/operator-sdk-${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}-x86_64-linux-gnu + sudo chmod +x /usr/local/bin/operator-sdk + - name: Configure Docker Hub credentials + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Set Splunk Operator image + run: | + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Enterprise Image + run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} + - name: Create EKS cluster + run: | + export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }} + make cluster-up + - name: install metric server + run: | + kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml + - name: install k8s dashboard + run: | + kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml + - name: Setup Kustomize + run: | + sudo snap install kustomize + mkdir -p ./bin + cp /snap/bin/kustomize ./bin/kustomize + - name: Run smoke test + id: smoketest + run: | + make int-test + - name: Collect Test Logs + if: ${{ always() }} + run: | + mkdir -p /tmp/pod_logs + find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; + - name: Archive Pod Logs + if: ${{ always() }} + uses: actions/upload-artifact@v4.4.0 + with: + name: "splunk-pods-logs--artifacts-${{ matrix.test }}" + path: "/tmp/pod_logs/**" + - name: Cleanup Test Case artifacts + if: ${{ always() }} + run: | + make cleanup + make clean + - name: Cleanup up EKS cluster + if: ${{ always() }} + run: | + make cluster-down \ No newline at end of file diff --git a/.github/workflows/arm-AL2023-int-test-workflow.yml b/.github/workflows/arm-AL2023-int-test-workflow.yml index 4f88868f9..b09004e12 100644 --- a/.github/workflows/arm-AL2023-int-test-workflow.yml +++ b/.github/workflows/arm-AL2023-int-test-workflow.yml @@ -2,7 +2,8 @@ name: Arm AL2023 Integration Test WorkFlow on: push: branches: - - CSPL_2920_xxx + - develop + - main jobs: build-operator-image-arm-al2023: runs-on: ubuntu-latest @@ -53,12 +54,13 @@ jobs: matrix: test: [ - appframeworks1, + appframeworksS1, managerappframeworkc3, managerappframeworkm4, managersecret, managersmartstore, - managermc, + managermc1, + managermc2, managercrcrud, licensemanager, managerdeletecr, diff --git a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml index 39ef710ba..80223e432 100644 --- a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml +++ b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml @@ -2,7 +2,8 @@ name: Arm Ubuntu Smoke Test WorkFlow on: push: branches: - - CSPL_2920 + - develop + - main jobs: check-formating: runs-on: ubuntu-latest @@ -19,38 +20,38 @@ jobs: run: make fmt && if [[ $? -ne 0 ]]; then false; fi - name: Lint source code run: make vet && if [[ $? -ne 0 ]]; then false; fi - #unit-tests: - # runs-on: ubuntu-latest - # needs: check-formating - # steps: - # - uses: actions/checkout@v2 - # - name: Dotenv Action - # id: dotenv - # uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - # - name: Setup Go - # uses: actions/setup-go@v2 - # with: - # go-version: ${{ steps.dotenv.outputs.GO_VERSION }} - # - name: Install goveralls - # run: | - # go version - # go install github.com/mattn/goveralls@latest - # - name: Install Ginkgo - # run: | - # make setup/ginkgo - # go mod tidy - # - name: Run Unit Tests - # run: make test - # - name: Run Code Coverage - # run: goveralls -coverprofile=coverage.out -service=circle-ci -repotoken ${{ secrets.COVERALLS_TOKEN }} - # - name: Upload Coverage artifacts - # uses: actions/upload-artifact@v4.4.0 - # with: - # name: coverage.out - # path: coverage.out + unit-tests: + runs-on: ubuntu-latest + needs: check-formating + steps: + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install goveralls + run: | + go version + go install github.com/mattn/goveralls@latest + - name: Install Ginkgo + run: | + make setup/ginkgo + go mod tidy + - name: Run Unit Tests + run: make test + - name: Run Code Coverage + run: goveralls -coverprofile=coverage.out -service=circle-ci -repotoken ${{ secrets.COVERALLS_TOKEN }} + - name: Upload Coverage artifacts + uses: actions/upload-artifact@v4.4.0 + with: + name: coverage.out + path: coverage.out build-operator-image-arm-ubuntu: runs-on: ubuntu-latest - #needs: unit-tests + needs: unit-tests env: SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator @@ -103,201 +104,200 @@ jobs: env: COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} - # vulnerability-scan: - # permissions: - # actions: read - # contents: read - # security-events: write - # runs-on: ubuntu-latest - # needs: build-operator-image-arm-ubuntu - # env: - # SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} - # SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator - # ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - # S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} - # IMAGE_NAME: ${{ secrets.ECR_REPOSITORY }}/splunk/splunk-operator:${{ github.sha }} - # steps: - # - name: Set up cosign - # uses: sigstore/cosign-installer@main - # - uses: actions/checkout@v2 - # - name: Dotenv Action - # id: dotenv - # uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - # - name: Set up Docker Buildx - # uses: docker/setup-buildx-action@v2.5.0 - # - name: Configure AWS credentials - # uses: aws-actions/configure-aws-credentials@v1 - # with: - # aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - # aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - # aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + vulnerability-scan: + permissions: + actions: read + contents: read + security-events: write + runs-on: ubuntu-latest + needs: build-operator-image-arm-ubuntu + env: + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + IMAGE_NAME: ${{ secrets.ECR_REPOSITORY }}/splunk/splunk-operator:${{ github.sha }} + steps: + - name: Set up cosign + uses: sigstore/cosign-installer@main + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} - # - name: Login to Amazon ECR - # uses: aws-actions/amazon-ecr-login@v1 - # - name: Pull Splunk Operator Image Locally - # run: | - # docker pull ${{ env.IMAGE_NAME }} - # - name: Verify Signed Splunk Operator image - # run: | - # cosign verify --key env://COSIGN_PUBLIC_KEY ${{ env.IMAGE_NAME }} - # env: - # COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }} - # - name: Run Trivy vulnerability scanner - # uses: aquasecurity/trivy-action@master - # with: - # image-ref: '${{ env.IMAGE_NAME }}' - # format: sarif - # #exit-code: 1 - # severity: 'CRITICAL' - # ignore-unfixed: true - # output: 'trivy-results.sarif' - # - name: Upload Trivy scan results to GitHub Security tab - # uses: github/codeql-action/upload-sarif@v3 - # with: - # sarif_file: 'trivy-results.sarif' - # smoke-tests-arm-ubuntu: - # #needs: vulnerability-scan - # needs: build-operator-image-arm-ubuntu - # strategy: - # fail-fast: false - # matrix: - # test: [ - # # basic, - # # appframeworks1, - # managerappframeworkc3, - # managerappframeworkm4, - # # managersecret, - # # managermc, - # ] - # runs-on: ubuntu-latest - # env: - # CLUSTER_NODES: 1 - # CLUSTER_WORKERS: 3 - # SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} - # SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} - # SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator - # SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator - # TEST_FOCUS: "${{ matrix.test }}" - # # This regex matches any string not containing smoke keyword - # TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" - # TEST_CLUSTER_PLATFORM: eks - # EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} - # EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} - # TEST_BUCKET: ${{ secrets.TEST_BUCKET }} - # TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} - # ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - # PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - # S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} - # ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} - # EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} - # CLUSTER_WIDE: "true" - # DEPLOYMENT_TYPE: "" - # ARM64: "true" - # steps: - # - name: Set Test Cluster Name - # run: | - # echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV - # - name: Chekcout code - # uses: actions/checkout@v2 - # - name: Dotenv Action - # id: dotenv - # uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - # - name: Change splunk enterprise to release image on main branches - # if: github.ref == 'refs/heads/main' - # run: | - # echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - # - name: Install Kubectl - # uses: Azure/setup-kubectl@v3 - # with: - # version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} - # - name: Install Python - # uses: actions/setup-python@v2 - # - name: Install AWS CLI - # run: | - # curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" - # unzip awscliv2.zip - # sudo ./aws/install --update - # aws --version - # - name: Setup Go - # uses: actions/setup-go@v2 - # with: - # go-version: ${{ steps.dotenv.outputs.GO_VERSION }} - # - name: Install Ginkgo - # run: | - # make setup/ginkgo - # - name: Install Helm - # run: | - # curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 - # chmod 700 get_helm.sh - # ./get_helm.sh - # DESIRED_VERSION=v3.8.2 bash get_helm.sh - # - name: Install EKS CTL - # run: | - # curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp - # sudo mv /tmp/eksctl /usr/local/bin - # eksctl version - # - name: Set up Docker Buildx - # uses: docker/setup-buildx-action@v2.5.0 - # - name: Install Operator SDK - # run: | - # sudo curl -L -o /usr/local/bin/operator-sdk https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}/operator-sdk-${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}-x86_64-linux-gnu - # sudo chmod +x /usr/local/bin/operator-sdk - # - name: Configure Docker Hub credentials - # uses: docker/login-action@v1 - # with: - # username: ${{ secrets.DOCKERHUB_USERNAME }} - # password: ${{ secrets.DOCKERHUB_TOKEN}} - # - name: Set Splunk Operator image - # run: | - # echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV - # - name: Configure AWS credentials - # uses: aws-actions/configure-aws-credentials@v1 - # with: - # aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - # aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - # aws-region: ${{ secrets.AWS_DEFAULT_REGION }} - # - name: Login to Amazon ECR - # id: login-ecr - # uses: aws-actions/amazon-ecr-login@v1 - # - name: Pull Splunk Enterprise Image - # run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} - # - name: Create EKS cluster - # run: | - # export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} - # export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }} - # make cluster-up - # - name: install metric server - # run: | - # kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml - # - name: install k8s dashboard - # run: | - # kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml - # - name: Setup Kustomize - # run: | - # sudo snap install kustomize - # mkdir -p ./bin - # cp /snap/bin/kustomize ./bin/kustomize - # - name: Run smoke test - # id: smoketest - # run: | - # make int-test - # - name: Collect Test Logs - # if: ${{ always() }} - # run: | - # mkdir -p /tmp/pod_logs - # find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; - # - name: Archive Pod Logs - # if: ${{ always() }} - # uses: actions/upload-artifact@v4.4.0 - # with: - # name: "splunk-pods-logs--artifacts-${{ matrix.test }}" - # path: "/tmp/pod_logs/**" - # - name: Cleanup Test Case artifacts - # if: ${{ always() }} - # run: | - # make cleanup - # make clean - # - name: Cleanup up EKS cluster - # if: ${{ always() }} - # run: | - # make cluster-down \ No newline at end of file + - name: Login to Amazon ECR + uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Operator Image Locally + run: | + docker pull ${{ env.IMAGE_NAME }} + - name: Verify Signed Splunk Operator image + run: | + cosign verify --key env://COSIGN_PUBLIC_KEY ${{ env.IMAGE_NAME }} + env: + COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }} + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + image-ref: '${{ env.IMAGE_NAME }}' + format: sarif + #exit-code: 1 + severity: 'CRITICAL' + ignore-unfixed: true + output: 'trivy-results.sarif' + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: 'trivy-results.sarif' + smoke-tests-arm-ubuntu: + needs: vulnerability-scan + strategy: + fail-fast: false + matrix: + test: [ + basic, + appframeworksS1, + managerappframeworkc3, + managerappframeworkm4, + managersecret, + managermc, + ] + runs-on: ubuntu-latest + env: + CLUSTER_NODES: 1 + CLUSTER_WORKERS: 3 + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + TEST_FOCUS: "${{ matrix.test }}" + # This regex matches any string not containing smoke keyword + TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" + TEST_CLUSTER_PLATFORM: eks + EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} + EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} + TEST_BUCKET: ${{ secrets.TEST_BUCKET }} + TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} + EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} + CLUSTER_WIDE: "true" + DEPLOYMENT_TYPE: "" + ARM64: "true" + steps: + - name: Set Test Cluster Name + run: | + echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV + - name: Chekcout code + uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Change splunk enterprise to release image on main branches + if: github.ref == 'refs/heads/main' + run: | + echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV + - name: Install Kubectl + uses: Azure/setup-kubectl@v3 + with: + version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} + - name: Install Python + uses: actions/setup-python@v2 + - name: Install AWS CLI + run: | + curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" + unzip awscliv2.zip + sudo ./aws/install --update + aws --version + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install Ginkgo + run: | + make setup/ginkgo + - name: Install Helm + run: | + curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 + chmod 700 get_helm.sh + ./get_helm.sh + DESIRED_VERSION=v3.8.2 bash get_helm.sh + - name: Install EKS CTL + run: | + curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp + sudo mv /tmp/eksctl /usr/local/bin + eksctl version + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Install Operator SDK + run: | + sudo curl -L -o /usr/local/bin/operator-sdk https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}/operator-sdk-${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}-x86_64-linux-gnu + sudo chmod +x /usr/local/bin/operator-sdk + - name: Configure Docker Hub credentials + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Set Splunk Operator image + run: | + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Enterprise Image + run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} + - name: Create EKS cluster + run: | + export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }} + make cluster-up + - name: install metric server + run: | + kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml + - name: install k8s dashboard + run: | + kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml + - name: Setup Kustomize + run: | + sudo snap install kustomize + mkdir -p ./bin + cp /snap/bin/kustomize ./bin/kustomize + - name: Run smoke test + id: smoketest + run: | + make int-test + - name: Collect Test Logs + if: ${{ always() }} + run: | + mkdir -p /tmp/pod_logs + find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; + - name: Archive Pod Logs + if: ${{ always() }} + uses: actions/upload-artifact@v4.4.0 + with: + name: "splunk-pods-logs--artifacts-${{ matrix.test }}" + path: "/tmp/pod_logs/**" + - name: Cleanup Test Case artifacts + if: ${{ always() }} + run: | + make cleanup + make clean + - name: Cleanup up EKS cluster + if: ${{ always() }} + run: | + make cluster-down \ No newline at end of file diff --git a/.github/workflows/arm-Ubuntu-int-test-workflow.yml b/.github/workflows/arm-Ubuntu-int-test-workflow.yml index 449bb4159..12bf282ce 100644 --- a/.github/workflows/arm-Ubuntu-int-test-workflow.yml +++ b/.github/workflows/arm-Ubuntu-int-test-workflow.yml @@ -2,7 +2,8 @@ name: Arm Ubuntu Integration Test WorkFlow Ubuntu on: push: branches: - - CSPL_2920_xxx + - develop + - main jobs: build-operator-image-arm-ubuntu: runs-on: ubuntu-latest @@ -53,12 +54,13 @@ jobs: matrix: test: [ - appframeworks1, + appframeworksS1, managerappframeworkc3, managerappframeworkm4, managersecret, managersmartstore, - managermc, + managermc1, + managermc2, managercrcrud, licensemanager, managerdeletecr, diff --git a/.github/workflows/build-test-push-workflow.yml b/.github/workflows/build-test-push-workflow.yml index de7d50132..a1244edf5 100644 --- a/.github/workflows/build-test-push-workflow.yml +++ b/.github/workflows/build-test-push-workflow.yml @@ -1,8 +1,5 @@ -name: Smoke Test Workflow -on: - push: - branches: - - CSPL_2920_xxx +name: Build and Test +on: push jobs: check-formating: runs-on: ubuntu-latest From 85acc39f9d91c3192ede8f89812a81c1bb50bbf9 Mon Sep 17 00:00:00 2001 From: Arjun Kondur Date: Mon, 9 Dec 2024 16:15:14 -0600 Subject: [PATCH 72/74] merge commit for pulling splunk enterprise image --- test/run-tests.sh | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/test/run-tests.sh b/test/run-tests.sh index a09da527e..1fc03aedf 100755 --- a/test/run-tests.sh +++ b/test/run-tests.sh @@ -35,6 +35,7 @@ if [ -n "${PRIVATE_REGISTRY}" ]; then fi # Always attempt to pull splunk enterprise image +<<<<<<< HEAD echo "Pulling SPLUNK_ENTERPRISE_IMAGE=${SPLUNK_ENTERPRISE_IMAGE}..." docker pull ${SPLUNK_ENTERPRISE_IMAGE} if [ $? -ne 0 ]; then @@ -48,6 +49,24 @@ if [ -n "${PRIVATE_REGISTRY}" ]; then echo "Tagging to privat repo ${PRIVATE_SPLUNK_OPERATOR_IMAGE}..." docker tag ${SPLUNK_ENTERPRISE_IMAGE} ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} echo "Pushing to private repo ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}" +======= + echo "check if image exists, docker manifest inspect $PRIVATE_SPLUNK_ENTERPRISE_IMAGE" + if docker manifest inspect "$PRIVATE_SPLUNK_ENTERPRISE_IMAGE" > /dev/null 2>&1; then + echo "Image $PRIVATE_SPLUNK_ENTERPRISE_IMAGE exists on the remote repository." + docker pull ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} + if [ $? -ne 0 ]; then + echo "Unable to pull ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}. Exiting..." + exit 1 + fi + else + echo "Image $PRIVATE_SPLUNK_ENTERPRISE_IMAGE does not exist on the remote repository." + docker pull ${SPLUNK_ENTERPRISE_IMAGE} + if [ $? -ne 0 ]; then + echo "Unable to pull ${SPLUNK_ENTERPRISE_IMAGE}. Exiting..." + exit 1 + fi + docker tag ${SPLUNK_ENTERPRISE_IMAGE} ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} +>>>>>>> 7f9b7158 (Update 2.7.0 branch for gitlab testig needs.) docker push ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} if [ $? -ne 0 ]; then echo "Unable to push ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}. Exiting..." From 5749ef8ebd85e20335a0819a529c1afd52408ec7 Mon Sep 17 00:00:00 2001 From: rlieberman-splunk Date: Fri, 13 Dec 2024 15:39:18 -0600 Subject: [PATCH 73/74] re-enable test case, correct merge conflict --- .../c3/manager_appframework_test.go | 2 +- test/run-tests.sh | 16 ---------------- 2 files changed, 1 insertion(+), 17 deletions(-) diff --git a/test/appframework_aws/c3/manager_appframework_test.go b/test/appframework_aws/c3/manager_appframework_test.go index a8c93b0c7..7d9272c23 100644 --- a/test/appframework_aws/c3/manager_appframework_test.go +++ b/test/appframework_aws/c3/manager_appframework_test.go @@ -304,7 +304,7 @@ var _ = Describe("c3appfw test", func() { }) }) - XContext("Single Site Indexer Cluster with Search Head Cluster (C3) and App Framework and Image Upgrade", func() { + Context("Single Site Indexer Cluster with Search Head Cluster (C3) and App Framework and Image Upgrade", func() { It("smoke, c3, managerappframeworkc3t, appframework: can deploy a C3 SVA with App Framework enabled, install apps then upgrade the image and apps", func() { //################## SETUP #################### diff --git a/test/run-tests.sh b/test/run-tests.sh index 1fc03aedf..13a96dc4a 100755 --- a/test/run-tests.sh +++ b/test/run-tests.sh @@ -35,21 +35,6 @@ if [ -n "${PRIVATE_REGISTRY}" ]; then fi # Always attempt to pull splunk enterprise image -<<<<<<< HEAD - echo "Pulling SPLUNK_ENTERPRISE_IMAGE=${SPLUNK_ENTERPRISE_IMAGE}..." - docker pull ${SPLUNK_ENTERPRISE_IMAGE} - if [ $? -ne 0 ]; then - echo "Unable to pull ${SPLUNK_ENTERPRISE_IMAGE}. Exiting..." - exit 1 - fi - - if [ "$ARM64" == "true" ]; then - echo "ARM64, enterprise tag and push unnecessary" - else - echo "Tagging to privat repo ${PRIVATE_SPLUNK_OPERATOR_IMAGE}..." - docker tag ${SPLUNK_ENTERPRISE_IMAGE} ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} - echo "Pushing to private repo ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}" -======= echo "check if image exists, docker manifest inspect $PRIVATE_SPLUNK_ENTERPRISE_IMAGE" if docker manifest inspect "$PRIVATE_SPLUNK_ENTERPRISE_IMAGE" > /dev/null 2>&1; then echo "Image $PRIVATE_SPLUNK_ENTERPRISE_IMAGE exists on the remote repository." @@ -66,7 +51,6 @@ if [ -n "${PRIVATE_REGISTRY}" ]; then exit 1 fi docker tag ${SPLUNK_ENTERPRISE_IMAGE} ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} ->>>>>>> 7f9b7158 (Update 2.7.0 branch for gitlab testig needs.) docker push ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} if [ $? -ne 0 ]; then echo "Unable to push ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}. Exiting..." From 261d84c7c1b65387e84270f6320352da8c41ad3d Mon Sep 17 00:00:00 2001 From: rlieberman-splunk Date: Tue, 17 Dec 2024 07:56:49 -0600 Subject: [PATCH 74/74] add back feature branch for integration test workflow trigger --- .github/workflows/int-test-workflow.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/int-test-workflow.yml b/.github/workflows/int-test-workflow.yml index 5d0418fd6..7da280e27 100644 --- a/.github/workflows/int-test-workflow.yml +++ b/.github/workflows/int-test-workflow.yml @@ -4,6 +4,7 @@ on: branches: - develop - main + - feature** jobs: build-operator-image: runs-on: ubuntu-latest