Skip to content

Commit

Permalink
Address review comments
Browse files Browse the repository at this point in the history
  • Loading branch information
akondur committed Nov 14, 2024
1 parent 87fd60c commit e56a203
Show file tree
Hide file tree
Showing 12 changed files with 117 additions and 239 deletions.
2 changes: 1 addition & 1 deletion .env
Original file line number Diff line number Diff line change
Expand Up @@ -8,4 +8,4 @@ EKSCTL_VERSION=v0.191.0
EKS_CLUSTER_K8_VERSION=1.31
SPLUNK_ENTERPRISE_RELEASE_IMAGE=splunk/splunk:9.3.0
EKS_INSTANCE_TYPE=m5.2xlarge
EKS_INSTANCE_TYPE_GRAVITON=c6g.4xlarge
EKS_INSTANCE_TYPE_ARM64=c6g.4xlarge
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: Graviton Smoke Test WorkFlow Ubuntu
name: Arm AL2023 Smoke Test WorkFlow
on:
push:
branches:
Expand Down Expand Up @@ -49,7 +49,7 @@ jobs:
# with:
# name: coverage.out
# path: coverage.out
build-operator-image-graviton:
build-operator-image-arm-al2023:
runs-on: ubuntu-latest
#needs: unit-tests
env:
Expand Down Expand Up @@ -94,10 +94,10 @@ jobs:
- name: Build and push Splunk Operator Image
run: |
export PLATFORMS=linux/arm64
export BUILDPLATFORM=linux/arm64
export TARGETOS=linux
export TARGETARCH=arm64
docker buildx build --push --platform=linux/arm64,linux/amd64 --build-arg BASE_OS=ubuntu:24.10 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton .
export BASE_OS=public.ecr.aws/amazonlinux/amazonlinux
export BASE_OS_VERSION=2023
export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA
make docker-buildx PLATFORMS=$PLATFORMS BASE_OS=$BASE_OS BASE_OS_VERSION=$BASE_OS_VERSION IMG=$IMG
- name: Sign Splunk Operator image with a key
run: |
cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }}
Expand All @@ -110,7 +110,7 @@ jobs:
# contents: read
# security-events: write
# runs-on: ubuntu-latest
# needs: build-operator-image-graviton
# needs: build-operator-image-arm-al2023
# env:
# SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }}
# SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
Expand Down Expand Up @@ -156,9 +156,9 @@ jobs:
# uses: github/codeql-action/upload-sarif@v3
# with:
# sarif_file: 'trivy-results.sarif'
smoke-tests-graviton:
smoke-tests-arm-al2023:
#needs: vulnerability-scan
needs: build-operator-image-graviton
needs: build-operator-image-arm-al2023
strategy:
fail-fast: false
matrix:
Expand All @@ -174,8 +174,8 @@ jobs:
env:
CLUSTER_NODES: 1
CLUSTER_WORKERS: 3
SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }}
SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }}
SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }}
SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }}
SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator
TEST_FOCUS: "${{ matrix.test }}"
Expand All @@ -193,7 +193,7 @@ jobs:
EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }}
CLUSTER_WIDE: "true"
DEPLOYMENT_TYPE: ""
GRAVITON: "true"
ARM64: "true"
steps:
- name: Set Test Cluster Name
run: |
Expand Down Expand Up @@ -265,12 +265,7 @@ jobs:
- name: Create EKS cluster
run: |
export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }}
export PLATFORMS=linux/arm64
export BUILDPLATFORM=linux/arm64
export TARGETOS=linux
export TARGETARCH=arm64
export TARGETOSIMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014
export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_GRAVITON }}
export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }}
make cluster-up
- name: install metric server
run: |
Expand Down
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
name: Graviton Integration Test WorkFlow AL2023
name: Arm AL2023 Integration Test WorkFlow
on:
push:
branches:
- CSPL_2920_xx
jobs:
build-operator-image-graviton:
build-operator-image-arm-al2023:
runs-on: ubuntu-latest
timeout-minutes: 360
env:
Expand Down Expand Up @@ -43,11 +43,11 @@ jobs:
- name: Build and push Splunk Operator Image
run: |
export PLATFORMS=linux/arm64
export BUILDPLATFORM=linux/arm64
export TARGETOS=linux
export TARGETARCH=arm64
docker buildx build --push --platform=linux/arm64,linux/amd64 --build-arg BASE_OS=public.ecr.aws/amazonlinux/amazonlinux:2023 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton .
int-tests-graviton:
export BASE_OS=public.ecr.aws/amazonlinux/amazonlinux
export BASE_OS_VERSION=2023
export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA
make docker-buildx PLATFORMS=$PLATFORMS BASE_OS=$BASE_OS BASE_OS_VERSION=$BASE_OS_VERSION IMG=$IMG
int-tests-arm-al2023:
strategy:
fail-fast: false
matrix:
Expand All @@ -64,12 +64,12 @@ jobs:
managerdeletecr,
]
runs-on: ubuntu-latest
needs: build-operator-image-graviton
needs: build-operator-image-arm-al2023
env:
CLUSTER_NODES: 1
CLUSTER_WORKERS: 3
SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }}
SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }}
SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }}
SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }}
SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator
TEST_FOCUS: "${{ matrix.test }}"
Expand All @@ -86,7 +86,7 @@ jobs:
ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }}
CLUSTER_WIDE: "true"
DEPLOYMENT_TYPE: ""
GRAVITON: "true"
ARM64: "true"
steps:
- name: Set Test Cluster Name
run: |
Expand Down Expand Up @@ -160,12 +160,7 @@ jobs:
- name: Create EKS cluster
run: |
export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }}
export PLATFORMS=linux/arm64
export BUILDPLATFORM=linux/arm64
export TARGETOS=linux
export TARGETARCH=arm64
export TARGETOSIMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014
export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_GRAVITON }}
export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }}
make cluster-up
- name: install metric server
run: |
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: Graviton Smoke Test WorkFlow AL2023
name: Arm Ubuntu Smoke Test WorkFlow
on:
push:
branches:
Expand Down Expand Up @@ -49,7 +49,7 @@ jobs:
# with:
# name: coverage.out
# path: coverage.out
build-operator-image-graviton:
build-operator-image-arm-ubuntu:
runs-on: ubuntu-latest
#needs: unit-tests
env:
Expand Down Expand Up @@ -94,10 +94,10 @@ jobs:
- name: Build and push Splunk Operator Image
run: |
export PLATFORMS=linux/arm64
export BUILDPLATFORM=linux/arm64
export TARGETOS=linux
export TARGETARCH=arm64
docker buildx build --push --platform=linux/arm64,linux/amd64 --build-arg BASE_OS=public.ecr.aws/amazonlinux/amazonlinux:2023 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton .
export BASE_OS=ubuntu
export BASE_OS_VERSION=24.10
export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA
make docker-buildx PLATFORMS=$PLATFORMS BASE_OS=$BASE_OS BASE_OS_VERSION=$BASE_OS_VERSION IMG=$IMG
- name: Sign Splunk Operator image with a key
run: |
cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }}
Expand All @@ -110,7 +110,7 @@ jobs:
# contents: read
# security-events: write
# runs-on: ubuntu-latest
# needs: build-operator-image-graviton
# needs: build-operator-image-arm-ubuntu
# env:
# SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }}
# SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
Expand Down Expand Up @@ -156,9 +156,9 @@ jobs:
# uses: github/codeql-action/upload-sarif@v3
# with:
# sarif_file: 'trivy-results.sarif'
smoke-tests-graviton:
smoke-tests-arm-ubuntu:
#needs: vulnerability-scan
needs: build-operator-image-graviton
needs: build-operator-image-arm-ubuntu
strategy:
fail-fast: false
matrix:
Expand All @@ -174,8 +174,8 @@ jobs:
env:
CLUSTER_NODES: 1
CLUSTER_WORKERS: 3
SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }}
SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }}
SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }}
SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }}
SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator
TEST_FOCUS: "${{ matrix.test }}"
Expand All @@ -193,7 +193,7 @@ jobs:
EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }}
CLUSTER_WIDE: "true"
DEPLOYMENT_TYPE: ""
GRAVITON: "true"
ARM64: "true"
steps:
- name: Set Test Cluster Name
run: |
Expand Down Expand Up @@ -265,12 +265,7 @@ jobs:
- name: Create EKS cluster
run: |
export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }}
export PLATFORMS=linux/arm64
export BUILDPLATFORM=linux/arm64
export TARGETOS=linux
export TARGETARCH=arm64
export TARGETOSIMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014
export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_GRAVITON }}
export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }}
make cluster-up
- name: install metric server
run: |
Expand Down
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
name: Graviton Integration Test WorkFlow Ubuntu
name: Arm Ubuntu Integration Test WorkFlow Ubuntu
on:
push:
branches:
- CSPL_2920_xx
jobs:
build-operator-image-graviton:
build-operator-image-arm-ubuntu:
runs-on: ubuntu-latest
timeout-minutes: 360
env:
Expand Down Expand Up @@ -43,12 +43,11 @@ jobs:
- name: Build and push Splunk Operator Image
run: |
export PLATFORMS=linux/arm64
export BUILDPLATFORM=linux/arm64
export TARGETOS=linux
export TARGETARCH=arm64
export BASE_OS=ubuntu:24.10
docker buildx build --push --platform=linux/arm64,linux/amd64 --build-arg BASE_OS=ubuntu:24.10 --tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA -f Dockerfile.graviton .
int-tests-graviton:
export BASE_OS=ubuntu
export BASE_OS_VERSION=24.10
export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA
make docker-buildx PLATFORMS=$PLATFORMS BASE_OS=$BASE_OS BASE_OS_VERSION=$BASE_OS_VERSION IMG=$IMG
int-tests-arm-ubuntu:
strategy:
fail-fast: false
matrix:
Expand All @@ -65,12 +64,12 @@ jobs:
managerdeletecr,
]
runs-on: ubuntu-latest
needs: build-operator-image-graviton
needs: build-operator-image-arm-ubuntu
env:
CLUSTER_NODES: 1
CLUSTER_WORKERS: 3
SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }}
SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_GRAVITON }}
SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }}
SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }}
SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator
TEST_FOCUS: "${{ matrix.test }}"
Expand All @@ -87,7 +86,7 @@ jobs:
ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }}
CLUSTER_WIDE: "true"
DEPLOYMENT_TYPE: ""
GRAVITON: "true"
ARM64: "true"
steps:
- name: Set Test Cluster Name
run: |
Expand Down Expand Up @@ -161,12 +160,7 @@ jobs:
- name: Create EKS cluster
run: |
export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }}
export PLATFORMS=linux/arm64
export BUILDPLATFORM=linux/arm64
export TARGETOS=linux
export TARGETARCH=arm64
export TARGETOSIMAGE=public.ecr.aws/amazonlinux/amazonlinux:2023.0.20211014
export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_GRAVITON }}
export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }}
make cluster-up
- name: install metric server
run: |
Expand Down
28 changes: 20 additions & 8 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,12 +1,17 @@
# Setup defaults for build arguments
ARG PLATFORMS ?= linux/amd64
ARG BASE_OS ?= registry.access.redhat.com/ubi8/ubi
ARG BASE_OS_VERSION ?= 8.10

# Build the manager binary
FROM golang:1.23.0 AS builder
FROM golang:1.23.0 as builder

WORKDIR /workspace

# Copy the Go Modules manifests
COPY go.mod go.mod
COPY go.sum go.sum
# cache deps before building and copying source so that we don't need to re-download as much
# and so that source changes don't invalidate our downloaded layer
# Cache dependencies before building and copying source to reduce re-downloading
RUN go mod download

# Copy the go source
Expand All @@ -18,22 +23,25 @@ COPY tools/ tools/
COPY hack hack/

# Build
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o manager main.go
# TARGETOS and TARGETARCH are provided(inferred) by buildx via the --platforms flag
RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -a -o manager main.go

# Use BASE_OS as the base image
FROM ${BASE_OS}:{BASE_OS_VERSION}

# Use distroless as minimal base image to package the manager binary
# Refer to https://github.com/GoogleContainerTools/distroless for more details
FROM registry.access.redhat.com/ubi8/ubi:8.10
ENV OPERATOR=/manager \
USER_UID=1001 \
USER_NAME=nonroot

# Install necessary packages and configure user
RUN yum -y install shadow-utils && \
useradd -ms /bin/bash nonroot -u 1001 && \
yum update -y krb5-libs && yum clean all && \
yum -y update-minimal --security --sec-severity=Important --sec-severity=Critical && \
yum -y update-minimal --security --sec-severity=Moderate && \
yum -y update-minimal --security --sec-severity=Low

# Metadata
LABEL name="splunk" \
maintainer="[email protected]" \
vendor="splunk" \
Expand All @@ -42,17 +50,21 @@ LABEL name="splunk" \
summary="Simplify the Deployment & Management of Splunk Products on Kubernetes" \
description="The Splunk Operator for Kubernetes (SOK) makes it easy for Splunk Administrators to deploy and operate Enterprise deployments in a Kubernetes infrastructure. Packaged as a container, it uses the operator pattern to manage Splunk-specific custom resources, following best practices to manage all the underlying Kubernetes objects for you."

# Set up workspace
WORKDIR /
RUN mkdir /licenses && \
mkdir -p /tools/k8_probes

# Copy necessary files from the builder stage and other resources
COPY --from=builder /workspace/manager .
COPY tools/EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf /licenses
COPY LICENSE /licenses/LICENSE-2.0.txt
COPY tools/k8_probes/livenessProbe.sh /tools/k8_probes/
COPY tools/k8_probes/readinessProbe.sh /tools/k8_probes/
COPY tools/k8_probes/startupProbe.sh /tools/k8_probes/

# Set the user
USER 1001

ENTRYPOINT ["/manager"]
# Start the manager
ENTRYPOINT ["/manager"]
Loading

0 comments on commit e56a203

Please sign in to comment.