diff --git a/.env b/.env index 084d76467..5789cc271 100644 --- a/.env +++ b/.env @@ -6,4 +6,6 @@ KUBECTL_VERSION=v1.29.1 AZ_CLI_VERSION=2.30.0 EKSCTL_VERSION=v0.191.0 EKS_CLUSTER_K8_VERSION=1.31 -SPLUNK_ENTERPRISE_RELEASE_IMAGE=splunk/splunk:9.3.2 +EKS_INSTANCE_TYPE=m5.2xlarge +EKS_INSTANCE_TYPE_ARM64=c6g.4xlarge +SPLUNK_ENTERPRISE_RELEASE_IMAGE=splunk/splunk:9.3.2 \ No newline at end of file diff --git a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml new file mode 100644 index 000000000..6d1773619 --- /dev/null +++ b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml @@ -0,0 +1,303 @@ +name: Arm AL2023 Smoke Test WorkFlow +on: + push: + branches: + - develop + - main +jobs: + check-formating: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Check Source formatting + run: make fmt && if [[ $? -ne 0 ]]; then false; fi + - name: Lint source code + run: make vet && if [[ $? -ne 0 ]]; then false; fi + unit-tests: + runs-on: ubuntu-latest + needs: check-formating + steps: + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install goveralls + run: | + go version + go install github.com/mattn/goveralls@latest + - name: Install Ginkgo + run: | + make setup/ginkgo + go mod tidy + - name: Run Unit Tests + run: make test + - name: Run Code Coverage + run: goveralls -coverprofile=coverage.out -service=circle-ci -repotoken ${{ secrets.COVERALLS_TOKEN }} + - name: Upload Coverage artifacts + uses: actions/upload-artifact@v4.4.0 + with: + name: coverage.out + path: coverage.out + build-operator-image-arm-al2023: + runs-on: ubuntu-latest + needs: unit-tests + env: + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + steps: + - name: Set up cosign + uses: sigstore/cosign-installer@main + + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install Ginkgo + run: | + make setup/ginkgo + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Install Operator SDK + run: | + export ARCH=$(case $(uname -m) in x86_64) echo -n amd64 ;; aarch64) echo -n arm64 ;; *) echo -n $(uname -m) ;; esac) + export OS=$(uname | awk '{print tolower($0)}') + export OPERATOR_SDK_DL_URL=https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }} + sudo curl -LO ${OPERATOR_SDK_DL_URL}/operator-sdk_${OS}_${ARCH} + sudo chmod +x operator-sdk_${OS}_${ARCH} + sudo mv operator-sdk_${OS}_${ARCH} /usr/local/bin/operator-sdk + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Build and push Splunk Operator Image + run: | + export PLATFORMS=linux/arm64,linux/amd64 + export BASE_IMAGE=public.ecr.aws/amazonlinux/amazonlinux + export BASE_IMAGE_VERSION=2023 + export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG + - name: Sign Splunk Operator image with a key + run: | + cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} + env: + COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} + COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} + vulnerability-scan: + permissions: + actions: read + contents: read + security-events: write + runs-on: ubuntu-latest + needs: build-operator-image-arm-al2023 + env: + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + IMAGE_NAME: ${{ secrets.ECR_REPOSITORY }}/splunk/splunk-operator:${{ github.sha }} + steps: + - name: Set up cosign + uses: sigstore/cosign-installer@main + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + + - name: Login to Amazon ECR + uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Operator Image Locally + run: | + docker pull ${{ env.IMAGE_NAME }} + - name: Verify Signed Splunk Operator image + run: | + cosign verify --key env://COSIGN_PUBLIC_KEY ${{ env.IMAGE_NAME }} + env: + COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }} + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + image-ref: '${{ env.IMAGE_NAME }}' + format: sarif + #exit-code: 1 + severity: 'CRITICAL' + ignore-unfixed: true + output: 'trivy-results.sarif' + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: 'trivy-results.sarif' + smoke-tests-arm-al2023: + needs: vulnerability-scan + strategy: + fail-fast: false + matrix: + test: [ + basic, + appframeworksS1, + managerappframeworkc3, + managerappframeworkm4, + managersecret, + managermc, + ] + runs-on: ubuntu-latest + env: + CLUSTER_NODES: 1 + CLUSTER_WORKERS: 3 + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + TEST_FOCUS: "${{ matrix.test }}" + # This regex matches any string not containing smoke keyword + TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" + TEST_CLUSTER_PLATFORM: eks + EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} + EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} + TEST_BUCKET: ${{ secrets.TEST_BUCKET }} + TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} + EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} + CLUSTER_WIDE: "true" + DEPLOYMENT_TYPE: "" + ARM64: "true" + steps: + - name: Set Test Cluster Name + run: | + echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV + - name: Chekcout code + uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Change splunk enterprise to release image on main branches + if: github.ref == 'refs/heads/main' + run: | + echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV + - name: Install Kubectl + uses: Azure/setup-kubectl@v3 + with: + version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} + - name: Install Python + uses: actions/setup-python@v2 + - name: Install AWS CLI + run: | + curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" + unzip awscliv2.zip + sudo ./aws/install --update + aws --version + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install Ginkgo + run: | + make setup/ginkgo + - name: Install Helm + run: | + curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 + chmod 700 get_helm.sh + ./get_helm.sh + DESIRED_VERSION=v3.8.2 bash get_helm.sh + - name: Install EKS CTL + run: | + curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp + sudo mv /tmp/eksctl /usr/local/bin + eksctl version + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Install Operator SDK + run: | + sudo curl -L -o /usr/local/bin/operator-sdk https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}/operator-sdk-${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}-x86_64-linux-gnu + sudo chmod +x /usr/local/bin/operator-sdk + - name: Configure Docker Hub credentials + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Set Splunk Operator image + run: | + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Enterprise Image + run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} + - name: Create EKS cluster + run: | + export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }} + make cluster-up + - name: install metric server + run: | + kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml + - name: install k8s dashboard + run: | + kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml + - name: Setup Kustomize + run: | + sudo snap install kustomize + mkdir -p ./bin + cp /snap/bin/kustomize ./bin/kustomize + - name: Run smoke test + id: smoketest + run: | + make int-test + - name: Collect Test Logs + if: ${{ always() }} + run: | + mkdir -p /tmp/pod_logs + find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; + - name: Archive Pod Logs + if: ${{ always() }} + uses: actions/upload-artifact@v4.4.0 + with: + name: "splunk-pods-logs--artifacts-${{ matrix.test }}" + path: "/tmp/pod_logs/**" + - name: Cleanup Test Case artifacts + if: ${{ always() }} + run: | + make cleanup + make clean + - name: Cleanup up EKS cluster + if: ${{ always() }} + run: | + make cluster-down \ No newline at end of file diff --git a/.github/workflows/arm-AL2023-int-test-workflow.yml b/.github/workflows/arm-AL2023-int-test-workflow.yml new file mode 100644 index 000000000..b09004e12 --- /dev/null +++ b/.github/workflows/arm-AL2023-int-test-workflow.yml @@ -0,0 +1,207 @@ +name: Arm AL2023 Integration Test WorkFlow +on: + push: + branches: + - develop + - main +jobs: + build-operator-image-arm-al2023: + runs-on: ubuntu-latest + timeout-minutes: 360 + env: + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + steps: + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Install Operator SDK + run: | + export ARCH=$(case $(uname -m) in x86_64) echo -n amd64 ;; aarch64) echo -n arm64 ;; *) echo -n $(uname -m) ;; esac) + export OS=$(uname | awk '{print tolower($0)}') + export OPERATOR_SDK_DL_URL=https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }} + sudo curl -LO ${OPERATOR_SDK_DL_URL}/operator-sdk_${OS}_${ARCH} + sudo chmod +x operator-sdk_${OS}_${ARCH} + sudo mv operator-sdk_${OS}_${ARCH} /usr/local/bin/operator-sdk + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Build and push Splunk Operator Image + run: | + export PLATFORMS=linux/arm64,linux/amd64 + export BASE_IMAGE=public.ecr.aws/amazonlinux/amazonlinux + export BASE_IMAGE_VERSION=2023 + export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG + int-tests-arm-al2023: + strategy: + fail-fast: false + matrix: + test: + [ + appframeworksS1, + managerappframeworkc3, + managerappframeworkm4, + managersecret, + managersmartstore, + managermc1, + managermc2, + managercrcrud, + licensemanager, + managerdeletecr, + ] + runs-on: ubuntu-latest + needs: build-operator-image-arm-al2023 + env: + CLUSTER_NODES: 1 + CLUSTER_WORKERS: 3 + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + TEST_FOCUS: "${{ matrix.test }}" + # This regex matches any string not containing integration keyword + TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" + TEST_CLUSTER_PLATFORM: eks + EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} + EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} + TEST_BUCKET: ${{ secrets.TEST_BUCKET }} + TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} + CLUSTER_WIDE: "true" + DEPLOYMENT_TYPE: "" + ARM64: "true" + steps: + - name: Set Test Cluster Name + run: | + echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV + - name: Set Test Cluster Nodes and Parallel Runs + run: >- + if grep -q "appframework" <<< "${{ matrix.test }}"; then + echo "CLUSTER_WORKERS=5" >> $GITHUB_ENV + echo "CLUSTER_NODES=2" >> $GITHUB_ENV + fi + - name: Checkcout code + uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Change splunk enterprise to release image on main branches + if: github.ref == 'refs/heads/main' + run: | + echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV + - name: Install Kubectl + uses: Azure/setup-kubectl@v3 + with: + version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} + - name: Install Python + uses: actions/setup-python@v2 + - name: Install AWS CLI + run: | + curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" + unzip awscliv2.zip + sudo ./aws/install --update + aws --version + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install Ginkgo + run: | + make setup/ginkgo + - name: Install Helm + run: | + curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 + chmod 700 get_helm.sh + ./get_helm.sh + DESIRED_VERSION=v3.8.2 bash get_helm.sh + - name: Install EKS CTL + run: | + curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp + sudo mv /tmp/eksctl /usr/local/bin + eksctl version + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Configure Docker Hub credentials + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Set Splunk Operator image + run: | + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Enterprise Image + run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} + - name: Create EKS cluster + run: | + export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }} + make cluster-up + - name: install metric server + run: | + kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml + - name: install k8s dashboard + run: | + kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml + - name: Setup Kustomize + run: | + sudo snap install kustomize + mkdir -p ./bin + cp /snap/bin/kustomize ./bin/kustomize + - name: Run Integration test + run: | + make int-test + - name: Collect Test Logs + if: ${{ always() }} + run: | + mkdir -p /tmp/pod_logs + find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; + - name: Archive Pod Logs + if: ${{ always() }} + uses: actions/upload-artifact@v4.4.0 + with: + name: "splunk-pods-logs--artifacts-${{ matrix.test }}" + path: "/tmp/pod_logs/**" + - name: Cleanup Test Case artifacts + if: ${{ always() }} + run: | + make cleanup + make clean + - name: Cleanup up EKS cluster + if: ${{ always() }} + run: | + make cluster-down + #- name: Test Report + # uses: dorny/test-reporter@v1 + # if: success() || failure() # run this step even if previous step failed + # with: + # name: Integration Tests # Name of the check run which will be created + # path: inttest-*.xml # Path to test results + # reporter: jest-junit # Format of test results \ No newline at end of file diff --git a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml new file mode 100644 index 000000000..80223e432 --- /dev/null +++ b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml @@ -0,0 +1,303 @@ +name: Arm Ubuntu Smoke Test WorkFlow +on: + push: + branches: + - develop + - main +jobs: + check-formating: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Check Source formatting + run: make fmt && if [[ $? -ne 0 ]]; then false; fi + - name: Lint source code + run: make vet && if [[ $? -ne 0 ]]; then false; fi + unit-tests: + runs-on: ubuntu-latest + needs: check-formating + steps: + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install goveralls + run: | + go version + go install github.com/mattn/goveralls@latest + - name: Install Ginkgo + run: | + make setup/ginkgo + go mod tidy + - name: Run Unit Tests + run: make test + - name: Run Code Coverage + run: goveralls -coverprofile=coverage.out -service=circle-ci -repotoken ${{ secrets.COVERALLS_TOKEN }} + - name: Upload Coverage artifacts + uses: actions/upload-artifact@v4.4.0 + with: + name: coverage.out + path: coverage.out + build-operator-image-arm-ubuntu: + runs-on: ubuntu-latest + needs: unit-tests + env: + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + steps: + - name: Set up cosign + uses: sigstore/cosign-installer@main + + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install Ginkgo + run: | + make setup/ginkgo + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Install Operator SDK + run: | + export ARCH=$(case $(uname -m) in x86_64) echo -n amd64 ;; aarch64) echo -n arm64 ;; *) echo -n $(uname -m) ;; esac) + export OS=$(uname | awk '{print tolower($0)}') + export OPERATOR_SDK_DL_URL=https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }} + sudo curl -LO ${OPERATOR_SDK_DL_URL}/operator-sdk_${OS}_${ARCH} + sudo chmod +x operator-sdk_${OS}_${ARCH} + sudo mv operator-sdk_${OS}_${ARCH} /usr/local/bin/operator-sdk + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Build and push Splunk Operator Image + run: | + export PLATFORMS=linux/arm64,linux/amd64 + export BASE_IMAGE=ubuntu + export BASE_IMAGE_VERSION=24.10 + export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG + - name: Sign Splunk Operator image with a key + run: | + cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} + env: + COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} + COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} + vulnerability-scan: + permissions: + actions: read + contents: read + security-events: write + runs-on: ubuntu-latest + needs: build-operator-image-arm-ubuntu + env: + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + IMAGE_NAME: ${{ secrets.ECR_REPOSITORY }}/splunk/splunk-operator:${{ github.sha }} + steps: + - name: Set up cosign + uses: sigstore/cosign-installer@main + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + + - name: Login to Amazon ECR + uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Operator Image Locally + run: | + docker pull ${{ env.IMAGE_NAME }} + - name: Verify Signed Splunk Operator image + run: | + cosign verify --key env://COSIGN_PUBLIC_KEY ${{ env.IMAGE_NAME }} + env: + COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }} + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + image-ref: '${{ env.IMAGE_NAME }}' + format: sarif + #exit-code: 1 + severity: 'CRITICAL' + ignore-unfixed: true + output: 'trivy-results.sarif' + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: 'trivy-results.sarif' + smoke-tests-arm-ubuntu: + needs: vulnerability-scan + strategy: + fail-fast: false + matrix: + test: [ + basic, + appframeworksS1, + managerappframeworkc3, + managerappframeworkm4, + managersecret, + managermc, + ] + runs-on: ubuntu-latest + env: + CLUSTER_NODES: 1 + CLUSTER_WORKERS: 3 + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + TEST_FOCUS: "${{ matrix.test }}" + # This regex matches any string not containing smoke keyword + TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" + TEST_CLUSTER_PLATFORM: eks + EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} + EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} + TEST_BUCKET: ${{ secrets.TEST_BUCKET }} + TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} + EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} + CLUSTER_WIDE: "true" + DEPLOYMENT_TYPE: "" + ARM64: "true" + steps: + - name: Set Test Cluster Name + run: | + echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV + - name: Chekcout code + uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Change splunk enterprise to release image on main branches + if: github.ref == 'refs/heads/main' + run: | + echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV + - name: Install Kubectl + uses: Azure/setup-kubectl@v3 + with: + version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} + - name: Install Python + uses: actions/setup-python@v2 + - name: Install AWS CLI + run: | + curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" + unzip awscliv2.zip + sudo ./aws/install --update + aws --version + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install Ginkgo + run: | + make setup/ginkgo + - name: Install Helm + run: | + curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 + chmod 700 get_helm.sh + ./get_helm.sh + DESIRED_VERSION=v3.8.2 bash get_helm.sh + - name: Install EKS CTL + run: | + curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp + sudo mv /tmp/eksctl /usr/local/bin + eksctl version + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Install Operator SDK + run: | + sudo curl -L -o /usr/local/bin/operator-sdk https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}/operator-sdk-${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}-x86_64-linux-gnu + sudo chmod +x /usr/local/bin/operator-sdk + - name: Configure Docker Hub credentials + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Set Splunk Operator image + run: | + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Enterprise Image + run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} + - name: Create EKS cluster + run: | + export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }} + make cluster-up + - name: install metric server + run: | + kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml + - name: install k8s dashboard + run: | + kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml + - name: Setup Kustomize + run: | + sudo snap install kustomize + mkdir -p ./bin + cp /snap/bin/kustomize ./bin/kustomize + - name: Run smoke test + id: smoketest + run: | + make int-test + - name: Collect Test Logs + if: ${{ always() }} + run: | + mkdir -p /tmp/pod_logs + find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; + - name: Archive Pod Logs + if: ${{ always() }} + uses: actions/upload-artifact@v4.4.0 + with: + name: "splunk-pods-logs--artifacts-${{ matrix.test }}" + path: "/tmp/pod_logs/**" + - name: Cleanup Test Case artifacts + if: ${{ always() }} + run: | + make cleanup + make clean + - name: Cleanup up EKS cluster + if: ${{ always() }} + run: | + make cluster-down \ No newline at end of file diff --git a/.github/workflows/arm-Ubuntu-int-test-workflow.yml b/.github/workflows/arm-Ubuntu-int-test-workflow.yml new file mode 100644 index 000000000..12bf282ce --- /dev/null +++ b/.github/workflows/arm-Ubuntu-int-test-workflow.yml @@ -0,0 +1,207 @@ +name: Arm Ubuntu Integration Test WorkFlow Ubuntu +on: + push: + branches: + - develop + - main +jobs: + build-operator-image-arm-ubuntu: + runs-on: ubuntu-latest + timeout-minutes: 360 + env: + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + steps: + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Install Operator SDK + run: | + export ARCH=$(case $(uname -m) in x86_64) echo -n amd64 ;; aarch64) echo -n arm64 ;; *) echo -n $(uname -m) ;; esac) + export OS=$(uname | awk '{print tolower($0)}') + export OPERATOR_SDK_DL_URL=https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }} + sudo curl -LO ${OPERATOR_SDK_DL_URL}/operator-sdk_${OS}_${ARCH} + sudo chmod +x operator-sdk_${OS}_${ARCH} + sudo mv operator-sdk_${OS}_${ARCH} /usr/local/bin/operator-sdk + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Build and push Splunk Operator Image + run: | + export PLATFORMS=linux/arm64,linux/amd64 + export BASE_IMAGE=ubuntu + export BASE_IMAGE_VERSION=24.10 + export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG + int-tests-arm-ubuntu: + strategy: + fail-fast: false + matrix: + test: + [ + appframeworksS1, + managerappframeworkc3, + managerappframeworkm4, + managersecret, + managersmartstore, + managermc1, + managermc2, + managercrcrud, + licensemanager, + managerdeletecr, + ] + runs-on: ubuntu-latest + needs: build-operator-image-arm-ubuntu + env: + CLUSTER_NODES: 1 + CLUSTER_WORKERS: 3 + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + TEST_FOCUS: "${{ matrix.test }}" + # This regex matches any string not containing integration keyword + TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" + TEST_CLUSTER_PLATFORM: eks + EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} + EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} + TEST_BUCKET: ${{ secrets.TEST_BUCKET }} + TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} + CLUSTER_WIDE: "true" + DEPLOYMENT_TYPE: "" + ARM64: "true" + steps: + - name: Set Test Cluster Name + run: | + echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV + - name: Set Test Cluster Nodes and Parallel Runs + run: >- + if grep -q "appframework" <<< "${{ matrix.test }}"; then + echo "CLUSTER_WORKERS=5" >> $GITHUB_ENV + echo "CLUSTER_NODES=2" >> $GITHUB_ENV + fi + - name: Checkcout code + uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Change splunk enterprise to release image on main branches + if: github.ref == 'refs/heads/main' + run: | + echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV + - name: Install Kubectl + uses: Azure/setup-kubectl@v3 + with: + version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} + - name: Install Python + uses: actions/setup-python@v2 + - name: Install AWS CLI + run: | + curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" + unzip awscliv2.zip + sudo ./aws/install --update + aws --version + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install Ginkgo + run: | + make setup/ginkgo + - name: Install Helm + run: | + curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 + chmod 700 get_helm.sh + ./get_helm.sh + DESIRED_VERSION=v3.8.2 bash get_helm.sh + - name: Install EKS CTL + run: | + curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp + sudo mv /tmp/eksctl /usr/local/bin + eksctl version + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Configure Docker Hub credentials + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Set Splunk Operator image + run: | + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Enterprise Image + run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} + - name: Create EKS cluster + run: | + export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }} + make cluster-up + - name: install metric server + run: | + kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml + - name: install k8s dashboard + run: | + kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml + - name: Setup Kustomize + run: | + sudo snap install kustomize + mkdir -p ./bin + cp /snap/bin/kustomize ./bin/kustomize + - name: Run Integration test + run: | + make int-test + - name: Collect Test Logs + if: ${{ always() }} + run: | + mkdir -p /tmp/pod_logs + find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; + - name: Archive Pod Logs + if: ${{ always() }} + uses: actions/upload-artifact@v4.4.0 + with: + name: "splunk-pods-logs--artifacts-${{ matrix.test }}" + path: "/tmp/pod_logs/**" + - name: Cleanup Test Case artifacts + if: ${{ always() }} + run: | + make cleanup + make clean + - name: Cleanup up EKS cluster + if: ${{ always() }} + run: | + make cluster-down + #- name: Test Report + # uses: dorny/test-reporter@v1 + # if: success() || failure() # run this step even if previous step failed + # with: + # name: Integration Tests # Name of the check run which will be created + # path: inttest-*.xml # Path to test results + # reporter: jest-junit # Format of test results \ No newline at end of file diff --git a/.github/workflows/build-test-push-workflow.yml b/.github/workflows/build-test-push-workflow.yml index 4ca3b8661..a1244edf5 100644 --- a/.github/workflows/build-test-push-workflow.yml +++ b/.github/workflows/build-test-push-workflow.yml @@ -87,19 +87,9 @@ jobs: - name: Login to Amazon ECR id: login-ecr uses: aws-actions/amazon-ecr-login@v1 - #- name: Login to Redhat registry - # uses: docker/login-action@v3 - # with: - # registry: registry.redhat.io - # username: ${{ secrets.REDHAT_REGISTRY_ID }} - # password: ${{ secrets.REDHAT_REGISTRY_PASSWORD }} - - name: Make Splunk Operator Image + - name: Build and push Splunk Operator Image run: | - make docker-build IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - - name: Push Splunk Operator Image to ECR - run: | - echo "Uploading Image to ECR:: ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" - make docker-push IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} + make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Sign Splunk Operator image with a key run: | cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} @@ -248,6 +238,9 @@ jobs: with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Set Splunk Operator image + run: | + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV - name: Pull Splunk Enterprise Image run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Configure AWS credentials @@ -263,12 +256,6 @@ jobs: run: | docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - - name: Pull Splunk Operator Image Locally - run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - - name: Change Operator Image Tag to latest - run: | - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:latest - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} @@ -343,10 +330,7 @@ jobs: aws-region: ${{ secrets.AWS_DEFAULT_REGION }} - name: Login to Amazon ECR uses: aws-actions/amazon-ecr-login@v1 - - name: Pull Splunk Operator Image Locally - run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - - name: Change Operator Image Tag to latest + - name: Re-tag Splunk Operator Image run: | docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} - name: Push Splunk Operator Image to Docker Hub diff --git a/.github/workflows/int-test-workflow.yml b/.github/workflows/int-test-workflow.yml index cb0dd7d9f..7da280e27 100644 --- a/.github/workflows/int-test-workflow.yml +++ b/.github/workflows/int-test-workflow.yml @@ -42,13 +42,9 @@ jobs: - name: Login to Amazon ECR id: login-ecr uses: aws-actions/amazon-ecr-login@v1 - - name: Make Splunk Operator Image + - name: Build and push Splunk Operator Image run: | - make docker-build IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - - name: Push Splunk Operator Image to ECR - run: | - echo "Uploading Image to ECR:: ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" - make docker-push IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA int-tests: strategy: fail-fast: false @@ -144,6 +140,9 @@ jobs: with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Set Splunk Operator image + run: | + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV - name: Pull Splunk Enterprise Image run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Configure AWS credentials @@ -157,18 +156,11 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Pull Splunk Operator Image Locally and change name run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Tag and Push Splunk Enterprise Image to ECR run: | docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - - name: Pull Splunk Operator Image Locally - run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - - name: Change Operator Image Tag to latest - run: | - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:latest - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} diff --git a/.github/workflows/manual-int-test-workflow.yml b/.github/workflows/manual-int-test-workflow.yml index a5cf70cbc..6839b2029 100644 --- a/.github/workflows/manual-int-test-workflow.yml +++ b/.github/workflows/manual-int-test-workflow.yml @@ -23,14 +23,6 @@ jobs: managerscaling, managercrcrud, licensemanager, - masterappframeworkc3, - masterappframeworkm4, - mastersecret, - mastersmartstore, - mastermc, - masterscaling, - mastercrcrud, - licensemaster, ] runs-on: ubuntu-latest env: diff --git a/.github/workflows/namespace-scope-int-workflow.yml b/.github/workflows/namespace-scope-int-workflow.yml index 973b43c13..855219522 100644 --- a/.github/workflows/namespace-scope-int-workflow.yml +++ b/.github/workflows/namespace-scope-int-workflow.yml @@ -19,14 +19,6 @@ jobs: managerscaling, managercrcrud, licensemanager, - masterappframeworkc3, - masterappframeworkm4, - mastersecret, - mastersmartstore, - mastermc, - masterscaling, - mastercrcrud, - licensemaster, ] runs-on: ubuntu-latest env: diff --git a/.github/workflows/nightly-int-test-workflow.yml b/.github/workflows/nightly-int-test-workflow.yml index e10aa1120..6190d258d 100644 --- a/.github/workflows/nightly-int-test-workflow.yml +++ b/.github/workflows/nightly-int-test-workflow.yml @@ -63,14 +63,6 @@ jobs: managerscaling, managercrcrud, licensemanager, - masterappframeworkc3, - masterappframeworkm4, - mastersecret, - mastersmartstore, - mastermc, - masterscaling, - mastercrcrud, - licensemaster, ] runs-on: ubuntu-latest needs: build-operator-image diff --git a/Dockerfile b/Dockerfile index f72687307..f208e2185 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,21 @@ +# Setup defaults for build arguments +ARG PLATFORMS=linux/amd64 + +# Use distroless as minimal base image to package the manager binary +# Refer to https://github.com/GoogleContainerTools/distroless for more details +# This sha relates to ubi version 8.10-1132, which is tagged as 8.10 and latest as of Nov 15, 2024 +ARG BASE_IMAGE=registry.access.redhat.com/ubi8/ubi@sha256 +ARG BASE_IMAGE_VERSION=8990388831e1b41c9a67389e4b691dae8b1283f77d5fb7263e1f4fc69c0a9d05 + # Build the manager binary FROM golang:1.23.0 AS builder WORKDIR /workspace + # Copy the Go Modules manifests COPY go.mod go.mod COPY go.sum go.sum -# cache deps before building and copying source so that we don't need to re-download as much -# and so that source changes don't invalidate our downloaded layer +# Cache dependencies before building and copying source to reduce re-downloading RUN go mod download # Copy the go source @@ -18,35 +27,53 @@ COPY tools/ tools/ COPY hack hack/ # Build -RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o manager main.go +# TARGETOS and TARGETARCH are provided(inferred) by buildx via the --platforms flag +RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -a -o manager main.go + +# Use BASE_IMAGE as the base image +FROM ${BASE_IMAGE}:${BASE_IMAGE_VERSION} -# Use distroless as minimal base image to package the manager binary -# Refer to https://github.com/GoogleContainerTools/distroless for more details -# This sha relates to ubi version 8.10-1132, which is tagged as 8.10 and latest as of Nov 15, 2024 -FROM registry.access.redhat.com/ubi8/ubi@sha256:8990388831e1b41c9a67389e4b691dae8b1283f77d5fb7263e1f4fc69c0a9d05 ENV OPERATOR=/manager \ USER_UID=1001 \ USER_NAME=nonroot -RUN yum -y install shadow-utils -RUN useradd -ms /bin/bash nonroot -u 1001 -RUN yum update -y krb5-libs && yum clean all -RUN yum -y update-minimal --security --sec-severity=Important --sec-severity=Critical -RUN yum -y update-minimal --security --sec-severity=Moderate -RUN yum -y update-minimal --security --sec-severity=Low +# Install necessary packages and configure user +RUN if grep -q 'Ubuntu' /etc/os-release; then \ + apt-get update && \ + apt-get install -y --no-install-recommends passwd && \ + apt-get install -y --no-install-recommends krb5-locales && \ + apt-get install -y --no-install-recommends unattended-upgrades && \ + useradd -ms /bin/bash nonroot -u 1001 && \ + apt-get install -y --no-install-recommends ca-certificates && \ + update-ca-certificates && \ + unattended-upgrades -v && \ + apt-get clean && rm -rf /var/lib/apt/lists/*; \ + else \ + yum -y install shadow-utils && \ + useradd -ms /bin/bash nonroot -u 1001 && \ + yum install -y ca-certificates && \ + update-ca-trust && \ + yum update -y krb5-libs && yum clean all && \ + yum -y update-minimal --security --sec-severity=Important --sec-severity=Critical && \ + yum -y update-minimal --security --sec-severity=Moderate && \ + yum -y update-minimal --security --sec-severity=Low; \ + fi +# Metadata LABEL name="splunk" \ maintainer="support@splunk.com" \ vendor="splunk" \ - version="2.2.1" \ + version="2.6.1" \ release="1" \ summary="Simplify the Deployment & Management of Splunk Products on Kubernetes" \ description="The Splunk Operator for Kubernetes (SOK) makes it easy for Splunk Administrators to deploy and operate Enterprise deployments in a Kubernetes infrastructure. Packaged as a container, it uses the operator pattern to manage Splunk-specific custom resources, following best practices to manage all the underlying Kubernetes objects for you." +# Set up workspace WORKDIR / -RUN mkdir /licenses -RUN mkdir -p /tools/k8_probes +RUN mkdir /licenses && \ + mkdir -p /tools/k8_probes +# Copy necessary files from the builder stage and other resources COPY --from=builder /workspace/manager . COPY tools/EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf /licenses COPY LICENSE /licenses/LICENSE-2.0.txt @@ -54,6 +81,8 @@ COPY tools/k8_probes/livenessProbe.sh /tools/k8_probes/ COPY tools/k8_probes/readinessProbe.sh /tools/k8_probes/ COPY tools/k8_probes/startupProbe.sh /tools/k8_probes/ +# Set the user USER 1001 -ENTRYPOINT ["/manager"] +# Start the manager +ENTRYPOINT ["/manager"] \ No newline at end of file diff --git a/Makefile b/Makefile index 1e4e1e23c..4a28cdad2 100644 --- a/Makefile +++ b/Makefile @@ -143,25 +143,28 @@ docker-build: test ## Build docker image with the manager. docker-push: ## Push docker image with the manager. docker push ${IMG} -# PLATFORMS defines the target platforms for the manager image be build to provide support to multiple -# architectures. (i.e. make docker-buildx IMG=myregistry/mypoperator:0.0.1). To use this option you need to: -# - able to use docker buildx . More info: https://docs.docker.com/build/buildx/ -# - have enable BuildKit, More info: https://docs.docker.com/develop/develop-images/build_enhancements/ -# - be able to push the image for your registry (i.e. if you do not inform a valid value via IMG=> than the export will fail) -# To properly provided solutions that supports more than one platform you should use this option. -PLATFORMS ?= linux/arm64,linux/amd64,linux/s390x,linux/ppc64le -.PHONY: docker-buildx -docker-buildx: test ## Build and push docker image for the manager for cross-platform support - # copy existing Dockerfile and insert --platform=${BUILDPLATFORM} into Dockerfile.cross, and preserve the original Dockerfile - sed -e '1 s/\(^FROM\)/FROM --platform=\$$\{BUILDPLATFORM\}/; t' -e ' 1,// s//FROM --platform=\$$\{BUILDPLATFORM\}/' Dockerfile > Dockerfile.cross - - docker buildx create --name project-v3-builder - docker buildx use project-v3-builder - - docker buildx build --push --platform=$(PLATFORMS) --tag ${IMG} -f Dockerfile.cross . - - docker buildx rm project-v3-builder - rm Dockerfile.cross +# Docker-buildx is used to build the image for multiple OS/platforms +# IMG is a mandatory argument to specify the image name +# Defaults: +# Build Platform: linux/amd64 +# Build Base OS: registry.access.redhat.com/ubi8/ubi +# Build Base OS Version: 8.10 +# Pass only what is required, the rest will be defaulted +# Setup defaults for build arguments +PLATFORMS ?= linux/amd64 +BASE_IMAGE ?= registry.access.redhat.com/ubi8/ubi +BASE_IMAGE_VERSION ?= 8.10 +docker-buildx: + @if [ -z "$(IMG)" ]; then \ + echo "Error: IMG is a mandatory argument. Usage: make docker-buildx IMG= ...."; \ + exit 1; \ + fi + docker buildx build --push --platform="${PLATFORMS}" \ + --build-arg BASE_IMAGE="${BASE_IMAGE}" \ + --build-arg BASE_IMAGE_VERSION="${BASE_IMAGE_VERSION}" \ + --tag "${IMG}" -f Dockerfile . ##@ Deployment - install: manifests kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config. $(KUSTOMIZE) build config/crd | kubectl apply --server-side --force-conflicts -f - diff --git a/README.md b/README.md index 539d8a366..7ea7809f0 100644 --- a/README.md +++ b/README.md @@ -104,6 +104,7 @@ Other make targets include (more info below): * `make scorecard`: Runs operator-sdk scorecard tests using OLM installation bundle * `make generate`: runs operator-generate k8s, crds and csv commands, updating installation YAML files and OLM bundle * `make docker-build`: generates `splunk-operator` container image example `make docker-build IMG=docker.io/splunk/splunk-operator:` +* `make docker-buildx`: generates `splunk-operator` container image for multiple platforms, example `make docker-buildx IMG=docker.io/splunk/splunk-operator:` * `make docker-push`: push docker image to given repository example `make docker-push IMG=docker.io/splunk/splunk-operator:` * `make clean`: removes the binary build output and `splunk-operator` container image example `make docker-push IMG=docker.io/splunk/splunk-operator:` * `make run`: runs the Splunk Operator locally, monitoring the Kubernetes cluster configured in your current `kubectl` context diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index 3c2396ba9..fa36d8a21 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -124,7 +124,7 @@ patches: - name: WATCH_NAMESPACE value: WATCH_NAMESPACE_VALUE - name: RELATED_IMAGE_SPLUNK_ENTERPRISE - value: docker.io/splunk/splunk:9.3.2 + value: SPLUNK_ENTERPRISE_IMAGE - name: OPERATOR_NAME value: splunk-operator - name: POD_NAME diff --git a/test/deploy-eks-cluster.sh b/test/deploy-eks-cluster.sh index 9ad821766..0d0c96976 100755 --- a/test/deploy-eks-cluster.sh +++ b/test/deploy-eks-cluster.sh @@ -89,7 +89,7 @@ function createCluster() { found=$(eksctl get cluster --name "${TEST_CLUSTER_NAME}" -v 0) if [ -z "${found}" ]; then - eksctl create cluster --name=${TEST_CLUSTER_NAME} --nodes=${CLUSTER_WORKERS} --vpc-public-subnets=${EKS_VPC_PUBLIC_SUBNET_STRING} --vpc-private-subnets=${EKS_VPC_PRIVATE_SUBNET_STRING} --instance-types=m5.2xlarge --version=${EKS_CLUSTER_K8_VERSION} + eksctl create cluster --name=${TEST_CLUSTER_NAME} --nodes=${CLUSTER_WORKERS} --vpc-public-subnets=${EKS_VPC_PUBLIC_SUBNET_STRING} --vpc-private-subnets=${EKS_VPC_PRIVATE_SUBNET_STRING} --instance-types=${EKS_INSTANCE_TYPE} --version=${EKS_CLUSTER_K8_VERSION} if [ $? -ne 0 ]; then echo "Unable to create cluster - ${TEST_CLUSTER_NAME}" return 1 diff --git a/test/env.sh b/test/env.sh index 08aed7af0..93052de05 100644 --- a/test/env.sh +++ b/test/env.sh @@ -9,6 +9,8 @@ : "${COMMIT_HASH:=}" # AWS specific variables : "${ECR_REGISTRY:=}" +# CSPL-2920 - default instance type, use .env to set specific types to use in workflows +: "${EKS_INSTANCE_TYPE:=m5.2xlarge}" : "${VPC_PUBLIC_SUBNET_STRING:=}" : "${VPC_PRIVATE_SUBNET_STRING:=}" : "${EKS_CLUSTER_K8_VERSION:=1.31}" diff --git a/test/monitoring_console/manager_monitoring_console_test.go b/test/monitoring_console/manager_monitoring_console_test.go index 2796f77a3..743ce0a00 100644 --- a/test/monitoring_console/manager_monitoring_console_test.go +++ b/test/monitoring_console/manager_monitoring_console_test.go @@ -755,12 +755,12 @@ var _ = Describe("Monitoring Console test", func() { Expect(err).To(Succeed(), "Failed to get update Monitoring Console in Search Head Cluster CRD") // Ensure Search Head Cluster go to Ready Phase - //testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) // Verify MC is Ready and stays in ready state // testenv.VerifyMonitoringConsoleReady(ctx, deployment, mcTwoName, mcTwo, testcaseEnvInst) - // ############################ VERIFICATOIN FOR MONITORING CONSOLE TWO POST SHC RECONFIG ############################### + // ############################ VERIFICATION FOR MONITORING CONSOLE TWO POST SHC RECONFIG ############################### // Check Cluster Manager in Monitoring Console Two Config Map testcaseEnvInst.Log.Info("Verify Cluster Manager on Monitoring Console Two Config Map after SHC Reconfig") @@ -781,7 +781,7 @@ var _ = Describe("Monitoring Console test", func() { testcaseEnvInst.Log.Info("Checking for Indexer Pod on MC TWO after SHC Reconfig") testenv.VerifyPodsInMCConfigString(ctx, deployment, testcaseEnvInst, indexerPods, mcTwoName, true, true) - // ############################ VERIFICATOIN FOR MONITORING CONSOLE ONE POST SHC RECONFIG ############################### + // ############################ VERIFICATION FOR MONITORING CONSOLE ONE POST SHC RECONFIG ############################### // Verify MC ONE is Ready and stays in ready state before running verfications testenv.VerifyMonitoringConsoleReady(ctx, deployment, mcName, mc, testcaseEnvInst) diff --git a/test/run-tests.sh b/test/run-tests.sh index e72757603..13a96dc4a 100755 --- a/test/run-tests.sh +++ b/test/run-tests.sh @@ -19,35 +19,43 @@ if [ -n "${PRIVATE_REGISTRY}" ]; then echo "Using private registry at ${PRIVATE_REGISTRY}" PRIVATE_SPLUNK_OPERATOR_IMAGE=${PRIVATE_REGISTRY}/${SPLUNK_OPERATOR_IMAGE} - PRIVATE_SPLUNK_ENTERPRISE_IMAGE=${PRIVATE_REGISTRY}/${SPLUNK_ENTERPRISE_IMAGE} - echo "docker images -q ${SPLUNK_OPERATOR_IMAGE}" + # CSPL-2920: ARM64 support + if [ "$ARM64" != "true" ]; then + PRIVATE_SPLUNK_ENTERPRISE_IMAGE=${PRIVATE_REGISTRY}/${SPLUNK_ENTERPRISE_IMAGE} + fi + echo "Checking to see if image exists, docker images -q ${PRIVATE_SPLUNK_OPERATOR_IMAGE}" # Don't pull splunk operator if exists locally since we maybe building it locally - if [ -z $(docker images -q ${SPLUNK_OPERATOR_IMAGE}) ]; then - docker pull ${SPLUNK_OPERATOR_IMAGE} + if [ -z $(docker images -q ${PRIVATE_SPLUNK_OPERATOR_IMAGE}) ]; then + echo "Doesn't exist, pulling ${PRIVATE_SPLUNK_OPERATOR_IMAGE}..." + docker pull ${PRIVATE_SPLUNK_OPERATOR_IMAGE} if [ $? -ne 0 ]; then echo "Unable to pull ${SPLUNK_OPERATOR_IMAGE}. Exiting..." exit 1 fi fi - docker tag ${SPLUNK_OPERATOR_IMAGE} ${PRIVATE_SPLUNK_OPERATOR_IMAGE} - docker push ${PRIVATE_SPLUNK_OPERATOR_IMAGE} - if [ $? -ne 0 ]; then - echo "Unable to push ${PRIVATE_SPLUNK_OPERATOR_IMAGE}. Exiting..." - exit 1 - fi - # Always attempt to pull splunk enterprise image - docker pull ${SPLUNK_ENTERPRISE_IMAGE} - if [ $? -ne 0 ]; then - echo "Unable to pull ${SPLUNK_ENTERPRISE_IMAGE}. Exiting..." - exit 1 - fi - docker tag ${SPLUNK_ENTERPRISE_IMAGE} ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} - docker push ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} - if [ $? -ne 0 ]; then - echo "Unable to push ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}. Exiting..." - exit 1 + echo "check if image exists, docker manifest inspect $PRIVATE_SPLUNK_ENTERPRISE_IMAGE" + if docker manifest inspect "$PRIVATE_SPLUNK_ENTERPRISE_IMAGE" > /dev/null 2>&1; then + echo "Image $PRIVATE_SPLUNK_ENTERPRISE_IMAGE exists on the remote repository." + docker pull ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} + if [ $? -ne 0 ]; then + echo "Unable to pull ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}. Exiting..." + exit 1 + fi + else + echo "Image $PRIVATE_SPLUNK_ENTERPRISE_IMAGE does not exist on the remote repository." + docker pull ${SPLUNK_ENTERPRISE_IMAGE} + if [ $? -ne 0 ]; then + echo "Unable to pull ${SPLUNK_ENTERPRISE_IMAGE}. Exiting..." + exit 1 + fi + docker tag ${SPLUNK_ENTERPRISE_IMAGE} ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} + docker push ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} + if [ $? -ne 0 ]; then + echo "Unable to push ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}. Exiting..." + exit 1 + fi fi # Output @@ -70,7 +78,7 @@ elif [ "${CLUSTER_WIDE}" != "true" ]; then make uninstall bin/kustomize build config/crd | kubectl create -f - else - echo "Installing enterprise operator from ${PRIVATE_SPLUNK_OPERATOR_IMAGE}..." + echo "Installing enterprise operator from ${PRIVATE_SPLUNK_OPERATOR_IMAGE} using enterprise image from ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}..." make deploy IMG=${PRIVATE_SPLUNK_OPERATOR_IMAGE} SPLUNK_ENTERPRISE_IMAGE=${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} WATCH_NAMESPACE="" fi @@ -80,6 +88,10 @@ if [ $? -ne 0 ]; then exit 1 fi +echo "Dumping operator config here..." +kubectl describe deployment splunk-operator-controller-manager -n splunk-operator + + if [ "${CLUSTER_WIDE}" == "true" ]; then echo "wait for operator pod to be ready..." # sleep before checking for deployment, in slow clusters deployment call may not even started diff --git a/test/testenv/util.go b/test/testenv/util.go index 565d122dd..57eb7ffce 100644 --- a/test/testenv/util.go +++ b/test/testenv/util.go @@ -736,6 +736,24 @@ func DumpGetPods(ns string) []string { return splunkPods } +// DumpDescribePods prints and returns list of pods in the namespace +func DumpDescribePods(ns string) []string { + output, err := exec.Command("kubectl", "describe", "pods", "-n", ns).Output() + var splunkPods []string + if err != nil { + //cmd := fmt.Sprintf("kubectl get pods -n %s", ns) + //logf.Log.Error(err, "Failed to execute command", "command", cmd) + return nil + } + for _, line := range strings.Split(string(output), "\n") { + logf.Log.Info(line) + if strings.HasPrefix(line, "splunk") && !strings.HasPrefix(line, "splunk-op") { + splunkPods = append(splunkPods, strings.Fields(line)[0]) + } + } + return splunkPods +} + // DumpGetTopNodes prints and returns Node load information func DumpGetTopNodes() []string { output, err := exec.Command("kubectl", "top", "nodes").Output() @@ -880,7 +898,7 @@ func ExecuteCommandOnOperatorPod(ctx context.Context, deployment *Deployment, po command := []string{"/bin/sh"} stdout, stderr, err := deployment.OperatorPodExecCommand(ctx, podName, command, stdin, false) if err != nil { - logf.Log.Error(err, "Failed to execute command on pod", "pod", podName, "command", command) + logf.Log.Error(err, "Failed to execute command on pod", "pod", podName, "shell", command, "command", stdin, "error", err.Error()) return "", err } logf.Log.Info("Command executed", "on pod", podName, "command", command, "stdin", stdin, "stdout", stdout, "stderr", stderr) diff --git a/test/testenv/verificationutils.go b/test/testenv/verificationutils.go index d2fe8e802..ee1b375e6 100644 --- a/test/testenv/verificationutils.go +++ b/test/testenv/verificationutils.go @@ -87,7 +87,7 @@ func VerifyMonitoringConsoleReady(ctx context.Context, deployment *Deployment, m // StandaloneReady verify Standalone is in ReadyStatus and does not flip-flop func StandaloneReady(ctx context.Context, deployment *Deployment, deploymentName string, standalone *enterpriseApi.Standalone, testenvInstance *TestCaseEnv) { gomega.Eventually(func() enterpriseApi.Phase { - err := deployment.GetInstance(ctx, deploymentName, standalone) + err := deployment.GetInstance(ctx, standalone.Name, standalone) if err != nil { return enterpriseApi.PhaseError } @@ -99,7 +99,7 @@ func StandaloneReady(ctx context.Context, deployment *Deployment, deploymentName // In a steady state, we should stay in Ready and not flip-flop around gomega.Consistently(func() enterpriseApi.Phase { - _ = deployment.GetInstance(ctx, deployment.GetName(), standalone) + _ = deployment.GetInstance(ctx, standalone.Name, standalone) DumpGetSplunkVersion(ctx, testenvInstance.GetName(), deployment, "standalone") return standalone.Status.Phase }, ConsistentDuration, ConsistentPollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) @@ -139,7 +139,6 @@ func SearchHeadClusterReady(ctx context.Context, deployment *Deployment, testenv testenvInstance.Log.Info("Waiting for Search Head Cluster phase to be ready", "instance", shc.ObjectMeta.Name, "Phase", shc.Status.Phase) DumpGetPods(testenvInstance.GetName()) - DumpGetSplunkVersion(ctx, testenvInstance.GetName(), deployment, "-shc-") return shc.Status.Phase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) @@ -147,6 +146,7 @@ func SearchHeadClusterReady(ctx context.Context, deployment *Deployment, testenv gomega.Consistently(func() enterpriseApi.Phase { _ = deployment.GetInstance(ctx, deployment.GetName(), shc) testenvInstance.Log.Info("Check for Consistency Search Head Cluster phase to be ready", "instance", shc.ObjectMeta.Name, "Phase", shc.Status.Phase) + DumpGetSplunkVersion(ctx, testenvInstance.GetName(), deployment, "-shc-") return shc.Status.Phase }, ConsistentDuration, ConsistentPollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) }