diff --git a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml index 4369ac1eb..774b99396 100644 --- a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml +++ b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml @@ -63,11 +63,10 @@ jobs: SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - name: Set up cosign uses: sigstore/cosign-installer@main - - uses: actions/checkout@v2 - name: Dotenv Action id: dotenv @@ -104,11 +103,11 @@ jobs: export PLATFORMS=linux/arm64,linux/amd64 export BASE_IMAGE=public.ecr.aws/amazonlinux/amazonlinux export BASE_IMAGE_VERSION=2023 - export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + export IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG - name: Sign Splunk Operator image with a key run: | - cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} + cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} env: COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} @@ -129,7 +128,6 @@ jobs: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator TEST_FOCUS: "${{ matrix.test }}" @@ -142,7 +140,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" @@ -167,10 +164,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: Install Kubectl uses: Azure/setup-kubectl@v3 with: diff --git a/.github/workflows/arm-AL2023-int-test-workflow.yml b/.github/workflows/arm-AL2023-int-test-workflow.yml index 2697ff1af..6fadbdd63 100644 --- a/.github/workflows/arm-AL2023-int-test-workflow.yml +++ b/.github/workflows/arm-AL2023-int-test-workflow.yml @@ -17,7 +17,7 @@ jobs: SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - uses: actions/checkout@v2 - name: Dotenv Action @@ -52,7 +52,7 @@ jobs: export PLATFORMS=linux/arm64,linux/amd64 export BASE_IMAGE=public.ecr.aws/amazonlinux/amazonlinux export BASE_IMAGE_VERSION=2023 - export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + export IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG int-tests-arm-al2023: strategy: @@ -76,7 +76,6 @@ jobs: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator TEST_FOCUS: "${{ matrix.test }}" @@ -89,7 +88,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" ARM64: "true" @@ -119,10 +117,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: Install Kubectl uses: Azure/setup-kubectl@v3 with: diff --git a/.github/workflows/arm-RHEL-build-test-push-workflow.yml b/.github/workflows/arm-RHEL-build-test-push-workflow.yml index f860f1c43..07c2e2d23 100644 --- a/.github/workflows/arm-RHEL-build-test-push-workflow.yml +++ b/.github/workflows/arm-RHEL-build-test-push-workflow.yml @@ -17,7 +17,7 @@ jobs: SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - uses: actions/checkout@v2 - name: Dotenv Action @@ -52,7 +52,7 @@ jobs: export PLATFORMS=linux/arm64,linux/amd64 export BASE_IMAGE=redhat/ubi9-minimal export BASE_IMAGE_VERSION=9.5 - export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + export IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG smoke-tests-arm-rhel: timeout-minutes: 240 @@ -77,9 +77,9 @@ jobs: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing smoke keyword TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" @@ -90,7 +90,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" ARM64: "true" @@ -120,10 +119,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: Install Kubectl uses: Azure/setup-kubectl@v3 with: diff --git a/.github/workflows/arm-RHEL-int-test-workflow.yml b/.github/workflows/arm-RHEL-int-test-workflow.yml index ff9baddcb..9a31f956a 100644 --- a/.github/workflows/arm-RHEL-int-test-workflow.yml +++ b/.github/workflows/arm-RHEL-int-test-workflow.yml @@ -17,7 +17,7 @@ jobs: SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - uses: actions/checkout@v2 - name: Dotenv Action @@ -52,7 +52,7 @@ jobs: export PLATFORMS=linux/arm64,linux/amd64 export BASE_IMAGE=redhat/ubi9-minimal export BASE_IMAGE_VERSION=9.5 - export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + export IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG int-tests-arm-rhel: strategy: @@ -76,9 +76,9 @@ jobs: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing integration keyword TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" @@ -89,7 +89,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" ARM64: "true" @@ -119,10 +118,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: Install Kubectl uses: Azure/setup-kubectl@v3 with: diff --git a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml index b27ac0edb..8b8b8e49c 100644 --- a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml +++ b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml @@ -63,7 +63,7 @@ jobs: SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - name: Set up cosign uses: sigstore/cosign-installer@main @@ -104,11 +104,11 @@ jobs: export PLATFORMS=linux/arm64,linux/amd64 export BASE_IMAGE=ubuntu export BASE_IMAGE_VERSION=24.04 - export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + export IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG - name: Sign Splunk Operator image with a key run: | - cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} + cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} env: COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} @@ -129,9 +129,9 @@ jobs: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing smoke keyword TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" @@ -142,7 +142,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" @@ -167,10 +166,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: Install Kubectl uses: Azure/setup-kubectl@v3 with: diff --git a/.github/workflows/arm-Ubuntu-int-test-workflow.yml b/.github/workflows/arm-Ubuntu-int-test-workflow.yml index fe0a69e91..f6e7fcf3d 100644 --- a/.github/workflows/arm-Ubuntu-int-test-workflow.yml +++ b/.github/workflows/arm-Ubuntu-int-test-workflow.yml @@ -17,7 +17,7 @@ jobs: SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - uses: actions/checkout@v2 - name: Dotenv Action @@ -52,7 +52,7 @@ jobs: export PLATFORMS=linux/arm64,linux/amd64 export BASE_IMAGE=ubuntu export BASE_IMAGE_VERSION=24.04 - export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + export IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG int-tests-arm-ubuntu: strategy: @@ -76,9 +76,9 @@ jobs: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing integration keyword TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" @@ -89,7 +89,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" ARM64: "true" @@ -119,10 +118,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: Install Kubectl uses: Azure/setup-kubectl@v3 with: diff --git a/.github/workflows/build-test-push-workflow.yml b/.github/workflows/build-test-push-workflow.yml index 8cf8aeab6..fdd15d612 100644 --- a/.github/workflows/build-test-push-workflow.yml +++ b/.github/workflows/build-test-push-workflow.yml @@ -72,10 +72,10 @@ jobs: runs-on: ubuntu-latest needs: [check-formating, unit-tests] env: - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - name: Set up cosign uses: sigstore/cosign-installer@main @@ -113,10 +113,10 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Build and push Splunk Operator Image run: | - make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Sign Splunk Operator image with a key run: | - cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} + cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} env: COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} @@ -129,11 +129,11 @@ jobs: runs-on: ubuntu-latest needs: build-operator-image env: - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} IMAGE_NAME: ${{ secrets.ECR_REPOSITORY }}/splunk/splunk-operator:${{ github.sha }} + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - name: Set up cosign uses: sigstore/cosign-installer@main @@ -192,10 +192,10 @@ jobs: env: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_RELEASE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing smoke keyword TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" @@ -206,7 +206,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" @@ -228,10 +227,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: Install Kubectl uses: Azure/setup-kubectl@v3 with: @@ -290,8 +285,8 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Tag and Push Splunk Enterprise Image to ECR run: | - docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker push ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} diff --git a/.github/workflows/distroless-build-test-push-workflow.yml b/.github/workflows/distroless-build-test-push-workflow.yml index 0912a341d..c6b2f140d 100644 --- a/.github/workflows/distroless-build-test-push-workflow.yml +++ b/.github/workflows/distroless-build-test-push-workflow.yml @@ -66,10 +66,10 @@ jobs: runs-on: ubuntu-latest needs: unit-tests env: - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - name: Set up cosign uses: sigstore/cosign-installer@main @@ -109,10 +109,10 @@ jobs: run: | export BASE_IMAGE=gcr.io/distroless/static-debian12 export BASE_IMAGE_VERSION=latest - make docker-buildx BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA-distroless + make docker-buildx BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA-distroless - name: Sign Splunk Operator image with a key run: | - cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }}-distroless + cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }}-distroless env: COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} @@ -187,10 +187,10 @@ jobs: env: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_RELEASE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing smoke keyword TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" @@ -201,7 +201,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" @@ -224,10 +223,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: Install Kubectl uses: Azure/setup-kubectl@v3 with: @@ -286,8 +281,8 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Tag and Push Splunk Enterprise Image to ECR run: | - docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker push ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} diff --git a/.github/workflows/distroless-int-test-workflow.yml b/.github/workflows/distroless-int-test-workflow.yml index 6238aed14..6184f9524 100644 --- a/.github/workflows/distroless-int-test-workflow.yml +++ b/.github/workflows/distroless-int-test-workflow.yml @@ -9,6 +9,7 @@ on: branches: - develop - main + - feature/decrease-number-of-secrets paths-ignore: - 'docs/**' - '*.md' @@ -16,10 +17,10 @@ jobs: build-operator-image-distroless: runs-on: ubuntu-latest env: - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - uses: actions/checkout@v2 - name: Dotenv Action @@ -79,10 +80,10 @@ jobs: env: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing integration keyword TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" @@ -93,7 +94,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" AWS_INDEX_INGEST_SEP_ACCESS_KEY_ID: ${{ secrets.AWS_INDEX_INGEST_SEP_ACCESS_KEY_ID }} @@ -121,10 +121,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: Install Kubectl uses: Azure/setup-kubectl@v3 with: diff --git a/.github/workflows/helm-test-workflow.yml b/.github/workflows/helm-test-workflow.yml index 8f7549ab5..8959e6c0e 100644 --- a/.github/workflows/helm-test-workflow.yml +++ b/.github/workflows/helm-test-workflow.yml @@ -18,10 +18,10 @@ jobs: build-operator-image: runs-on: ubuntu-latest env: - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - uses: actions/checkout@v2 - name: Dotenv Action @@ -53,15 +53,16 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Build and Push Splunk Operator Image run: | - make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA int-tests: timeout-minutes: 240 runs-on: ubuntu-latest needs: build-operator-image env: - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_CLUSTER_PLATFORM: eks EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} @@ -69,7 +70,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "helm" HELM_REPO_PATH: "../../../../helm-chart" @@ -104,10 +104,9 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - - name: Change splunk enterprise to release image on main branches + - name: Change helm repo path on main branch if: github.ref == 'refs/heads/main' run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV echo "HELM_REPO_PATH=splunk" >> $GITHUB_ENV - name: Set GITHUB SHA value run: | @@ -166,18 +165,18 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Pull Splunk Operator Image Locally and change name run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + docker pull ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + docker tag ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Tag and Push Splunk Enterprise Image to ECR run: | - docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker push ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Pull Splunk Operator Image Locally run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + docker pull ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Change Operator Image Tag to latest run: | - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:latest + docker tag ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:latest - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} @@ -210,8 +209,8 @@ jobs: KUTTL_SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} KUTTL_SPLUNK_OPERATOR_IMAGE: ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.HELM_GITHUB_SHA }} INSTALL_OPERATOR: true - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} - AWS_S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + S3_REGION: ${{ steps.dotenv.outputs.AWS_DEFAULT_REGION }} + AWS_S3_REGION: ${{ steps.dotenv.outputs.AWS_DEFAULT_REGION }} TEST_S3_BUCKET: ${{ secrets.TEST_BUCKET }} TEST_VPC_ENDPOINT_URL: ${{ secrets.TEST_VPC_ENDPOINT_URL }} TEST_S3_ACCESS_KEY_ID: ${{ vars.TEST_S3_ACCESS_KEY_ID }} diff --git a/.github/workflows/int-test-azure-workflow.yml b/.github/workflows/int-test-azure-workflow.yml index 8b4d0e9a8..34b57b542 100644 --- a/.github/workflows/int-test-azure-workflow.yml +++ b/.github/workflows/int-test-azure-workflow.yml @@ -8,6 +8,7 @@ on: branches: - develop - main + - feature/decrease-number-of-secrets paths-ignore: - 'docs/**' - '*.md' @@ -15,9 +16,9 @@ jobs: build-operator-image: runs-on: ubuntu-latest env: - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator CONTAINER_REGISTRY: ${{ secrets.AZURE_CONTAINER_REGISTRY }} + AZURE_REGION: ${{ vars.AZURE_REGION }} steps: - uses: actions/checkout@v2 - name: Dotenv Action @@ -63,7 +64,7 @@ jobs: ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} ECR_REPOSITORY: ${{ secrets.AZURE_ACR_LOGIN_SERVER }} AZURE_CONTAINER_REGISTRY_LOGIN_SERVER: ${{ secrets.AZURE_ACR_LOGIN_SERVER }} - AZURE_REGION: ${{ secrets.AZURE_REGION }} + AZURE_REGION: ${{ vars.AZURE_REGION }} steps: - name: Checkout code uses: actions/checkout@v2 @@ -112,10 +113,10 @@ jobs: env: CLUSTER_NODES: 2 CLUSTER_WORKERS: 5 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_RELEASE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + AZURE_REGION: ${{ vars.AZURE_REGION }} TEST_FOCUS: azure_sanity # This regex matches any string not containing integration keyword TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" @@ -131,7 +132,6 @@ jobs: ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} ECR_REPOSITORY: ${{ secrets.AZURE_ACR_LOGIN_SERVER }} AZURE_CONTAINER_REGISTRY_LOGIN_SERVER: ${{ secrets.AZURE_ACR_LOGIN_SERVER }} - AZURE_REGION: ${{ secrets.AZURE_REGION }} CLUSTER_WIDE: "true" # AZURE_MANAGED_ID_ENABLED: "${{ matrix.auth_method_managed_id }}" AZURE_MANAGED_ID_ENABLED: "false" @@ -145,10 +145,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: 'Login via Azure CLI' uses: azure/login@v1 with: @@ -223,7 +219,7 @@ jobs: mkdir -p ./bin cp /snap/bin/kustomize ./bin/kustomize - name: Run Integration test - timeout-minutes: 240 + timeout-minutes: 300 run: | make int-test - name: Collect Test Logs diff --git a/.github/workflows/int-test-gcp-workflow.yml b/.github/workflows/int-test-gcp-workflow.yml index 1d3dce0ce..4855ec47c 100644 --- a/.github/workflows/int-test-gcp-workflow.yml +++ b/.github/workflows/int-test-gcp-workflow.yml @@ -9,6 +9,7 @@ on: branches: - develop - main + - feature/decrease-number-of-secrets paths-ignore: - 'docs/**' - '*.md' @@ -58,14 +59,13 @@ jobs: - name: Login to GCR uses: docker/login-action@v3 with: - registry: ${{ secrets.GCP_ARTIFACT_REGISTRY }} + registry: ${{ env.ARTIFACT_REGISTRY }} username: _json_key password: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }} - name: Build Splunk Operator Image run: | - make docker-buildx IMG=${{ secrets.GCP_ARTIFACT_REGISTRY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - + make docker-buildx IMG=${{ env.ARTIFACT_REGISTRY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA create-cluster-and-run-tests: strategy: matrix: @@ -83,17 +83,15 @@ jobs: CLUSTER_PROVIDER: gcp ARTIFACT_REGISTRY: ${{ secrets.GCP_ARTIFACT_REGISTRY }} GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }} - GCP_REGION: ${{ secrets.GCP_REGION }} - AWS_S3_REGION: ${{ secrets.GCP_REGION }} - GCP_ZONE: ${{ secrets.GCP_ZONE }} GCP_NETWORK: default # Adjust if using a custom network GCP_SUBNETWORK: default # Adjust if using a custom subnetwork TEST_FOCUS: ${{ matrix.test_focus.name }} CLUSTER_NODES: 2 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_RELEASE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + GCP_REGION: ${{ vars.GCP_REGION }} + GCP_ZONE: ${{ vars.GZP_ZONE }} # This regex matches any string not containing integration keyword TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" TEST_BUCKET: ${{ secrets.TEST_BUCKET }} @@ -124,8 +122,6 @@ jobs: - name: Load Environment Variables id: dotenv uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - with: - path: .env - name: Authenticate to GCP uses: google-github-actions/auth@v1 @@ -162,11 +158,6 @@ jobs: project_id: ${{ secrets.GCP_PROJECT_ID }} install_components: 'kubectl' - - name: Change Splunk Enterprise Image on Main Branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - - name: Authenticate to GCP uses: google-github-actions/auth@v1 with: diff --git a/.github/workflows/int-test-workflow.yml b/.github/workflows/int-test-workflow.yml index 4d0ef5379..7196357bb 100644 --- a/.github/workflows/int-test-workflow.yml +++ b/.github/workflows/int-test-workflow.yml @@ -17,10 +17,10 @@ jobs: build-operator-image: runs-on: ubuntu-latest env: - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - uses: actions/checkout@v2 - name: Dotenv Action @@ -52,7 +52,7 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Build and push Splunk Operator Image run: | - make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA int-tests: strategy: fail-fast: false @@ -76,9 +76,10 @@ jobs: env: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing integration keyword TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" @@ -89,7 +90,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" AWS_INDEX_INGEST_SEP_ACCESS_KEY_ID: ${{ secrets.AWS_INDEX_INGEST_SEP_ACCESS_KEY_ID }} @@ -116,10 +116,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: Install Kubectl uses: Azure/setup-kubectl@v3 with: @@ -174,8 +170,8 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Tag and Push Splunk Enterprise Image to ECR run: | - docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker push ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} @@ -193,7 +189,7 @@ jobs: mkdir -p ./bin cp /snap/bin/kustomize ./bin/kustomize - name: Run Integration test - timeout-minutes: 240 + timeout-minutes: 300 env: TEST_S3_ACCESS_KEY_ID: ${{ vars.TEST_S3_ACCESS_KEY_ID }} TEST_S3_SECRET_ACCESS_KEY: ${{ secrets.TEST_S3_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/manual-int-test-workflow.yml b/.github/workflows/manual-int-test-workflow.yml index f5150b3ac..deb05dd46 100644 --- a/.github/workflows/manual-int-test-workflow.yml +++ b/.github/workflows/manual-int-test-workflow.yml @@ -11,6 +11,9 @@ on: description: 'Run Operator in Cluster Wide Mode. Type false to run cluster in namespace mode' required: false default: "true" + push: + paths: + - '.github/workflows/manual-int-test-workflow.yml' jobs: int-tests: strategy: @@ -34,10 +37,10 @@ jobs: env: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_RELEASE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing integration keyword TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" @@ -48,7 +51,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} CLUSTER_WIDE: ${{ github.event.inputs.CLUSTER_WIDE }} AWS_INDEX_INGEST_SEP_ACCESS_KEY_ID: ${{ secrets.AWS_INDEX_INGEST_SEP_ACCESS_KEY_ID }} AWS_INDEX_INGEST_SEP_SECRET_ACCESS_KEY: ${{ secrets.AWS_INDEX_INGEST_SEP_SECRET_ACCESS_KEY }} @@ -125,11 +127,11 @@ jobs: - name: Build and Push Splunk Operator Image run: | docker pull registry.access.redhat.com/ubi8/ubi-minimal:latest - make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Tag and Push Splunk Enterprise Image to ECR run: | - docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker push ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} @@ -199,10 +201,10 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Pull Splunk Operator Image Locally run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + docker pull ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Change Operator Image Tag to edge run: | - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} + docker tag ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} - name: Configure Docker Hub credentials uses: docker/login-action@v1 with: diff --git a/.github/workflows/namespace-scope-int-workflow.yml b/.github/workflows/namespace-scope-int-workflow.yml index b3576b1ee..fea4dcd2a 100644 --- a/.github/workflows/namespace-scope-int-workflow.yml +++ b/.github/workflows/namespace-scope-int-workflow.yml @@ -30,9 +30,10 @@ jobs: env: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing integration keyword TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" @@ -43,7 +44,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} CLUSTER_WIDE: "false" AWS_INDEX_INGEST_SEP_ACCESS_KEY_ID: ${{ secrets.AWS_INDEX_INGEST_SEP_ACCESS_KEY_ID }} AWS_INDEX_INGEST_SEP_SECRET_ACCESS_KEY: ${{ secrets.AWS_INDEX_INGEST_SEP_SECRET_ACCESS_KEY }} @@ -122,11 +122,11 @@ jobs: - name: Build and Push Splunk Operator Image run: | docker pull registry.access.redhat.com/ubi8/ubi-minimal:latest - make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Tag and Push Splunk Enterprise Image to ECR run: | - docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker push ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} diff --git a/.github/workflows/nightly-int-test-workflow.yml b/.github/workflows/nightly-int-test-workflow.yml index 6079816af..8bbd2127a 100644 --- a/.github/workflows/nightly-int-test-workflow.yml +++ b/.github/workflows/nightly-int-test-workflow.yml @@ -7,14 +7,17 @@ permissions: on: schedule: - cron: "0 06 * * 0" + push: + paths: + - '.github/workflows/nightly-int-test-workflow.yml' jobs: build-operator-image: runs-on: ubuntu-latest env: - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - uses: actions/checkout@v2 with: @@ -48,7 +51,7 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Build and Push Splunk Operator Image run: | - make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA int-tests: strategy: fail-fast: false @@ -72,9 +75,10 @@ jobs: env: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing integration keyword TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" @@ -85,7 +89,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} CLUSTER_WIDE: "true" AWS_INDEX_INGEST_SEP_ACCESS_KEY_ID: ${{ secrets.AWS_INDEX_INGEST_SEP_ACCESS_KEY_ID }} AWS_INDEX_INGEST_SEP_SECRET_ACCESS_KEY: ${{ secrets.AWS_INDEX_INGEST_SEP_SECRET_ACCESS_KEY }} @@ -121,7 +124,7 @@ jobs: uses: actions/setup-python@v2 - name: Install AWS CLI run: | - curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" + curl "${{ steps.dotenv.outputs.AWSCLI_URL }}" -o "awscliv2.zip" unzip awscliv2.zip sudo ./aws/install --update aws --version @@ -158,15 +161,15 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Tag and Push Splunk Enterprise Image to ECR run: | - docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker push ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Pull Splunk Operator Image Locally run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + docker pull ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + docker tag ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Change Operator Image Tag to latest run: | - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:latest + docker tag ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:latest - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} @@ -216,6 +219,7 @@ jobs: needs: int-tests env: SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} TAG: edge steps: - name: Set up cosign @@ -239,10 +243,10 @@ jobs: uses: aws-actions/amazon-ecr-login@v1 - name: Pull Splunk Operator Image Locally run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + docker pull ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Change Operator Image Tag to edge run: | - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} + docker tag ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} - name: Configure Docker Hub credentials uses: docker/login-action@v1 with: @@ -252,13 +256,13 @@ jobs: run: docker push ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} - name: Sign Splunk Operator image with a key run: | - cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} + cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} env: COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} - name: Verify Signed Splunk Operator image run: | - cosign verify --key env://COSIGN_PUBLIC_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} + cosign verify --key env://COSIGN_PUBLIC_KEY ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} env: COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }} \ No newline at end of file diff --git a/.github/workflows/prodsec-workflow.yml b/.github/workflows/prodsec-workflow.yml index 777075246..f30a34d8f 100644 --- a/.github/workflows/prodsec-workflow.yml +++ b/.github/workflows/prodsec-workflow.yml @@ -29,10 +29,10 @@ jobs: FOSSA-scanner: runs-on: ubuntu-latest env: - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - uses: actions/checkout@v2 - name: Dotenv Action diff --git a/AGENTS.md b/AGENTS.md index e2ba5781f..e403d55ff 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -198,7 +198,7 @@ WATCH_NAMESPACE="" # Watch all namespaces (clust ENVIRONMENT=default # Deployment environment # Splunk configuration -SPLUNK_ENTERPRISE_IMAGE=(See SPLUNK_ENTERPRISE_RELEASE_IMAGE in .env) # Splunk Enterprise image +SPLUNK_ENTERPRISE_IMAGE=(See SPLUNK_ENTERPRISE_IMAGE in .env) # Splunk Enterprise image SPLUNK_GENERAL_TERMS="" # SGT acceptance (required) # Testing diff --git a/test/appframework_aws/m4/appframework_aws_suite_test.go b/test/appframework_aws/m4/appframework_aws_suite_test.go index aa21c7084..f2c7205b2 100644 --- a/test/appframework_aws/m4/appframework_aws_suite_test.go +++ b/test/appframework_aws/m4/appframework_aws_suite_test.go @@ -56,7 +56,7 @@ func TestBasic(t *testing.T) { RegisterFailHandler(Fail) sc, _ := GinkgoConfiguration() - sc.Timeout = 240 * time.Minute + sc.Timeout = 300 * time.Minute RunSpecs(t, "Running "+testSuiteName, sc) } diff --git a/test/appframework_az/m4/appframework_azure_suite_test.go b/test/appframework_az/m4/appframework_azure_suite_test.go index 6184e543b..5b1459a67 100644 --- a/test/appframework_az/m4/appframework_azure_suite_test.go +++ b/test/appframework_az/m4/appframework_azure_suite_test.go @@ -56,7 +56,10 @@ func TestBasic(t *testing.T) { RegisterFailHandler(Fail) - RunSpecs(t, "Running "+testSuiteName) + sc, _ := GinkgoConfiguration() + sc.Timeout = 300 * time.Minute + + RunSpecs(t, "Running "+testSuiteName, sc) } var _ = BeforeSuite(func() { diff --git a/test/testenv/testcaseenv.go b/test/testenv/testcaseenv.go index cb3c8a107..c7c05ac8a 100644 --- a/test/testenv/testcaseenv.go +++ b/test/testenv/testcaseenv.go @@ -347,45 +347,56 @@ func (testenv *TestCaseEnv) createRoleBinding() error { } func (testenv *TestCaseEnv) attachPVCToOperator(name string) error { - var err error - // volume name which refers to PVC to be attached volumeName := "app-staging" - namespacedName := client.ObjectKey{Name: testenv.operatorName, Namespace: testenv.namespace} - operator := &appsv1.Deployment{} - err = testenv.GetKubeClient().Get(context.TODO(), namespacedName, operator) - if err != nil { - testenv.Log.Error(err, "Unable to get operator", "operator name", testenv.operatorName) - return err + + retryBackoff := wait.Backoff{ + Duration: 100 * time.Millisecond, + Factor: 2.0, + Jitter: 0.1, + Steps: 5, } - volume := corev1.Volume{ - Name: volumeName, - VolumeSource: corev1.VolumeSource{ - PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource{ - ClaimName: name, + return wait.ExponentialBackoff(retryBackoff, func() (bool, error) { + operator := &appsv1.Deployment{} + err := testenv.GetKubeClient().Get(context.TODO(), namespacedName, operator) + if err != nil { + testenv.Log.Error(err, "Unable to get operator", "operator name", testenv.operatorName) + return false, err + } + + volume := corev1.Volume{ + Name: volumeName, + VolumeSource: corev1.VolumeSource{ + PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource{ + ClaimName: name, + }, }, - }, - } + } - operator.Spec.Template.Spec.Volumes = append(operator.Spec.Template.Spec.Volumes, volume) + operator.Spec.Template.Spec.Volumes = append(operator.Spec.Template.Spec.Volumes, volume) - volumeMount := corev1.VolumeMount{ - Name: volumeName, - MountPath: splcommon.AppDownloadVolume, - } + volumeMount := corev1.VolumeMount{ + Name: volumeName, + MountPath: splcommon.AppDownloadVolume, + } - operator.Spec.Template.Spec.Containers[0].VolumeMounts = append(operator.Spec.Template.Spec.Containers[0].VolumeMounts, volumeMount) + operator.Spec.Template.Spec.Containers[0].VolumeMounts = append(operator.Spec.Template.Spec.Containers[0].VolumeMounts, volumeMount) - // update the operator deployment now - err = testenv.GetKubeClient().Update(context.TODO(), operator) - if err != nil { - testenv.Log.Error(err, "Unable to update operator", "operator name", testenv.operatorName) - return err - } + // update the operator deployment now + err = testenv.GetKubeClient().Update(context.TODO(), operator) + if err != nil { + if errors.IsConflict(err) { + testenv.Log.Info("Conflict updating operator, retrying", "operator name", testenv.operatorName) + return false, nil + } + testenv.Log.Error(err, "Unable to update operator", "operator name", testenv.operatorName) + return false, err + } - return err + return true, nil + }) } func (testenv *TestCaseEnv) createOperator() error {