diff --git a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml index 143111628..63b3cb82e 100644 --- a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml +++ b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml @@ -77,7 +77,7 @@ jobs: SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - name: Set up cosign uses: sigstore/cosign-installer@v4.0.0 @@ -118,11 +118,11 @@ jobs: export PLATFORMS=linux/arm64,linux/amd64 export BASE_IMAGE=public.ecr.aws/amazonlinux/amazonlinux export BASE_IMAGE_VERSION=2023 - export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + export IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG - name: Sign Splunk Operator image with a key run: | - cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} + cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} env: COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} @@ -143,7 +143,6 @@ jobs: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator TEST_FOCUS: "${{ matrix.test }}" @@ -156,7 +155,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" @@ -181,10 +179,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@v1 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: Install Kubectl uses: Azure/setup-kubectl@v3 with: diff --git a/.github/workflows/arm-AL2023-int-test-workflow.yml b/.github/workflows/arm-AL2023-int-test-workflow.yml index 39986ebca..f22ea3a00 100644 --- a/.github/workflows/arm-AL2023-int-test-workflow.yml +++ b/.github/workflows/arm-AL2023-int-test-workflow.yml @@ -18,7 +18,7 @@ jobs: SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - uses: actions/checkout@v2 - name: Dotenv Action @@ -53,7 +53,7 @@ jobs: export PLATFORMS=linux/arm64,linux/amd64 export BASE_IMAGE=public.ecr.aws/amazonlinux/amazonlinux export BASE_IMAGE_VERSION=2023 - export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + export IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG int-tests-arm-al2023: strategy: @@ -77,7 +77,6 @@ jobs: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator TEST_FOCUS: "${{ matrix.test }}" @@ -90,7 +89,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" ARM64: "true" @@ -120,10 +118,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@v1 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: Install Kubectl uses: Azure/setup-kubectl@v3 with: diff --git a/.github/workflows/arm-RHEL-build-test-push-workflow.yml b/.github/workflows/arm-RHEL-build-test-push-workflow.yml index 07848683c..69b9e161f 100644 --- a/.github/workflows/arm-RHEL-build-test-push-workflow.yml +++ b/.github/workflows/arm-RHEL-build-test-push-workflow.yml @@ -18,7 +18,7 @@ jobs: SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - uses: actions/checkout@v2 - name: Dotenv Action @@ -53,7 +53,7 @@ jobs: export PLATFORMS=linux/arm64,linux/amd64 export BASE_IMAGE=redhat/ubi9-minimal export BASE_IMAGE_VERSION=9.5 - export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + export IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG smoke-tests-arm-rhel: strategy: @@ -79,9 +79,9 @@ jobs: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing smoke keyword TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" @@ -92,7 +92,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" ARM64: "true" @@ -122,10 +121,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@v1 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: Install Kubectl uses: Azure/setup-kubectl@v3 with: diff --git a/.github/workflows/arm-RHEL-int-test-workflow.yml b/.github/workflows/arm-RHEL-int-test-workflow.yml index 83c7e8fb9..09bcd1752 100644 --- a/.github/workflows/arm-RHEL-int-test-workflow.yml +++ b/.github/workflows/arm-RHEL-int-test-workflow.yml @@ -18,7 +18,7 @@ jobs: SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - uses: actions/checkout@v2 - name: Dotenv Action @@ -53,7 +53,7 @@ jobs: export PLATFORMS=linux/arm64,linux/amd64 export BASE_IMAGE=redhat/ubi9-minimal export BASE_IMAGE_VERSION=9.5 - export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + export IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG int-tests-arm-rhel: strategy: @@ -77,9 +77,9 @@ jobs: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing integration keyword TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" @@ -90,7 +90,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" ARM64: "true" @@ -120,10 +119,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@v1 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: Install Kubectl uses: Azure/setup-kubectl@v3 with: diff --git a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml index 05aa9a1fc..4e7919d56 100644 --- a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml +++ b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml @@ -77,7 +77,7 @@ jobs: SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - name: Set up cosign uses: sigstore/cosign-installer@v4.0.0 @@ -118,11 +118,11 @@ jobs: export PLATFORMS=linux/arm64,linux/amd64 export BASE_IMAGE=ubuntu export BASE_IMAGE_VERSION=24.04 - export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + export IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG - name: Sign Splunk Operator image with a key run: | - cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} + cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} env: COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} @@ -143,9 +143,9 @@ jobs: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing smoke keyword TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" @@ -156,7 +156,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" @@ -181,10 +180,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@v1 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: Install Kubectl uses: Azure/setup-kubectl@v3 with: diff --git a/.github/workflows/arm-Ubuntu-int-test-workflow.yml b/.github/workflows/arm-Ubuntu-int-test-workflow.yml index b3f133abe..cabd70631 100644 --- a/.github/workflows/arm-Ubuntu-int-test-workflow.yml +++ b/.github/workflows/arm-Ubuntu-int-test-workflow.yml @@ -18,7 +18,7 @@ jobs: SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - uses: actions/checkout@v2 - name: Dotenv Action @@ -53,7 +53,7 @@ jobs: export PLATFORMS=linux/arm64,linux/amd64 export BASE_IMAGE=ubuntu export BASE_IMAGE_VERSION=24.04 - export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + export IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG int-tests-arm-ubuntu: strategy: @@ -77,9 +77,9 @@ jobs: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.ECR_PREFIX }}/${{ github.event.inputs.splunk_image_repository_tag }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing integration keyword TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" @@ -90,7 +90,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" ARM64: "true" @@ -120,10 +119,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@v1 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: Install Kubectl uses: Azure/setup-kubectl@v3 with: diff --git a/.github/workflows/build-test-push-workflow.yml b/.github/workflows/build-test-push-workflow.yml index e457272b8..85f018849 100644 --- a/.github/workflows/build-test-push-workflow.yml +++ b/.github/workflows/build-test-push-workflow.yml @@ -86,10 +86,10 @@ jobs: runs-on: ubuntu-latest needs: [check-formating, unit-tests] env: - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - name: Set up cosign uses: sigstore/cosign-installer@v4.0.0 @@ -127,10 +127,10 @@ jobs: uses: aws-actions/amazon-ecr-login@v2 - name: Build and push Splunk Operator Image run: | - make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Sign Splunk Operator image with a key run: | - cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} + cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} env: COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} @@ -143,11 +143,11 @@ jobs: runs-on: ubuntu-latest needs: build-operator-image env: - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} IMAGE_NAME: ${{ secrets.ECR_REPOSITORY }}/splunk/splunk-operator:${{ github.sha }} + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - name: Set up cosign uses: sigstore/cosign-installer@v4.0.0 @@ -206,10 +206,10 @@ jobs: env: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_RELEASE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing smoke keyword TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" @@ -220,7 +220,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" @@ -242,10 +241,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@v1 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: Install Kubectl uses: Azure/setup-kubectl@v3 with: @@ -304,8 +299,8 @@ jobs: uses: aws-actions/amazon-ecr-login@v2 - name: Tag and Push Splunk Enterprise Image to ECR run: | - docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker push ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} diff --git a/.github/workflows/distroless-build-test-push-workflow.yml b/.github/workflows/distroless-build-test-push-workflow.yml index 69a005c8d..63f657ff3 100644 --- a/.github/workflows/distroless-build-test-push-workflow.yml +++ b/.github/workflows/distroless-build-test-push-workflow.yml @@ -80,10 +80,10 @@ jobs: runs-on: ubuntu-latest needs: unit-tests env: - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - name: Set up cosign uses: sigstore/cosign-installer@v4.0.0 @@ -123,10 +123,10 @@ jobs: run: | export BASE_IMAGE=gcr.io/distroless/static-debian12 export BASE_IMAGE_VERSION=latest - make docker-buildx BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA-distroless + make docker-buildx BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA-distroless - name: Sign Splunk Operator image with a key run: | - cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }}-distroless + cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }}-distroless env: COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} @@ -201,10 +201,10 @@ jobs: env: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_RELEASE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing smoke keyword TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" @@ -215,7 +215,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" @@ -238,10 +237,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@v1 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: Install Kubectl uses: Azure/setup-kubectl@v3 with: @@ -300,8 +295,8 @@ jobs: uses: aws-actions/amazon-ecr-login@v2 - name: Tag and Push Splunk Enterprise Image to ECR run: | - docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker push ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} diff --git a/.github/workflows/distroless-int-test-workflow.yml b/.github/workflows/distroless-int-test-workflow.yml index 01a024247..30734f2e0 100644 --- a/.github/workflows/distroless-int-test-workflow.yml +++ b/.github/workflows/distroless-int-test-workflow.yml @@ -17,10 +17,10 @@ jobs: build-operator-image-distroless: runs-on: ubuntu-latest env: - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - uses: actions/checkout@v2 - name: Dotenv Action @@ -80,10 +80,10 @@ jobs: env: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing integration keyword TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" @@ -94,7 +94,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" AWS_INDEX_INGEST_SEP_ACCESS_KEY_ID: ${{ secrets.AWS_INDEX_INGEST_SEP_ACCESS_KEY_ID }} @@ -122,10 +121,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@v1 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: Install Kubectl uses: Azure/setup-kubectl@v3 with: diff --git a/.github/workflows/helm-test-workflow.yml b/.github/workflows/helm-test-workflow.yml index 7aceea88a..1933f0381 100644 --- a/.github/workflows/helm-test-workflow.yml +++ b/.github/workflows/helm-test-workflow.yml @@ -19,10 +19,10 @@ jobs: build-operator-image: runs-on: ubuntu-latest env: - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - uses: actions/checkout@v2 - name: Dotenv Action @@ -54,16 +54,17 @@ jobs: uses: aws-actions/amazon-ecr-login@v2 - name: Build and Push Splunk Operator Image run: | - make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA int-tests: runs-on: ubuntu-latest needs: build-operator-image timeout-minutes: 240 env: TEST_TIMEOUT: 225m - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_CLUSTER_PLATFORM: eks EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} @@ -71,7 +72,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "helm" HELM_REPO_PATH: "../../../../helm-chart" @@ -109,7 +109,6 @@ jobs: - name: Change splunk enterprise to release image on main branches if: github.ref == 'refs/heads/main' run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV echo "HELM_REPO_PATH=splunk" >> $GITHUB_ENV - name: Set GITHUB SHA value run: | @@ -168,18 +167,18 @@ jobs: uses: aws-actions/amazon-ecr-login@v2 - name: Pull Splunk Operator Image Locally and change name run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + docker pull ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + docker tag ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Tag and Push Splunk Enterprise Image to ECR run: | - docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker push ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Pull Splunk Operator Image Locally run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + docker pull ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Change Operator Image Tag to latest run: | - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:latest + docker tag ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:latest - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} @@ -212,8 +211,8 @@ jobs: KUTTL_SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} KUTTL_SPLUNK_OPERATOR_IMAGE: ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.HELM_GITHUB_SHA }} INSTALL_OPERATOR: true - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} - AWS_S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + S3_REGION: ${{ steps.dotenv.outputs.AWS_DEFAULT_REGION }} + AWS_S3_REGION: ${{ steps.dotenv.outputs.AWS_DEFAULT_REGION }} TEST_S3_BUCKET: ${{ secrets.TEST_BUCKET }} TEST_VPC_ENDPOINT_URL: ${{ secrets.TEST_VPC_ENDPOINT_URL }} TEST_S3_ACCESS_KEY_ID: ${{ vars.TEST_S3_ACCESS_KEY_ID }} diff --git a/.github/workflows/int-test-azure-workflow.yml b/.github/workflows/int-test-azure-workflow.yml index 743bb5df6..2609ed127 100644 --- a/.github/workflows/int-test-azure-workflow.yml +++ b/.github/workflows/int-test-azure-workflow.yml @@ -16,9 +16,9 @@ jobs: build-operator-image: runs-on: ubuntu-latest env: - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator CONTAINER_REGISTRY: ${{ secrets.AZURE_CONTAINER_REGISTRY }} + AZURE_REGION: ${{ vars.AZURE_REGION }} steps: - uses: actions/checkout@v2 - name: Dotenv Action @@ -64,7 +64,7 @@ jobs: ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} ECR_REPOSITORY: ${{ secrets.AZURE_ACR_LOGIN_SERVER }} AZURE_CONTAINER_REGISTRY_LOGIN_SERVER: ${{ secrets.AZURE_ACR_LOGIN_SERVER }} - AZURE_REGION: ${{ secrets.AZURE_REGION }} + AZURE_REGION: ${{ vars.AZURE_REGION }} steps: - name: Checkout code uses: actions/checkout@v2 @@ -113,10 +113,10 @@ jobs: env: CLUSTER_NODES: 2 CLUSTER_WORKERS: 5 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_RELEASE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + AZURE_REGION: ${{ vars.AZURE_REGION }} TEST_FOCUS: azure_sanity # This regex matches any string not containing integration keyword TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" @@ -132,7 +132,6 @@ jobs: ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} ECR_REPOSITORY: ${{ secrets.AZURE_ACR_LOGIN_SERVER }} AZURE_CONTAINER_REGISTRY_LOGIN_SERVER: ${{ secrets.AZURE_ACR_LOGIN_SERVER }} - AZURE_REGION: ${{ secrets.AZURE_REGION }} CLUSTER_WIDE: "true" # AZURE_MANAGED_ID_ENABLED: "${{ matrix.auth_method_managed_id }}" AZURE_MANAGED_ID_ENABLED: "false" @@ -146,10 +145,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@v1 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: 'Login via Azure CLI' uses: azure/login@v1 with: diff --git a/.github/workflows/int-test-gcp-workflow.yml b/.github/workflows/int-test-gcp-workflow.yml index c72c05579..a94979abf 100644 --- a/.github/workflows/int-test-gcp-workflow.yml +++ b/.github/workflows/int-test-gcp-workflow.yml @@ -58,14 +58,13 @@ jobs: - name: Login to GCR uses: docker/login-action@v3 with: - registry: ${{ secrets.GCP_ARTIFACT_REGISTRY }} + registry: ${{ env.ARTIFACT_REGISTRY }} username: _json_key password: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }} - name: Build Splunk Operator Image run: | - make docker-buildx IMG=${{ secrets.GCP_ARTIFACT_REGISTRY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - + make docker-buildx IMG=${{ env.ARTIFACT_REGISTRY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA create-cluster-and-run-tests: strategy: matrix: @@ -83,17 +82,15 @@ jobs: CLUSTER_PROVIDER: gcp ARTIFACT_REGISTRY: ${{ secrets.GCP_ARTIFACT_REGISTRY }} GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }} - GCP_REGION: ${{ secrets.GCP_REGION }} - AWS_S3_REGION: ${{ secrets.GCP_REGION }} - GCP_ZONE: ${{ secrets.GCP_ZONE }} GCP_NETWORK: default # Adjust if using a custom network GCP_SUBNETWORK: default # Adjust if using a custom subnetwork TEST_FOCUS: ${{ matrix.test_focus.name }} CLUSTER_NODES: 2 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_RELEASE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + GCP_REGION: ${{ vars.GCP_REGION }} + GCP_ZONE: ${{ vars.GZP_ZONE }} # This regex matches any string not containing integration keyword TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" TEST_BUCKET: ${{ secrets.TEST_BUCKET }} @@ -162,11 +159,6 @@ jobs: project_id: ${{ secrets.GCP_PROJECT_ID }} install_components: 'kubectl' - - name: Change Splunk Enterprise Image on Main Branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - - name: Authenticate to GCP uses: google-github-actions/auth@v1 with: diff --git a/.github/workflows/int-test-workflow.yml b/.github/workflows/int-test-workflow.yml index 001a34cee..e7f9ad17d 100644 --- a/.github/workflows/int-test-workflow.yml +++ b/.github/workflows/int-test-workflow.yml @@ -18,10 +18,10 @@ jobs: build-operator-image: runs-on: ubuntu-latest env: - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - uses: actions/checkout@v2 - name: Dotenv Action @@ -53,7 +53,7 @@ jobs: uses: aws-actions/amazon-ecr-login@v2 - name: Build and push Splunk Operator Image run: | - make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA int-tests: strategy: fail-fast: false @@ -77,9 +77,10 @@ jobs: env: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing integration keyword TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" @@ -90,7 +91,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} CLUSTER_WIDE: "true" DEPLOYMENT_TYPE: "" AWS_INDEX_INGEST_SEP_ACCESS_KEY_ID: ${{ secrets.AWS_INDEX_INGEST_SEP_ACCESS_KEY_ID }} @@ -117,10 +117,6 @@ jobs: - name: Dotenv Action id: dotenv uses: falti/dotenv-action@v1 - - name: Change splunk enterprise to release image on main branches - if: github.ref == 'refs/heads/main' - run: | - echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV - name: Install Kubectl uses: Azure/setup-kubectl@v3 with: @@ -175,8 +171,8 @@ jobs: uses: aws-actions/amazon-ecr-login@v2 - name: Tag and Push Splunk Enterprise Image to ECR run: | - docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker push ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} @@ -194,7 +190,7 @@ jobs: mkdir -p ./bin cp /snap/bin/kustomize ./bin/kustomize - name: Run Integration test - timeout-minutes: 240 + timeout-minutes: 300 env: TEST_TIMEOUT: 225m TEST_S3_ACCESS_KEY_ID: ${{ vars.TEST_S3_ACCESS_KEY_ID }} diff --git a/.github/workflows/manual-int-test-workflow.yml b/.github/workflows/manual-int-test-workflow.yml index 96629316e..b9be11d2f 100644 --- a/.github/workflows/manual-int-test-workflow.yml +++ b/.github/workflows/manual-int-test-workflow.yml @@ -12,6 +12,9 @@ on: description: 'Run Operator in Cluster Wide Mode. Type false to run cluster in namespace mode' required: false default: "true" + push: + paths: + - '.github/workflows/manual-int-test-workflow.yml' jobs: int-tests: strategy: @@ -35,10 +38,10 @@ jobs: env: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} - SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_RELEASE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing integration keyword TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" @@ -49,8 +52,7 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} - CLUSTER_WIDE: ${{ github.event.inputs.CLUSTER_WIDE }} + CLUSTER_WIDE: ${{ github.event.inputs.CLUSTER_WIDE || 'true' }} AWS_INDEX_INGEST_SEP_ACCESS_KEY_ID: ${{ secrets.AWS_INDEX_INGEST_SEP_ACCESS_KEY_ID }} AWS_INDEX_INGEST_SEP_SECRET_ACCESS_KEY: ${{ secrets.AWS_INDEX_INGEST_SEP_SECRET_ACCESS_KEY }} steps: @@ -126,11 +128,11 @@ jobs: - name: Build and Push Splunk Operator Image run: | docker pull registry.access.redhat.com/ubi8/ubi-minimal:latest - make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Tag and Push Splunk Enterprise Image to ECR run: | - docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker push ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} @@ -148,7 +150,7 @@ jobs: mkdir -p ./bin cp /snap/bin/kustomize ./bin/kustomize - name: Run Integration test - timeout-minutes: 240 + timeout-minutes: 300 env: TEST_TIMEOUT: 225m TEST_S3_ACCESS_KEY_ID: ${{ vars.TEST_S3_ACCESS_KEY_ID }} @@ -214,10 +216,10 @@ jobs: uses: aws-actions/amazon-ecr-login@v2 - name: Pull Splunk Operator Image Locally run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + docker pull ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Change Operator Image Tag to edge run: | - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} + docker tag ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} - name: Configure Docker Hub credentials uses: docker/login-action@v3 with: diff --git a/.github/workflows/namespace-scope-int-workflow.yml b/.github/workflows/namespace-scope-int-workflow.yml index fc3d3554f..4f7b1266b 100644 --- a/.github/workflows/namespace-scope-int-workflow.yml +++ b/.github/workflows/namespace-scope-int-workflow.yml @@ -31,9 +31,10 @@ jobs: env: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing integration keyword TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" @@ -44,7 +45,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} CLUSTER_WIDE: "false" AWS_INDEX_INGEST_SEP_ACCESS_KEY_ID: ${{ secrets.AWS_INDEX_INGEST_SEP_ACCESS_KEY_ID }} AWS_INDEX_INGEST_SEP_SECRET_ACCESS_KEY: ${{ secrets.AWS_INDEX_INGEST_SEP_SECRET_ACCESS_KEY }} @@ -123,11 +123,11 @@ jobs: - name: Build and Push Splunk Operator Image run: | docker pull registry.access.redhat.com/ubi8/ubi-minimal:latest - make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Tag and Push Splunk Enterprise Image to ECR run: | - docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker push ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} diff --git a/.github/workflows/nightly-int-test-workflow.yml b/.github/workflows/nightly-int-test-workflow.yml index 3f886dd9a..a4d451dd7 100644 --- a/.github/workflows/nightly-int-test-workflow.yml +++ b/.github/workflows/nightly-int-test-workflow.yml @@ -8,14 +8,17 @@ permissions: on: schedule: - cron: "0 06 * * 0" + push: + paths: + - '.github/workflows/nightly-int-test-workflow.yml' jobs: build-operator-image: runs-on: ubuntu-latest env: - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - uses: actions/checkout@v2 with: @@ -49,7 +52,7 @@ jobs: uses: aws-actions/amazon-ecr-login@v2 - name: Build and Push Splunk Operator Image run: | - make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA int-tests: strategy: fail-fast: false @@ -73,9 +76,10 @@ jobs: env: CLUSTER_NODES: 1 CLUSTER_WORKERS: 3 - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} TEST_FOCUS: "${{ matrix.test }}" # This regex matches any string not containing integration keyword TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" @@ -86,7 +90,6 @@ jobs: TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} CLUSTER_WIDE: "true" AWS_INDEX_INGEST_SEP_ACCESS_KEY_ID: ${{ secrets.AWS_INDEX_INGEST_SEP_ACCESS_KEY_ID }} AWS_INDEX_INGEST_SEP_SECRET_ACCESS_KEY: ${{ secrets.AWS_INDEX_INGEST_SEP_SECRET_ACCESS_KEY }} @@ -122,7 +125,7 @@ jobs: uses: actions/setup-python@v2 - name: Install AWS CLI run: | - curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" + curl "${{ steps.dotenv.outputs.AWSCLI_URL }}" -o "awscliv2.zip" unzip awscliv2.zip sudo ./aws/install --update aws --version @@ -159,15 +162,15 @@ jobs: uses: aws-actions/amazon-ecr-login@v2 - name: Tag and Push Splunk Enterprise Image to ECR run: | - docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker push ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Pull Splunk Operator Image Locally run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + docker pull ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + docker tag ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Change Operator Image Tag to latest run: | - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:latest + docker tag ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:latest - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} @@ -231,6 +234,7 @@ jobs: needs: int-tests env: SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} TAG: edge steps: - name: Set up cosign @@ -254,10 +258,10 @@ jobs: uses: aws-actions/amazon-ecr-login@v2 - name: Pull Splunk Operator Image Locally run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + docker pull ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Change Operator Image Tag to edge run: | - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} + docker tag ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} - name: Configure Docker Hub credentials uses: docker/login-action@v3 with: @@ -267,12 +271,12 @@ jobs: run: docker push ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} - name: Sign Splunk Operator image with a key run: | - cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} + cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} env: COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} - name: Verify Signed Splunk Operator image run: | - cosign verify --key env://COSIGN_PUBLIC_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} + cosign verify --key env://COSIGN_PUBLIC_KEY ${{ env.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} env: COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }} diff --git a/.github/workflows/prodsec-workflow.yml b/.github/workflows/prodsec-workflow.yml index ea0929f0a..532c2d7fe 100644 --- a/.github/workflows/prodsec-workflow.yml +++ b/.github/workflows/prodsec-workflow.yml @@ -29,10 +29,10 @@ jobs: FOSSA-scanner: runs-on: ubuntu-latest env: - SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} - S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + SPLUNK_ENTERPRISE_IMAGE: ${{ vars.SPLUNK_ENTERPRISE_IMAGE }} + S3_REGION: ${{ vars.AWS_DEFAULT_REGION }} steps: - uses: actions/checkout@v2 - name: Dotenv Action diff --git a/AGENTS.md b/AGENTS.md index e2ba5781f..e403d55ff 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -198,7 +198,7 @@ WATCH_NAMESPACE="" # Watch all namespaces (clust ENVIRONMENT=default # Deployment environment # Splunk configuration -SPLUNK_ENTERPRISE_IMAGE=(See SPLUNK_ENTERPRISE_RELEASE_IMAGE in .env) # Splunk Enterprise image +SPLUNK_ENTERPRISE_IMAGE=(See SPLUNK_ENTERPRISE_IMAGE in .env) # Splunk Enterprise image SPLUNK_GENERAL_TERMS="" # SGT acceptance (required) # Testing diff --git a/test/appframework_aws/m4/appframework_aws_suite_test.go b/test/appframework_aws/m4/appframework_aws_suite_test.go index aa21c7084..f2c7205b2 100644 --- a/test/appframework_aws/m4/appframework_aws_suite_test.go +++ b/test/appframework_aws/m4/appframework_aws_suite_test.go @@ -56,7 +56,7 @@ func TestBasic(t *testing.T) { RegisterFailHandler(Fail) sc, _ := GinkgoConfiguration() - sc.Timeout = 240 * time.Minute + sc.Timeout = 300 * time.Minute RunSpecs(t, "Running "+testSuiteName, sc) } diff --git a/test/appframework_az/m4/appframework_azure_suite_test.go b/test/appframework_az/m4/appframework_azure_suite_test.go index 6184e543b..5b1459a67 100644 --- a/test/appframework_az/m4/appframework_azure_suite_test.go +++ b/test/appframework_az/m4/appframework_azure_suite_test.go @@ -56,7 +56,10 @@ func TestBasic(t *testing.T) { RegisterFailHandler(Fail) - RunSpecs(t, "Running "+testSuiteName) + sc, _ := GinkgoConfiguration() + sc.Timeout = 300 * time.Minute + + RunSpecs(t, "Running "+testSuiteName, sc) } var _ = BeforeSuite(func() { diff --git a/test/testenv/testcaseenv.go b/test/testenv/testcaseenv.go index cb3c8a107..c7c05ac8a 100644 --- a/test/testenv/testcaseenv.go +++ b/test/testenv/testcaseenv.go @@ -347,45 +347,56 @@ func (testenv *TestCaseEnv) createRoleBinding() error { } func (testenv *TestCaseEnv) attachPVCToOperator(name string) error { - var err error - // volume name which refers to PVC to be attached volumeName := "app-staging" - namespacedName := client.ObjectKey{Name: testenv.operatorName, Namespace: testenv.namespace} - operator := &appsv1.Deployment{} - err = testenv.GetKubeClient().Get(context.TODO(), namespacedName, operator) - if err != nil { - testenv.Log.Error(err, "Unable to get operator", "operator name", testenv.operatorName) - return err + + retryBackoff := wait.Backoff{ + Duration: 100 * time.Millisecond, + Factor: 2.0, + Jitter: 0.1, + Steps: 5, } - volume := corev1.Volume{ - Name: volumeName, - VolumeSource: corev1.VolumeSource{ - PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource{ - ClaimName: name, + return wait.ExponentialBackoff(retryBackoff, func() (bool, error) { + operator := &appsv1.Deployment{} + err := testenv.GetKubeClient().Get(context.TODO(), namespacedName, operator) + if err != nil { + testenv.Log.Error(err, "Unable to get operator", "operator name", testenv.operatorName) + return false, err + } + + volume := corev1.Volume{ + Name: volumeName, + VolumeSource: corev1.VolumeSource{ + PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource{ + ClaimName: name, + }, }, - }, - } + } - operator.Spec.Template.Spec.Volumes = append(operator.Spec.Template.Spec.Volumes, volume) + operator.Spec.Template.Spec.Volumes = append(operator.Spec.Template.Spec.Volumes, volume) - volumeMount := corev1.VolumeMount{ - Name: volumeName, - MountPath: splcommon.AppDownloadVolume, - } + volumeMount := corev1.VolumeMount{ + Name: volumeName, + MountPath: splcommon.AppDownloadVolume, + } - operator.Spec.Template.Spec.Containers[0].VolumeMounts = append(operator.Spec.Template.Spec.Containers[0].VolumeMounts, volumeMount) + operator.Spec.Template.Spec.Containers[0].VolumeMounts = append(operator.Spec.Template.Spec.Containers[0].VolumeMounts, volumeMount) - // update the operator deployment now - err = testenv.GetKubeClient().Update(context.TODO(), operator) - if err != nil { - testenv.Log.Error(err, "Unable to update operator", "operator name", testenv.operatorName) - return err - } + // update the operator deployment now + err = testenv.GetKubeClient().Update(context.TODO(), operator) + if err != nil { + if errors.IsConflict(err) { + testenv.Log.Info("Conflict updating operator, retrying", "operator name", testenv.operatorName) + return false, nil + } + testenv.Log.Error(err, "Unable to update operator", "operator name", testenv.operatorName) + return false, err + } - return err + return true, nil + }) } func (testenv *TestCaseEnv) createOperator() error {