cloud storage dedup

.github/workflows/int-test-azure-workflow.yml

@@ -9,6 +9,7 @@ on:
     branches:
       - develop
       - main
+      - CSPL-4601-rebased
     paths-ignore:
       - 'docs/**'
       - '*.md'
@@ -108,6 +109,17 @@ jobs:
         inlineScript: |
           az aks update -n ${{ env.TEST_CLUSTER_NAME }} -g ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} --attach-acr ${{ secrets.AZURE_CONTAINER_REGISTRY }}
   int-tests-appframeworkazure:
+    strategy:
+      fail-fast: false
+      matrix:
+        test:
+          [
+            masterappframeworkc3,
+            managerappframeworkc3,
+            masterappframeworkm4,
+            managerappframeworkm4,
+            appframeworksS1,
+          ]
     runs-on: ubuntu-latest
     needs: setup-aks-cluster
     env:
@@ -117,7 +129,7 @@ jobs:
       SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}
       SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
       SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator
-      TEST_FOCUS: azure_sanity
+      TEST_FOCUS: "${{ matrix.test }}"
       # This regex matches any string not containing integration keyword
       TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$"
       TEST_CLUSTER_PLATFORM: azure
@@ -134,7 +146,6 @@ jobs:
       AZURE_CONTAINER_REGISTRY_LOGIN_SERVER: ${{ secrets.AZURE_ACR_LOGIN_SERVER }}
       AZURE_REGION: ${{ secrets.AZURE_REGION }}
       CLUSTER_WIDE: "true"
-      # AZURE_MANAGED_ID_ENABLED: "${{ matrix.auth_method_managed_id }}"
       AZURE_MANAGED_ID_ENABLED: "false"
     steps:
       # Need this because apps are downloaded from S3.
@@ -195,34 +206,50 @@ jobs:
         run: |
           docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.AZURE_ACR_LOGIN_SERVER }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }}
           docker push ${{ secrets.AZURE_ACR_LOGIN_SERVER }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }}
-      - name: Azure Kubernetes set context
-        uses: Azure/aks-set-context@v1
-        with:
-          creds: ${{ secrets.AZURE_CREDENTIALS }}
-          resource-group: ${{ secrets.AZURE_RESOURCE_GROUP_NAME }}
-          cluster-name: ${{ env.TEST_CLUSTER_NAME }}
+      - name: Get AKS credentials
+        run: |
+          az aks get-credentials --resource-group ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} --name ${{ env.TEST_CLUSTER_NAME }} --admin --overwrite-existing
+      - name: Setup long-lived service account auth
+        run: |
+          kubectl create serviceaccount ci-test-runner -n kube-system 2>/dev/null || true
+          kubectl create clusterrolebinding ci-test-runner-admin \
+            --clusterrole=cluster-admin \
+            --serviceaccount=kube-system:ci-test-runner 2>/dev/null || true
+
+          cat <<'EOF' | kubectl apply -f -
+          apiVersion: v1
+          kind: Secret
+          metadata:
+            name: ci-test-runner-token
+            namespace: kube-system
+            annotations:
+              kubernetes.io/service-account.name: ci-test-runner
+          type: kubernetes.io/service-account-token
+          EOF
+
+          echo "Waiting for service account token..."
+          TOKEN=""
+          for i in $(seq 1 30); do
+            TOKEN=$(kubectl get secret ci-test-runner-token -n kube-system -o jsonpath='{.data.token}' 2>/dev/null | base64 -d 2>/dev/null)
+            if [ -n "${TOKEN}" ]; then break; fi
+            sleep 2
+          done
+
+          if [ -n "${TOKEN}" ]; then
+            kubectl config set-credentials ci-test-runner --token="${TOKEN}"
+            kubectl config set-context --current --user=ci-test-runner
+            echo "Switched kubeconfig to long-lived service account token"
+          else
+            echo "WARNING: Could not create SA token, keeping admin cert auth"
+          fi
+          kubectl cluster-info
       - name: install metric server
-        uses: Azure/aks-set-context@v1
-        with:
-          creds: ${{ secrets.AZURE_CREDENTIALS }}
-          resource-group: ${{ secrets.AZURE_RESOURCE_GROUP_NAME }}
-          cluster-name: ${{ env.TEST_CLUSTER_NAME }}
-          inlineScript: |
-            curl -LO https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
-            kubectl replace --force -f components.yaml || kubectl apply -f components.yaml
+        run: |
+          curl -LO https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
+          kubectl replace --force -f components.yaml || kubectl apply -f components.yaml
       - name: install k8s dashboard
-        uses: Azure/aks-set-context@v1
-        with:
-          creds: ${{ secrets.AZURE_CREDENTIALS }}
-          resource-group: ${{ secrets.AZURE_RESOURCE_GROUP_NAME }}
-          cluster-name: ${{ env.TEST_CLUSTER_NAME }}
-          inlineScript: |
-            kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml
-      - name: Setup Kustomize
         run: |
-          sudo snap install kustomize
-          mkdir -p ./bin
-          cp /snap/bin/kustomize ./bin/kustomize
+          kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml
       - name: Run Integration test
         timeout-minutes: 240
         env:
@@ -238,20 +265,20 @@ jobs:
         if: ${{ always() }}
         uses: actions/upload-artifact@v6
         with:
-          name: "splunk-pods-logs--artifacts-appframeworkazure"
+          name: "splunk-pods-logs--artifacts-${{ matrix.test }}"
           path: "/tmp/pod_logs/**"
       - name: Upload Integration Test Results
         if: always()
         uses: actions/upload-artifact@v6
         with:
-          name: "test-report-integration-azure"
+          name: "test-report-integration-azure-${{ matrix.test }}"
           path: report-junit*.xml
       - name: Publish Integration Test Report
         uses: mikepenz/action-junit-report@v6
         if: always()
         with:
           report_paths: 'report-junit*.xml'
-          check_name: 'Integration Test Results (Azure)'
+          check_name: 'Integration Test Results (Azure) - ${{ matrix.test }}'
           detailed_summary: true
       - name: Cleanup Test Case artifacts
         if: ${{ always() }}

.github/workflows/int-test-gcp-workflow.yml

@@ -9,6 +9,7 @@ on:
     branches:
       - develop
       - main
+      - CSPL-4601-rebased
     paths-ignore:
       - 'docs/**'
       - '*.md'
@@ -70,11 +71,11 @@ jobs:
     strategy:
       matrix:
         test_focus:
-          - { order: 1, name: "c3_gcp_sanity" }
-          - { order: 2, name: "c3_mgr_gcp_sanity" }
-          - { order: 3, name: "m4_gcp_sanity" }
-          - { order: 4, name: "m4_mgr_gcp_sanity" }
-          - { order: 5, name: "s1_gcp_sanity" }
+          - { order: 1, name: "masterappframeworkc3" }
+          - { order: 2, name: "managerappframeworkc3" }
+          - { order: 3, name: "masterappframeworkm4" }
+          - { order: 4, name: "managerappframeworkm4" }
+          - { order: 5, name: "appframeworksS1" }
     runs-on: ubuntu-latest
     needs: build-operator-image
     env:
@@ -84,7 +85,7 @@ jobs:
       ARTIFACT_REGISTRY: ${{ secrets.GCP_ARTIFACT_REGISTRY }}
       GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }}
       GCP_REGION: ${{ secrets.GCP_REGION }}
-      AWS_S3_REGION: ${{ secrets.GCP_REGION }}
+      GCP_STORAGE_REGION: ${{ secrets.GCP_REGION }}
       GCP_ZONE: ${{ secrets.GCP_ZONE }}
       GCP_NETWORK: default  # Adjust if using a custom network
       GCP_SUBNETWORK: default  # Adjust if using a custom subnetwork
@@ -112,7 +113,7 @@ jobs:
       GCP_TEST_CONTAINER: ${{ secrets.GCP_TEST_CONTAINER}}
       GCP_INDEXES_CONTAINER: ${{ secrets.GCP_INDEXES_CONTAINER}}
       ECR_REPOSITORY: ${{ secrets.GCP_ARTIFACT_REGISTRY }}
-      GCP_CONTAINER_REGISTRY_LOGIN_SERVER: ${{ secrets.AZURE_ACR_LOGIN_SERVER }}
+      GCP_CONTAINER_REGISTRY_LOGIN_SERVER: ${{ secrets.GCP_ARTIFACT_REGISTRY }}
     steps:
       - name: Set Test Cluster Name
         run: |
@@ -136,46 +137,28 @@ jobs:
         uses: google-github-actions/setup-gcloud@v1
         with:
           project_id: ${{ secrets.GCP_PROJECT_ID }}
-          install_components: 'kubectl'
+          install_components: 'kubectl,gke-gcloud-auth-plugin'
 
       - name: Set GCP Project
         run: |
           gcloud config set project ${{ env.GCP_PROJECT_ID }}
+          echo "USE_GKE_GCLOUD_AUTH_PLUGIN=True" >> $GITHUB_ENV
 
       - name: Create GKE Cluster
         run: |
           export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }}
           export GKE_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }}
           make cluster-up
 
-      - name: Get Kubernetes Credentials
-        run: |
-          gcloud container clusters get-credentials ${{ env.CLUSTER_NAME }} --zone ${{ env.GCP_ZONE }} --project ${{ env.GCP_PROJECT_ID }}
-
       - name: Allow Pulling from Artifact Registry
         run: |
           gcloud auth configure-docker ${{ secrets.GCP_ARTIFACT_REGISTRY }}
 
-      - name: Set up Cloud SDK
-        uses: google-github-actions/setup-gcloud@v1
-        with:
-          project_id: ${{ secrets.GCP_PROJECT_ID }}
-          install_components: 'kubectl'
-
       - name: Change Splunk Enterprise Image on Main Branches
         if: github.ref == 'refs/heads/main'
         run: |
           echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV
 
-      - name: Authenticate to GCP
-        uses: google-github-actions/auth@v1
-        with:
-          credentials_json: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }}
-
-      - name: Set GCP Project
-        run: |
-          gcloud config set project ${{ env.GCP_PROJECT_ID }}
-
       - name: Install Kubectl
         uses: azure/setup-kubectl@v3
         with:
@@ -224,16 +207,6 @@ jobs:
           docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.GCP_ARTIFACT_REGISTRY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }}
           docker push ${{ secrets.GCP_ARTIFACT_REGISTRY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }}
 
-      - name: Get Kubernetes Credentials
-        run: |
-          gcloud container clusters get-credentials ${{ env.CLUSTER_NAME }} --zone ${{ env.GCP_ZONE }} --project ${{ env.GCP_PROJECT_ID }}
-
-      - name: Get GKE Credentials
-        uses: google-github-actions/get-gke-credentials@v1
-        with:
-          cluster_name: ${{ env.CLUSTER_NAME }}
-          location: ${{ env.GCP_ZONE }}
-
       - name: Install Metrics Server
         run: |
           curl -LO https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
@@ -245,7 +218,7 @@ jobs:
 
       - name: Setup Kustomize
         run: |
-          curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh"  | bash
+          curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash -s -- 5.4.3
           sudo mv kustomize /usr/local/bin/
 
       - name: Verify kubectl Configuration

Makefile

@@ -236,10 +236,9 @@ $(CONTROLLER_GEN): $(LOCALBIN)
 	test -s $(LOCALBIN)/controller-gen || GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-tools/cmd/controller-gen@${CONTROLLER_TOOLS_VERSION}
 
 KUSTOMIZE = $(LOCALBIN)/kustomize
-KUSTOMIZE_INSTALL_SCRIPT ?= "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh"
 kustomize: $(KUSTOMIZE) ## Download kustomize locally if necessary.
 $(KUSTOMIZE): $(LOCALBIN)
-	test -s $(LOCALBIN)/kustomize || curl -s $(KUSTOMIZE_INSTALL_SCRIPT) | bash -s -- $(subst v,,${KUSTOMIZE_VERSION}) $(LOCALBIN)
+	test -s $(LOCALBIN)/kustomize || GOBIN=$(LOCALBIN) go install sigs.k8s.io/kustomize/kustomize/v5@${KUSTOMIZE_VERSION}
 
 ENVTEST = $(LOCALBIN)/setup-envtest
 envtest: $(ENVTEST) ## Download envtest-setup locally if necessary.

test/appframework_aws/c3/appframework_aws_suite_test.go → test/appframework/c3/appframework_suite_test.go

@@ -14,6 +14,7 @@
 package c3appfw
 
 import (
+	"context"
 	"os"
 	"path/filepath"
 	"testing"
@@ -49,6 +50,7 @@ var (
 	downloadDirV1         = filepath.Join(currDir, "c3appfwV1-"+testenv.RandomDNSName(4))
 	downloadDirV2         = filepath.Join(currDir, "c3appfwV2-"+testenv.RandomDNSName(4))
 	downloadDirPVTestApps = filepath.Join(currDir, "c3appfwPVTestApps-"+testenv.RandomDNSName(4))
+	cloudBackend          testenv.CloudStorageBackend
 )
 
 // TestBasic is the main entry point
@@ -102,37 +104,32 @@ var _ = BeforeSuite(func() {
 	testenvInstance, err = testenv.NewDefaultTestEnv(testSuiteName)
 	Expect(err).ToNot(HaveOccurred())
 
-	if testenv.ClusterProvider == "eks" {
-		// Create a list of apps to upload to S3
-		appListV1 = testenv.BasicApps
-		appFileList := testenv.GetAppFileList(appListV1)
+	ctx := context.TODO()
+	cloudBackend = testenv.NewCloudStorageBackend(testS3Bucket, testDataS3Bucket)
+	Expect(cloudBackend).NotTo(BeNil(), "failed to initialize cloud storage backend")
 
-		// Download V1 Apps from S3
-		err = testenv.DownloadFilesFromS3(testDataS3Bucket, s3AppDirV1, downloadDirV1, appFileList)
-		Expect(err).To(Succeed(), "Unable to download V1 app files")
+	// Create a list of apps to upload
+	appListV1 = testenv.BasicApps
+	appFileList := testenv.GetAppFileList(appListV1)
 
-		// Create a list of apps to upload to S3 after poll period
-		appListV2 = append(appListV1, testenv.NewAppsAddedBetweenPolls...)
-		appFileList = testenv.GetAppFileList(appListV2)
+	// Download V1 Apps
+	err = cloudBackend.DownloadFiles(ctx, s3AppDirV1, downloadDirV1, appFileList)
+	Expect(err).To(Succeed(), "Unable to download V1 app files")
 
-		// Download V2 Apps from S3
-		err = testenv.DownloadFilesFromS3(testDataS3Bucket, s3AppDirV2, downloadDirV2, appFileList)
-		Expect(err).To(Succeed(), "Unable to download V2 app files")
-	} else {
-		testenvInstance.Log.Info("Skipping Before Suite Setup", "Cluster Provider", testenv.ClusterProvider)
-	}
+	// Create a list of apps to upload after poll period
+	appListV2 = append(appListV1, testenv.NewAppsAddedBetweenPolls...)
+	appFileList = testenv.GetAppFileList(appListV2)
 
+	// Download V2 Apps
+	err = cloudBackend.DownloadFiles(ctx, s3AppDirV2, downloadDirV2, appFileList)
+	Expect(err).To(Succeed(), "Unable to download V2 app files")
 })
 
 var _ = AfterSuite(func() {
 	if testenvInstance != nil {
 		Expect(testenvInstance.Teardown()).ToNot(HaveOccurred())
 	}
 
-	if testenvInstance != nil {
-		Expect(testenvInstance.Teardown()).ToNot(HaveOccurred())
-	}
-
 	// Delete locally downloaded app files
 	err := os.RemoveAll(downloadDirV1)
 	Expect(err).To(Succeed(), "Unable to delete locally downloaded V1 app files")