Change OrbStack to use SWiPE ID

Author: rcastley

.gitignore

@@ -28,11 +28,6 @@ package-lock.json
 .hugo_build.lock
 /resources
 !*/resources/
-workshop/Lambda/Java/MobileShop/target/*
-workshop/Lambda/Java/MobileShop/.classpath
-workshop/Lambda/Java/MobileShop/.factorypath
-workshop/Lambda/Java/MobileShop/.project
-workshop/Lambda/Java/MobileShop/.settings/*
 workshop/aws/ec2/terraform.tfvars.eu0.1.base.tfvars
 workshop/aws/ec2/terraform.tfvars.eu0.1.pre.tfvars
 workshop/aws/ec2/pre-eu.sh
@@ -50,9 +45,6 @@ workshop/aws/ec2/*.conf
 workshop/aws/ec2/*.key
 workshop/aws/ec2/*.csv
 .idea/
-workshop/demo-client/venv/*
-workshop/demo-server/venv/*
-local-hosting/orbstack/start.sh
 local-hosting/multipass/terraform.tfvars
 local-hosting/multipass/ubuntu-cloudinit.yml
 workshop/aws/ec2/terraform.tfvars copy.template

content/en/resources/local-hosting/orbstack.md

@@ -4,21 +4,12 @@ weight: 2
 description: Learn how to create a local hosting environment with OrbStack - Mac (Apple Silicon)
 ---
 
-Install Orbstack:
+Install Orbstack and jq:
 
 ``` bash
-brew install orbstack
+brew install orbstack jq
 ```
 
-Log Observer Connect:
-
-If you plan to use your own Splunk Observability Cloud Suite Org and or Splunk instance, you may need to create a new **Log Observer Connect** connection:
-Follow the instructions found in the [documentation](https://docs.splunk.com/observability/en/logs/lo-connect-landing.html) for [Splunk Cloud](https://docs.splunk.com/observability/en/logs/scp.html#logs-scp) or [Splunk Enterprize](https://docs.splunk.com/observability/en/logs/set-up-logconnect.html).
-
-Additional requirements for running your own **Log Observer Connect** connection are:
-Create an index called **splunk4rookies-workshop**
-Make sure the Service account user used in the **Log observer Connect** Connection has access to the **splunk4rookies-workshop** index. (You can remove all other indexes, as all workshop log data should go to this index)
-
 Clone workshop repository:
 
 ``` bash
@@ -31,20 +22,10 @@ Change into Orbstack directory:
 cd observability-workshop/local-hosting/orbstack
 ```
 
-Copy the `start.sh.example` to `start.sh` and edit the file to set the following required variables
-Make sure  that you do not use a Raw Endpoint, but use an Event Endpoint instead as this will process the logs correctly
-
-- `ACCESS_TOKEN`
-- `REALM`
-- `API_TOKEN`
-- `RUM_TOKEN`
-- `HEC_TOKEN`
-- `HEC_URL`
-
-Run the script and provide and instance name e.g.:
+Run the script and provide and instance name and [SWiPE ID](https://swipe.splunk.show) e.g.:
 
 ``` bash
-./start.sh my-instance
+./start.sh my-instance 12345678
 ```
 
 Once the instance has been successfully created (this can take several minutes), you will automatically be logged into the instance. If you exit you can SSH back in using the following command (replace `<my_instance>` with the name of your instance):

local-hosting/orbstack/README.md

@@ -1,122 +1,3 @@
 # Preparing an Orbstack instance
 
 Click [**here**](https://splunk.github.io/observability-workshop/latest/en/resources/local-hosting/orbstack/index.html) for instructions on how to prepare an OrbStack instance.
-
-<!--
-**NOTE:** Please disable any VPNs or proxies before running the commands below e.g:
-
-- ZScaler
-- Cisco AnyConnect
-
-These tools **will** prevent the instance from being created properly.
-
-## 1. Pre-requisites
-
-Install Orbstack:
-
-``` bash
-brew install orbstack
-```
-
-If you plan to use your own Splunk Observability Cloud Suite Org, you may need to create a **Log Observer Connect** connection:
-Follow the instructions found in the [documentation](https://docs.splunk.com/observability/en/logs/lo-connect-landing.html) for [Splunk Cloud](https://docs.splunk.com/observability/en/logs/scp.html#logs-scp) or [Splunk Enterprize](https://docs.splunk.com/observability/en/logs/set-up-logconnect.html).
-
-Additional requirements for running your own **Log Observer Connect** connection are: 
-Create an index called **splunk4rookies-workshop**
-Make sure the Service account user has access to the **splunk4rookies-workshop** index. (You can remove all other indexes, as all log data should go to this index)
-
-
-## 2. Clone workshop repository
-
-``` bash
-git clone https://github.com/splunk/observability-workshop
-```
-
-## 3. Change into Orbstack directory
-
-```bash
-cd observability-workshop/orbstack
-```
-
-## 4. Create start.sh script
-
-Copy the `start.sh.example` to `start.sh` and edit the file to set the required variables:
-
-- ACCESS_TOKEN
-- REALM
-- HEC_TOKEN
-- HEC_URL
-
-``` bash
-
-#!/bin/bash
-echo "Building: $1";
-
-# Change these values below to match your environment and safe this file as start.sh
-export ACCESS_TOKEN="<redacted>"
-export REALM="eu0"
-export RUM_TOKEN="<redacted>"
-export HEC_TOKEN="<redacted>"
-#export HEC_URL="https://http-inputs-o11y-workshop-eu0.splunkcloud.com:443/services/collector/event"
-export HEC_URL="https://http-inputs-o11y-workshop-us1.splunkcloud.com:443/services/collector/event"
-export INSTANCE=$1
-
-# Do not change anything below this line
-orb create -c cloud-init.yaml -a arm64 ubuntu:jammy $INSTANCE
-sleep 2
-ORBENV=ACCESS_TOKEN:REALM:RUM_TOKEN:HEC_TOKEN:HEC_URL:INSTANCE orb -m $INSTANCE -u splunk ansible-playbook /home/splunk/orbstack.yml
-echo "ssh splunk@$INSTANCE@orb"
-ssh splunk@$INSTANCE@orb
-
-```
-
-Make sure your HEC_URL ends in https://[url]:[port]**/services/collector/event** as the raw endpoint does not process the logs as required.
-
-Run the script and provide an instance name e.g.: `./start.sh my-instance`.
-
-Once the instance has been successfully created (this can take several minutes), you will automatically be logged into the instance. If you exit you can SSH back in using the following command:
-
-```bash
-ssh splunk@<my_instance>@orb
-```
-
-## 5. Validate instance
-
-Once in the shell, you can validate that the instance is ready by running the following command:
-
-```bash
-kubectl version --output=yaml
-```
-
-To get the IP address of the instance, run the following command:
-
-```bash
-ifconfig eth0
-```
-
-If you get an error please check that you have disabled any VPNs or proxies and try again e.g. ZScaler, Cisco AnyConnect.
-
-To start again, delete the instance and re-run `start.sh my-instance`:
-
-```bash
-orb delete my-instance
-```
-
-You can use Vscode with your new orb/container. 
-Make sure you have installed the remote ssh extension in  vscode
-
-here is a sample  config for you ssh_config
-
-```text
-Host conf
-  Hostname 127.0.0.1
-  Port 32222
-  User splunk@orb-1
-  # replace or symlink ~/.orbstack/ssh/id_ed25519 file to change the key
-  IdentityFile ~/.orbstack/ssh/id_ed25519
-  # only use this key
-  IdentitiesOnly yes
-  ProxyCommand '/Applications/OrbStack.app/Contents/MacOS/../Frameworks/OrbStack Helper.app/Contents/MacOS/OrbStack Helper' ssh-proxy-fdpass 501
-  ProxyUseFdpass yes
- ```
--->

local-hosting/orbstack/start.sh

@@ -0,0 +1,47 @@
+#!/usr/bin/env bash
+export TERM=xterm-256color
+
+# Script requires two arguments:
+# $1: Instance name - A name for your OrbStack instance (e.g. "splunk-workshop")
+# $2: SWiPE ID - A valid Splunk Workshop ID to retrieve configuration
+
+# Check if both arguments are provided
+if [ $# -ne 2 ]; then
+  echo "Error: This script requires two arguments."
+  echo "Usage: $0 <instance_name> <swipe_id>"
+  echo ""
+  echo "  <instance_name>: Name for your OrbStack instance (e.g. 'splunk-workshop')"
+  echo "  <swipe_id>: Valid Splunk Workshop ID to retrieve configuration"
+  echo ""
+  echo "Example: $0 splunk-workshop abc123"
+  exit 1
+fi
+
+echo "Building instance '$1' with SWiPE ID '$2'";
+
+JSON_RESPONSE=$(curl -s https://swipe.splunk.show/api?id=$2)
+# Change these values below to match your environment and save this file as start.sh
+
+# Check if Workshop ID not found
+if [[ "$JSON_RESPONSE" == '{"message":"Workshop ID not found"}' ]]; then
+  echo -e "Error: SWiPE ID '$2' not found. Please verify your Workshop ID and try again.\n" && exit 1
+fi
+
+# Parse the JSON response and extract values
+export ACCESS_TOKEN=$(echo ${JSON_RESPONSE} | jq -r '.INGEST')
+export API_TOKEN=$(echo ${JSON_RESPONSE} | jq -r '.API')
+export REALM=$(echo ${JSON_RESPONSE} | jq -r '.REALM')
+export RUM_TOKEN=$(echo ${JSON_RESPONSE} | jq -r '.RUM')
+export HEC_TOKEN=$(echo ${JSON_RESPONSE} | jq -r '.HEC_TOKEN')
+export HEC_URL=$(echo ${JSON_RESPONSE} | jq -r '.HEC_URL')
+export INSTANCE=$1
+
+echo "Creating instance '$INSTANCE' with configuration from SWiPE ID '$2'..."
+
+# Do not change anything below this line
+orb create -c cloud-init.yaml -a arm64 ubuntu:jammy "$INSTANCE"
+sleep 2
+ORBENV="ACCESS_TOKEN:REALM:API_TOKEN:RUM_TOKEN:HEC_TOKEN:HEC_URL:INSTANCE" orb -m "$INSTANCE" -u splunk ansible-playbook /home/splunk/orbstack.yml
+echo "Connect to your instance with:"
+echo "ssh -t splunk@$INSTANCE@orb ${SHELL} -l"
+ssh -t "splunk@$INSTANCE@orb" "${SHELL}" -l