Skip to content

Commit 5fa3bd2

Browse files
rlieberman-splunkrlieberman-splunk
authored
Merge pull request #1393 from splunk/CSPL_2920
CSPL_2920 - Add support for ARM64 pipelines
2 parents 0e066ac + 261d84c commit 5fa3bd2

20 files changed

+1164
-125
lines changed

.env

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,4 +6,6 @@ KUBECTL_VERSION=v1.29.1
66
AZ_CLI_VERSION=2.30.0
77
EKSCTL_VERSION=v0.191.0
88
EKS_CLUSTER_K8_VERSION=1.31
9-
SPLUNK_ENTERPRISE_RELEASE_IMAGE=splunk/splunk:9.3.2
9+
EKS_INSTANCE_TYPE=m5.2xlarge
10+
EKS_INSTANCE_TYPE_ARM64=c6g.4xlarge
11+
SPLUNK_ENTERPRISE_RELEASE_IMAGE=splunk/splunk:9.3.2

.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml

Lines changed: 303 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,303 @@
1+
name: Arm AL2023 Smoke Test WorkFlow
2+
on:
3+
push:
4+
branches:
5+
- develop
6+
- main
7+
jobs:
8+
check-formating:
9+
runs-on: ubuntu-latest
10+
steps:
11+
- uses: actions/checkout@v2
12+
- name: Dotenv Action
13+
id: dotenv
14+
uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359
15+
- name: Setup Go
16+
uses: actions/setup-go@v2
17+
with:
18+
go-version: ${{ steps.dotenv.outputs.GO_VERSION }}
19+
- name: Check Source formatting
20+
run: make fmt && if [[ $? -ne 0 ]]; then false; fi
21+
- name: Lint source code
22+
run: make vet && if [[ $? -ne 0 ]]; then false; fi
23+
unit-tests:
24+
runs-on: ubuntu-latest
25+
needs: check-formating
26+
steps:
27+
- uses: actions/checkout@v2
28+
- name: Dotenv Action
29+
id: dotenv
30+
uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359
31+
- name: Setup Go
32+
uses: actions/setup-go@v2
33+
with:
34+
go-version: ${{ steps.dotenv.outputs.GO_VERSION }}
35+
- name: Install goveralls
36+
run: |
37+
go version
38+
go install github.com/mattn/goveralls@latest
39+
- name: Install Ginkgo
40+
run: |
41+
make setup/ginkgo
42+
go mod tidy
43+
- name: Run Unit Tests
44+
run: make test
45+
- name: Run Code Coverage
46+
run: goveralls -coverprofile=coverage.out -service=circle-ci -repotoken ${{ secrets.COVERALLS_TOKEN }}
47+
- name: Upload Coverage artifacts
48+
uses: actions/[email protected]
49+
with:
50+
name: coverage.out
51+
path: coverage.out
52+
build-operator-image-arm-al2023:
53+
runs-on: ubuntu-latest
54+
needs: unit-tests
55+
env:
56+
SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }}
57+
SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
58+
ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }}
59+
S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
60+
steps:
61+
- name: Set up cosign
62+
uses: sigstore/cosign-installer@main
63+
64+
- uses: actions/checkout@v2
65+
- name: Dotenv Action
66+
id: dotenv
67+
uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359
68+
- name: Setup Go
69+
uses: actions/setup-go@v2
70+
with:
71+
go-version: ${{ steps.dotenv.outputs.GO_VERSION }}
72+
- name: Install Ginkgo
73+
run: |
74+
make setup/ginkgo
75+
- name: Set up Docker Buildx
76+
uses: docker/[email protected]
77+
- name: Install Operator SDK
78+
run: |
79+
export ARCH=$(case $(uname -m) in x86_64) echo -n amd64 ;; aarch64) echo -n arm64 ;; *) echo -n $(uname -m) ;; esac)
80+
export OS=$(uname | awk '{print tolower($0)}')
81+
export OPERATOR_SDK_DL_URL=https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}
82+
sudo curl -LO ${OPERATOR_SDK_DL_URL}/operator-sdk_${OS}_${ARCH}
83+
sudo chmod +x operator-sdk_${OS}_${ARCH}
84+
sudo mv operator-sdk_${OS}_${ARCH} /usr/local/bin/operator-sdk
85+
- name: Configure AWS credentials
86+
uses: aws-actions/configure-aws-credentials@v1
87+
with:
88+
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
89+
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
90+
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
91+
- name: Login to Amazon ECR
92+
id: login-ecr
93+
uses: aws-actions/amazon-ecr-login@v1
94+
- name: Build and push Splunk Operator Image
95+
run: |
96+
export PLATFORMS=linux/arm64,linux/amd64
97+
export BASE_IMAGE=public.ecr.aws/amazonlinux/amazonlinux
98+
export BASE_IMAGE_VERSION=2023
99+
export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA
100+
make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG
101+
- name: Sign Splunk Operator image with a key
102+
run: |
103+
cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }}
104+
env:
105+
COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
106+
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
107+
vulnerability-scan:
108+
permissions:
109+
actions: read
110+
contents: read
111+
security-events: write
112+
runs-on: ubuntu-latest
113+
needs: build-operator-image-arm-al2023
114+
env:
115+
SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }}
116+
SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
117+
ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }}
118+
S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
119+
IMAGE_NAME: ${{ secrets.ECR_REPOSITORY }}/splunk/splunk-operator:${{ github.sha }}
120+
steps:
121+
- name: Set up cosign
122+
uses: sigstore/cosign-installer@main
123+
- uses: actions/checkout@v2
124+
- name: Dotenv Action
125+
id: dotenv
126+
uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359
127+
- name: Set up Docker Buildx
128+
uses: docker/[email protected]
129+
- name: Configure AWS credentials
130+
uses: aws-actions/configure-aws-credentials@v1
131+
with:
132+
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
133+
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
134+
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
135+
136+
- name: Login to Amazon ECR
137+
uses: aws-actions/amazon-ecr-login@v1
138+
- name: Pull Splunk Operator Image Locally
139+
run: |
140+
docker pull ${{ env.IMAGE_NAME }}
141+
- name: Verify Signed Splunk Operator image
142+
run: |
143+
cosign verify --key env://COSIGN_PUBLIC_KEY ${{ env.IMAGE_NAME }}
144+
env:
145+
COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }}
146+
- name: Run Trivy vulnerability scanner
147+
uses: aquasecurity/trivy-action@master
148+
with:
149+
image-ref: '${{ env.IMAGE_NAME }}'
150+
format: sarif
151+
#exit-code: 1
152+
severity: 'CRITICAL'
153+
ignore-unfixed: true
154+
output: 'trivy-results.sarif'
155+
- name: Upload Trivy scan results to GitHub Security tab
156+
uses: github/codeql-action/upload-sarif@v3
157+
with:
158+
sarif_file: 'trivy-results.sarif'
159+
smoke-tests-arm-al2023:
160+
needs: vulnerability-scan
161+
strategy:
162+
fail-fast: false
163+
matrix:
164+
test: [
165+
basic,
166+
appframeworksS1,
167+
managerappframeworkc3,
168+
managerappframeworkm4,
169+
managersecret,
170+
managermc,
171+
]
172+
runs-on: ubuntu-latest
173+
env:
174+
CLUSTER_NODES: 1
175+
CLUSTER_WORKERS: 3
176+
SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }}
177+
SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }}
178+
SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
179+
SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator
180+
TEST_FOCUS: "${{ matrix.test }}"
181+
# This regex matches any string not containing smoke keyword
182+
TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$"
183+
TEST_CLUSTER_PLATFORM: eks
184+
EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }}
185+
EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }}
186+
TEST_BUCKET: ${{ secrets.TEST_BUCKET }}
187+
TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }}
188+
ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }}
189+
PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }}
190+
S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
191+
ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }}
192+
EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }}
193+
CLUSTER_WIDE: "true"
194+
DEPLOYMENT_TYPE: ""
195+
ARM64: "true"
196+
steps:
197+
- name: Set Test Cluster Name
198+
run: |
199+
echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV
200+
- name: Chekcout code
201+
uses: actions/checkout@v2
202+
- name: Dotenv Action
203+
id: dotenv
204+
uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359
205+
- name: Change splunk enterprise to release image on main branches
206+
if: github.ref == 'refs/heads/main'
207+
run: |
208+
echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV
209+
- name: Install Kubectl
210+
uses: Azure/setup-kubectl@v3
211+
with:
212+
version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }}
213+
- name: Install Python
214+
uses: actions/setup-python@v2
215+
- name: Install AWS CLI
216+
run: |
217+
curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip"
218+
unzip awscliv2.zip
219+
sudo ./aws/install --update
220+
aws --version
221+
- name: Setup Go
222+
uses: actions/setup-go@v2
223+
with:
224+
go-version: ${{ steps.dotenv.outputs.GO_VERSION }}
225+
- name: Install Ginkgo
226+
run: |
227+
make setup/ginkgo
228+
- name: Install Helm
229+
run: |
230+
curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
231+
chmod 700 get_helm.sh
232+
./get_helm.sh
233+
DESIRED_VERSION=v3.8.2 bash get_helm.sh
234+
- name: Install EKS CTL
235+
run: |
236+
curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
237+
sudo mv /tmp/eksctl /usr/local/bin
238+
eksctl version
239+
- name: Set up Docker Buildx
240+
uses: docker/[email protected]
241+
- name: Install Operator SDK
242+
run: |
243+
sudo curl -L -o /usr/local/bin/operator-sdk https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}/operator-sdk-${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}-x86_64-linux-gnu
244+
sudo chmod +x /usr/local/bin/operator-sdk
245+
- name: Configure Docker Hub credentials
246+
uses: docker/login-action@v1
247+
with:
248+
username: ${{ secrets.DOCKERHUB_USERNAME }}
249+
password: ${{ secrets.DOCKERHUB_TOKEN}}
250+
- name: Set Splunk Operator image
251+
run: |
252+
echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV
253+
- name: Configure AWS credentials
254+
uses: aws-actions/configure-aws-credentials@v1
255+
with:
256+
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
257+
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
258+
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
259+
- name: Login to Amazon ECR
260+
id: login-ecr
261+
uses: aws-actions/amazon-ecr-login@v1
262+
- name: Pull Splunk Enterprise Image
263+
run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }}
264+
- name: Create EKS cluster
265+
run: |
266+
export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }}
267+
export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }}
268+
make cluster-up
269+
- name: install metric server
270+
run: |
271+
kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
272+
- name: install k8s dashboard
273+
run: |
274+
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml
275+
- name: Setup Kustomize
276+
run: |
277+
sudo snap install kustomize
278+
mkdir -p ./bin
279+
cp /snap/bin/kustomize ./bin/kustomize
280+
- name: Run smoke test
281+
id: smoketest
282+
run: |
283+
make int-test
284+
- name: Collect Test Logs
285+
if: ${{ always() }}
286+
run: |
287+
mkdir -p /tmp/pod_logs
288+
find ./test -name "*.log" -exec cp {} /tmp/pod_logs \;
289+
- name: Archive Pod Logs
290+
if: ${{ always() }}
291+
uses: actions/[email protected]
292+
with:
293+
name: "splunk-pods-logs--artifacts-${{ matrix.test }}"
294+
path: "/tmp/pod_logs/**"
295+
- name: Cleanup Test Case artifacts
296+
if: ${{ always() }}
297+
run: |
298+
make cleanup
299+
make clean
300+
- name: Cleanup up EKS cluster
301+
if: ${{ always() }}
302+
run: |
303+
make cluster-down

0 commit comments

Comments
 (0)