splunk · kasiakoziol · Oct 24, 2024 · Oct 24, 2024 · Oct 24, 2024 · Oct 24, 2024
diff --git a/.env b/.env
@@ -1,5 +1,5 @@
 OPERATOR_SDK_VERSION=v1.31.0
-REVIEWERS=vivekr-splunk,akondur
+REVIEWERS=vivekr-splunk,rlieberman-splunk,patrykw-splunk,Igor-splunk,kasiakoziol
 GO_VERSION=1.23.0
 AWSCLI_URL=https://awscli.amazonaws.com/awscli-exe-linux-x86_64-2.8.6.zip
 KUBECTL_VERSION=v1.29.1

diff --git a/.github/ISSUE_TEMPLATE/app-framework.yml b/.github/ISSUE_TEMPLATE/app-framework.yml
@@ -3,10 +3,6 @@ description: File any requests related to app framework under this template
 title: "App Framework: "
 labels:
   - app framework
-assignees:
-  - gaurav-splunk
-  - jryb
-  - sgontla
 
 body:
   - type: dropdown

diff --git a/.github/ISSUE_TEMPLATE/generic.yml b/.github/ISSUE_TEMPLATE/generic.yml
@@ -1,10 +1,6 @@
 name: Generic
 description: File generic requests under this template(use only if the issue does not match any of the other templates)
 title: "Splunk Operator: "
-assignees:
-  - jryb
-  - kumarajeet
-  - vivekr-splunk
 
 body:
   - type: dropdown

diff --git a/.github/ISSUE_TEMPLATE/ingress.yml b/.github/ISSUE_TEMPLATE/ingress.yml
@@ -3,10 +3,6 @@ description: File any requests related to ingestion under this template
 title: "Ingestion: "
 labels:
   - ingestion
-assignees:
-  - vebken-splunk
-  - mgaldino-splunk
-  - vivekr-splunk
 
 body:
   - type: dropdown

diff --git a/.github/ISSUE_TEMPLATE/monitoring-console.yml b/.github/ISSUE_TEMPLATE/monitoring-console.yml
@@ -3,8 +3,6 @@ description: File any requests related to monitoring console under this template
 title: "Monitoring Console: "
 labels:
   - monitoring console
-assignees:
-  - kashok-splunk
 
 body:
   - type: dropdown

diff --git a/.github/ISSUE_TEMPLATE/secret-management.yml b/.github/ISSUE_TEMPLATE/secret-management.yml
@@ -3,8 +3,6 @@ description: File any issues related to secret management under this template
 title: "Secret Management: "
 labels:
   - secrets
-assignees:
-  - akondur
 
 body:
   - type: dropdown

diff --git a/.github/ISSUE_TEMPLATE/smartstore.yml b/.github/ISSUE_TEMPLATE/smartstore.yml
@@ -3,10 +3,6 @@ description: File any issues related to smart store under this template
 title: "Smartstore: "
 labels:
   - smartstore
-assignees:
-  - gaurav-splunk
-  - sgontla
-  - vivekr-splunk
 
 body:
   - type: dropdown

diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
@@ -0,0 +1,23 @@
+### Description
+
+_What does this PR have in it?_
+
+### Key Changes
+
+_Highlight the updates in specific files_
+
+### Testing and Verification
+
+_How did you test these changes? What automated tests are added?_
+
+### Related Issues
+
+_Jira tickets, GitHub issues, Support tickets..._
+
+### PR Checklist
+
+- [ ] Code changes adhere to the project's coding standards.
+- [ ] Relevant unit and integration tests are included.
+- [ ] Documentation has been updated accordingly.
+- [ ] All tests pass locally.
+- [ ] The PR description follows the project's guidelines.
diff --git a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml
@@ -1,9 +1,6 @@
 name: Arm AL2023 Smoke Test WorkFlow
 on:
-  push:
-    branches:
-      - develop
-      - main
+  workflow_dispatch:  
 jobs:
   check-formating:
     runs-on: ubuntu-latest
@@ -104,60 +101,8 @@ jobs:
       env:
         COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
         COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
-  vulnerability-scan:
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-    runs-on: ubuntu-latest
-    needs: build-operator-image-arm-al2023
-    env:
-      SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }}
-      SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
-      ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }}
-      S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
-      IMAGE_NAME: ${{ secrets.ECR_REPOSITORY }}/splunk/splunk-operator:${{ github.sha }}
-    steps:
-    - name: Set up cosign
-      uses: sigstore/cosign-installer@main
-    - uses: actions/checkout@v2
-    - name: Dotenv Action
-      id: dotenv
-      uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359
-    - name: Set up Docker Buildx
-      uses: docker/[email protected]
-    - name: Configure AWS credentials
-      uses: aws-actions/configure-aws-credentials@v1
-      with:
-        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-        aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
-
-    - name: Login to Amazon ECR
-      uses: aws-actions/amazon-ecr-login@v1
-    - name: Pull Splunk Operator Image Locally
-      run: |
-        docker pull ${{ env.IMAGE_NAME }}
-    - name: Verify Signed Splunk Operator image 
-      run: |
-        cosign verify --key env://COSIGN_PUBLIC_KEY  ${{ env.IMAGE_NAME }}
-      env:
-        COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }}
-    - name: Run Trivy vulnerability scanner
-      uses: aquasecurity/trivy-action@master
-      with:
-        image-ref: '${{ env.IMAGE_NAME }}'
-        format: sarif
-        #exit-code: 1
-        severity: 'CRITICAL'
-        ignore-unfixed: true
-        output: 'trivy-results.sarif'
-    - name: Upload Trivy scan results to GitHub Security tab
-      uses: github/codeql-action/upload-sarif@v3
-      with:
-        sarif_file: 'trivy-results.sarif'
   smoke-tests-arm-al2023:
-    needs: vulnerability-scan
+    needs: build-operator-image-arm-al2023
     strategy:
       fail-fast: false
       matrix:

diff --git a/.github/workflows/arm-AL2023-int-test-workflow.yml b/.github/workflows/arm-AL2023-int-test-workflow.yml
@@ -1,9 +1,6 @@
 name: Arm AL2023 Integration Test WorkFlow
 on:
-  push:
-    branches:
-      - develop
-      - main
+  workflow_dispatch:
 jobs:
   build-operator-image-arm-al2023:
     runs-on: ubuntu-latest

diff --git a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml
@@ -1,9 +1,6 @@
 name: Arm Ubuntu Smoke Test WorkFlow
 on:
-  push:
-    branches:
-      - develop
-      - main
+  workflow_dispatch:
 jobs:
   check-formating:
     runs-on: ubuntu-latest
@@ -104,60 +101,8 @@ jobs:
       env:
         COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
         COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
-  vulnerability-scan:
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-    runs-on: ubuntu-latest
-    needs: build-operator-image-arm-ubuntu
-    env:
-      SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }}
-      SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
-      ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }}
-      S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
-      IMAGE_NAME: ${{ secrets.ECR_REPOSITORY }}/splunk/splunk-operator:${{ github.sha }}
-    steps:
-    - name: Set up cosign
-      uses: sigstore/cosign-installer@main
-    - uses: actions/checkout@v2
-    - name: Dotenv Action
-      id: dotenv
-      uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359
-    - name: Set up Docker Buildx
-      uses: docker/[email protected]
-    - name: Configure AWS credentials
-      uses: aws-actions/configure-aws-credentials@v1
-      with:
-        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-        aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
-
-    - name: Login to Amazon ECR
-      uses: aws-actions/amazon-ecr-login@v1
-    - name: Pull Splunk Operator Image Locally
-      run: |
-        docker pull ${{ env.IMAGE_NAME }}
-    - name: Verify Signed Splunk Operator image 
-      run: |
-        cosign verify --key env://COSIGN_PUBLIC_KEY  ${{ env.IMAGE_NAME }}
-      env:
-        COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }}
-    - name: Run Trivy vulnerability scanner
-      uses: aquasecurity/trivy-action@master
-      with:
-        image-ref: '${{ env.IMAGE_NAME }}'
-        format: sarif
-        #exit-code: 1
-        severity: 'CRITICAL'
-        ignore-unfixed: true
-        output: 'trivy-results.sarif'
-    - name: Upload Trivy scan results to GitHub Security tab
-      uses: github/codeql-action/upload-sarif@v3
-      with:
-        sarif_file: 'trivy-results.sarif'
   smoke-tests-arm-ubuntu:
-    needs: vulnerability-scan
+    needs: build-operator-image-arm-ubuntu
     strategy:
       fail-fast: false
       matrix:

diff --git a/.github/workflows/arm-Ubuntu-int-test-workflow.yml b/.github/workflows/arm-Ubuntu-int-test-workflow.yml
@@ -1,9 +1,6 @@
 name: Arm Ubuntu Integration Test WorkFlow Ubuntu
 on:
-  push:
-    branches:
-      - develop
-      - main
+  workflow_dispatch:
 jobs:
   build-operator-image-arm-ubuntu:
     runs-on: ubuntu-latest

diff --git a/.github/workflows/automated-release-workflow.yml b/.github/workflows/automated-release-workflow.yml
@@ -19,6 +19,8 @@ jobs:
       contents: write
       pull-requests: write
     if: github.ref == 'refs/heads/main'
+    env:
+      SPLUNK_OPERATOR_RC_IMAGE_NAME: splunk/splunk-operator-rc
     steps:
     - name: Set up cosign
       uses: sigstore/cosign-installer@main
@@ -34,6 +36,19 @@ jobs:
       id: dotenv
       uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359
 
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@v4
+      with:
+        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+        aws-region: us-east-1
+
+    - name: Login to Amazon ECR
+      id: login-ecr-public
+      uses: aws-actions/amazon-ecr-login@v2
+      with:
+        registry-type: public
+
     - name: Setup Go
       uses: actions/setup-go@v2
       with:
@@ -82,15 +97,17 @@ jobs:
 
     - name: Pull RC Splunk Operator Image
       run: |
-        docker pull splunk/splunk-operator-rc:${{ github.event.inputs.release_version }}-RC
+        docker pull ${{ secrets.PUBLIC_ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_RC_IMAGE_NAME }}:${{ github.event.inputs.release_version }}-RC
 
     - name: Promote RC Image to Release
       run: |
-        docker tag splunk/splunk-operator-rc:${{ github.event.inputs.release_version }}-RC splunk/splunk-operator:${{ github.event.inputs.operator_image_tag }}
+        docker tag ${{ secrets.PUBLIC_ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_RC_IMAGE_NAME }}:${{ github.event.inputs.release_version }}-RC splunk/splunk-operator:${{ github.event.inputs.operator_image_tag }}
+        docker tag splunk/splunk-operator:${{ github.event.inputs.operator_image_tag }} splunk/splunk-operator:latest
 
     - name: Push Release Image
       run: |
         docker push splunk/splunk-operator:${{ github.event.inputs.operator_image_tag }}
+        docker push splunk/splunk-operator:latest
 
     - name: Sign Splunk Operator image with a key
       run: |
@@ -107,11 +124,11 @@ jobs:
 
     - name: Pull Distroless RC Splunk Operator Image
       run: |
-        docker pull splunk/splunk-operator-rc:${{ github.event.inputs.release_version }}-distroless-RC
+        docker pull ${{ secrets.PUBLIC_ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_RC_IMAGE_NAME }}:${{ github.event.inputs.release_version }}-RC-distroless
 
     - name: Promote Distroless RC Image to Release
       run: |
-        docker tag splunk/splunk-operator-rc:${{ github.event.inputs.release_version }}-distroless-RC splunk/splunk-operator:${{ github.event.inputs.operator_image_tag }}-distroless
+        docker tag ${{ secrets.PUBLIC_ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_RC_IMAGE_NAME }}:${{ github.event.inputs.release_version }}-RC-distroless splunk/splunk-operator:${{ github.event.inputs.operator_image_tag }}-distroless
 
     - name: Push Distroless Release Image
       run: |

diff --git a/.github/workflows/build-test-push-workflow.yml b/.github/workflows/build-test-push-workflow.yml
@@ -1,5 +1,10 @@
 name: Build and Test
-on: push
+on:
+  pull_request: {}
+  push:
+    branches:
+    - main
+    - develop
 jobs:
   check-formating:
     runs-on: ubuntu-latest
@@ -303,36 +308,3 @@ jobs:
       #    name: Integration Tests          # Name of the check run which will be created
       #    path: inttest-*.xml         # Path to test results
       #    reporter: jest-junit        # Format of test results
-  push-latest:
-    needs: smoke-tests
-    if: github.ref == 'refs/heads/main'
-    runs-on: ubuntu-latest
-    env:
-      SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
-      TAG: latest
-    steps:
-    - name: Checkout Code
-      uses: actions/checkout@v2
-    - name: Dotenv Action
-      id: dotenv
-      uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359
-    - name: Set up Docker Buildx
-      uses: docker/[email protected]
-    - name: Configure Docker Hub credentials
-      uses: docker/login-action@v1
-      with:
-        username: ${{ secrets.DOCKERHUB_USERNAME }}
-        password: ${{ secrets.DOCKERHUB_PUSH_TOKEN}}
-    - name: Configure AWS credentials
-      uses: aws-actions/configure-aws-credentials@v1
-      with:
-        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-        aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
-    - name: Login to Amazon ECR
-      uses: aws-actions/amazon-ecr-login@v1
-    - name: Re-tag Splunk Operator Image
-      run: |
-        docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }}
-    - name: Push Splunk Operator Image to Docker Hub
-      run: docker push ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }}
-Original file line number
+Diff line change
@@ Expand Up @@
     title: "Secret Management: "
     labels:
       - secrets
-    assignees:
-      - akondur
     body:
       - type: dropdown
@@ Expand Down @@