diff --git a/.env b/.env index 7c166b57a..9a055545b 100644 --- a/.env +++ b/.env @@ -4,6 +4,8 @@ GO_VERSION=1.23.0 AWSCLI_URL=https://awscli.amazonaws.com/awscli-exe-linux-x86_64-2.8.6.zip KUBECTL_VERSION=v1.29.1 AZ_CLI_VERSION=2.30.0 -EKSCTL_VERSION=v0.143.0 -EKS_CLUSTER_K8_VERSION=1.27 -SPLUNK_ENTERPRISE_RELEASE_IMAGE=splunk/splunk:9.3.0 +EKSCTL_VERSION=v0.191.0 +EKS_CLUSTER_K8_VERSION=1.31 +EKS_INSTANCE_TYPE=m5.2xlarge +EKS_INSTANCE_TYPE_ARM64=c6g.4xlarge +SPLUNK_ENTERPRISE_RELEASE_IMAGE=splunk/splunk:9.3.2 diff --git a/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml new file mode 100644 index 000000000..6d1773619 --- /dev/null +++ b/.github/workflows/arm-AL2023-build-test-push-workflow-AL2023.yml @@ -0,0 +1,303 @@ +name: Arm AL2023 Smoke Test WorkFlow +on: + push: + branches: + - develop + - main +jobs: + check-formating: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Check Source formatting + run: make fmt && if [[ $? -ne 0 ]]; then false; fi + - name: Lint source code + run: make vet && if [[ $? -ne 0 ]]; then false; fi + unit-tests: + runs-on: ubuntu-latest + needs: check-formating + steps: + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install goveralls + run: | + go version + go install github.com/mattn/goveralls@latest + - name: Install Ginkgo + run: | + make setup/ginkgo + go mod tidy + - name: Run Unit Tests + run: make test + - name: Run Code Coverage + run: goveralls -coverprofile=coverage.out -service=circle-ci -repotoken ${{ secrets.COVERALLS_TOKEN }} + - name: Upload Coverage artifacts + uses: actions/upload-artifact@v4.4.0 + with: + name: coverage.out + path: coverage.out + build-operator-image-arm-al2023: + runs-on: ubuntu-latest + needs: unit-tests + env: + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + steps: + - name: Set up cosign + uses: sigstore/cosign-installer@main + + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install Ginkgo + run: | + make setup/ginkgo + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Install Operator SDK + run: | + export ARCH=$(case $(uname -m) in x86_64) echo -n amd64 ;; aarch64) echo -n arm64 ;; *) echo -n $(uname -m) ;; esac) + export OS=$(uname | awk '{print tolower($0)}') + export OPERATOR_SDK_DL_URL=https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }} + sudo curl -LO ${OPERATOR_SDK_DL_URL}/operator-sdk_${OS}_${ARCH} + sudo chmod +x operator-sdk_${OS}_${ARCH} + sudo mv operator-sdk_${OS}_${ARCH} /usr/local/bin/operator-sdk + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Build and push Splunk Operator Image + run: | + export PLATFORMS=linux/arm64,linux/amd64 + export BASE_IMAGE=public.ecr.aws/amazonlinux/amazonlinux + export BASE_IMAGE_VERSION=2023 + export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG + - name: Sign Splunk Operator image with a key + run: | + cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} + env: + COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} + COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} + vulnerability-scan: + permissions: + actions: read + contents: read + security-events: write + runs-on: ubuntu-latest + needs: build-operator-image-arm-al2023 + env: + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + IMAGE_NAME: ${{ secrets.ECR_REPOSITORY }}/splunk/splunk-operator:${{ github.sha }} + steps: + - name: Set up cosign + uses: sigstore/cosign-installer@main + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + + - name: Login to Amazon ECR + uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Operator Image Locally + run: | + docker pull ${{ env.IMAGE_NAME }} + - name: Verify Signed Splunk Operator image + run: | + cosign verify --key env://COSIGN_PUBLIC_KEY ${{ env.IMAGE_NAME }} + env: + COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }} + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + image-ref: '${{ env.IMAGE_NAME }}' + format: sarif + #exit-code: 1 + severity: 'CRITICAL' + ignore-unfixed: true + output: 'trivy-results.sarif' + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: 'trivy-results.sarif' + smoke-tests-arm-al2023: + needs: vulnerability-scan + strategy: + fail-fast: false + matrix: + test: [ + basic, + appframeworksS1, + managerappframeworkc3, + managerappframeworkm4, + managersecret, + managermc, + ] + runs-on: ubuntu-latest + env: + CLUSTER_NODES: 1 + CLUSTER_WORKERS: 3 + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + TEST_FOCUS: "${{ matrix.test }}" + # This regex matches any string not containing smoke keyword + TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" + TEST_CLUSTER_PLATFORM: eks + EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} + EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} + TEST_BUCKET: ${{ secrets.TEST_BUCKET }} + TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} + EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} + CLUSTER_WIDE: "true" + DEPLOYMENT_TYPE: "" + ARM64: "true" + steps: + - name: Set Test Cluster Name + run: | + echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV + - name: Chekcout code + uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Change splunk enterprise to release image on main branches + if: github.ref == 'refs/heads/main' + run: | + echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV + - name: Install Kubectl + uses: Azure/setup-kubectl@v3 + with: + version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} + - name: Install Python + uses: actions/setup-python@v2 + - name: Install AWS CLI + run: | + curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" + unzip awscliv2.zip + sudo ./aws/install --update + aws --version + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install Ginkgo + run: | + make setup/ginkgo + - name: Install Helm + run: | + curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 + chmod 700 get_helm.sh + ./get_helm.sh + DESIRED_VERSION=v3.8.2 bash get_helm.sh + - name: Install EKS CTL + run: | + curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp + sudo mv /tmp/eksctl /usr/local/bin + eksctl version + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Install Operator SDK + run: | + sudo curl -L -o /usr/local/bin/operator-sdk https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}/operator-sdk-${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}-x86_64-linux-gnu + sudo chmod +x /usr/local/bin/operator-sdk + - name: Configure Docker Hub credentials + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Set Splunk Operator image + run: | + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Enterprise Image + run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} + - name: Create EKS cluster + run: | + export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }} + make cluster-up + - name: install metric server + run: | + kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml + - name: install k8s dashboard + run: | + kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml + - name: Setup Kustomize + run: | + sudo snap install kustomize + mkdir -p ./bin + cp /snap/bin/kustomize ./bin/kustomize + - name: Run smoke test + id: smoketest + run: | + make int-test + - name: Collect Test Logs + if: ${{ always() }} + run: | + mkdir -p /tmp/pod_logs + find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; + - name: Archive Pod Logs + if: ${{ always() }} + uses: actions/upload-artifact@v4.4.0 + with: + name: "splunk-pods-logs--artifacts-${{ matrix.test }}" + path: "/tmp/pod_logs/**" + - name: Cleanup Test Case artifacts + if: ${{ always() }} + run: | + make cleanup + make clean + - name: Cleanup up EKS cluster + if: ${{ always() }} + run: | + make cluster-down \ No newline at end of file diff --git a/.github/workflows/arm-AL2023-int-test-workflow.yml b/.github/workflows/arm-AL2023-int-test-workflow.yml new file mode 100644 index 000000000..b09004e12 --- /dev/null +++ b/.github/workflows/arm-AL2023-int-test-workflow.yml @@ -0,0 +1,207 @@ +name: Arm AL2023 Integration Test WorkFlow +on: + push: + branches: + - develop + - main +jobs: + build-operator-image-arm-al2023: + runs-on: ubuntu-latest + timeout-minutes: 360 + env: + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + steps: + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Install Operator SDK + run: | + export ARCH=$(case $(uname -m) in x86_64) echo -n amd64 ;; aarch64) echo -n arm64 ;; *) echo -n $(uname -m) ;; esac) + export OS=$(uname | awk '{print tolower($0)}') + export OPERATOR_SDK_DL_URL=https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }} + sudo curl -LO ${OPERATOR_SDK_DL_URL}/operator-sdk_${OS}_${ARCH} + sudo chmod +x operator-sdk_${OS}_${ARCH} + sudo mv operator-sdk_${OS}_${ARCH} /usr/local/bin/operator-sdk + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Build and push Splunk Operator Image + run: | + export PLATFORMS=linux/arm64,linux/amd64 + export BASE_IMAGE=public.ecr.aws/amazonlinux/amazonlinux + export BASE_IMAGE_VERSION=2023 + export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG + int-tests-arm-al2023: + strategy: + fail-fast: false + matrix: + test: + [ + appframeworksS1, + managerappframeworkc3, + managerappframeworkm4, + managersecret, + managersmartstore, + managermc1, + managermc2, + managercrcrud, + licensemanager, + managerdeletecr, + ] + runs-on: ubuntu-latest + needs: build-operator-image-arm-al2023 + env: + CLUSTER_NODES: 1 + CLUSTER_WORKERS: 3 + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + TEST_FOCUS: "${{ matrix.test }}" + # This regex matches any string not containing integration keyword + TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" + TEST_CLUSTER_PLATFORM: eks + EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} + EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} + TEST_BUCKET: ${{ secrets.TEST_BUCKET }} + TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} + CLUSTER_WIDE: "true" + DEPLOYMENT_TYPE: "" + ARM64: "true" + steps: + - name: Set Test Cluster Name + run: | + echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV + - name: Set Test Cluster Nodes and Parallel Runs + run: >- + if grep -q "appframework" <<< "${{ matrix.test }}"; then + echo "CLUSTER_WORKERS=5" >> $GITHUB_ENV + echo "CLUSTER_NODES=2" >> $GITHUB_ENV + fi + - name: Checkcout code + uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Change splunk enterprise to release image on main branches + if: github.ref == 'refs/heads/main' + run: | + echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV + - name: Install Kubectl + uses: Azure/setup-kubectl@v3 + with: + version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} + - name: Install Python + uses: actions/setup-python@v2 + - name: Install AWS CLI + run: | + curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" + unzip awscliv2.zip + sudo ./aws/install --update + aws --version + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install Ginkgo + run: | + make setup/ginkgo + - name: Install Helm + run: | + curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 + chmod 700 get_helm.sh + ./get_helm.sh + DESIRED_VERSION=v3.8.2 bash get_helm.sh + - name: Install EKS CTL + run: | + curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp + sudo mv /tmp/eksctl /usr/local/bin + eksctl version + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Configure Docker Hub credentials + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Set Splunk Operator image + run: | + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Enterprise Image + run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} + - name: Create EKS cluster + run: | + export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }} + make cluster-up + - name: install metric server + run: | + kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml + - name: install k8s dashboard + run: | + kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml + - name: Setup Kustomize + run: | + sudo snap install kustomize + mkdir -p ./bin + cp /snap/bin/kustomize ./bin/kustomize + - name: Run Integration test + run: | + make int-test + - name: Collect Test Logs + if: ${{ always() }} + run: | + mkdir -p /tmp/pod_logs + find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; + - name: Archive Pod Logs + if: ${{ always() }} + uses: actions/upload-artifact@v4.4.0 + with: + name: "splunk-pods-logs--artifacts-${{ matrix.test }}" + path: "/tmp/pod_logs/**" + - name: Cleanup Test Case artifacts + if: ${{ always() }} + run: | + make cleanup + make clean + - name: Cleanup up EKS cluster + if: ${{ always() }} + run: | + make cluster-down + #- name: Test Report + # uses: dorny/test-reporter@v1 + # if: success() || failure() # run this step even if previous step failed + # with: + # name: Integration Tests # Name of the check run which will be created + # path: inttest-*.xml # Path to test results + # reporter: jest-junit # Format of test results \ No newline at end of file diff --git a/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml new file mode 100644 index 000000000..80223e432 --- /dev/null +++ b/.github/workflows/arm-Ubuntu-build-test-push-workflow.yml @@ -0,0 +1,303 @@ +name: Arm Ubuntu Smoke Test WorkFlow +on: + push: + branches: + - develop + - main +jobs: + check-formating: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Check Source formatting + run: make fmt && if [[ $? -ne 0 ]]; then false; fi + - name: Lint source code + run: make vet && if [[ $? -ne 0 ]]; then false; fi + unit-tests: + runs-on: ubuntu-latest + needs: check-formating + steps: + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install goveralls + run: | + go version + go install github.com/mattn/goveralls@latest + - name: Install Ginkgo + run: | + make setup/ginkgo + go mod tidy + - name: Run Unit Tests + run: make test + - name: Run Code Coverage + run: goveralls -coverprofile=coverage.out -service=circle-ci -repotoken ${{ secrets.COVERALLS_TOKEN }} + - name: Upload Coverage artifacts + uses: actions/upload-artifact@v4.4.0 + with: + name: coverage.out + path: coverage.out + build-operator-image-arm-ubuntu: + runs-on: ubuntu-latest + needs: unit-tests + env: + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + steps: + - name: Set up cosign + uses: sigstore/cosign-installer@main + + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install Ginkgo + run: | + make setup/ginkgo + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Install Operator SDK + run: | + export ARCH=$(case $(uname -m) in x86_64) echo -n amd64 ;; aarch64) echo -n arm64 ;; *) echo -n $(uname -m) ;; esac) + export OS=$(uname | awk '{print tolower($0)}') + export OPERATOR_SDK_DL_URL=https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }} + sudo curl -LO ${OPERATOR_SDK_DL_URL}/operator-sdk_${OS}_${ARCH} + sudo chmod +x operator-sdk_${OS}_${ARCH} + sudo mv operator-sdk_${OS}_${ARCH} /usr/local/bin/operator-sdk + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Build and push Splunk Operator Image + run: | + export PLATFORMS=linux/arm64,linux/amd64 + export BASE_IMAGE=ubuntu + export BASE_IMAGE_VERSION=24.10 + export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG + - name: Sign Splunk Operator image with a key + run: | + cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} + env: + COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} + COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} + vulnerability-scan: + permissions: + actions: read + contents: read + security-events: write + runs-on: ubuntu-latest + needs: build-operator-image-arm-ubuntu + env: + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + IMAGE_NAME: ${{ secrets.ECR_REPOSITORY }}/splunk/splunk-operator:${{ github.sha }} + steps: + - name: Set up cosign + uses: sigstore/cosign-installer@main + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + + - name: Login to Amazon ECR + uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Operator Image Locally + run: | + docker pull ${{ env.IMAGE_NAME }} + - name: Verify Signed Splunk Operator image + run: | + cosign verify --key env://COSIGN_PUBLIC_KEY ${{ env.IMAGE_NAME }} + env: + COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }} + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + image-ref: '${{ env.IMAGE_NAME }}' + format: sarif + #exit-code: 1 + severity: 'CRITICAL' + ignore-unfixed: true + output: 'trivy-results.sarif' + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: 'trivy-results.sarif' + smoke-tests-arm-ubuntu: + needs: vulnerability-scan + strategy: + fail-fast: false + matrix: + test: [ + basic, + appframeworksS1, + managerappframeworkc3, + managerappframeworkm4, + managersecret, + managermc, + ] + runs-on: ubuntu-latest + env: + CLUSTER_NODES: 1 + CLUSTER_WORKERS: 3 + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + TEST_FOCUS: "${{ matrix.test }}" + # This regex matches any string not containing smoke keyword + TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" + TEST_CLUSTER_PLATFORM: eks + EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} + EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} + TEST_BUCKET: ${{ secrets.TEST_BUCKET }} + TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} + EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }} + CLUSTER_WIDE: "true" + DEPLOYMENT_TYPE: "" + ARM64: "true" + steps: + - name: Set Test Cluster Name + run: | + echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV + - name: Chekcout code + uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Change splunk enterprise to release image on main branches + if: github.ref == 'refs/heads/main' + run: | + echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV + - name: Install Kubectl + uses: Azure/setup-kubectl@v3 + with: + version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} + - name: Install Python + uses: actions/setup-python@v2 + - name: Install AWS CLI + run: | + curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" + unzip awscliv2.zip + sudo ./aws/install --update + aws --version + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install Ginkgo + run: | + make setup/ginkgo + - name: Install Helm + run: | + curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 + chmod 700 get_helm.sh + ./get_helm.sh + DESIRED_VERSION=v3.8.2 bash get_helm.sh + - name: Install EKS CTL + run: | + curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp + sudo mv /tmp/eksctl /usr/local/bin + eksctl version + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Install Operator SDK + run: | + sudo curl -L -o /usr/local/bin/operator-sdk https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}/operator-sdk-${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}-x86_64-linux-gnu + sudo chmod +x /usr/local/bin/operator-sdk + - name: Configure Docker Hub credentials + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Set Splunk Operator image + run: | + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Enterprise Image + run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} + - name: Create EKS cluster + run: | + export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }} + make cluster-up + - name: install metric server + run: | + kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml + - name: install k8s dashboard + run: | + kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml + - name: Setup Kustomize + run: | + sudo snap install kustomize + mkdir -p ./bin + cp /snap/bin/kustomize ./bin/kustomize + - name: Run smoke test + id: smoketest + run: | + make int-test + - name: Collect Test Logs + if: ${{ always() }} + run: | + mkdir -p /tmp/pod_logs + find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; + - name: Archive Pod Logs + if: ${{ always() }} + uses: actions/upload-artifact@v4.4.0 + with: + name: "splunk-pods-logs--artifacts-${{ matrix.test }}" + path: "/tmp/pod_logs/**" + - name: Cleanup Test Case artifacts + if: ${{ always() }} + run: | + make cleanup + make clean + - name: Cleanup up EKS cluster + if: ${{ always() }} + run: | + make cluster-down \ No newline at end of file diff --git a/.github/workflows/arm-Ubuntu-int-test-workflow.yml b/.github/workflows/arm-Ubuntu-int-test-workflow.yml new file mode 100644 index 000000000..12bf282ce --- /dev/null +++ b/.github/workflows/arm-Ubuntu-int-test-workflow.yml @@ -0,0 +1,207 @@ +name: Arm Ubuntu Integration Test WorkFlow Ubuntu +on: + push: + branches: + - develop + - main +jobs: + build-operator-image-arm-ubuntu: + runs-on: ubuntu-latest + timeout-minutes: 360 + env: + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + steps: + - uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Install Operator SDK + run: | + export ARCH=$(case $(uname -m) in x86_64) echo -n amd64 ;; aarch64) echo -n arm64 ;; *) echo -n $(uname -m) ;; esac) + export OS=$(uname | awk '{print tolower($0)}') + export OPERATOR_SDK_DL_URL=https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }} + sudo curl -LO ${OPERATOR_SDK_DL_URL}/operator-sdk_${OS}_${ARCH} + sudo chmod +x operator-sdk_${OS}_${ARCH} + sudo mv operator-sdk_${OS}_${ARCH} /usr/local/bin/operator-sdk + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Build and push Splunk Operator Image + run: | + export PLATFORMS=linux/arm64,linux/amd64 + export BASE_IMAGE=ubuntu + export BASE_IMAGE_VERSION=24.10 + export IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx PLATFORMS=$PLATFORMS BASE_IMAGE=$BASE_IMAGE BASE_IMAGE_VERSION=$BASE_IMAGE_VERSION IMG=$IMG + int-tests-arm-ubuntu: + strategy: + fail-fast: false + matrix: + test: + [ + appframeworksS1, + managerappframeworkc3, + managerappframeworkm4, + managersecret, + managersmartstore, + managermc1, + managermc2, + managercrcrud, + licensemanager, + managerdeletecr, + ] + runs-on: ubuntu-latest + needs: build-operator-image-arm-ubuntu + env: + CLUSTER_NODES: 1 + CLUSTER_WORKERS: 3 + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE_ARM64 }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + TEST_FOCUS: "${{ matrix.test }}" + # This regex matches any string not containing integration keyword + TEST_TO_SKIP: "^(?:[^i]+|i(?:$|[^n]|n(?:$|[^t]|t(?:$|[^e]|e(?:$|[^g]|g(?:$|[^r]|r(?:$|[^a]|a(?:$|[^t]|t(?:$|[^i]|i(?:$|[^o]|o(?:$|[^n])))))))))))*$" + TEST_CLUSTER_PLATFORM: eks + EKS_VPC_PRIVATE_SUBNET_STRING: ${{ secrets.EKS_VPC_PRIVATE_SUBNET_STRING }} + EKS_VPC_PUBLIC_SUBNET_STRING: ${{ secrets.EKS_VPC_PUBLIC_SUBNET_STRING }} + TEST_BUCKET: ${{ secrets.TEST_BUCKET }} + TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }} + S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }} + CLUSTER_WIDE: "true" + DEPLOYMENT_TYPE: "" + ARM64: "true" + steps: + - name: Set Test Cluster Name + run: | + echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV + - name: Set Test Cluster Nodes and Parallel Runs + run: >- + if grep -q "appframework" <<< "${{ matrix.test }}"; then + echo "CLUSTER_WORKERS=5" >> $GITHUB_ENV + echo "CLUSTER_NODES=2" >> $GITHUB_ENV + fi + - name: Checkcout code + uses: actions/checkout@v2 + - name: Dotenv Action + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + - name: Change splunk enterprise to release image on main branches + if: github.ref == 'refs/heads/main' + run: | + echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV + - name: Install Kubectl + uses: Azure/setup-kubectl@v3 + with: + version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} + - name: Install Python + uses: actions/setup-python@v2 + - name: Install AWS CLI + run: | + curl "${{ steps.dotenv.outputs.AWSCLI_URL}}" -o "awscliv2.zip" + unzip awscliv2.zip + sudo ./aws/install --update + aws --version + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + - name: Install Ginkgo + run: | + make setup/ginkgo + - name: Install Helm + run: | + curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 + chmod 700 get_helm.sh + ./get_helm.sh + DESIRED_VERSION=v3.8.2 bash get_helm.sh + - name: Install EKS CTL + run: | + curl --silent --insecure --location "https://github.com/weaveworks/eksctl/releases/download/${{ steps.dotenv.outputs.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp + sudo mv /tmp/eksctl /usr/local/bin + eksctl version + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + - name: Configure Docker Hub credentials + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Set Splunk Operator image + run: | + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Pull Splunk Enterprise Image + run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} + - name: Create EKS cluster + run: | + export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + export EKS_INSTANCE_TYPE=${{ steps.dotenv.outputs.EKS_INSTANCE_TYPE_ARM64 }} + make cluster-up + - name: install metric server + run: | + kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml + - name: install k8s dashboard + run: | + kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml + - name: Setup Kustomize + run: | + sudo snap install kustomize + mkdir -p ./bin + cp /snap/bin/kustomize ./bin/kustomize + - name: Run Integration test + run: | + make int-test + - name: Collect Test Logs + if: ${{ always() }} + run: | + mkdir -p /tmp/pod_logs + find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; + - name: Archive Pod Logs + if: ${{ always() }} + uses: actions/upload-artifact@v4.4.0 + with: + name: "splunk-pods-logs--artifacts-${{ matrix.test }}" + path: "/tmp/pod_logs/**" + - name: Cleanup Test Case artifacts + if: ${{ always() }} + run: | + make cleanup + make clean + - name: Cleanup up EKS cluster + if: ${{ always() }} + run: | + make cluster-down + #- name: Test Report + # uses: dorny/test-reporter@v1 + # if: success() || failure() # run this step even if previous step failed + # with: + # name: Integration Tests # Name of the check run which will be created + # path: inttest-*.xml # Path to test results + # reporter: jest-junit # Format of test results \ No newline at end of file diff --git a/.github/workflows/build-test-push-workflow.yml b/.github/workflows/build-test-push-workflow.yml index 77338e9a3..a1244edf5 100644 --- a/.github/workflows/build-test-push-workflow.yml +++ b/.github/workflows/build-test-push-workflow.yml @@ -87,19 +87,9 @@ jobs: - name: Login to Amazon ECR id: login-ecr uses: aws-actions/amazon-ecr-login@v1 - #- name: Login to Redhat registry - # uses: docker/login-action@v3 - # with: - # registry: registry.redhat.io - # username: ${{ secrets.REDHAT_REGISTRY_ID }} - # password: ${{ secrets.REDHAT_REGISTRY_PASSWORD }} - - name: Make Splunk Operator Image + - name: Build and push Splunk Operator Image run: | - make docker-build IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - - name: Push Splunk Operator Image to ECR - run: | - echo "Uploading Image to ECR:: ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" - make docker-push IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} + make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Sign Splunk Operator image with a key run: | cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ github.sha }} @@ -165,7 +155,7 @@ jobs: matrix: test: [ basic, - appframeworks1, + appframeworksS1, managerappframeworkc3, managerappframeworkm4, managersecret, @@ -248,6 +238,9 @@ jobs: with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Set Splunk Operator image + run: | + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV - name: Pull Splunk Enterprise Image run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Configure AWS credentials @@ -263,12 +256,6 @@ jobs: run: | docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - - name: Pull Splunk Operator Image Locally - run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - - name: Change Operator Image Tag to latest - run: | - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:latest - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} @@ -343,10 +330,7 @@ jobs: aws-region: ${{ secrets.AWS_DEFAULT_REGION }} - name: Login to Amazon ECR uses: aws-actions/amazon-ecr-login@v1 - - name: Pull Splunk Operator Image Locally - run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - - name: Change Operator Image Tag to latest + - name: Re-tag Splunk Operator Image run: | docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }} - name: Push Splunk Operator Image to Docker Hub diff --git a/.github/workflows/int-test-azure-workflow.yml b/.github/workflows/int-test-azure-workflow.yml index 97b2e7da7..577a71d07 100644 --- a/.github/workflows/int-test-azure-workflow.yml +++ b/.github/workflows/int-test-azure-workflow.yml @@ -38,11 +38,7 @@ jobs: password: ${{ secrets.AZURE_ACR_DOCKER_PASSWORD }} - name: Make Splunk Operator Image run: | - make docker-build IMG=${{ secrets.AZURE_ACR_LOGIN_SERVER }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - - name: Push Splunk Operator Image to the Container Registry - run: | - echo "Uploading Image to the Container Registry :: ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" - make docker-push IMG=${{ secrets.AZURE_ACR_LOGIN_SERVER }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ secrets.AZURE_ACR_LOGIN_SERVER }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA setup-aks-cluster: runs-on: ubuntu-latest needs: build-operator-image diff --git a/.github/workflows/int-test-gcp-workflow.yml b/.github/workflows/int-test-gcp-workflow.yml new file mode 100644 index 000000000..21e0e1448 --- /dev/null +++ b/.github/workflows/int-test-gcp-workflow.yml @@ -0,0 +1,277 @@ +name: Integration Test on GCP Workflow + +on: + push: + branches: + - develop + - main + +jobs: + build-operator-image: + runs-on: ubuntu-latest + env: + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + ARTIFACT_REGISTRY: ${{ secrets.GCP_ARTIFACT_REGISTRY }} # Updated for Artifact Registry + steps: + - name: Checkout Code + uses: actions/checkout@v2 + + - name: Load Environment Variables + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + with: + path: .env # Adjust the path if your dotenv file is located elsewhere + + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + + - name: Install Operator SDK + run: | + ARCH=$(case $(uname -m) in + x86_64) echo -n amd64 ;; + aarch64) echo -n arm64 ;; + *) echo -n $(uname -m) ;; + esac) + OS=$(uname | awk '{print tolower($0)}') + OPERATOR_SDK_DL_URL=https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }} + curl -LO ${OPERATOR_SDK_DL_URL}/operator-sdk_${OS}_${ARCH} + chmod +x operator-sdk_${OS}_${ARCH} + sudo mv operator-sdk_${OS}_${ARCH} /usr/local/bin/operator-sdk + + - name: Authenticate to GCP + uses: google-github-actions/auth@v1 + with: + credentials_json: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }} + + - name: Login to GCR + uses: docker/login-action@v3 + with: + registry: ${{ secrets.GCP_ARTIFACT_REGISTRY }} + username: _json_key + password: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }} + + - name: Build Splunk Operator Image + run: | + make docker-buildx IMG=${{ secrets.GCP_ARTIFACT_REGISTRY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + + create-cluster-and-run-tests: + strategy: + matrix: + test_focus: + - { order: 1, name: "c3_gcp_sanity" } + - { order: 2, name: "c3_mgr_gcp_sanity" } + - { order: 3, name: "m4_gcp_sanity" } + - { order: 4, name: "m4_mgr_gcp_sanity" } + - { order: 5, name: "s1_gcp_sanity" } + runs-on: ubuntu-latest + needs: build-operator-image + env: + CLUSTER_WORKERS: 5 + TEST_CLUSTER_PLATFORM: gcp + CLUSTER_PROVIDER: gcp + ARTIFACT_REGISTRY: ${{ secrets.GCP_ARTIFACT_REGISTRY }} + GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }} + GCP_REGION: ${{ secrets.GCP_REGION }} + AWS_S3_REGION: ${{ secrets.GCP_REGION }} + GCP_ZONE: ${{ secrets.GCP_ZONE }} + GCP_NETWORK: default # Adjust if using a custom network + GCP_SUBNETWORK: default # Adjust if using a custom subnetwork + TEST_FOCUS: ${{ matrix.test_focus.name }} + CLUSTER_NODES: 2 + SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }} + SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_RELEASE_IMAGE }} + SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator + SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator + TEST_TO_SKIP: "^(?:[^s]+|s(?:$|[^m]|m(?:$|[^o]|o(?:$|[^k]|k(?:$|[^e])))))*$" + TEST_BUCKET: ${{ secrets.TEST_BUCKET }} + TEST_S3_BUCKET: ${{ secrets.TEST_BUCKET }} + TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} + INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }} + GCP_ENTERPRISE_LICENSE_LOCATION: "test_licenses" + ENTERPRISE_LICENSE_LOCATION: "test_licenses" + ENTERPRISE_LICENSE_S3_PATH: "test_licenses" + REGISTRY_REPOSITORY: ${{ secrets.GCP_ARTIFACT_REGISTRY }} + CLUSTER_WIDE: "true" + GCP_SERVICE_ACCOUNT_ENABLED: "false" + PRIVATE_REGISTRY: ${{ secrets.GCP_ARTIFACT_REGISTRY }} + GCP_STORAGE_ACCOUNT: ${{ secrets.GCP_STORAGE_ACCOUNT }} + GCP_STORAGE_ACCOUNT_KEY: ${{ secrets.GCP_STORAGE_ACCOUNT_KEY }} + GCP_TEST_CONTAINER: ${{ secrets.GCP_TEST_CONTAINER}} + GCP_INDEXES_CONTAINER: ${{ secrets.GCP_INDEXES_CONTAINER}} + ECR_REPOSITORY: ${{ secrets.GCP_ARTIFACT_REGISTRY }} + GCP_CONTAINER_REGISTRY_LOGIN_SERVER: ${{ secrets.AZURE_ACR_LOGIN_SERVER }} + steps: + - name: Set Test Cluster Name + run: | + echo "CLUSTER_NAME=gke-${{ matrix.test_focus.order }}-$GITHUB_RUN_ID" >> $GITHUB_ENV + echo "TEST_CLUSTER_NAME=gke-${{ matrix.test_focus.order }}-$GITHUB_RUN_ID" >> $GITHUB_ENV + - name: Checkout Code + uses: actions/checkout@v2 + + - name: Load Environment Variables + id: dotenv + uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359 + with: + path: .env + + - name: Authenticate to GCP + uses: google-github-actions/auth@v1 + with: + credentials_json: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }} + + - name: Set up Cloud SDK + uses: google-github-actions/setup-gcloud@v1 + with: + project_id: ${{ secrets.GCP_PROJECT_ID }} + install_components: 'kubectl' + + - name: Set GCP Project + run: | + gcloud config set project ${{ env.GCP_PROJECT_ID }} + + - name: Create GKE Cluster + run: | + export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + export GKE_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + make cluster-up + + - name: Get Kubernetes Credentials + run: | + gcloud container clusters get-credentials ${{ env.CLUSTER_NAME }} --zone ${{ env.GCP_ZONE }} --project ${{ env.GCP_PROJECT_ID }} + + - name: Allow Pulling from Artifact Registry + run: | + gcloud auth configure-docker ${{ secrets.GCP_ARTIFACT_REGISTRY }} + + - name: Set up Cloud SDK + uses: google-github-actions/setup-gcloud@v1 + with: + project_id: ${{ secrets.GCP_PROJECT_ID }} + install_components: 'kubectl' + + - name: Change Splunk Enterprise Image on Main Branches + if: github.ref == 'refs/heads/main' + run: | + echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV + + - name: Authenticate to GCP + uses: google-github-actions/auth@v1 + with: + credentials_json: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }} + + - name: Set GCP Project + run: | + gcloud config set project ${{ env.GCP_PROJECT_ID }} + + - name: Install Kubectl + uses: azure/setup-kubectl@v3 + with: + version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }} + + - name: Install Python + uses: actions/setup-python@v2 + with: + python-version: '3.x' # Specify the Python version if needed + + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: ${{ steps.dotenv.outputs.GO_VERSION }} + + - name: Install Go Lint + run: | + go version + go install golang.org/x/lint/golint@latest + + - name: Install Ginkgo + run: | + make setup/ginkgo + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2.5.0 + + - name: Login to GCR + uses: docker/login-action@v3 + with: + registry: ${{ secrets.GCP_ARTIFACT_REGISTRY }} + username: _json_key + password: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }} + + - name: Pull Splunk Enterprise Image + run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} + + - name: Pull Splunk Operator Image Locally + run: | + docker pull ${{ secrets.GCP_ARTIFACT_REGISTRY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + docker tag ${{ secrets.GCP_ARTIFACT_REGISTRY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV + + - name: Tag and Push Splunk Enterprise Image to Artifact Registry + run: | + docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.GCP_ARTIFACT_REGISTRY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + docker push ${{ secrets.GCP_ARTIFACT_REGISTRY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} + + - name: Get Kubernetes Credentials + run: | + gcloud container clusters get-credentials ${{ env.CLUSTER_NAME }} --zone ${{ env.GCP_ZONE }} --project ${{ env.GCP_PROJECT_ID }} + + - name: Get GKE Credentials + uses: google-github-actions/get-gke-credentials@v1 + with: + cluster_name: ${{ env.CLUSTER_NAME }} + location: ${{ env.GCP_ZONE }} + + - name: Install Metrics Server + run: | + kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml + + - name: Install Kubernetes Dashboard + run: | + kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml + + - name: Setup Kustomize + run: | + curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash + sudo mv kustomize /usr/local/bin/ + + - name: Verify kubectl Configuration + run: | + kubectl config current-context + + - name: Apply StorageClass + run: | + kubectl apply -f test/gcp-storageclass.yaml + + - name: Run Integration Tests + run: | + export GCP_SERVICE_ACCOUNT_KEY=${{ secrets.GCP_SERVICE_ACCOUNT_KEY_BASE64 }} + make int-test + + - name: Collect Test Logs + if: ${{ always() }} + run: | + mkdir -p /tmp/pod_logs + find ./test -name "*.log" -exec cp {} /tmp/pod_logs \; + + - name: Archive Pod Logs + if: ${{ always() }} + uses: actions/upload-artifact@v4 + with: + name: splunk-pods-logs-artifacts-${{ matrix.test_focus.name }} + path: /tmp/pod_logs/** + - name: Cleanup Test Case Artifacts + if: ${{ always() }} + run: | + export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + export GKE_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} + tools/cleanup.sh + - name: Cleanup up EKS cluster + if: ${{ always() }} + run: | + make cluster-down diff --git a/.github/workflows/int-test-workflow.yml b/.github/workflows/int-test-workflow.yml index 9df3ee5be..e1079b464 100644 --- a/.github/workflows/int-test-workflow.yml +++ b/.github/workflows/int-test-workflow.yml @@ -42,25 +42,22 @@ jobs: - name: Login to Amazon ECR id: login-ecr uses: aws-actions/amazon-ecr-login@v1 - - name: Make Splunk Operator Image + - name: Build and push Splunk Operator Image run: | - make docker-build IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - - name: Push Splunk Operator Image to ECR - run: | - echo "Uploading Image to ECR:: ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" - make docker-push IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA + make docker-buildx IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA int-tests: strategy: fail-fast: false matrix: test: [ - appframeworks1, + appframeworksS1, managerappframeworkc3, managerappframeworkm4, managersecret, managersmartstore, - managermc, + managermc1, + managermc2, managercrcrud, licensemanager, managerdeletecr, @@ -143,6 +140,9 @@ jobs: with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN}} + - name: Set Splunk Operator image + run: | + echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV - name: Pull Splunk Enterprise Image run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }} - name: Configure AWS credentials @@ -154,20 +154,10 @@ jobs: - name: Login to Amazon ECR id: login-ecr uses: aws-actions/amazon-ecr-login@v1 - - name: Pull Splunk Operator Image Locally and change name - run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - name: Tag and Push Splunk Enterprise Image to ECR run: | docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }} - - name: Pull Splunk Operator Image Locally - run: | - docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA - - name: Change Operator Image Tag to latest - run: | - docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:latest - name: Create EKS cluster run: | export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }} diff --git a/.github/workflows/manual-int-test-workflow.yml b/.github/workflows/manual-int-test-workflow.yml index f358f75a5..6839b2029 100644 --- a/.github/workflows/manual-int-test-workflow.yml +++ b/.github/workflows/manual-int-test-workflow.yml @@ -13,23 +13,16 @@ jobs: matrix: test: [ - appframeworks1, + appframeworksS1, managerappframeworkc3, managerappframeworkm4, managersecret, managersmartstore, - managermc, + managermc1, + managermc2, managerscaling, managercrcrud, licensemanager, - masterappframeworkc3, - masterappframeworkm4, - mastersecret, - mastersmartstore, - mastermc, - masterscaling, - mastercrcrud, - licensemaster, ] runs-on: ubuntu-latest env: diff --git a/.github/workflows/namespace-scope-int-workflow.yml b/.github/workflows/namespace-scope-int-workflow.yml index 62103d8cb..855219522 100644 --- a/.github/workflows/namespace-scope-int-workflow.yml +++ b/.github/workflows/namespace-scope-int-workflow.yml @@ -9,23 +9,16 @@ jobs: matrix: test: [ - appframeworks1, + appframeworksS1, managerappframeworkc3, managerappframeworkm4, managersecret, managersmartstore, - managermc, + managermc1, + managermc2, managerscaling, managercrcrud, licensemanager, - masterappframeworkc3, - masterappframeworkm4, - mastersecret, - mastersmartstore, - mastermc, - masterscaling, - mastercrcrud, - licensemaster, ] runs-on: ubuntu-latest env: diff --git a/.github/workflows/nightly-int-test-workflow.yml b/.github/workflows/nightly-int-test-workflow.yml index fa018be67..6190d258d 100644 --- a/.github/workflows/nightly-int-test-workflow.yml +++ b/.github/workflows/nightly-int-test-workflow.yml @@ -53,23 +53,16 @@ jobs: matrix: test: [ - appframeworks1, + appframeworksS1, managerappframeworkc3, managerappframeworkm4, managersecret, managersmartstore, - managermc, + managermc1, + managermc2, managerscaling, managercrcrud, licensemanager, - masterappframeworkc3, - masterappframeworkm4, - mastersecret, - mastersmartstore, - mastermc, - masterscaling, - mastercrcrud, - licensemaster, ] runs-on: ubuntu-latest needs: build-operator-image diff --git a/Dockerfile b/Dockerfile index 98557025e..f208e2185 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,21 @@ +# Setup defaults for build arguments +ARG PLATFORMS=linux/amd64 + +# Use distroless as minimal base image to package the manager binary +# Refer to https://github.com/GoogleContainerTools/distroless for more details +# This sha relates to ubi version 8.10-1132, which is tagged as 8.10 and latest as of Nov 15, 2024 +ARG BASE_IMAGE=registry.access.redhat.com/ubi8/ubi@sha256 +ARG BASE_IMAGE_VERSION=8990388831e1b41c9a67389e4b691dae8b1283f77d5fb7263e1f4fc69c0a9d05 + # Build the manager binary FROM golang:1.23.0 AS builder WORKDIR /workspace + # Copy the Go Modules manifests COPY go.mod go.mod COPY go.sum go.sum -# cache deps before building and copying source so that we don't need to re-download as much -# and so that source changes don't invalidate our downloaded layer +# Cache dependencies before building and copying source to reduce re-downloading RUN go mod download # Copy the go source @@ -18,34 +27,53 @@ COPY tools/ tools/ COPY hack hack/ # Build -RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o manager main.go +# TARGETOS and TARGETARCH are provided(inferred) by buildx via the --platforms flag +RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -a -o manager main.go + +# Use BASE_IMAGE as the base image +FROM ${BASE_IMAGE}:${BASE_IMAGE_VERSION} -# Use distroless as minimal base image to package the manager binary -# Refer to https://github.com/GoogleContainerTools/distroless for more details -FROM registry.access.redhat.com/ubi8/ubi:8.10 ENV OPERATOR=/manager \ USER_UID=1001 \ USER_NAME=nonroot -RUN yum -y install shadow-utils -RUN useradd -ms /bin/bash nonroot -u 1001 -RUN yum update -y krb5-libs && yum clean all -RUN yum -y update-minimal --security --sec-severity=Important --sec-severity=Critical -RUN yum -y update-minimal --security --sec-severity=Moderate -RUN yum -y update-minimal --security --sec-severity=Low +# Install necessary packages and configure user +RUN if grep -q 'Ubuntu' /etc/os-release; then \ + apt-get update && \ + apt-get install -y --no-install-recommends passwd && \ + apt-get install -y --no-install-recommends krb5-locales && \ + apt-get install -y --no-install-recommends unattended-upgrades && \ + useradd -ms /bin/bash nonroot -u 1001 && \ + apt-get install -y --no-install-recommends ca-certificates && \ + update-ca-certificates && \ + unattended-upgrades -v && \ + apt-get clean && rm -rf /var/lib/apt/lists/*; \ + else \ + yum -y install shadow-utils && \ + useradd -ms /bin/bash nonroot -u 1001 && \ + yum install -y ca-certificates && \ + update-ca-trust && \ + yum update -y krb5-libs && yum clean all && \ + yum -y update-minimal --security --sec-severity=Important --sec-severity=Critical && \ + yum -y update-minimal --security --sec-severity=Moderate && \ + yum -y update-minimal --security --sec-severity=Low; \ + fi +# Metadata LABEL name="splunk" \ maintainer="support@splunk.com" \ vendor="splunk" \ - version="2.2.1" \ + version="2.6.1" \ release="1" \ summary="Simplify the Deployment & Management of Splunk Products on Kubernetes" \ description="The Splunk Operator for Kubernetes (SOK) makes it easy for Splunk Administrators to deploy and operate Enterprise deployments in a Kubernetes infrastructure. Packaged as a container, it uses the operator pattern to manage Splunk-specific custom resources, following best practices to manage all the underlying Kubernetes objects for you." +# Set up workspace WORKDIR / -RUN mkdir /licenses -RUN mkdir -p /tools/k8_probes +RUN mkdir /licenses && \ + mkdir -p /tools/k8_probes +# Copy necessary files from the builder stage and other resources COPY --from=builder /workspace/manager . COPY tools/EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf /licenses COPY LICENSE /licenses/LICENSE-2.0.txt @@ -53,6 +81,8 @@ COPY tools/k8_probes/livenessProbe.sh /tools/k8_probes/ COPY tools/k8_probes/readinessProbe.sh /tools/k8_probes/ COPY tools/k8_probes/startupProbe.sh /tools/k8_probes/ +# Set the user USER 1001 -ENTRYPOINT ["/manager"] +# Start the manager +ENTRYPOINT ["/manager"] \ No newline at end of file diff --git a/Makefile b/Makefile index 94853d581..4a28cdad2 100644 --- a/Makefile +++ b/Makefile @@ -143,25 +143,28 @@ docker-build: test ## Build docker image with the manager. docker-push: ## Push docker image with the manager. docker push ${IMG} -# PLATFORMS defines the target platforms for the manager image be build to provide support to multiple -# architectures. (i.e. make docker-buildx IMG=myregistry/mypoperator:0.0.1). To use this option you need to: -# - able to use docker buildx . More info: https://docs.docker.com/build/buildx/ -# - have enable BuildKit, More info: https://docs.docker.com/develop/develop-images/build_enhancements/ -# - be able to push the image for your registry (i.e. if you do not inform a valid value via IMG=> than the export will fail) -# To properly provided solutions that supports more than one platform you should use this option. -PLATFORMS ?= linux/arm64,linux/amd64,linux/s390x,linux/ppc64le -.PHONY: docker-buildx -docker-buildx: test ## Build and push docker image for the manager for cross-platform support - # copy existing Dockerfile and insert --platform=${BUILDPLATFORM} into Dockerfile.cross, and preserve the original Dockerfile - sed -e '1 s/\(^FROM\)/FROM --platform=\$$\{BUILDPLATFORM\}/; t' -e ' 1,// s//FROM --platform=\$$\{BUILDPLATFORM\}/' Dockerfile > Dockerfile.cross - - docker buildx create --name project-v3-builder - docker buildx use project-v3-builder - - docker buildx build --push --platform=$(PLATFORMS) --tag ${IMG} -f Dockerfile.cross - - docker buildx rm project-v3-builder - rm Dockerfile.cross +# Docker-buildx is used to build the image for multiple OS/platforms +# IMG is a mandatory argument to specify the image name +# Defaults: +# Build Platform: linux/amd64 +# Build Base OS: registry.access.redhat.com/ubi8/ubi +# Build Base OS Version: 8.10 +# Pass only what is required, the rest will be defaulted +# Setup defaults for build arguments +PLATFORMS ?= linux/amd64 +BASE_IMAGE ?= registry.access.redhat.com/ubi8/ubi +BASE_IMAGE_VERSION ?= 8.10 +docker-buildx: + @if [ -z "$(IMG)" ]; then \ + echo "Error: IMG is a mandatory argument. Usage: make docker-buildx IMG= ...."; \ + exit 1; \ + fi + docker buildx build --push --platform="${PLATFORMS}" \ + --build-arg BASE_IMAGE="${BASE_IMAGE}" \ + --build-arg BASE_IMAGE_VERSION="${BASE_IMAGE_VERSION}" \ + --tag "${IMG}" -f Dockerfile . ##@ Deployment - install: manifests kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config. $(KUSTOMIZE) build config/crd | kubectl apply --server-side --force-conflicts -f - diff --git a/README.md b/README.md index 539d8a366..7ea7809f0 100644 --- a/README.md +++ b/README.md @@ -104,6 +104,7 @@ Other make targets include (more info below): * `make scorecard`: Runs operator-sdk scorecard tests using OLM installation bundle * `make generate`: runs operator-generate k8s, crds and csv commands, updating installation YAML files and OLM bundle * `make docker-build`: generates `splunk-operator` container image example `make docker-build IMG=docker.io/splunk/splunk-operator:` +* `make docker-buildx`: generates `splunk-operator` container image for multiple platforms, example `make docker-buildx IMG=docker.io/splunk/splunk-operator:` * `make docker-push`: push docker image to given repository example `make docker-push IMG=docker.io/splunk/splunk-operator:` * `make clean`: removes the binary build output and `splunk-operator` container image example `make docker-push IMG=docker.io/splunk/splunk-operator:` * `make run`: runs the Splunk Operator locally, monitoring the Kubernetes cluster configured in your current `kubectl` context diff --git a/api/v4/common_types.go b/api/v4/common_types.go index 968ecd8ed..eacecba8b 100644 --- a/api/v4/common_types.go +++ b/api/v4/common_types.go @@ -238,6 +238,8 @@ type CommonSplunkSpec struct { // Sets imagePullSecrets if image is being pulled from a private registry. // See https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"` + + VaultIntegration VaultIntegration `json:"vaultIntegration,omitempty"` } // StorageClassSpec defines storage class configuration @@ -308,10 +310,10 @@ type VolumeSpec struct { // Secret object name SecretRef string `json:"secretRef"` - // Remote Storage type. Supported values: s3, blob. s3 works with aws or minio providers, whereas blob works with azure provider. + // Remote Storage type. Supported values: s3, blob, gcs. s3 works with aws or minio providers, whereas blob works with azure provider, gcs works for gcp. Type string `json:"storageType"` - // App Package Remote Store provider. Supported values: aws, minio, azure. + // App Package Remote Store provider. Supported values: aws, minio, azure, gcp. Provider string `json:"provider"` // Region of the remote storage volume where apps reside. Used for aws, if provided. Not used for minio and azure. @@ -569,6 +571,23 @@ type PhaseInfo struct { FailCount uint32 `json:"failCount,omitempty"` } +// Vault represents the Vault configuration for enabling secret injection. +// +kubebuilder:object:generate=true +// +kubebuilder:validation:Optional +type VaultIntegration struct { + // Enable vault support + Enable bool `json:"enable,omitempty"` + + // Vault Address + Address string `json:"address"` + + // Vault Role + Role string `json:"role"` + + // Vault secret path + SecretPath string `json:"secretPath"` +} + const ( // AppPkgDownloadPending indicates pending AppPkgDownloadPending AppPhaseStatusType = 101 diff --git a/api/v4/zz_generated.deepcopy.go b/api/v4/zz_generated.deepcopy.go index 4c10f8035..0f21e56b0 100644 --- a/api/v4/zz_generated.deepcopy.go +++ b/api/v4/zz_generated.deepcopy.go @@ -343,6 +343,7 @@ func (in *CommonSplunkSpec) DeepCopyInto(out *CommonSplunkSpec) { *out = make([]v1.LocalObjectReference, len(*in)) copy(*out, *in) } + out.VaultIntegration = in.VaultIntegration } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CommonSplunkSpec. @@ -1097,6 +1098,21 @@ func (in *StorageClassSpec) DeepCopy() *StorageClassSpec { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VaultIntegration) DeepCopyInto(out *VaultIntegration) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultIntegration. +func (in *VaultIntegration) DeepCopy() *VaultIntegration { + if in == nil { + return nil + } + out := new(VaultIntegration) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *VolumeAndTypeSpec) DeepCopyInto(out *VolumeAndTypeSpec) { *out = *in diff --git a/bundle/manifests/enterprise.splunk.com_clustermanagers.yaml b/bundle/manifests/enterprise.splunk.com_clustermanagers.yaml index 648e5ab14..e8baa84c3 100644 --- a/bundle/manifests/enterprise.splunk.com_clustermanagers.yaml +++ b/bundle/manifests/enterprise.splunk.com_clustermanagers.yaml @@ -971,7 +971,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -983,8 +983,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -2091,7 +2091,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -2103,8 +2103,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -4085,7 +4085,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -4097,8 +4097,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array @@ -4354,7 +4355,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -4366,8 +4367,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array diff --git a/bundle/manifests/enterprise.splunk.com_clustermasters.yaml b/bundle/manifests/enterprise.splunk.com_clustermasters.yaml index 4ba412e1f..f635b4ac4 100644 --- a/bundle/manifests/enterprise.splunk.com_clustermasters.yaml +++ b/bundle/manifests/enterprise.splunk.com_clustermasters.yaml @@ -967,7 +967,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -979,8 +979,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -2087,7 +2087,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -2099,8 +2099,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -4081,7 +4081,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -4093,8 +4093,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array @@ -4347,7 +4348,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -4359,8 +4360,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array diff --git a/bundle/manifests/enterprise.splunk.com_licensemanagers.yaml b/bundle/manifests/enterprise.splunk.com_licensemanagers.yaml index 75e417481..99d6291ab 100644 --- a/bundle/manifests/enterprise.splunk.com_licensemanagers.yaml +++ b/bundle/manifests/enterprise.splunk.com_licensemanagers.yaml @@ -961,7 +961,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -973,8 +973,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -3959,7 +3959,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -3971,8 +3971,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array diff --git a/bundle/manifests/enterprise.splunk.com_licensemasters.yaml b/bundle/manifests/enterprise.splunk.com_licensemasters.yaml index 6312c605c..ec5183c34 100644 --- a/bundle/manifests/enterprise.splunk.com_licensemasters.yaml +++ b/bundle/manifests/enterprise.splunk.com_licensemasters.yaml @@ -956,7 +956,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -968,8 +968,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -3954,7 +3954,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -3966,8 +3966,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array diff --git a/bundle/manifests/enterprise.splunk.com_monitoringconsoles.yaml b/bundle/manifests/enterprise.splunk.com_monitoringconsoles.yaml index edf4fad0c..c5833cba4 100644 --- a/bundle/manifests/enterprise.splunk.com_monitoringconsoles.yaml +++ b/bundle/manifests/enterprise.splunk.com_monitoringconsoles.yaml @@ -963,7 +963,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -975,8 +975,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -3960,7 +3960,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -3972,8 +3972,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array @@ -5082,7 +5083,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -5094,8 +5095,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -8079,7 +8080,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -8091,8 +8092,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array diff --git a/bundle/manifests/enterprise.splunk.com_searchheadclusters.yaml b/bundle/manifests/enterprise.splunk.com_searchheadclusters.yaml index c0e4754d5..e9a97c05d 100644 --- a/bundle/manifests/enterprise.splunk.com_searchheadclusters.yaml +++ b/bundle/manifests/enterprise.splunk.com_searchheadclusters.yaml @@ -969,7 +969,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -981,8 +981,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -3983,7 +3983,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -3995,8 +3995,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array @@ -5175,7 +5176,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -5187,8 +5188,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -8189,7 +8190,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -8201,8 +8202,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array diff --git a/bundle/manifests/enterprise.splunk.com_standalones.yaml b/bundle/manifests/enterprise.splunk.com_standalones.yaml index 897bde6e2..d497c1627 100644 --- a/bundle/manifests/enterprise.splunk.com_standalones.yaml +++ b/bundle/manifests/enterprise.splunk.com_standalones.yaml @@ -964,7 +964,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -976,8 +976,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -2088,7 +2088,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -2100,8 +2100,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -4083,7 +4083,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -4095,8 +4095,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array @@ -4346,7 +4347,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -4358,8 +4359,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -5327,7 +5328,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -5339,8 +5340,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -6451,7 +6452,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -6463,8 +6464,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -8446,7 +8447,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -8458,8 +8459,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array @@ -8712,7 +8714,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -8724,8 +8726,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array diff --git a/bundle/manifests/splunk-operator.clusterserviceversion.yaml b/bundle/manifests/splunk-operator.clusterserviceversion.yaml index c8886145f..3ba017dd9 100644 --- a/bundle/manifests/splunk-operator.clusterserviceversion.yaml +++ b/bundle/manifests/splunk-operator.clusterserviceversion.yaml @@ -111,7 +111,7 @@ metadata: capabilities: Seamless Upgrades categories: Big Data, Logging & Tracing, Monitoring, Security, AI/Machine Learning containerImage: splunk/splunk-operator@sha256:c4e0d314622699496f675760aad314520d050a66627fdf33e1e21fa28ca85d50 - createdAt: "2024-09-30T21:21:00Z" + createdAt: "2024-11-21T21:00:57Z" description: The Splunk Operator for Kubernetes enables you to quickly and easily deploy Splunk Enterprise on your choice of private or public cloud provider. The Operator simplifies scaling and management of Splunk Enterprise by automating @@ -120,7 +120,7 @@ metadata: operators.operatorframework.io/builder: operator-sdk-v1.31.0 operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 repository: https://github.com/splunk/splunk-operator - name: splunk-operator.v2.6.1 + name: splunk-operator.v2.7.0 namespace: placeholder spec: apiservicedefinitions: {} @@ -548,14 +548,14 @@ spec: fieldRef: fieldPath: metadata.annotations['olm.targetNamespaces'] - name: RELATED_IMAGE_SPLUNK_ENTERPRISE - value: docker.io/splunk/splunk:9.3.0 + value: docker.io/splunk/splunk:9.3.2 - name: OPERATOR_NAME value: splunk-operator - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - image: docker.io/splunk/splunk-operator:2.6.1 + image: docker.io/splunk/splunk-operator:2.7.0 imagePullPolicy: Always livenessProbe: httpGet: @@ -668,7 +668,7 @@ spec: name: Splunk Inc. url: www.splunk.com relatedImages: - - image: docker.io/splunk/splunk:9.3.0 + - image: docker.io/splunk/splunk:9.3.2 name: splunk-enterprise replaces: splunk-operator.v2.6.0 - version: 2.6.1 + version: 2.7.0 diff --git a/config/crd/bases/enterprise.splunk.com_clustermanagers.yaml b/config/crd/bases/enterprise.splunk.com_clustermanagers.yaml index 4a8bb045f..1fd894212 100644 --- a/config/crd/bases/enterprise.splunk.com_clustermanagers.yaml +++ b/config/crd/bases/enterprise.splunk.com_clustermanagers.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.1 + controller-gen.kubebuilder.io/version: v0.14.0 name: clustermanagers.enterprise.splunk.com spec: group: enterprise.splunk.com @@ -969,7 +969,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -981,8 +981,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -1003,6 +1003,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1047,6 +1048,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1144,6 +1146,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its key @@ -1205,6 +1208,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -1243,6 +1247,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -1263,6 +1268,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1307,6 +1313,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1386,6 +1393,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1454,9 +1462,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -1587,6 +1597,7 @@ spec: clients must ensure that clusterIPs[0] and clusterIP have the same value. + This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. @@ -1665,6 +1676,7 @@ spec: NodePort, and LoadBalancer, and does apply to "headless" services. This field will be wiped when updating a Service to type ExternalName. + This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are @@ -1868,8 +1880,18 @@ spec: conditions: description: Current service state items: - description: Condition contains details for one aspect of - the current state of this API Resource. + description: "Condition contains details for one aspect + of the current state of this API Resource.\n---\nThis + struct is intended for direct use as an array at the field + path .status.conditions. For example,\n\n\n\ttype FooStatus + struct{\n\t // Represents the observations of a foo's + current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t + \ // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t + \ // +listType=map\n\t // +listMapKey=type\n\t Conditions + []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: description: |- @@ -1911,7 +1933,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1964,6 +1991,8 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. + --- + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1974,12 +2003,12 @@ spec: format: int32 type: integer protocol: + default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: - - error - port - protocol type: object @@ -2089,7 +2118,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -2101,8 +2130,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -2270,6 +2299,7 @@ spec: Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | @@ -2279,6 +2309,7 @@ spec: because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. + This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). format: int32 type: integer @@ -2289,6 +2320,7 @@ spec: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -2300,6 +2332,7 @@ spec: has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. + If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -2360,6 +2393,23 @@ spec: claims type: string type: object + vaultIntegration: + description: Vault represents the Vault configuration for enabling + secret injection. + properties: + address: + description: Vault Address + type: string + enable: + description: Enable vault support + type: boolean + role: + description: Vault Role + type: string + secretPath: + description: Vault secret path + type: string + type: object volumes: description: List of one or more Kubernetes volumes. These will be mounted in all pod containers as as /mnt/ @@ -2379,6 +2429,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -2493,6 +2544,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2531,6 +2583,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2598,6 +2651,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap or its @@ -2633,6 +2687,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2768,6 +2823,7 @@ spec: The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. + Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity @@ -2778,14 +2834,17 @@ spec: information on the connection between this volume type and PersistentVolumeClaim). + Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. + A pod can use both types of ephemeral volumes and persistent volumes at the same time. properties: @@ -2799,6 +2858,7 @@ spec: entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). + An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until @@ -2808,9 +2868,11 @@ spec: this should not be necessary, but it may be useful when manually reconstructing a broken cluster. + This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. + Required, must not be nil. properties: metadata: @@ -2926,9 +2988,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one @@ -3047,6 +3111,7 @@ spec: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from compromising the machine type: string lun: description: 'lun is Optional: FC target lun number' @@ -3109,6 +3174,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3142,6 +3208,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -3222,6 +3289,9 @@ spec: used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- + TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + mount host directories as read/write. properties: path: description: |- @@ -3258,6 +3328,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from compromising the machine type: string initiatorName: description: |- @@ -3297,6 +3368,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3464,6 +3536,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap @@ -3596,6 +3669,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional field specify whether the @@ -3684,6 +3758,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from compromising the machine type: string image: description: |- @@ -3726,6 +3801,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3772,6 +3848,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3889,6 +3966,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -4083,7 +4161,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -4095,8 +4173,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array @@ -4352,7 +4431,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -4364,8 +4443,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array diff --git a/config/crd/bases/enterprise.splunk.com_clustermasters.yaml b/config/crd/bases/enterprise.splunk.com_clustermasters.yaml index 418fd8e46..c26ea936e 100644 --- a/config/crd/bases/enterprise.splunk.com_clustermasters.yaml +++ b/config/crd/bases/enterprise.splunk.com_clustermasters.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.1 + controller-gen.kubebuilder.io/version: v0.14.0 name: clustermasters.enterprise.splunk.com spec: group: enterprise.splunk.com @@ -965,7 +965,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -977,8 +977,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -999,6 +999,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1043,6 +1044,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1140,6 +1142,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its key @@ -1201,6 +1204,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -1239,6 +1243,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -1259,6 +1264,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1303,6 +1309,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1382,6 +1389,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1450,9 +1458,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -1583,6 +1593,7 @@ spec: clients must ensure that clusterIPs[0] and clusterIP have the same value. + This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. @@ -1661,6 +1672,7 @@ spec: NodePort, and LoadBalancer, and does apply to "headless" services. This field will be wiped when updating a Service to type ExternalName. + This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are @@ -1864,8 +1876,18 @@ spec: conditions: description: Current service state items: - description: Condition contains details for one aspect of - the current state of this API Resource. + description: "Condition contains details for one aspect + of the current state of this API Resource.\n---\nThis + struct is intended for direct use as an array at the field + path .status.conditions. For example,\n\n\n\ttype FooStatus + struct{\n\t // Represents the observations of a foo's + current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t + \ // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t + \ // +listType=map\n\t // +listMapKey=type\n\t Conditions + []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: description: |- @@ -1907,7 +1929,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1960,6 +1987,8 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. + --- + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1970,12 +1999,12 @@ spec: format: int32 type: integer protocol: + default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: - - error - port - protocol type: object @@ -2085,7 +2114,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -2097,8 +2126,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -2266,6 +2295,7 @@ spec: Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | @@ -2275,6 +2305,7 @@ spec: because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. + This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). format: int32 type: integer @@ -2285,6 +2316,7 @@ spec: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -2296,6 +2328,7 @@ spec: has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. + If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -2356,6 +2389,23 @@ spec: claims type: string type: object + vaultIntegration: + description: Vault represents the Vault configuration for enabling + secret injection. + properties: + address: + description: Vault Address + type: string + enable: + description: Enable vault support + type: boolean + role: + description: Vault Role + type: string + secretPath: + description: Vault secret path + type: string + type: object volumes: description: List of one or more Kubernetes volumes. These will be mounted in all pod containers as as /mnt/ @@ -2375,6 +2425,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -2489,6 +2540,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2527,6 +2579,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2594,6 +2647,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap or its @@ -2629,6 +2683,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2764,6 +2819,7 @@ spec: The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. + Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity @@ -2774,14 +2830,17 @@ spec: information on the connection between this volume type and PersistentVolumeClaim). + Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. + A pod can use both types of ephemeral volumes and persistent volumes at the same time. properties: @@ -2795,6 +2854,7 @@ spec: entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). + An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until @@ -2804,9 +2864,11 @@ spec: this should not be necessary, but it may be useful when manually reconstructing a broken cluster. + This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. + Required, must not be nil. properties: metadata: @@ -2922,9 +2984,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one @@ -3043,6 +3107,7 @@ spec: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from compromising the machine type: string lun: description: 'lun is Optional: FC target lun number' @@ -3105,6 +3170,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3138,6 +3204,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -3218,6 +3285,9 @@ spec: used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- + TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + mount host directories as read/write. properties: path: description: |- @@ -3254,6 +3324,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from compromising the machine type: string initiatorName: description: |- @@ -3293,6 +3364,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3460,6 +3532,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap @@ -3592,6 +3665,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional field specify whether the @@ -3680,6 +3754,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from compromising the machine type: string image: description: |- @@ -3722,6 +3797,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3768,6 +3844,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3885,6 +3962,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -4079,7 +4157,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -4091,8 +4169,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array @@ -4345,7 +4424,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -4357,8 +4436,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array diff --git a/config/crd/bases/enterprise.splunk.com_indexerclusters.yaml b/config/crd/bases/enterprise.splunk.com_indexerclusters.yaml index 571efa7a1..4edd81fad 100644 --- a/config/crd/bases/enterprise.splunk.com_indexerclusters.yaml +++ b/config/crd/bases/enterprise.splunk.com_indexerclusters.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.1 + controller-gen.kubebuilder.io/version: v0.14.0 name: indexerclusters.enterprise.splunk.com spec: group: enterprise.splunk.com @@ -851,6 +851,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -895,6 +896,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -992,6 +994,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its key @@ -1053,6 +1056,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -1091,6 +1095,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -1111,6 +1116,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1155,6 +1161,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1234,6 +1241,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1307,9 +1315,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -1440,6 +1450,7 @@ spec: clients must ensure that clusterIPs[0] and clusterIP have the same value. + This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. @@ -1518,6 +1529,7 @@ spec: NodePort, and LoadBalancer, and does apply to "headless" services. This field will be wiped when updating a Service to type ExternalName. + This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are @@ -1721,8 +1733,18 @@ spec: conditions: description: Current service state items: - description: Condition contains details for one aspect of - the current state of this API Resource. + description: "Condition contains details for one aspect + of the current state of this API Resource.\n---\nThis + struct is intended for direct use as an array at the field + path .status.conditions. For example,\n\n\n\ttype FooStatus + struct{\n\t // Represents the observations of a foo's + current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t + \ // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t + \ // +listType=map\n\t // +listMapKey=type\n\t Conditions + []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: description: |- @@ -1764,7 +1786,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1817,6 +1844,8 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. + --- + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1827,12 +1856,12 @@ spec: format: int32 type: integer protocol: + default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: - - error - port - protocol type: object @@ -2006,6 +2035,7 @@ spec: Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | @@ -2015,6 +2045,7 @@ spec: because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. + This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). format: int32 type: integer @@ -2025,6 +2056,7 @@ spec: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -2036,6 +2068,7 @@ spec: has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. + If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -2096,6 +2129,23 @@ spec: claims type: string type: object + vaultIntegration: + description: Vault represents the Vault configuration for enabling + secret injection. + properties: + address: + description: Vault Address + type: string + enable: + description: Enable vault support + type: boolean + role: + description: Vault Role + type: string + secretPath: + description: Vault secret path + type: string + type: object volumes: description: List of one or more Kubernetes volumes. These will be mounted in all pod containers as as /mnt/ @@ -2115,6 +2165,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -2229,6 +2280,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2267,6 +2319,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2334,6 +2387,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap or its @@ -2369,6 +2423,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2504,6 +2559,7 @@ spec: The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. + Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity @@ -2514,14 +2570,17 @@ spec: information on the connection between this volume type and PersistentVolumeClaim). + Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. + A pod can use both types of ephemeral volumes and persistent volumes at the same time. properties: @@ -2535,6 +2594,7 @@ spec: entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). + An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until @@ -2544,9 +2604,11 @@ spec: this should not be necessary, but it may be useful when manually reconstructing a broken cluster. + This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. + Required, must not be nil. properties: metadata: @@ -2662,9 +2724,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one @@ -2783,6 +2847,7 @@ spec: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from compromising the machine type: string lun: description: 'lun is Optional: FC target lun number' @@ -2845,6 +2910,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2878,6 +2944,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -2958,6 +3025,9 @@ spec: used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- + TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + mount host directories as read/write. properties: path: description: |- @@ -2994,6 +3064,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from compromising the machine type: string initiatorName: description: |- @@ -3033,6 +3104,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3200,6 +3272,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap @@ -3332,6 +3405,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional field specify whether the @@ -3420,6 +3494,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from compromising the machine type: string image: description: |- @@ -3462,6 +3537,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3508,6 +3584,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3625,6 +3702,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -4626,6 +4704,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -4670,6 +4749,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -4767,6 +4847,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its key @@ -4828,6 +4909,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -4866,6 +4948,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -4886,6 +4969,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -4930,6 +5014,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -5009,6 +5094,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -5082,9 +5168,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -5215,6 +5303,7 @@ spec: clients must ensure that clusterIPs[0] and clusterIP have the same value. + This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. @@ -5293,6 +5382,7 @@ spec: NodePort, and LoadBalancer, and does apply to "headless" services. This field will be wiped when updating a Service to type ExternalName. + This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are @@ -5496,8 +5586,18 @@ spec: conditions: description: Current service state items: - description: Condition contains details for one aspect of - the current state of this API Resource. + description: "Condition contains details for one aspect + of the current state of this API Resource.\n---\nThis + struct is intended for direct use as an array at the field + path .status.conditions. For example,\n\n\n\ttype FooStatus + struct{\n\t // Represents the observations of a foo's + current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t + \ // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t + \ // +listType=map\n\t // +listMapKey=type\n\t Conditions + []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: description: |- @@ -5539,7 +5639,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -5592,6 +5697,8 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. + --- + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -5602,12 +5709,12 @@ spec: format: int32 type: integer protocol: + default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: - - error - port - protocol type: object @@ -5781,6 +5888,7 @@ spec: Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | @@ -5790,6 +5898,7 @@ spec: because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. + This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). format: int32 type: integer @@ -5800,6 +5909,7 @@ spec: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -5811,6 +5921,7 @@ spec: has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. + If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -5871,6 +5982,23 @@ spec: claims type: string type: object + vaultIntegration: + description: Vault represents the Vault configuration for enabling + secret injection. + properties: + address: + description: Vault Address + type: string + enable: + description: Enable vault support + type: boolean + role: + description: Vault Role + type: string + secretPath: + description: Vault secret path + type: string + type: object volumes: description: List of one or more Kubernetes volumes. These will be mounted in all pod containers as as /mnt/ @@ -5890,6 +6018,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -6004,6 +6133,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6042,6 +6172,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6109,6 +6240,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap or its @@ -6144,6 +6276,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6279,6 +6412,7 @@ spec: The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. + Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity @@ -6289,14 +6423,17 @@ spec: information on the connection between this volume type and PersistentVolumeClaim). + Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. + A pod can use both types of ephemeral volumes and persistent volumes at the same time. properties: @@ -6310,6 +6447,7 @@ spec: entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). + An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until @@ -6319,9 +6457,11 @@ spec: this should not be necessary, but it may be useful when manually reconstructing a broken cluster. + This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. + Required, must not be nil. properties: metadata: @@ -6437,9 +6577,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one @@ -6558,6 +6700,7 @@ spec: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from compromising the machine type: string lun: description: 'lun is Optional: FC target lun number' @@ -6620,6 +6763,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6653,6 +6797,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -6733,6 +6878,9 @@ spec: used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- + TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + mount host directories as read/write. properties: path: description: |- @@ -6769,6 +6917,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from compromising the machine type: string initiatorName: description: |- @@ -6808,6 +6957,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6975,6 +7125,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap @@ -7107,6 +7258,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional field specify whether the @@ -7195,6 +7347,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from compromising the machine type: string image: description: |- @@ -7237,6 +7390,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7283,6 +7437,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7400,6 +7555,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic diff --git a/config/crd/bases/enterprise.splunk.com_licensemanagers.yaml b/config/crd/bases/enterprise.splunk.com_licensemanagers.yaml index bcdd2bbfb..1ebefb721 100644 --- a/config/crd/bases/enterprise.splunk.com_licensemanagers.yaml +++ b/config/crd/bases/enterprise.splunk.com_licensemanagers.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.1 + controller-gen.kubebuilder.io/version: v0.14.0 name: licensemanagers.enterprise.splunk.com spec: group: enterprise.splunk.com @@ -959,7 +959,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -971,8 +971,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -993,6 +993,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1037,6 +1038,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1134,6 +1136,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its key @@ -1195,6 +1198,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -1233,6 +1237,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -1253,6 +1258,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1297,6 +1303,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1376,6 +1383,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1444,9 +1452,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -1577,6 +1587,7 @@ spec: clients must ensure that clusterIPs[0] and clusterIP have the same value. + This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. @@ -1655,6 +1666,7 @@ spec: NodePort, and LoadBalancer, and does apply to "headless" services. This field will be wiped when updating a Service to type ExternalName. + This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are @@ -1858,8 +1870,18 @@ spec: conditions: description: Current service state items: - description: Condition contains details for one aspect of - the current state of this API Resource. + description: "Condition contains details for one aspect + of the current state of this API Resource.\n---\nThis + struct is intended for direct use as an array at the field + path .status.conditions. For example,\n\n\n\ttype FooStatus + struct{\n\t // Represents the observations of a foo's + current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t + \ // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t + \ // +listType=map\n\t // +listMapKey=type\n\t Conditions + []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: description: |- @@ -1901,7 +1923,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1954,6 +1981,8 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. + --- + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1964,12 +1993,12 @@ spec: format: int32 type: integer protocol: + default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: - - error - port - protocol type: object @@ -2143,6 +2172,7 @@ spec: Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | @@ -2152,6 +2182,7 @@ spec: because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. + This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). format: int32 type: integer @@ -2162,6 +2193,7 @@ spec: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -2173,6 +2205,7 @@ spec: has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. + If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -2233,6 +2266,23 @@ spec: claims type: string type: object + vaultIntegration: + description: Vault represents the Vault configuration for enabling + secret injection. + properties: + address: + description: Vault Address + type: string + enable: + description: Enable vault support + type: boolean + role: + description: Vault Role + type: string + secretPath: + description: Vault secret path + type: string + type: object volumes: description: List of one or more Kubernetes volumes. These will be mounted in all pod containers as as /mnt/ @@ -2252,6 +2302,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -2366,6 +2417,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2404,6 +2456,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2471,6 +2524,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap or its @@ -2506,6 +2560,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2641,6 +2696,7 @@ spec: The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. + Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity @@ -2651,14 +2707,17 @@ spec: information on the connection between this volume type and PersistentVolumeClaim). + Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. + A pod can use both types of ephemeral volumes and persistent volumes at the same time. properties: @@ -2672,6 +2731,7 @@ spec: entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). + An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until @@ -2681,9 +2741,11 @@ spec: this should not be necessary, but it may be useful when manually reconstructing a broken cluster. + This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. + Required, must not be nil. properties: metadata: @@ -2799,9 +2861,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one @@ -2920,6 +2984,7 @@ spec: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from compromising the machine type: string lun: description: 'lun is Optional: FC target lun number' @@ -2982,6 +3047,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3015,6 +3081,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -3095,6 +3162,9 @@ spec: used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- + TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + mount host directories as read/write. properties: path: description: |- @@ -3131,6 +3201,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from compromising the machine type: string initiatorName: description: |- @@ -3170,6 +3241,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3337,6 +3409,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap @@ -3469,6 +3542,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional field specify whether the @@ -3557,6 +3631,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from compromising the machine type: string image: description: |- @@ -3599,6 +3674,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3645,6 +3721,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3762,6 +3839,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3957,7 +4035,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -3969,8 +4047,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array diff --git a/config/crd/bases/enterprise.splunk.com_licensemasters.yaml b/config/crd/bases/enterprise.splunk.com_licensemasters.yaml index 3371844b9..2e7bf68f9 100644 --- a/config/crd/bases/enterprise.splunk.com_licensemasters.yaml +++ b/config/crd/bases/enterprise.splunk.com_licensemasters.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.1 + controller-gen.kubebuilder.io/version: v0.14.0 name: licensemasters.enterprise.splunk.com spec: group: enterprise.splunk.com @@ -954,7 +954,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -966,8 +966,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -988,6 +988,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1032,6 +1033,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1129,6 +1131,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its key @@ -1190,6 +1193,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -1228,6 +1232,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -1248,6 +1253,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1292,6 +1298,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1371,6 +1378,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1439,9 +1447,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -1572,6 +1582,7 @@ spec: clients must ensure that clusterIPs[0] and clusterIP have the same value. + This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. @@ -1650,6 +1661,7 @@ spec: NodePort, and LoadBalancer, and does apply to "headless" services. This field will be wiped when updating a Service to type ExternalName. + This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are @@ -1853,8 +1865,18 @@ spec: conditions: description: Current service state items: - description: Condition contains details for one aspect of - the current state of this API Resource. + description: "Condition contains details for one aspect + of the current state of this API Resource.\n---\nThis + struct is intended for direct use as an array at the field + path .status.conditions. For example,\n\n\n\ttype FooStatus + struct{\n\t // Represents the observations of a foo's + current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t + \ // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t + \ // +listType=map\n\t // +listMapKey=type\n\t Conditions + []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: description: |- @@ -1896,7 +1918,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1949,6 +1976,8 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. + --- + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1959,12 +1988,12 @@ spec: format: int32 type: integer protocol: + default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: - - error - port - protocol type: object @@ -2138,6 +2167,7 @@ spec: Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | @@ -2147,6 +2177,7 @@ spec: because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. + This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). format: int32 type: integer @@ -2157,6 +2188,7 @@ spec: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -2168,6 +2200,7 @@ spec: has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. + If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -2228,6 +2261,23 @@ spec: claims type: string type: object + vaultIntegration: + description: Vault represents the Vault configuration for enabling + secret injection. + properties: + address: + description: Vault Address + type: string + enable: + description: Enable vault support + type: boolean + role: + description: Vault Role + type: string + secretPath: + description: Vault secret path + type: string + type: object volumes: description: List of one or more Kubernetes volumes. These will be mounted in all pod containers as as /mnt/ @@ -2247,6 +2297,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -2361,6 +2412,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2399,6 +2451,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2466,6 +2519,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap or its @@ -2501,6 +2555,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2636,6 +2691,7 @@ spec: The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. + Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity @@ -2646,14 +2702,17 @@ spec: information on the connection between this volume type and PersistentVolumeClaim). + Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. + A pod can use both types of ephemeral volumes and persistent volumes at the same time. properties: @@ -2667,6 +2726,7 @@ spec: entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). + An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until @@ -2676,9 +2736,11 @@ spec: this should not be necessary, but it may be useful when manually reconstructing a broken cluster. + This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. + Required, must not be nil. properties: metadata: @@ -2794,9 +2856,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one @@ -2915,6 +2979,7 @@ spec: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from compromising the machine type: string lun: description: 'lun is Optional: FC target lun number' @@ -2977,6 +3042,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3010,6 +3076,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -3090,6 +3157,9 @@ spec: used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- + TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + mount host directories as read/write. properties: path: description: |- @@ -3126,6 +3196,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from compromising the machine type: string initiatorName: description: |- @@ -3165,6 +3236,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3332,6 +3404,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap @@ -3464,6 +3537,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional field specify whether the @@ -3552,6 +3626,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from compromising the machine type: string image: description: |- @@ -3594,6 +3669,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3640,6 +3716,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3757,6 +3834,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3952,7 +4030,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -3964,8 +4042,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array diff --git a/config/crd/bases/enterprise.splunk.com_monitoringconsoles.yaml b/config/crd/bases/enterprise.splunk.com_monitoringconsoles.yaml index e97e022fc..46a43a1cf 100644 --- a/config/crd/bases/enterprise.splunk.com_monitoringconsoles.yaml +++ b/config/crd/bases/enterprise.splunk.com_monitoringconsoles.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.1 + controller-gen.kubebuilder.io/version: v0.14.0 name: monitoringconsoles.enterprise.splunk.com spec: group: enterprise.splunk.com @@ -961,7 +961,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -973,8 +973,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -995,6 +995,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1039,6 +1040,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1136,6 +1138,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its key @@ -1197,6 +1200,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -1235,6 +1239,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -1255,6 +1260,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1299,6 +1305,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1378,6 +1385,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1446,9 +1454,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -1579,6 +1589,7 @@ spec: clients must ensure that clusterIPs[0] and clusterIP have the same value. + This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. @@ -1657,6 +1668,7 @@ spec: NodePort, and LoadBalancer, and does apply to "headless" services. This field will be wiped when updating a Service to type ExternalName. + This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are @@ -1860,8 +1872,18 @@ spec: conditions: description: Current service state items: - description: Condition contains details for one aspect of - the current state of this API Resource. + description: "Condition contains details for one aspect + of the current state of this API Resource.\n---\nThis + struct is intended for direct use as an array at the field + path .status.conditions. For example,\n\n\n\ttype FooStatus + struct{\n\t // Represents the observations of a foo's + current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t + \ // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t + \ // +listType=map\n\t // +listMapKey=type\n\t Conditions + []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: description: |- @@ -1903,7 +1925,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1956,6 +1983,8 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. + --- + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1966,12 +1995,12 @@ spec: format: int32 type: integer protocol: + default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: - - error - port - protocol type: object @@ -2145,6 +2174,7 @@ spec: Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | @@ -2154,6 +2184,7 @@ spec: because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. + This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). format: int32 type: integer @@ -2164,6 +2195,7 @@ spec: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -2175,6 +2207,7 @@ spec: has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. + If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -2235,6 +2268,23 @@ spec: claims type: string type: object + vaultIntegration: + description: Vault represents the Vault configuration for enabling + secret injection. + properties: + address: + description: Vault Address + type: string + enable: + description: Enable vault support + type: boolean + role: + description: Vault Role + type: string + secretPath: + description: Vault secret path + type: string + type: object volumes: description: List of one or more Kubernetes volumes. These will be mounted in all pod containers as as /mnt/ @@ -2254,6 +2304,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -2368,6 +2419,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2406,6 +2458,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2473,6 +2526,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap or its @@ -2508,6 +2562,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2643,6 +2698,7 @@ spec: The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. + Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity @@ -2653,14 +2709,17 @@ spec: information on the connection between this volume type and PersistentVolumeClaim). + Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. + A pod can use both types of ephemeral volumes and persistent volumes at the same time. properties: @@ -2674,6 +2733,7 @@ spec: entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). + An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until @@ -2683,9 +2743,11 @@ spec: this should not be necessary, but it may be useful when manually reconstructing a broken cluster. + This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. + Required, must not be nil. properties: metadata: @@ -2801,9 +2863,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one @@ -2922,6 +2986,7 @@ spec: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from compromising the machine type: string lun: description: 'lun is Optional: FC target lun number' @@ -2984,6 +3049,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3017,6 +3083,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -3097,6 +3164,9 @@ spec: used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- + TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + mount host directories as read/write. properties: path: description: |- @@ -3133,6 +3203,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from compromising the machine type: string initiatorName: description: |- @@ -3172,6 +3243,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3339,6 +3411,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap @@ -3471,6 +3544,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional field specify whether the @@ -3559,6 +3633,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from compromising the machine type: string image: description: |- @@ -3601,6 +3676,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3647,6 +3723,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3764,6 +3841,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3958,7 +4036,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -3970,8 +4048,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array @@ -5080,7 +5159,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -5092,8 +5171,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -5114,6 +5193,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -5158,6 +5238,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -5255,6 +5336,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its key @@ -5316,6 +5398,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -5354,6 +5437,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -5374,6 +5458,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -5418,6 +5503,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -5497,6 +5583,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -5565,9 +5652,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -5698,6 +5787,7 @@ spec: clients must ensure that clusterIPs[0] and clusterIP have the same value. + This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. @@ -5776,6 +5866,7 @@ spec: NodePort, and LoadBalancer, and does apply to "headless" services. This field will be wiped when updating a Service to type ExternalName. + This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are @@ -5979,8 +6070,18 @@ spec: conditions: description: Current service state items: - description: Condition contains details for one aspect of - the current state of this API Resource. + description: "Condition contains details for one aspect + of the current state of this API Resource.\n---\nThis + struct is intended for direct use as an array at the field + path .status.conditions. For example,\n\n\n\ttype FooStatus + struct{\n\t // Represents the observations of a foo's + current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t + \ // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t + \ // +listType=map\n\t // +listMapKey=type\n\t Conditions + []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: description: |- @@ -6022,7 +6123,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6075,6 +6181,8 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. + --- + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6085,12 +6193,12 @@ spec: format: int32 type: integer protocol: + default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: - - error - port - protocol type: object @@ -6264,6 +6372,7 @@ spec: Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | @@ -6273,6 +6382,7 @@ spec: because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. + This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). format: int32 type: integer @@ -6283,6 +6393,7 @@ spec: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -6294,6 +6405,7 @@ spec: has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. + If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -6354,6 +6466,23 @@ spec: claims type: string type: object + vaultIntegration: + description: Vault represents the Vault configuration for enabling + secret injection. + properties: + address: + description: Vault Address + type: string + enable: + description: Enable vault support + type: boolean + role: + description: Vault Role + type: string + secretPath: + description: Vault secret path + type: string + type: object volumes: description: List of one or more Kubernetes volumes. These will be mounted in all pod containers as as /mnt/ @@ -6373,6 +6502,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -6487,6 +6617,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6525,6 +6656,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6592,6 +6724,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap or its @@ -6627,6 +6760,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6762,6 +6896,7 @@ spec: The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. + Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity @@ -6772,14 +6907,17 @@ spec: information on the connection between this volume type and PersistentVolumeClaim). + Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. + A pod can use both types of ephemeral volumes and persistent volumes at the same time. properties: @@ -6793,6 +6931,7 @@ spec: entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). + An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until @@ -6802,9 +6941,11 @@ spec: this should not be necessary, but it may be useful when manually reconstructing a broken cluster. + This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. + Required, must not be nil. properties: metadata: @@ -6920,9 +7061,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one @@ -7041,6 +7184,7 @@ spec: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from compromising the machine type: string lun: description: 'lun is Optional: FC target lun number' @@ -7103,6 +7247,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7136,6 +7281,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -7216,6 +7362,9 @@ spec: used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- + TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + mount host directories as read/write. properties: path: description: |- @@ -7252,6 +7401,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from compromising the machine type: string initiatorName: description: |- @@ -7291,6 +7441,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7458,6 +7609,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap @@ -7590,6 +7742,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional field specify whether the @@ -7678,6 +7831,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from compromising the machine type: string image: description: |- @@ -7720,6 +7874,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7766,6 +7921,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7883,6 +8039,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -8077,7 +8234,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -8089,8 +8246,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array diff --git a/config/crd/bases/enterprise.splunk.com_searchheadclusters.yaml b/config/crd/bases/enterprise.splunk.com_searchheadclusters.yaml index b165366e0..54ea4f4fa 100644 --- a/config/crd/bases/enterprise.splunk.com_searchheadclusters.yaml +++ b/config/crd/bases/enterprise.splunk.com_searchheadclusters.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.1 + controller-gen.kubebuilder.io/version: v0.14.0 name: searchheadclusters.enterprise.splunk.com spec: group: enterprise.splunk.com @@ -967,7 +967,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -979,8 +979,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -1001,6 +1001,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1045,6 +1046,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1142,6 +1144,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its key @@ -1203,6 +1206,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -1241,6 +1245,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -1261,6 +1266,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1305,6 +1311,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1384,6 +1391,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1457,9 +1465,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -1590,6 +1600,7 @@ spec: clients must ensure that clusterIPs[0] and clusterIP have the same value. + This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. @@ -1668,6 +1679,7 @@ spec: NodePort, and LoadBalancer, and does apply to "headless" services. This field will be wiped when updating a Service to type ExternalName. + This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are @@ -1871,8 +1883,18 @@ spec: conditions: description: Current service state items: - description: Condition contains details for one aspect of - the current state of this API Resource. + description: "Condition contains details for one aspect + of the current state of this API Resource.\n---\nThis + struct is intended for direct use as an array at the field + path .status.conditions. For example,\n\n\n\ttype FooStatus + struct{\n\t // Represents the observations of a foo's + current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t + \ // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t + \ // +listType=map\n\t // +listMapKey=type\n\t Conditions + []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: description: |- @@ -1914,7 +1936,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1967,6 +1994,8 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. + --- + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1977,12 +2006,12 @@ spec: format: int32 type: integer protocol: + default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: - - error - port - protocol type: object @@ -2156,6 +2185,7 @@ spec: Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | @@ -2165,6 +2195,7 @@ spec: because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. + This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). format: int32 type: integer @@ -2175,6 +2206,7 @@ spec: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -2186,6 +2218,7 @@ spec: has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. + If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -2246,6 +2279,23 @@ spec: claims type: string type: object + vaultIntegration: + description: Vault represents the Vault configuration for enabling + secret injection. + properties: + address: + description: Vault Address + type: string + enable: + description: Enable vault support + type: boolean + role: + description: Vault Role + type: string + secretPath: + description: Vault secret path + type: string + type: object volumes: description: List of one or more Kubernetes volumes. These will be mounted in all pod containers as as /mnt/ @@ -2265,6 +2315,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -2379,6 +2430,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2417,6 +2469,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2484,6 +2537,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap or its @@ -2519,6 +2573,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2654,6 +2709,7 @@ spec: The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. + Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity @@ -2664,14 +2720,17 @@ spec: information on the connection between this volume type and PersistentVolumeClaim). + Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. + A pod can use both types of ephemeral volumes and persistent volumes at the same time. properties: @@ -2685,6 +2744,7 @@ spec: entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). + An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until @@ -2694,9 +2754,11 @@ spec: this should not be necessary, but it may be useful when manually reconstructing a broken cluster. + This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. + Required, must not be nil. properties: metadata: @@ -2812,9 +2874,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one @@ -2933,6 +2997,7 @@ spec: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from compromising the machine type: string lun: description: 'lun is Optional: FC target lun number' @@ -2995,6 +3060,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3028,6 +3094,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -3108,6 +3175,9 @@ spec: used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- + TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + mount host directories as read/write. properties: path: description: |- @@ -3144,6 +3214,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from compromising the machine type: string initiatorName: description: |- @@ -3183,6 +3254,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3350,6 +3422,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap @@ -3482,6 +3555,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional field specify whether the @@ -3570,6 +3644,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from compromising the machine type: string image: description: |- @@ -3612,6 +3687,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3658,6 +3734,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3775,6 +3852,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3981,7 +4059,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -3993,8 +4071,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array @@ -5173,7 +5252,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -5185,8 +5264,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -5207,6 +5286,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -5251,6 +5331,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -5348,6 +5429,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its key @@ -5409,6 +5491,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -5447,6 +5530,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -5467,6 +5551,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -5511,6 +5596,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -5590,6 +5676,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -5663,9 +5750,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -5796,6 +5885,7 @@ spec: clients must ensure that clusterIPs[0] and clusterIP have the same value. + This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. @@ -5874,6 +5964,7 @@ spec: NodePort, and LoadBalancer, and does apply to "headless" services. This field will be wiped when updating a Service to type ExternalName. + This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are @@ -6077,8 +6168,18 @@ spec: conditions: description: Current service state items: - description: Condition contains details for one aspect of - the current state of this API Resource. + description: "Condition contains details for one aspect + of the current state of this API Resource.\n---\nThis + struct is intended for direct use as an array at the field + path .status.conditions. For example,\n\n\n\ttype FooStatus + struct{\n\t // Represents the observations of a foo's + current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t + \ // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t + \ // +listType=map\n\t // +listMapKey=type\n\t Conditions + []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: description: |- @@ -6120,7 +6221,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6173,6 +6279,8 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. + --- + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6183,12 +6291,12 @@ spec: format: int32 type: integer protocol: + default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: - - error - port - protocol type: object @@ -6362,6 +6470,7 @@ spec: Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | @@ -6371,6 +6480,7 @@ spec: because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. + This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). format: int32 type: integer @@ -6381,6 +6491,7 @@ spec: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -6392,6 +6503,7 @@ spec: has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. + If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -6452,6 +6564,23 @@ spec: claims type: string type: object + vaultIntegration: + description: Vault represents the Vault configuration for enabling + secret injection. + properties: + address: + description: Vault Address + type: string + enable: + description: Enable vault support + type: boolean + role: + description: Vault Role + type: string + secretPath: + description: Vault secret path + type: string + type: object volumes: description: List of one or more Kubernetes volumes. These will be mounted in all pod containers as as /mnt/ @@ -6471,6 +6600,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -6585,6 +6715,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6623,6 +6754,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6690,6 +6822,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap or its @@ -6725,6 +6858,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6860,6 +6994,7 @@ spec: The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. + Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity @@ -6870,14 +7005,17 @@ spec: information on the connection between this volume type and PersistentVolumeClaim). + Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. + A pod can use both types of ephemeral volumes and persistent volumes at the same time. properties: @@ -6891,6 +7029,7 @@ spec: entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). + An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until @@ -6900,9 +7039,11 @@ spec: this should not be necessary, but it may be useful when manually reconstructing a broken cluster. + This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. + Required, must not be nil. properties: metadata: @@ -7018,9 +7159,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one @@ -7139,6 +7282,7 @@ spec: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from compromising the machine type: string lun: description: 'lun is Optional: FC target lun number' @@ -7201,6 +7345,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7234,6 +7379,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -7314,6 +7460,9 @@ spec: used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- + TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + mount host directories as read/write. properties: path: description: |- @@ -7350,6 +7499,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from compromising the machine type: string initiatorName: description: |- @@ -7389,6 +7539,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7556,6 +7707,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap @@ -7688,6 +7840,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional field specify whether the @@ -7776,6 +7929,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from compromising the machine type: string image: description: |- @@ -7818,6 +7972,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7864,6 +8019,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7981,6 +8137,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -8187,7 +8344,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -8199,8 +8356,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array diff --git a/config/crd/bases/enterprise.splunk.com_standalones.yaml b/config/crd/bases/enterprise.splunk.com_standalones.yaml index 99f02ab66..5d896a75b 100644 --- a/config/crd/bases/enterprise.splunk.com_standalones.yaml +++ b/config/crd/bases/enterprise.splunk.com_standalones.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.1 + controller-gen.kubebuilder.io/version: v0.14.0 name: standalones.enterprise.splunk.com spec: group: enterprise.splunk.com @@ -962,7 +962,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -974,8 +974,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -996,6 +996,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1040,6 +1041,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1137,6 +1139,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its key @@ -1198,6 +1201,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -1236,6 +1240,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -1256,6 +1261,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1300,6 +1306,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1379,6 +1386,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -1451,9 +1459,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -1584,6 +1594,7 @@ spec: clients must ensure that clusterIPs[0] and clusterIP have the same value. + This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. @@ -1662,6 +1673,7 @@ spec: NodePort, and LoadBalancer, and does apply to "headless" services. This field will be wiped when updating a Service to type ExternalName. + This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are @@ -1865,8 +1877,18 @@ spec: conditions: description: Current service state items: - description: Condition contains details for one aspect of - the current state of this API Resource. + description: "Condition contains details for one aspect + of the current state of this API Resource.\n---\nThis + struct is intended for direct use as an array at the field + path .status.conditions. For example,\n\n\n\ttype FooStatus + struct{\n\t // Represents the observations of a foo's + current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t + \ // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t + \ // +listType=map\n\t // +listMapKey=type\n\t Conditions + []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: description: |- @@ -1908,7 +1930,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1961,6 +1988,8 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. + --- + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1971,12 +2000,12 @@ spec: format: int32 type: integer protocol: + default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: - - error - port - protocol type: object @@ -2086,7 +2115,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -2098,8 +2127,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -2267,6 +2296,7 @@ spec: Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | @@ -2276,6 +2306,7 @@ spec: because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. + This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). format: int32 type: integer @@ -2286,6 +2317,7 @@ spec: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -2297,6 +2329,7 @@ spec: has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. + If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -2357,6 +2390,23 @@ spec: claims type: string type: object + vaultIntegration: + description: Vault represents the Vault configuration for enabling + secret injection. + properties: + address: + description: Vault Address + type: string + enable: + description: Enable vault support + type: boolean + role: + description: Vault Role + type: string + secretPath: + description: Vault secret path + type: string + type: object volumes: description: List of one or more Kubernetes volumes. These will be mounted in all pod containers as as /mnt/ @@ -2376,6 +2426,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -2490,6 +2541,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2528,6 +2580,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2595,6 +2648,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap or its @@ -2630,6 +2684,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2765,6 +2820,7 @@ spec: The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. + Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity @@ -2775,14 +2831,17 @@ spec: information on the connection between this volume type and PersistentVolumeClaim). + Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. + A pod can use both types of ephemeral volumes and persistent volumes at the same time. properties: @@ -2796,6 +2855,7 @@ spec: entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). + An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until @@ -2805,9 +2865,11 @@ spec: this should not be necessary, but it may be useful when manually reconstructing a broken cluster. + This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. + Required, must not be nil. properties: metadata: @@ -2923,9 +2985,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one @@ -3044,6 +3108,7 @@ spec: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from compromising the machine type: string lun: description: 'lun is Optional: FC target lun number' @@ -3106,6 +3171,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3139,6 +3205,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -3219,6 +3286,9 @@ spec: used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- + TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + mount host directories as read/write. properties: path: description: |- @@ -3255,6 +3325,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from compromising the machine type: string initiatorName: description: |- @@ -3294,6 +3365,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3461,6 +3533,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap @@ -3593,6 +3666,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional field specify whether the @@ -3681,6 +3755,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from compromising the machine type: string image: description: |- @@ -3723,6 +3798,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3769,6 +3845,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3886,6 +3963,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -4081,7 +4159,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -4093,8 +4171,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array @@ -4344,7 +4423,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -4356,8 +4435,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -5325,7 +5404,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -5337,8 +5416,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -5359,6 +5438,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -5403,6 +5483,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -5500,6 +5581,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its key @@ -5561,6 +5643,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -5599,6 +5682,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -5619,6 +5703,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -5663,6 +5748,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -5742,6 +5828,7 @@ spec: the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. type: string kind: description: |- @@ -5814,9 +5901,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -5947,6 +6036,7 @@ spec: clients must ensure that clusterIPs[0] and clusterIP have the same value. + This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. @@ -6025,6 +6115,7 @@ spec: NodePort, and LoadBalancer, and does apply to "headless" services. This field will be wiped when updating a Service to type ExternalName. + This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are @@ -6228,8 +6319,18 @@ spec: conditions: description: Current service state items: - description: Condition contains details for one aspect of - the current state of this API Resource. + description: "Condition contains details for one aspect + of the current state of this API Resource.\n---\nThis + struct is intended for direct use as an array at the field + path .status.conditions. For example,\n\n\n\ttype FooStatus + struct{\n\t // Represents the observations of a foo's + current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t + \ // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t + \ // +listType=map\n\t // +listMapKey=type\n\t Conditions + []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: description: |- @@ -6271,7 +6372,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6324,6 +6430,8 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. + --- + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6334,12 +6442,12 @@ spec: format: int32 type: integer protocol: + default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: - - error - port - protocol type: object @@ -6449,7 +6557,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -6461,8 +6569,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -6630,6 +6738,7 @@ spec: Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | @@ -6639,6 +6748,7 @@ spec: because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. + This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). format: int32 type: integer @@ -6649,6 +6759,7 @@ spec: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -6660,6 +6771,7 @@ spec: has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. + If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -6720,6 +6832,23 @@ spec: claims type: string type: object + vaultIntegration: + description: Vault represents the Vault configuration for enabling + secret injection. + properties: + address: + description: Vault Address + type: string + enable: + description: Enable vault support + type: boolean + role: + description: Vault Role + type: string + secretPath: + description: Vault secret path + type: string + type: object volumes: description: List of one or more Kubernetes volumes. These will be mounted in all pod containers as as /mnt/ @@ -6739,6 +6868,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -6853,6 +6983,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6891,6 +7022,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6958,6 +7090,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap or its @@ -6993,6 +7126,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7128,6 +7262,7 @@ spec: The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. + Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity @@ -7138,14 +7273,17 @@ spec: information on the connection between this volume type and PersistentVolumeClaim). + Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. + A pod can use both types of ephemeral volumes and persistent volumes at the same time. properties: @@ -7159,6 +7297,7 @@ spec: entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). + An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until @@ -7168,9 +7307,11 @@ spec: this should not be necessary, but it may be useful when manually reconstructing a broken cluster. + This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. + Required, must not be nil. properties: metadata: @@ -7286,9 +7427,11 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. items: description: ResourceClaim references one @@ -7407,6 +7550,7 @@ spec: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from compromising the machine type: string lun: description: 'lun is Optional: FC target lun number' @@ -7469,6 +7613,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7502,6 +7647,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -7582,6 +7728,9 @@ spec: used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- + TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + mount host directories as read/write. properties: path: description: |- @@ -7618,6 +7767,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from compromising the machine type: string initiatorName: description: |- @@ -7657,6 +7807,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7824,6 +7975,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap @@ -7956,6 +8108,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional field specify whether the @@ -8044,6 +8197,7 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from compromising the machine type: string image: description: |- @@ -8086,6 +8240,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -8132,6 +8287,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -8249,6 +8405,7 @@ spec: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -8444,7 +8601,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -8456,8 +8613,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array @@ -8710,7 +8868,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -8722,8 +8880,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index 7a400f81d..fa36d8a21 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -124,7 +124,7 @@ patches: - name: WATCH_NAMESPACE value: WATCH_NAMESPACE_VALUE - name: RELATED_IMAGE_SPLUNK_ENTERPRISE - value: docker.io/splunk/splunk:9.3.0 + value: SPLUNK_ENTERPRISE_IMAGE - name: OPERATOR_NAME value: splunk-operator - name: POD_NAME diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index b39b90808..77d1ddfac 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -17,4 +17,4 @@ kind: Kustomization images: - name: controller newName: docker.io/splunk/splunk-operator - newTag: 2.6.1 + newTag: 2.7.0 diff --git a/config/manifests/bases/splunk-operator.clusterserviceversion.yaml b/config/manifests/bases/splunk-operator.clusterserviceversion.yaml index dffc35db6..982f37b9f 100644 --- a/config/manifests/bases/splunk-operator.clusterserviceversion.yaml +++ b/config/manifests/bases/splunk-operator.clusterserviceversion.yaml @@ -12,7 +12,7 @@ metadata: administrative workflows using Kubernetes best practices. olm.properties: '[{"type": "olm.maxOpenShiftVersion", "value": "4.15"}]' repository: https://github.com/splunk/splunk-operator - name: splunk-operator.v2.6.1 + name: splunk-operator.v2.7.0 namespace: placeholder spec: apiservicedefinitions: {} @@ -274,5 +274,5 @@ spec: provider: name: Splunk Inc. url: www.splunk.com - replaces: splunk-operator.v2.6.0 - version: 2.6.1 + replaces: splunk-operator.v2.6.1 + version: 2.7.0 diff --git a/docs/AppFramework.md b/docs/AppFramework.md index f7fad5910..b1d124d74 100644 --- a/docs/AppFramework.md +++ b/docs/AppFramework.md @@ -7,9 +7,10 @@ The Splunk Operator provides support for Splunk app and add-on deployment using Utilizing the App Framework requires one of the following remote storage providers: * An Amazon S3 or S3-API-compliant remote object storage location * Azure blob storage + * GCP Cloud Storage ### Prerequisites common to both remote storage providers -* The App framework requires read-only access to the path used to host the apps. DO NOT give any other access to the operator to maintain the integrity of data in S3 bucket or Azure blob container. +* The App framework requires read-only access to the path used to host the apps. DO NOT give any other access to the operator to maintain the integrity of data in S3 bucket , Azure blob container or GCP bucket. * Splunk apps and add-ons in a .tgz or .spl archive format. * Connections to the remote object storage endpoint need to be secured using a minimum version of TLS 1.2. * A persistent storage volume and path for the Operator Pod. See [Add a persistent storage volume to the Operator pod](#add-a-persistent-storage-volume-to-the-operator-pod). @@ -23,6 +24,24 @@ Utilizing the App Framework requires one of the following remote storage provide * The remote object storage credentials provided as a kubernetes secret. * OR, Use "Managed Indentity" role assigment to the Azure blob container. See [Setup Azure bob access with Managed Indentity](#setup-azure-bob-access-with-managed-indentity) +### Prerequisites for GCP bucket based remote object storage +To use GCP storage in the App Framework, follow these setup requirements: + +### Role & Role Binding for Access: +Create a role and role-binding for the splunk-operator service account. This allows read-only access to the GCP bucket to retrieve Splunk apps. Access should be limited to read-only for the security of data within the GCP bucket. + +### Credentials via Kubernetes Secret or Workload Identity: +Configure credentials through either a Kubernetes secret (e.g., storing a GCP service account key in key.json) or use Workload Identity for secure access: + +* **Kubernetes Secret**: Create a Kubernetes secret using the service account JSON key file for GCP access. +* **Workload Identity**: Use Workload Identity to associate the Kubernetes service account used by the Splunk Operator with a GCP service account that has the Storage Object Viewer IAM role for the required bucket. + +## Example for creating the secret + +```shell +kubectl create secret generic gcs-secret --from-file=key.json=path/to/your-service-account-key.json +``` + Splunk apps and add-ons deployed or installed outside of the App Framework are not managed, and are unsupported. Note: For the App Framework to detect that an app or add-on had changed, the updated app must use the same archive file name as the previously deployed one. @@ -47,12 +66,16 @@ In this example, you'll deploy a Standalone CR with a remote storage volume, the * Configuring an IAM through "Managed Indentity" role assigment to give read access for your bucket (azure blob container). For more details see [Setup Azure bob access with Managed Indentity](#setup-azure-bob-access-with-managed-indentity) * Or, create a Kubernetes Secret Object with the static storage credentials. * Example: `kubectl create secret generic azureblob-secret --from-literal=azure_sa_name=mystorageaccount --from-literal=azure_sa_secret_key=wJalrXUtnFEMI/K7MDENG/EXAMPLE_AZURE_SHARED_ACCESS_KEY` - + * GCP bucket: + * Configure credentials through either a Kubernetes secret (e.g., storing a GCP service account key in key.json) or use Workload Identity for secure access: + * Kubernetes Secret: Create a Kubernetes secret using the service account JSON key file for GCP access. + * Example: `kubectl create secret generic gcs-secret --from-file=key.json=path/to/your-service-account-key.json` + * Workload Identity: Use Workload Identity to associate the Kubernetes service account used by the Splunk Operator with a GCP service account that has the Storage Object Viewer IAM role for the required bucket. 3. Create unique folders on the remote storage volume to use as App Source locations. * An App Source is a folder on the remote storage volume containing a select subset of Splunk apps and add-ons. In this example, the network and authentication Splunk Apps are split into different folders and named `networkApps` and `authApps`. 4. Copy your Splunk App or Add-on archive files to the App Source. - * In this example, the Splunk Apps are located at `bucket-app-framework/Standalone-us/networkAppsLoc/` and `bucket-app-framework/Standalone-us/authAppsLoc/`, and are both accessible through the end point `https://s3-us-west-2.amazonaws.com` for s3 and https://mystorageaccount.blob.core.windows.net for azure blob. + * In this example, the Splunk Apps are located at `bucket-app-framework/Standalone-us/networkAppsLoc/` and `bucket-app-framework/Standalone-us/authAppsLoc/`, and are both accessible through the end point `https://s3-us-west-2.amazonaws.com` for s3, https://mystorageaccount.blob.core.windows.net for azure blob and https://storage.googleapis.com for GCP bucket. 5. Update the standalone CR specification and append the volume, App Source configuration, and scope. * The scope determines where the apps and add-ons are placed into the Splunk Enterprise instance. For CRs where the Splunk Enterprise instance will run the apps locally, set the `scope: local ` The Standalone, Monitoring Console and License Manager CRs always use a local scope. @@ -118,6 +141,36 @@ spec: secretRef: azureblob-secret ``` +Example using GCP blob: Standalone.yaml + +```yaml +apiVersion: enterprise.splunk.com/v4 +kind: Standalone +metadata: + name: stdln + finalizers: + - enterprise.splunk.com/delete-pvc +spec: + replicas: 1 + appRepo: + appsRepoPollIntervalSeconds: 600 + defaults: + volumeName: volume_app_repo + scope: local + appSources: + - name: networkApps + location: networkAppsLoc/ + - name: authApps + location: authAppsLoc/ + volumes: + - name: volume_app_repo + storageType: gcs + provider: gcp + path: bucket-app-framework/Standalone-us/ + endpoint: https://storage.googleapis.com + secretRef: gcs-secret +``` + 6. Apply the Custom Resource specification: `kubectl apply -f Standalone.yaml` The App Framework detects the Splunk app or add-on archive files available in the App Source locations, and deploys them to the standalone instance path for local use. @@ -143,13 +196,19 @@ This example describes the installation of apps on an Indexer Cluster and Cluste * Configuring an IAM through "Managed Indentity" role assigment to give read access for your bucket (azure blob container). For more details see [Setup Azure bob access with Managed Indentity](#setup-azure-bob-access-with-managed-indentity) * Or, create a Kubernetes Secret Object with the static storage credentials. * Example: `kubectl create secret generic azureblob-secret --from-literal=azure_sa_name=mystorageaccount --from-literal=azure_sa_secret_key=wJalrXUtnFEMI/K7MDENG/EXAMPLE_AZURE_SHARED_ACCESS_KEY` + * GCP bucket: + * Configure credentials through either a Kubernetes secret (e.g., storing a GCP service account key in key.json) or use Workload Identity for secure access: + * Kubernetes Secret: Create a Kubernetes secret using the service account JSON key file for GCP access. + * Example: `kubectl create secret generic gcs-secret --from-file=key.json=path/to/your-service-account-key.json` + * Workload Identity: Use Workload Identity to associate the Kubernetes service account used by the Splunk Operator with a GCP service account that has the Storage Object Viewer IAM role for the required bucket. 3. Create unique folders on the remote storage volume to use as App Source locations. * An App Source is a folder on the remote storage volume containing a select subset of Splunk apps and add-ons. In this example, there are Splunk apps installed and run locally on the cluster manager, and select apps that will be distributed to all cluster peers by the cluster manager. * The apps are split across three folders named `networkApps`, `clusterBase`, and `adminApps`. The apps placed into `networkApps` and `clusterBase` are distributed to the cluster peers, but the apps in `adminApps` are for local use on the cluster manager instance only. 4. Copy your Splunk app or add-on archive files to the App Source. - * In this example, the Splunk apps for the cluster peers are located at `bucket-app-framework/idxcAndCmApps/networkAppsLoc/`, `bucket-app-framework/idxcAndCmApps/clusterBaseLoc/`, and the apps for the cluster manager are located at`bucket-app-framework/idxcAndCmApps/adminAppsLoc/`. They are all accessible through the end point `https://s3-us-west-2.amazonaws.com` for s3 and https://mystorageaccount.blob.core.windows.net for azure blob. + * In this example, the Splunk apps for the cluster peers are located at `bucket-app-framework/idxcAndCmApps/networkAppsLoc/`, `bucket-app-framework/idxcAndCmApps/clusterBaseLoc/`, and the apps for the cluster manager are located at`bucket-app-framework/idxcAndCmApps/adminAppsLoc/`. They are all accessible through the end point `https://s3-us-west-2.amazonaws.com` for s3, https://mystorageaccount.blob.core.windows.net for azure blob and https://storage.googleapis.com for GCP bucket. + 5. Update the ClusterManager CR specification and append the volume, App Source configuration, and scope. * The scope determines where the apps and add-ons are placed into the Splunk Enterprise instance. For CRs where the Splunk Enterprise instance will deploy the apps to cluster peers, set the `scope: cluster`. The ClusterManager and SearchHeadCluster CRs support both cluster and local scopes. @@ -219,6 +278,38 @@ spec: endpoint: https://mystorageaccount.blob.core.windows.net secretRef: azureblob-secret ``` + +Example using GCP Bucket: ClusterManager.yaml +```yaml +apiVersion: enterprise.splunk.com/v4 +kind: ClusterManager +metadata: + name: cm + finalizers: + - enterprise.splunk.com/delete-pvc +spec: + appRepo: + appsRepoPollIntervalSeconds: 900 + defaults: + volumeName: volume_app_repo_us + scope: cluster + appSources: + - name: networkApps + location: networkAppsLoc/ + - name: clusterBase + location: clusterBaseLoc/ + - name: adminApps + location: adminAppsLoc/ + scope: local + volumes: + - name: volume_app_repo_us + storageType: gcs + provider: gcp + path: bucket-app-framework/idxcAndCmApps/ + endpoint: https://storage.googleapis.com + secretRef: gcs-secret +``` + 6. Apply the Custom Resource specification: `kubectl apply -f ClusterManager.yaml` The App Framework detects the Splunk app or add-on archive files available in the App Source locations, and deploys the apps from the `adminApps` folder to the cluster manager instance for local use. @@ -248,6 +339,11 @@ This example describes the installation of apps on the Deployer and the Search H * Configuring an IAM through "Managed Indentity" role assigment to give read access for your bucket (azure blob container). For more details see [Setup Azure bob access with Managed Indentity](#setup-azure-bob-access-with-managed-indentity) * Or, create a Kubernetes Secret Object with the static storage credentials. * Example: `kubectl create secret generic azureblob-secret --from-literal=azure_sa_name=mystorageaccount --from-literal=azure_sa_secret_key=wJalrXUtnFEMI/K7MDENG/EXAMPLE_AZURE_SHARED_ACCESS_KEY` + * GCP bucket: + * Configure credentials through either a Kubernetes secret (e.g., storing a GCP service account key in key.json) or use Workload Identity for secure access: + * Kubernetes Secret: Create a Kubernetes secret using the service account JSON key file for GCP access. + * Example: `kubectl create secret generic gcs-secret --from-file=key.json=path/to/your-service-account-key.json` + * Workload Identity: Use Workload Identity to associate the Kubernetes service account used by the Splunk Operator with a GCP service account that has the Storage Object Viewer IAM role for the required bucket. 3. Create unique folders on the remote storage volume to use as App Source locations. @@ -255,7 +351,7 @@ This example describes the installation of apps on the Deployer and the Search H * The apps are split across three folders named `searchApps`, `machineLearningApps` and `adminApps`. The apps placed into `searchApps` and `machineLearningApps` are distributed to the search heads, but the apps in `adminApps` are for local use on the Deployer instance only. 4. Copy your Splunk app or add-on archive files to the App Source. - * In this example, the Splunk apps for the search heads are located at `bucket-app-framework/shcLoc-us/searchAppsLoc/`, `bucket-app-framework/shcLoc-us/machineLearningAppsLoc/`, and the apps for the Deployer are located at `bucket-app-framework/shcLoc-us/adminAppsLoc/`. They are all accessible through the end point `https://s3-us-west-2.amazonaws.com` for s3 and https://mystorageaccount.blob.core.windows.net for azure blob. + * In this example, the Splunk apps for the search heads are located at `bucket-app-framework/shcLoc-us/searchAppsLoc/`, `bucket-app-framework/shcLoc-us/machineLearningAppsLoc/`, and the apps for the Deployer are located at `bucket-app-framework/shcLoc-us/adminAppsLoc/`. They are all accessible through the end point `https://s3-us-west-2.amazonaws.com` for s3, https://mystorageaccount.blob.core.windows.net for azure blob and and https://storage.googleapis.com for GCP bucket. 5. Update the SearchHeadCluster CR specification, and append the volume, App Source configuration, and scope. * The scope determines where the apps and add-ons are placed into the Splunk Enterprise instance. @@ -328,6 +424,40 @@ spec: endpoint: https://mystorageaccount.blob.core.windows.net secretRef: azureblob-secret ``` + +Example using GCP bucket: SearchHeadCluster.yaml + +```yaml +apiVersion: enterprise.splunk.com/v4 +kind: SearchHeadCluster +metadata: + name: shc + finalizers: + - enterprise.splunk.com/delete-pvc +spec: + appRepo: + appsRepoPollIntervalSeconds: 900 + defaults: + volumeName: volume_app_repo_us + scope: cluster + appSources: + - name: networkApps + location: networkAppsLoc/ + - name: clusterBase + location: clusterBaseLoc/ + - name: adminApps + location: adminAppsLoc/ + scope: local + volumes: + - name: volume_app_repo_us + storageType: gcs + provider: gcp + path: bucket-app-framework/idxcAndCmApps/ + endpoint: https://storage.googleapis.com + secretRef: gcs-secret + +``` + 6. Apply the Custom Resource specification: `kubectl apply -f SearchHeadCluster.yaml` The App Framework detects the Splunk app or add-on archive files available in the App Source locations, and deploys the apps from the `adminApps` folder to the Deployer instance for local use. @@ -438,7 +568,7 @@ Here is a typical App framework configuration in a Custom Resource definition: * `name` uniquely identifies the remote storage volume name within a CR. This is used by the Operator to identify the local volume. * `storageType` describes the type of remote storage. Currently, `s3`, `blob` are the supported storage type. -* `provider` describes the remote storage provider. Currently, `aws`, `minio` and `azure` are the supported providers. Use `s3` with `aws` or `minio` and use `blob` with `azure`. +* `provider` describes the remote storage provider. Currently, `aws`, `minio` `gcp` and `azure` are the supported providers. Use `s3` with `aws` or `minio`, use `blob` with `azure` or `gcp` * `endpoint` describes the URI/URL of the remote storage endpoint that hosts the apps. * `secretRef` refers to the K8s secret object containing the static remote storage access key. This parameter is not required if using IAM role based credentials. * `path` describes the path (including the folder) of one or more app sources on the remote store. @@ -542,7 +672,7 @@ spec: serviceAccountName: splunk-operator containers: - name: splunk-operator - image: "docker.io/splunk/splunk-operator:2.6.1" + image: "docker.io/splunk/splunk-operator:2.7.0" volumeMounts: - mountPath: /opt/splunk/appframework/ name: app-staging @@ -559,7 +689,7 @@ spec: - name: OPERATOR_NAME value: "splunk-operator" - name: RELATED_IMAGE_SPLUNK_ENTERPRISE - value: "docker.io/splunk/splunk:9.1.3" + value: "docker.io/splunk/splunk:9.3.2" volumes: - name: app-staging @@ -622,91 +752,843 @@ The App Framework does not preview, analyze, verify versions, or enable Splunk A 2. The App Framework defines one worker per CR type. For example, if you have multiple clusters receiveing app updates, a delay while managing one cluster will delay the app updates to the other cluster. -## Setup Azure bob access with Managed Indentity +## Setup Azure Blob Access with Managed Identity -Azure Managed identities can be used to provide IAM access to the blobs. With managed identities, the AKS nodes, that host the pods, can retrieve a OAuth token that provides authorization for the Splunk operator pod to read the app packages stored in the Azure Storage account. The key point here is that the AKS node is associated with a Managed Identity and this managed identity is given a `role` for read access called `Storage Blob Data Reader` to the azure storage account. +Azure Managed Identities can be used to provide IAM access to the blobs. With managed identities, the AKS nodes that host the pods can retrieve an OAuth token that provides authorization for the Splunk Operator pod to read the app packages stored in the Azure Storage account. The key point here is that the AKS node is associated with a Managed Identity, and this managed identity is given a `role` for read access called `Storage Blob Data Reader` to the Azure Storage account. -Here are the steps showing an example of assiging managed identity: +### **Assumptions:** -*Assumptions:* +- Familiarize yourself with [AKS managed identity concepts](https://learn.microsoft.com/en-us/azure/aks/use-managed-identity) +- The names used below, such as resource-group name and AKS cluster name, are for example purposes only. Please change them to the values as per your setup. +- These steps cover creating a resource group and AKS cluster; you can skip them if you already have them created. -Familiarize yourself with [AKS managed identity concepts](https://learn.microsoft.com/en-us/azure/aks/use-managed-identity) +### **Steps to Assign Managed Identity:** -The names used below, such as resource-group name and AKS cluster name, are for examples purpose, please change them to the values as per your setup. +1. **Create an Azure Resource Group** -These steps cover creating resource group and AKS cluster also but you can skip them if you already have them created. + ```bash + az group create --name splunkOperatorResourceGroup --location westus2 + ``` -1. Create an Azure resource group +2. **Create AKS Cluster with Managed Identity Enabled** -``` -az group create --name splunkOperatorResourceGroup --location westus2 -``` + ```bash + az aks create -g splunkOperatorResourceGroup -n splunkOperatorCluster --enable-managed-identity + ``` -2. Create AKS Cluster +3. **Get Credentials to Access Cluster** -``` -az aks create -g splunkOperatorResourceGroup -n splunkOperatorCluster --enable-managed-identity -``` + ```bash + az aks get-credentials --resource-group splunkOperatorResourceGroup --name splunkOperatorCluster + ``` -3. Get credentials to access cluster -``` -az aks get-credentials --resource-group splunkOperatorResourceGroup --name splunkOperatorCluster -``` -4. Get the Kubelet user managed identity +4. **Get the Kubelet User Managed Identity** -Run -``` -$ az identity list -``` + Run: -Find the section that has -agentpool under name + ```bash + az identity list + ``` -That is look for the block that contains "name": "splunkOperatorCluster-agentpool" + Find the section that has `-agentpool` under `name`. For example, look for the block that contains: -``` -{ -"clientId": "a5890776-24e6-4f5b-9b6c-**************", -"id": "/subscriptions/f428689e-c379-4712--**************",/resourcegroups/MC_splunkOperatorResourceGroup_splunkOperatorCluster_westus2/providers/Microsoft.ManagedIdentity/userAssignedIdentities/splunkOperatorCluster-agentpool", -"location": "westus2", -"name": "splunkOperatorCluster-agentpool", -"principalId": "f0f04120-6a36-49bc--**************",", -"resourceGroup": "MC_splunkOperatorResourceGroup_splunkOperatorCluster_westus2", -"tags": {}, -"tenantId": "8add7810-b62a--**************",", -"type": "Microsoft.ManagedIdentity/userAssignedIdentities" -} -``` + ```json + { + "clientId": "a5890776-24e6-4f5b-9b6c-**************", + "id": "/subscriptions//resourceGroups/MC_splunkOperatorResourceGroup_splunkOperatorCluster_westus2/providers/Microsoft.ManagedIdentity/userAssignedIdentities/splunkOperatorCluster-agentpool", + "location": "westus2", + "name": "splunkOperatorCluster-agentpool", + "principalId": "f0f04120-6a36-49bc--**************", + "resourceGroup": "MC_splunkOperatorResourceGroup_splunkOperatorCluster_westus2", + "tags": {}, + "tenantId": "8add7810-b62a--**************", + "type": "Microsoft.ManagedIdentity/userAssignedIdentities" + } + ``` -Extract the principalId value from the outout above. Or you can use the following command to get the principalId -``` -$ az identity show --name --resource-group "" --query 'principalId' --output tsv -``` -Example: -``` -$ principalId=$(az identity show --name splunkOperatorCluster-agentpool --resource-group "MC_splunkOperatorResourceGroup_splunkOperatorCluster_westus2" --query 'principalId' --output tsv) -$ echo $principalId -``` -f0f04120-6a36-49bc--************** + Extract the `principalId` value from the output above. Alternatively, use the following command to get the `principalId`: -5. Assign read access for Kubelet user managed identity to the storage account + ```bash + az identity show --name --resource-group "" --query 'principalId' --output tsv + ``` -Use the `principalId` from the above section and assign it to the storage account -``` -az role assignment create --assignee "" --role 'Storage Blob Data Reader' --scope /subscriptions//resourceGroups//providers/Microsoft.Storage/storageAccounts/ -``` -For my example, if is splunkOperatorResourceGroup + **Example:** -and is mystorageaccount then the command would be: -``` -$ az role assignment create --assignee "f0f04120-6a36-49bc--**************" --role 'Storage Blob Data Reader' --scope /subscriptions/f428689e-c379-4712--**************/resourceGroups/splunkOperatorResourceGroup/providers/Microsoft.Storage/storageAccounts/mystorageaccount -``` -After this command, you can use App framework for Azure blob without secrets. + ```bash + principalId=$(az identity show --name splunkOperatorCluster-agentpool --resource-group "MC_splunkOperatorResourceGroup_splunkOperatorCluster_westus2" --query 'principalId' --output tsv) + echo $principalId + ``` + + Output: + + ``` + f0f04120-6a36-49bc--************** + ``` + +5. **Assign Read Access for Kubelet User Managed Identity to the Storage Account** + + Use the `principalId` from the above section and assign it to the storage account: + + ```bash + az role assignment create --assignee "" --role 'Storage Blob Data Reader' --scope /subscriptions//resourceGroups//providers/Microsoft.Storage/storageAccounts/ + ``` + + **For Example:** + + If `` is `splunkOperatorResourceGroup` and `` is `mystorageaccount`, the command would be: + + ```bash + az role assignment create --assignee "f0f04120-6a36-49bc--**************" --role 'Storage Blob Data Reader' --scope /subscriptions/f428689e-c379-4712--**************/resourceGroups/splunkOperatorResourceGroup/providers/Microsoft.Storage/storageAccounts/mystorageaccount + ``` + + After this command, you can use the App Framework for Azure Blob without secrets. + +### **Azure Blob Authorization Recommendations:** + +- **Granular Access:** Azure allows **"Managed Identities"** assignment at the **"storage accounts"** level as well as at specific containers (buckets) levels. A managed identity assigned read permissions at a storage account level will have read access for all containers within that storage account. As a good security practice, assign the managed identity to only the specific containers it needs to access, rather than the entire storage account. + +- **Avoid Shared Access Keys:** In contrast to **"Managed Identities"**, Azure allows **"shared access keys"** configurable only at the storage accounts level. When using the `secretRef` configuration in the CRD, the underlying secret key will allow both read and write access to the storage account (and all containers within it). Based on your security needs, consider using "Managed Identities" instead of secrets. Additionally, there's no automated way to rotate the secret key, so if you're using these keys, rotate them regularly (e.g., every 90 days). + +--- -Azure Blob Authorization Recommendations: +## Setup Azure Blob Access with Azure Workload Identity -Azure allows "Managed Identities" assignment at the "storage accounts" level as well as at specific buckets levels. A managed identity that is assigned read permissions at a storage account level will have read access for all the buckets within that storage account. As a good security practice, you should assign the managed identity to only the specific buckets and not to the whole storage account. +Azure Workload Identity provides a Kubernetes-native approach to authenticate workloads running in your cluster to Azure services, such as Azure Blob Storage, without managing credentials manually. This section outlines how to set up Azure Workload Identity to securely access Azure Blob Storage from the Splunk Operator running on AKS. -In contrast to "Managed Identities", Azure allows the "shared access keys" configurable only at the storage accounts level. When using the "secretRef" configuration in the CRD, the underlying secret key will allow both read and write access to the storage account (and all the buckets within it). So, based on your security needs, you may want to consider using "Managed Identities" instead of secrets. Also note that there isn't an automated way of rotating the secret key, so in case you are using these keys, please rotate them at regular intervals of times such as 90 days interval. +### **Assumptions:** + +- Familiarize yourself with [Azure AD Workload Identity concepts](https://learn.microsoft.com/en-us/azure/active-directory/workload-identity/overview) +- The names used below, such as resource-group name and AKS cluster name, are for example purposes only. Please change them to the values as per your setup. +- These steps cover creating a resource group and AKS cluster with Azure Workload Identity enabled; skip if already created. + +### **Steps to Assign Azure Workload Identity:** + +1. **Create an Azure Resource Group** + + ```bash + az group create --name splunkOperatorWorkloadIdentityRG --location westus2 + ``` + +2. **Create AKS Cluster with Azure Workload Identity Enabled** + + ```bash + az aks create -g splunkOperatorWorkloadIdentityRG -n splunkOperatorWICluster --enable-oidc-issuer --enable-managed-identity + ``` + + **Parameters:** + - `--enable-oidc-issuer`: Enables the OIDC issuer required for Workload Identity. + - `--enable-managed-identity`: Enables Managed Identity for the cluster. + +3. **Get Credentials to Access Cluster** + + ```bash + az aks get-credentials --resource-group splunkOperatorWorkloadIdentityRG --name splunkOperatorWICluster + ``` + +4. **Install Azure AD Workload Identity in Kubernetes** + + Azure AD Workload Identity requires installing specific components into your Kubernetes cluster. + + **Using Helm:** + + ```bash + helm repo add azure-workload-identity https://azure.github.io/azure-workload-identity/charts + helm repo update + + # Create a namespace for workload identity (optional but recommended) + kubectl create namespace workload-identity-system + + # Install the Azure Workload Identity Helm chart + helm install azure-workload-identity azure-workload-identity/azure-workload-identity \ + --namespace workload-identity-system \ + --set azureIdentityBindingSelector="splunk-operator" + ``` + + **Parameters:** + - `azureIdentityBindingSelector`: Selector used to bind `AzureIdentityBinding` resources to specific Kubernetes service accounts. In this case, it's set to `"splunk-operator"`. + +5. **Create a User-Assigned Managed Identity** + + ```bash + az identity create \ + --name splunkOperatorWIIdentity \ + --resource-group splunkOperatorWorkloadIdentityRG \ + --location westus2 + ``` + + **Retrieve Managed Identity Details:** + + ```bash + az identity show \ + --name splunkOperatorWIIdentity \ + --resource-group splunkOperatorWorkloadIdentityRG \ + --query "{clientId: clientId, principalId: principalId, id: id}" \ + --output json + ``` + + **Sample Output:** + + ```json + { + "clientId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", + "principalId": "yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy", + "id": "/subscriptions//resourceGroups/splunkOperatorWorkloadIdentityRG/providers/Microsoft.ManagedIdentity/userAssignedIdentities/splunkOperatorWIIdentity" + } + ``` + +6. **Assign the `Storage Blob Data Contributor` Role to the Managed Identity** + + ```bash + az role assignment create \ + --assignee \ + --role "Storage Blob Data Contributor" \ + --scope /subscriptions//resourceGroups//providers/Microsoft.Storage/storageAccounts/ + ``` + + **Example:** + + ```bash + az role assignment create \ + --assignee "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" \ + --role "Storage Blob Data Contributor" \ + --scope /subscriptions/f428689e-c379-4712--**************/resourceGroups/splunkOperatorResourceGroup/providers/Microsoft.Storage/storageAccounts/mystorageaccount + ``` + +7. **Create Kubernetes Service Account for Splunk Operator** + + Create a Kubernetes Service Account annotated to use Azure Workload Identity. + + ```yaml + # splunk-operator-wi-serviceaccount.yaml + + apiVersion: v1 + kind: ServiceAccount + metadata: + name: bucket-admin-test-wi + namespace: your-splunk-operator-namespace + labels: + azure.workload.identity/client-id: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx # clientId from the Managed Identity + ``` + + **Apply the Service Account:** + + ```bash + kubectl apply -f splunk-operator-wi-serviceaccount.yaml + ``` + +8. **Create AzureIdentity and AzureIdentityBinding Resources** + + These resources link the Kubernetes Service Account to the Azure Managed Identity. + + ```yaml + # azureidentity-wi.yaml + + apiVersion: workloadidentity.azure.com/v1alpha1 + kind: AzureIdentity + metadata: + name: splunkOperatorWIIdentity + namespace: workload-identity-system + spec: + type: 0 # 0 for User Assigned Managed Identity + resourceID: /subscriptions//resourceGroups/splunkOperatorWorkloadIdentityRG/providers/Microsoft.ManagedIdentity/userAssignedIdentities/splunkOperatorWIIdentity + clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx # clientId from the Managed Identity + ``` + + ```yaml + # azureidentitybinding-wi.yaml + + apiVersion: workloadidentity.azure.com/v1alpha1 + kind: AzureIdentityBinding + metadata: + name: splunkOperatorWIIdentityBinding + namespace: workload-identity-system + spec: + azureIdentity: splunkOperatorWIIdentity + selector: splunk-operator-wi + ``` + + **Apply the Resources:** + + ```bash + kubectl apply -f azureidentity-wi.yaml + kubectl apply -f azureidentitybinding-wi.yaml + ``` + +9. **Annotate Kubernetes Service Account to Use Workload Identity** + + Update the Splunk Operator Deployment to use the annotated Service Account. + + ```yaml + # splunk-operator-deployment-wi.yaml + + apiVersion: apps/v1 + kind: Deployment + metadata: + name: splunk-operator + namespace: your-splunk-operator-namespace + labels: + app: splunk-operator + spec: + replicas: 1 + selector: + matchLabels: + app: splunk-operator + template: + metadata: + labels: + app: splunk-operator + annotations: + azure.workload.identity/use: "true" + spec: + serviceAccountName: bucket-admin-test-wi + containers: + - name: splunk-operator + image: your-splunk-operator-image + # ... other configurations + ``` + + **Apply the Updated Deployment:** + + ```bash + kubectl apply -f splunk-operator-deployment-wi.yaml + ``` + +10. **Verify the Setup** + + - **Check Pod Annotations:** + + ```bash + kubectl get pods -n your-splunk-operator-namespace -o jsonpath='{.items[*].metadata.annotations}' + ``` + + You should see an annotation similar to: + + ```json + { + "azure.workload.identity/use": "true" + } + ``` + + - **Test Azure Blob Storage Access from the Pod:** + + ```bash + kubectl exec -it -n your-splunk-operator-namespace -- /bin/bash + ``` + + Inside the pod, use the Azure CLI or Azure SDK to list blobs: + + ```bash + az storage blob list --account-name mystorageaccount --container-name mycontainer --output table + ``` + + **Note:** Ensure that the Azure CLI is installed in the pod or use appropriate Azure SDK commands within your application code. + + - **Check Logs for Authentication Success:** + + ```bash + kubectl logs deployment/splunk-operator -n your-splunk-operator-namespace + ``` + + Look for log entries indicating successful authentication and blob storage access. + +### **Azure Workload Identity Authorization Recommendations:** + +- **Granular Role Assignments:** Assign the Managed Identity the least privilege necessary. Prefer roles like `Storage Blob Data Reader` at the container level instead of the entire storage account to minimize exposure. + +- **Avoid Shared Access Keys:** Similar to Managed Identities, avoid using shared access keys when possible. They grant broader access and require manual rotation. + +- **Secure Service Accounts:** Ensure that Kubernetes Service Accounts used with Workload Identity are restricted to only the necessary namespaces and roles. + +--- + +### **Azure Workload Identity Authorization Recommendations:** + +Azure Workload Identity allows you to assign IAM roles at more granular levels, enhancing security by limiting access only to the necessary resources. + +- **Granular Role Assignments:** Assign the Managed Identity the least privilege necessary. Prefer roles like `Storage Blob Data Reader` at the container level instead of the entire storage account to minimize exposure. + +- **Avoid Shared Access Keys:** Similar to Managed Identities, avoid using shared access keys when possible. They grant broader access and require manual rotation. + +- **Secure Service Accounts:** Ensure that Kubernetes Service Accounts used with Workload Identity are restricted to only the necessary namespaces and roles. + +### **Benefits of Using Azure Workload Identity:** + +- **Kubernetes-Native:** Seamlessly integrates with Kubernetes Service Accounts, allowing workloads to authenticate without managing secrets. + +- **Enhanced Security:** Eliminates the need to store credentials in pods or Kubernetes secrets, reducing the attack surface. + +- **Scalability:** Easily assign the same identity to multiple pods or workloads, simplifying management. + +### **Comparison Between Managed Identity and Workload Identity:** + +| Feature | Managed Identity | Workload Identity | +|-----------------------------|--------------------------------------------------|-----------------------------------------------------| +| **Scope** | Tied to the Azure resource (e.g., AKS node) | Tied to Kubernetes Service Accounts | +| **Credential Management** | Azure manages credentials | Kubernetes manages Service Account credentials | +| **Flexibility** | Limited to Azure resources | More flexible, integrates with Kubernetes-native identities | +| **Granularity** | Role assignments at Azure resource level | Role assignments at Kubernetes namespace or service account level | +| **Use Cases** | Simple scenarios where workloads share identities | Complex scenarios requiring granular access controls | + +### **When to Use Which:** + +- **Managed Identity:** Suitable for scenarios where workloads are tightly coupled with specific Azure resources and require straightforward IAM access. + +- **Workload Identity:** Ideal for Kubernetes-native environments where fine-grained access control and integration with Kubernetes Service Accounts are essential. + + + + + +## Setup Google Cloud Storage Access for App Framework + +The Splunk Operator requires access to Google Cloud Storage (GCS) buckets to retrieve app packages and add-ons. You can configure this access using one of the following two methods: + +1. **Using a Kubernetes Secret with a GCP Service Account JSON Key File** +2. **Using Workload Identity for Secure Access Without Service Account Keys** + +### **Prerequisites** + +Before proceeding, ensure you have the following: + +- **Google Cloud Platform (GCP) Account**: Access to a GCP project with permissions to create and manage service accounts and IAM roles. +- **Kubernetes Cluster**: A running Kubernetes cluster (e.g., GKE) with `kubectl` configured. +- **Splunk Operator Installed**: The Splunk Operator should be installed and running in your Kubernetes cluster. +- **Google Cloud SDK (`gcloud`)**: Installed and authenticated with your GCP account. [Install Google Cloud SDK](https://cloud.google.com/sdk/docs/install) + +--- + +## Option 1: Using a Kubernetes Secret for GCP Access + + +### Setup Google Cloud Storage Access for App Framework +The Splunk Operator requires access to Google Cloud Storage (GCS) buckets to retrieve app packages and add-ons. You can configure this access using one of the following two methods: + +1. Using a Kubernetes Secret with a GCP Service Account JSON Key File +2. Using Workload Identity for Secure Access Without Service Account Keys + +### Prerequisites +Before proceeding, ensure you have the following: + +- Google Cloud Platform (GCP) Account: Access to a GCP project with permissions to create and manage service accounts and IAM roles. +- Kubernetes Cluster: A running Kubernetes cluster (e.g., GKE) with kubectl configured. +- Splunk Operator Installed: The Splunk Operator should be installed and running in your Kubernetes cluster. +- Google Cloud SDK (gcloud): Installed and authenticated with your GCP account. Install Google Cloud SDK + +### Option 1: Using a Kubernetes Secret for GCP Access + +This method involves creating a Kubernetes Secret that stores a GCP service account JSON key file. The Splunk Operator will use this secret to authenticate and access the GCS bucket. + +#### **Steps to Configure Access Using a Kubernetes Secret** + +1. **Create a GCP Service Account** + + - **Navigate to GCP Console**: + - Go to the [Google Cloud Console](https://console.cloud.google.com/). + + - **Create Service Account**: + - Navigate to **IAM & Admin > Service Accounts**. + - Click **Create Service Account**. + - **Service Account Details**: + - **Name**: `splunk-app-framework-sa` + - **Description**: (Optional) e.g., `Service account for Splunk Operator to access GCS buckets` + - Click **Create and Continue**. + + - **Grant Service Account Permissions**: + - Assign the **Storage Object Viewer** role to grant read access to the required GCS buckets. + - Click **Done**. + +2. **Download the Service Account Key** + + - **Locate the Service Account**: + - In the **Service Accounts** page, find `splunk-app-framework-sa`. + + - **Generate Key**: + - Click on **Actions (⋮) > Manage Keys**. + - Click **Add Key > Create New Key**. + - **Key Type**: Select **JSON**. + - Click **Create**. + - A JSON key file (`splunk-app-framework-sa-key.json`) will be downloaded. **Store this file securely**, as it contains sensitive credentials. + +3. **Create a Kubernetes Secret** + + - **Upload the Service Account Key as a Secret**: + - Use the downloaded JSON key file to create a Kubernetes Secret in the namespace where the Splunk Operator is installed (e.g., `splunk-operator`). + + ```bash + kubectl create secret generic gcs-secret \ + --from-file=key.json=/path/to/splunk-app-framework-sa-key.json \ + -n splunk-operator + ``` + + - **Parameters**: + - `gcs-secret`: Name of the Kubernetes Secret. + - `/path/to/splunk-app-framework-sa-key.json`: Path to your downloaded JSON key file. + - `-n splunk-operator`: Namespace where the Splunk Operator is deployed. + +4. **Configure Splunk Operator to Use the Kubernetes Secret** + + - **Update Custom Resource Definition (CRD)**: + - Ensure that your Splunk Operator's CRD references the `gcs-secret` for GCS access. + + ```yaml + apiVersion: enterprise.splunk.com/v3 + kind: Standalone + metadata: + name: example-splunk-app + namespace: splunk-operator + spec: + appRepo: + appInstallPeriodSeconds: 90 + appSources: + - location: c3appfw-idxc-mj00 + name: appframework-idxc-clusterypt + premiumAppsProps: + esDefaults: {} + scope: cluster + volumeName: appframework-test-volume-idxc-k3r + appsRepoPollIntervalSeconds: 60 + defaults: + premiumAppsProps: + esDefaults: {} + scope: cluster + volumeName: appframework-test-volume-idxc-k3r + installMaxRetries: 2 + volumes: + - endpoint: https://storage.googleapis.com + name: appframework-test-volume-idxc-k3r + path: splk-integration-test-bucket + provider: gcp + region: "" + secretRef: splunk-s3-index-masterc3appfw-iwz-vzv + storageType: gcs + # ... other configurations + ``` + + - **Explanation of Key Fields**: + - **`secretRef`**: References the Kubernetes Secret (`gcs-secret`) created earlier, allowing the Splunk Operator to access the GCS bucket securely without embedding credentials directly in the CRD. + - **`endpoint`**: Specifies the GCS endpoint. + - **`path`**: Path to the GCS bucket (`splk-integration-test-bucket` in this example). + - **`provider`**: Specifies the cloud provider (`gcp` for Google Cloud Platform). + - **`storageType`**: Indicates the type of storage (`gcs` for Google Cloud Storage). + +5. **Deploy or Update Splunk Operator Resources** + + - **Apply the Updated CRD**: + + ```bash + kubectl apply -f splunk-app-crd.yaml + ``` + + - Replace `splunk-app-crd.yaml` with the path to your updated CRD file. + +6. **Verify the Configuration** + + - **Check Pods**: + + ```bash + kubectl get pods -n splunk-operator + ``` + + - Ensure that the Splunk Operator pods are running without errors. + + - **Inspect Logs**: + + ```bash + kubectl logs -n splunk-operator + ``` + + - Look for logs indicating successful access to the GCS bucket. + +#### **Security Recommendations** + +- **Least Privilege Principle**: + - Assign only the necessary roles to the service account. In this case, `Storage Object Viewer` grants read access. If write access is required, consider `Storage Object Admin`. + +- **Secure Storage of Keys**: + - Protect the JSON key file and the Kubernetes Secret to prevent unauthorized access. + +- **Regular Rotation of Keys**: + - Periodically rotate the service account keys to enhance security. + +--- + +### Option 2: Using Workload Identity for GCP Access + +Workload Identity allows Kubernetes workloads to authenticate to GCP services without the need for managing service account keys. This method leverages GCP's Workload Identity to securely bind Kubernetes service accounts to GCP service accounts. + +#### **Advantages of Using Workload Identity** + +- **Enhanced Security**: Eliminates the need to handle service account keys, reducing the risk of key leakage. +- **Simplified Management**: Simplifies the authentication process by integrating directly with Kubernetes service accounts. +- **Automatic Key Rotation**: GCP manages the credentials, including rotation, ensuring up-to-date security practices. + +#### **Steps to Configure Access Using Workload Identity** + +1. **Enable Workload Identity on Your GKE Cluster** + + - **Prerequisite**: Ensure your GKE cluster is created with Workload Identity enabled. If not, enable it during cluster creation or update an existing cluster. + + - **During Cluster Creation**: + + ```bash + gcloud container clusters create splunkOperatorWICluster \ + --resource-group splunkOperatorWorkloadIdentityRG \ + --workload-pool=.svc.id.goog \ + --enable-workload-identity + ``` + + - Replace `` with your GCP project ID. + + - **For Existing Clusters**: + + ```bash + gcloud container clusters update splunkOperatorWICluster \ + --resource-group splunkOperatorWorkloadIdentityRG \ + --workload-pool=.svc.id.goog + ``` + + - **Note**: Enabling Workload Identity on an existing cluster might require cluster reconfiguration and could lead to temporary downtime. + +2. **Create a GCP Service Account and Assign Permissions** + + - **Create Service Account**: + + ```bash + gcloud iam service-accounts create splunk-app-framework-sa \ + --display-name "Splunk App Framework Service Account" + ``` + + - **Grant Required Roles**: + + ```bash + gcloud projects add-iam-policy-binding \ + --member "serviceAccount:splunk-app-framework-sa@.iam.gserviceaccount.com" \ + --role "roles/storage.objectViewer" + ``` + + - Replace `` with your GCP project ID. + +3. **Create a Kubernetes Service Account** + + - **Define Service Account**: + + ```bash + kubectl create serviceaccount splunk-operator-sa \ + -n splunk-operator + ``` + + - **Parameters**: + - `splunk-operator-sa`: Name of the Kubernetes Service Account. + - `-n splunk-operator`: Namespace where the Splunk Operator is deployed. + +4. **Associate the GCP Service Account with the Kubernetes Service Account** + + - **Establish IAM Policy Binding**: + + ```bash + gcloud iam service-accounts add-iam-policy-binding splunk-app-framework-sa@.iam.gserviceaccount.com \ + --role roles/iam.workloadIdentityUser \ + --member "serviceAccount:.svc.id.goog[splunk-operator/splunk-operator-sa]" + ``` + + - **Parameters**: + - ``: Your GCP project ID. + - `splunk-operator`: Kubernetes namespace. + - `splunk-operator-sa`: Kubernetes Service Account name. + +5. **Annotate the Kubernetes Service Account** + + - **Add Annotation to Link Service Accounts**: + + ```bash + kubectl annotate serviceaccount splunk-operator-sa \ + --namespace splunk-operator \ + iam.gke.io/gcp-service-account=splunk-app-framework-sa@.iam.gserviceaccount.com + ``` + + - **Parameters**: + - `splunk-operator-sa`: Kubernetes Service Account name. + - `splunk-operator`: Kubernetes namespace. + - ``: Your GCP project ID. + +6. **Update Splunk Operator Deployment to Use the Annotated Service Account** + + - **Modify Deployment YAML**: + + Replace the existing deployment configuration with the following YAML to use the annotated Kubernetes Service Account (`splunk-operator-sa`): + + ```yaml + # splunk-operator-deployment-wi.yaml + + apiVersion: enterprise.splunk.com/v3 + kind: Standalone + metadata: + name: example-splunk-app + namespace: splunk-operator + spec: + serviceAccount: splunk-operator-sa + appRepo: + appInstallPeriodSeconds: 90 + appSources: + - location: c3appfw-idxc-mj00 + name: appframework-idxc-clusterypt + premiumAppsProps: + esDefaults: {} + scope: cluster + volumeName: appframework-test-volume-idxc-k3r + appsRepoPollIntervalSeconds: 60 + defaults: + premiumAppsProps: + esDefaults: {} + scope: cluster + volumeName: appframework-test-volume-idxc-k3r + installMaxRetries: 2 + volumes: + - endpoint: https://storage.googleapis.com + name: appframework-test-volume-idxc-k3r + path: splk-integration-test-bucket + provider: gcp + region: "" + storageType: gcs + # ... other configurations + ``` + + - **Explanation of Key Fields**: + - **`serviceAccount`**: References the Kubernetes Service Account (`splunk-operator-sa`) that is associated with the GCP Service Account via Workload Identity. + - **`endpoint`**: Specifies the GCS endpoint. + - **`path`**: Path to the GCS bucket (`splk-integration-test-bucket` in this example). + - **`provider`**: Specifies the cloud provider (`gcp` for Google Cloud Platform). + - **`storageType`**: Indicates the type of storage (`gcs` for Google Cloud Storage). + + - **Apply the Updated Deployment**: + + ```bash + kubectl apply -f splunk-operator-deployment-wi.yaml + ``` + +7. **Configure Splunk Operator to Use Workload Identity** + + - **Update Custom Resource Definition (CRD)**: + - Ensure that your Splunk Operator's CRD is configured to utilize the Kubernetes Service Account `splunk-operator-sa` for GCS access. + + ```yaml + apiVersion: enterprise.splunk.com/v3 + kind: Standalone + metadata: + name: example-splunk-app + namespace: splunk-operator + spec: + appRepo: + appInstallPeriodSeconds: 90 + appSources: + - location: c3appfw-idxc-mj00 + name: appframework-idxc-clusterypt + premiumAppsProps: + esDefaults: {} + scope: cluster + volumeName: appframework-test-volume-idxc-k3r + appsRepoPollIntervalSeconds: 60 + defaults: + premiumAppsProps: + esDefaults: {} + scope: cluster + volumeName: appframework-test-volume-idxc-k3r + installMaxRetries: 2 + volumes: + - endpoint: https://storage.googleapis.com + name: appframework-test-volume-idxc-k3r + path: splk-integration-test-bucket + provider: gcp + region: "" + serviceAccount: splunk-operator-sa + storageType: gcs + # ... other configurations + ``` + + - **Parameters**: + - `serviceAccount`: Name of the Kubernetes Service Account (`splunk-operator-sa`). + +8. **Verify the Configuration** + + - **Check Pods**: + + ```bash + kubectl get pods -n splunk-operator + ``` + + - Ensure that the Splunk Operator pods are running without errors. + + - **Inspect Logs**: + + ```bash + kubectl logs -n splunk-operator + ``` + + - Look for logs indicating successful access to the GCS bucket via Workload Identity. + +#### **Security Recommendations** + +- **Least Privilege Principle**: + - Assign only the necessary roles to the GCP Service Account. Here, `Storage Object Viewer` grants read access. If write access is required, consider `Storage Object Admin`. + +- **Secure Namespace Configuration**: + - Ensure that the Kubernetes Service Account (`splunk-operator-sa`) is restricted to the `splunk-operator` namespace to prevent unauthorized access. + +- **Regular Auditing**: + - Periodically review IAM roles and permissions to ensure that they adhere to the least privilege principle. + +- **Avoid Hardcoding Credentials**: + - With Workload Identity, there's no need to manage or store service account keys, enhancing security. + +--- + +### Comparison Between Service Account Keys and Workload Identity + +| Feature | Service Account Keys | Workload Identity | +|-----------------------------|-------------------------------------------------|-----------------------------------------------------| +| **Credential Management** | Requires handling and securely storing JSON keys.| Eliminates the need to manage credentials manually. | +| **Security** | Higher risk due to potential key leakage. | Enhanced security by using Kubernetes-native identities. | +| **Ease of Rotation** | Manual rotation of keys is necessary. | GCP manages credential rotation automatically. | +| **Granularity** | Access is tied to the service account key. | Fine-grained access control via Kubernetes Service Accounts. | +| **Integration Complexity** | Simpler to set up initially but harder to manage.| Requires additional setup but offers better security and manageability. | +| **Use Cases** | Suitable for simpler setups or legacy systems. | Ideal for Kubernetes-native environments requiring enhanced security. | + +#### **When to Use Which:** + +- **Service Account Keys**: + - Use when simplicity is a priority, and the security implications are manageable. + - Suitable for environments where Workload Identity is not supported or feasible. + +- **Workload Identity**: + - Preferable for Kubernetes-native deployments requiring robust security. + - Ideal for scenarios where automatic credential management and rotation are beneficial. + +--- + +### Best Practices for Google Cloud Storage Access + +1. **Adhere to the Least Privilege Principle**: + - Assign only the necessary roles to service accounts or Managed Identities to minimize security risks. + +2. **Use Workload Identity Where Possible**: + - Leverage Workload Identity for Kubernetes deployments to enhance security and simplify credential management. + +3. **Secure Namespace Configuration**: + - Limit Service Accounts to specific namespaces to prevent unauthorized access across the cluster. + +4. **Regularly Audit IAM Roles and Permissions**: + - Periodically review and adjust roles to ensure they align with current access requirements. + +5. **Monitor Access Logs**: + - Utilize GCP's logging and monitoring tools to track access patterns and detect any anomalies. + +6. **Automate Infrastructure as Code (IaC)**: + - Use tools like Terraform or Helm to manage service accounts, IAM roles, and Kubernetes configurations for consistency and repeatability. + +7. **Implement Network Security Controls**: + - Configure VPC Service Controls or firewall rules to restrict access to GCS buckets from authorized sources only. + +--- ## App Framework Troubleshooting diff --git a/docs/ChangeLog.md b/docs/ChangeLog.md index dd58b93a3..475016191 100644 --- a/docs/ChangeLog.md +++ b/docs/ChangeLog.md @@ -1,5 +1,39 @@ # Splunk Operator for Kubernetes Change Log +## 2.7.0 (2024-12-04) + +* This is the 2.7.0 release. The Splunk Operator for Kubernetes is a supported platform for deploying Splunk Enterprise with the prerequisites and constraints laid out [here](https://github.com/splunk/splunk-operator/blob/main/docs/README.md#prerequisites-for-the-splunk-operator) + +* CPSL-2699 - Add Azure and GCP SDK support for AppFramework + +* CSPL-3149 - Address openshift documentation for 4.14 or later + +* CSPL-3060 - Avoid upgrade path during deployment creation + +* CSPL-3058 - Build docker image using SHA instead of tag for redhat UBI + +* CSPL-3063 - Add an option to test SVA testing only via helm + +* CSPL-2496 - Cleanup AWS resources during cluster cleanup + +* CSPL-2887 - Update eksctl, K8s versions, default storage class + +* CSPL-2756 - Add documentation for PDB with SOK deployments + +* CSPL-2820 - Add Support for Configuring Custom Cluster Domain in Helm Chart + +### Supported Splunk Version + +>| Splunk Version| +>| --- | +>| 9.3.2 | + +### Supported Kubernetes Version + +>| Kubernetes Version| +>| --- | +>| 1.31+ | + ## 2.6.1 (2024-08-27) * This is the 2.6.1 release. The Splunk Operator for Kubernetes is a supported platform for deploying Splunk Enterprise with the prerequisites and constraints laid out [here](https://github.com/splunk/splunk-operator/blob/main/docs/README.md#prerequisites-for-the-splunk-operator) diff --git a/docs/Install.md b/docs/Install.md index 5c7b68f6d..ea831da8b 100644 --- a/docs/Install.md +++ b/docs/Install.md @@ -7,7 +7,7 @@ If you want to customize the installation of the Splunk Operator, download a copy of the installation YAML locally, and open it in your favorite editor. ``` -wget -O splunk-operator-cluster.yaml https://github.com/splunk/splunk-operator/releases/download/2.6.1/splunk-operator-cluster.yaml +wget -O splunk-operator-cluster.yaml https://github.com/splunk/splunk-operator/releases/download/2.7.0/splunk-operator-cluster.yaml ``` ## Default Installation @@ -17,7 +17,7 @@ Based on the file used Splunk Operator can be installed cluster-wide or namespac By installing `splunk-operator-cluster.yaml` Operator will watch all the namespaces of your cluster for splunk enterprise custom resources ``` -wget -O splunk-operator-cluster.yaml https://github.com/splunk/splunk-operator/releases/download/2.6.1/splunk-operator-cluster.yaml +wget -O splunk-operator-cluster.yaml https://github.com/splunk/splunk-operator/releases/download/2.7.0/splunk-operator-cluster.yaml kubectl apply -f splunk-operator-cluster.yaml ``` @@ -31,7 +31,7 @@ If Splunk Operator is installed clusterwide and user wants to manage multiple na - name: WATCH_NAMESPACE value: "namespace1,namespace2" - name: RELATED_IMAGE_SPLUNK_ENTERPRISE - value: splunk/splunk:9.1.3 + value: splunk/splunk:9.3.2 - name: OPERATOR_NAME value: splunk-operator - name: POD_NAME @@ -44,10 +44,10 @@ If Splunk Operator is installed clusterwide and user wants to manage multiple na ## Install operator to watch single namespace with restrictive permission -In order to install operator with restrictive permission to watch only single namespace use [splunk-operator-namespace.yaml](https://github.com/splunk/splunk-operator/releases/download/2.6.1/splunk-operator-namespace.yaml). This will create Role and Role-Binding to only watch single namespace. By default operator will be installed in `splunk-operator` namespace, user can edit the file to change the namespace. +In order to install operator with restrictive permission to watch only single namespace use [splunk-operator-namespace.yaml](https://github.com/splunk/splunk-operator/releases/download/2.7.0/splunk-operator-namespace.yaml). This will create Role and Role-Binding to only watch single namespace. By default operator will be installed in `splunk-operator` namespace, user can edit the file to change the namespace. ``` -wget -O splunk-operator-namespace.yaml https://github.com/splunk/splunk-operator/releases/download/2.6.1/splunk-operator-namespace.yaml +wget -O splunk-operator-namespace.yaml https://github.com/splunk/splunk-operator/releases/download/2.7.0/splunk-operator-namespace.yaml kubectl apply -f splunk-operator-namespace.yaml ``` @@ -68,7 +68,7 @@ If you are using a private registry for the Docker images, edit `deployment` `sp - name: WATCH_NAMESPACE value: "namespace1,namespace2" - name: RELATED_IMAGE_SPLUNK_ENTERPRISE - value: splunk/splunk:9.1.3 + value: splunk/splunk:9.3.2 - name: OPERATOR_NAME value: splunk-operator - name: POD_NAME diff --git a/docs/MultisiteExamples.md b/docs/MultisiteExamples.md index bff1fcb1e..752248d42 100644 --- a/docs/MultisiteExamples.md +++ b/docs/MultisiteExamples.md @@ -148,7 +148,7 @@ metadata: - enterprise.splunk.com/delete-pvc spec: replicas: 3 - image: "splunk/splunk:9.1.3" + image: "splunk/splunk:9.3.2" clusterManagerRef: name: example defaults: |- diff --git a/docs/OpenShift.md b/docs/OpenShift.md index b8c1aab8e..aae7604a4 100644 --- a/docs/OpenShift.md +++ b/docs/OpenShift.md @@ -2,11 +2,10 @@ The Splunk Operator will always start Splunk Enterprise containers using a specific, unprivileged `splunk(41812)` user and group to allow write access -to Kubernetes PersistentVolumes. This follows best security practices, -which helps prevent any malicious actor from escalating access outside of the -container and compromising the host. For more information, please see the -Splunk Enterprise container's -[Documentation on Security](https://github.com/splunk/docker-splunk/blob/develop/docs/SECURITY.md). +to Kubernetes PersistentVolumes. This follows best security practices, helping +prevent malicious actors from escalating access beyond the container and +compromising the host. For more information, please see the Splunk Enterprise +container's [Documentation on Security](https://github.com/splunk/docker-splunk/blob/develop/docs/SECURITY.md). The Splunk Enterprise pods are attached to the `default` serviceaccount or the configured [serviceaccount](CustomResources.md#common-spec-parameters-for-splunk-enterprise-resources) if @@ -16,7 +15,8 @@ and runs as user `1001`. Users of Red Hat OpenShift may find that the default Security Context Constraint is too restrictive. You can fix this by granting the appropriate Service Accounts the `nonroot` Security Context Constraint by running the -following commands within your namespace: +following commands within your namespace. If you are using OpenShift 4.14 +or later, you must use the `nonroot-v2` Security Context Constraint instead. For the Splunk Operator pod: ``` diff --git a/docs/PasswordManagement.md b/docs/PasswordManagement.md index 4cfda78b0..6ce6daf7b 100644 --- a/docs/PasswordManagement.md +++ b/docs/PasswordManagement.md @@ -156,5 +156,87 @@ spec: ... ``` -## Support for Hashicorp Vault in Splunk Operator Deployment -TODO \ No newline at end of file +## Support for HashiCorp Vault in Splunk Operator Deployment + +The Splunk Operator for Kubernetes now offers native support for HashiCorp Vault to manage and inject secrets into Splunk Enterprise deployments. This integration provides a secure and centralized method to handle sensitive information, complementing the existing global Kubernetes secret object approach. + +**Note:** This integration relies on the Vault Agent Injector mechanism. It requires that a Vault Agent is present within the Pod for secret injection and that a Vault Operator is running in your Kubernetes cluster to manage Vault interactions. + +### How Vault Integration Works with Password Management + +When Vault integration is enabled in the Splunk Custom Resource (CR), the operator will: + +1. **Leverage Vault for Secrets:** + Instead of solely relying on the global Kubernetes secret object, the operator can retrieve secret tokens directly from a HashiCorp Vault server. This is particularly useful for managing sensitive tokens such as the default administrator password, HEC token, and various `pass4Symmkey` values. + +2. **Vault Agent Injector and Automated Secret Injection:** + - The Splunk Operator adds specific annotations to Splunk Pods upon their creation or update. + - The Vault Agent Injector, running as part of the Vault ecosystem in your Kubernetes cluster, detects these annotations and: + - Injects a Vault Agent sidecar container into the Pod. + - The Vault Agent sidecar authenticates with Vault using the Kubernetes service account token. + - It then fetches necessary secret tokens (e.g., `hec_token`, `password`, `pass4Symmkey`, `idxc_secret`, `shc_secret`) from the specified Vault path. + - The agent injects these secrets into the Pod at runtime, typically by writing them to a shared volume mounted at `/mnt/splunk-secrets`. + - The primary Splunk container accesses these secrets from the mounted volume, avoiding hardcoding or manual handling of credentials. + +3. **Secret Update Detection and Pod Restarts:** + - The operator continuously checks Vault for updates or changes in secret versions. + - If a secret changes (for example, a password is updated), the operator will automatically: + - Update annotations on the affected StatefulSet to reflect new secret versions. + - Trigger a rolling restart of the impacted Pods. + - This ensures that Splunk Enterprise always operates with the latest secrets from Vault without manual intervention. + +### Configuring Vault Integration + +To configure HashiCorp Vault for your Splunk deployment, update your Splunk CR to include the `vaultIntegration` section as follows: + +```yaml +apiVersion: enterprise.splunk.com/v4 +kind: ClusterManager +metadata: + name: cm +spec: + vaultIntegration: + enable: true # Enable Vault support + address: "https://vault.example.com" # Vault server address + role: "splunk-role" # Vault role for Kubernetes authentication + secretPath: "secret/data/splunk" # Base path in Vault for Splunk secrets + # ... other spec fields ... +``` + +**Key Configuration Fields:** +- **enable:** Set to `true` to activate Vault integration. +- **address:** The URL of your Vault server. +- **role:** The Vault role used for Kubernetes-based authentication. +- **secretPath:** The base path in Vault where Splunk-related secrets are stored. + +### Prerequisites and Best Practices + +- **Vault Server Setup:** + - Ensure your Vault server is accessible from the Kubernetes cluster. + - Configure the Kubernetes authentication method in Vault and set up a role that grants access to the necessary secret paths. + +- **Vault Agent Injector and Vault Operator:** + - The Vault Agent Injector must be installed and configured in your Kubernetes cluster. + - A Vault Operator should be running to manage interactions with the Vault server, including deploying Vault Agents into Pods for secret injection. + +- **Permissions:** + - The Kubernetes service account used by the Splunk Operator must have permissions to read its own service account token for Vault authentication. + - Vault policies associated with the specified role should grant read access to secrets stored under the defined `secretPath`. + +- **Security Considerations:** + - Use proper Vault policies to enforce least-privilege access. + - Ensure secure network connectivity between your Kubernetes cluster and the Vault server. + - Regularly audit and rotate credentials in Vault as part of your security best practices. + +### Benefits of Using Vault Integration for Password Management + +- **Centralized Secret Management:** + Secrets are managed centrally in Vault, reducing reliance on distributed Kubernetes secrets and simplifying credential rotation. + +- **Enhanced Security:** + Secrets are fetched securely at runtime using a Vault Agent, minimizing exposure and mitigating the risk of secrets being stored in plain text within Kubernetes objects. + +- **Automated Updates:** + The operator automatically detects changes in Vault secrets and restarts affected Pods to apply updates, ensuring Splunk always runs with current credentials. + +By integrating HashiCorp Vault with the Splunk Operator and leveraging the Vault Agent Injector, administrators can enhance security and streamline secret management in their Splunk Enterprise deployments on Kubernetes. \ No newline at end of file diff --git a/docs/README.md b/docs/README.md index 1c5dcba46..05b31b80f 100644 --- a/docs/README.md +++ b/docs/README.md @@ -113,12 +113,12 @@ For production environments, we are requiring the use of Splunk SmartStore. As a A Kubernetes cluster administrator can install and start the Splunk Operator for specific namespace by running: ``` -kubectl apply -f https://github.com/splunk/splunk-operator/releases/download/2.6.1/splunk-operator-namespace.yaml --server-side --force-conflicts +kubectl apply -f https://github.com/splunk/splunk-operator/releases/download/2.7.0/splunk-operator-namespace.yaml --server-side --force-conflicts ``` A Kubernetes cluster administrator can install and start the Splunk Operator for cluster-wide by running: ``` -kubectl apply -f https://github.com/splunk/splunk-operator/releases/download/2.6.1/splunk-operator-cluster.yaml --server-side --force-conflicts +kubectl apply -f https://github.com/splunk/splunk-operator/releases/download/2.7.0/splunk-operator-cluster.yaml --server-side --force-conflicts ``` The [Advanced Installation Instructions](Install.md) page offers guidance for advanced configurations, including the use of private image registries, installation at cluster scope, and installing the Splunk Operator as a user who is not a Kubernetes administrator. Users of Red Hat OpenShift should review the [Red Hat OpenShift](OpenShift.md) page. diff --git a/docs/SplunkOperatorUpgrade.md b/docs/SplunkOperatorUpgrade.md index b25c8d9ee..de6aa0aa7 100644 --- a/docs/SplunkOperatorUpgrade.md +++ b/docs/SplunkOperatorUpgrade.md @@ -25,7 +25,7 @@ A Splunk Operator for Kubernetes upgrade might include support for a later versi 1. Download the latest Splunk Operator installation yaml file. ​ ``` -wget -O splunk-operator-namespace.yaml https://github.com/splunk/splunk-operator/releases/download/2.6.1/splunk-operator-namespace.yaml +wget -O splunk-operator-namespace.yaml https://github.com/splunk/splunk-operator/releases/download/2.7.0/splunk-operator-namespace.yaml ``` ​ 2. (Optional) Review the file and update it with your specific customizations used during your install. @@ -48,7 +48,7 @@ If a Splunk Operator release changes the custom resource (CRD) API version, the ### Upgrading Splunk Enterprise Docker Image with the Operator Upgrade -Splunk Operator follows the upgrade path steps mentioned in [Splunk documentation](https://docs.splunk.com/Documentation/Splunk/9.1.3/Installation/HowtoupgradeSplunk). If a Splunk Operator release includes an updated Splunk Enterprise Docker image, the operator upgrade will also initiate pod restart using the latest Splunk Enterprise Docker image. To follow the best practices described under the [General Process to Upgrade the Splunk Enterprise], a recommeded upgrade path is followed while initiating pod restarts of different Splunk Instances. At each step, if a particular CR instance exists, a certain flow is imposed to ensure that each instance is updated in the correct order. After an instance is upgraded, the Operator verifies if the upgrade was successful and all the components are working as expected. If any unexpected behaviour is detected, the process is terminated. +Splunk Operator follows the upgrade path steps mentioned in [Splunk documentation](https://docs.splunk.com/Documentation/Splunk/9.3.2/Installation/HowtoupgradeSplunk). If a Splunk Operator release includes an updated Splunk Enterprise Docker image, the operator upgrade will also initiate pod restart using the latest Splunk Enterprise Docker image. To follow the best practices described under the [General Process to Upgrade the Splunk Enterprise], a recommeded upgrade path is followed while initiating pod restarts of different Splunk Instances. At each step, if a particular CR instance exists, a certain flow is imposed to ensure that each instance is updated in the correct order. After an instance is upgraded, the Operator verifies if the upgrade was successful and all the components are working as expected. If any unexpected behaviour is detected, the process is terminated. If a Splunk Operator release changes the custom resource (CRD) API version, the administrator is responsible for updating their Custom Resource specification to reference the latest CRD API version. @@ -104,7 +104,7 @@ Edit `deployment` `splunk-operator-controller-manager-` in `splunk-operat - name: WATCH_NAMESPACE value: "splunk-operator" - name: RELATED_IMAGE_SPLUNK_ENTERPRISE - value: splunk/splunk:9.1.3 + value: splunk/splunk:9.3.2 - name: OPERATOR_NAME value: splunk-operator - name: POD_NAME @@ -139,7 +139,7 @@ To verify that a new Splunk Enterprise Docker image was applied to a pod, you ca ​ ```bash kubectl get pods splunk--monitoring-console-0 -o yaml | grep -i image -image: splunk/splunk:9.1.3 +image: splunk/splunk:9.3.2 imagePullPolicy: IfNotPresent ``` ## Splunk Enterprise Cluster upgrade diff --git a/docs/index.yaml b/docs/index.yaml index b605549b5..bba75b817 100644 --- a/docs/index.yaml +++ b/docs/index.yaml @@ -1,9 +1,29 @@ apiVersion: v1 entries: splunk-enterprise: + - apiVersion: v2 + appVersion: 2.7.0 + created: "2024-11-21T20:21:25.69474524Z" + dependencies: + - condition: splunk-operator.enabled + name: splunk-operator + repository: file://splunk-operator/helm-chart/splunk-operator + version: 2.7.0 + description: A Helm chart for Splunk Enterprise managed by the Splunk Operator + digest: ffd2f618079e9615811dab0b8fb2d0172652c14fae0db392eeb5666d9798a72b + maintainers: + - email: vivekr@splunk.com + name: Vivek Reddy + - email: akondur@splunk.com + name: Arjun Kondur + name: splunk-enterprise + type: application + urls: + - https://splunk.github.io/splunk-operator/splunk-enterprise-2.7.0.tgz + version: 2.7.0 - apiVersion: v2 appVersion: 2.6.1 - created: "2024-08-21T21:13:28.105185722Z" + created: "2024-11-21T20:21:25.610402359Z" dependencies: - condition: splunk-operator.enabled name: splunk-operator @@ -23,7 +43,7 @@ entries: version: 2.6.1 - apiVersion: v2 appVersion: 2.6.0 - created: "2024-08-21T21:13:28.031887308Z" + created: "2024-11-21T20:21:25.529608584Z" dependencies: - condition: splunk-operator.enabled name: splunk-operator @@ -43,7 +63,7 @@ entries: version: 2.6.0 - apiVersion: v2 appVersion: 2.5.2 - created: "2024-08-21T21:13:27.964311348Z" + created: "2024-11-21T20:21:25.462074454Z" dependencies: - condition: splunk-operator.enabled name: splunk-operator @@ -63,7 +83,7 @@ entries: version: 2.5.2 - apiVersion: v2 appVersion: 2.5.1 - created: "2024-08-21T21:13:27.908546143Z" + created: "2024-11-21T20:21:25.408481184Z" dependencies: - condition: splunk-operator.enabled name: splunk-operator @@ -83,7 +103,7 @@ entries: version: 2.5.1 - apiVersion: v2 appVersion: 2.5.0 - created: "2024-08-21T21:13:27.867105139Z" + created: "2024-11-21T20:21:25.361678311Z" dependencies: - condition: splunk-operator.enabled name: splunk-operator @@ -103,7 +123,7 @@ entries: version: 2.5.0 - apiVersion: v2 appVersion: 2.4.0 - created: "2024-08-21T21:13:27.835239498Z" + created: "2024-11-21T20:21:25.326748255Z" dependencies: - condition: splunk-operator.enabled name: splunk-operator @@ -125,7 +145,7 @@ entries: version: 2.4.0 - apiVersion: v2 appVersion: 2.3.0 - created: "2024-08-21T21:13:27.812660498Z" + created: "2024-11-21T20:21:25.303514858Z" dependencies: - condition: splunk-operator.enabled name: splunk-operator @@ -147,7 +167,7 @@ entries: version: 2.3.0 - apiVersion: v2 appVersion: 2.2.1 - created: "2024-08-21T21:13:27.800191981Z" + created: "2024-11-21T20:21:25.290479742Z" dependencies: - condition: splunk-operator.enabled name: splunk-operator @@ -162,7 +182,7 @@ entries: version: 2.2.1 - apiVersion: v2 appVersion: 2.2.0 - created: "2024-08-21T21:13:27.783685512Z" + created: "2024-11-21T20:21:25.27754399Z" dependencies: - condition: splunk-operator.enabled name: splunk-operator @@ -177,7 +197,7 @@ entries: version: 2.2.0 - apiVersion: v2 appVersion: 2.1.0 - created: "2024-08-21T21:13:27.764222418Z" + created: "2024-11-21T20:21:25.256990017Z" dependencies: - condition: splunk-operator.enabled name: splunk-operator @@ -191,9 +211,24 @@ entries: - https://splunk.github.io/splunk-operator/splunk-enterprise-1.0.0.tgz version: 1.0.0 splunk-operator: + - apiVersion: v2 + appVersion: 2.7.0 + created: "2024-11-21T20:21:25.819109754Z" + description: A Helm chart for the Splunk Operator for Kubernetes + digest: e0862798c88960774bcdcd62f05aa54f43eef0d6d6bcb09737e2e59b137f7cb5 + maintainers: + - email: vivekr@splunk.com + name: Vivek Reddy + - email: akondur@splunk.com + name: Arjun Kondur + name: splunk-operator + type: application + urls: + - https://splunk.github.io/splunk-operator/splunk-operator-2.7.0.tgz + version: 2.7.0 - apiVersion: v2 appVersion: 2.6.1 - created: "2024-08-21T21:13:28.21381178Z" + created: "2024-11-21T20:21:25.807976355Z" description: A Helm chart for the Splunk Operator for Kubernetes digest: 05e12835582cd201dafe3e9db06854f31115235e030efbc627c571dd25f87c8d maintainers: @@ -208,7 +243,7 @@ entries: version: 2.6.1 - apiVersion: v2 appVersion: 2.6.0 - created: "2024-08-21T21:13:28.202612209Z" + created: "2024-11-21T20:21:25.795875933Z" description: A Helm chart for the Splunk Operator for Kubernetes digest: b6dcfa4ed9de85817d7a84fa83aeb573b80c64136b80f9c6089a88d4f6efafff maintainers: @@ -223,7 +258,7 @@ entries: version: 2.6.0 - apiVersion: v2 appVersion: 2.5.2 - created: "2024-08-21T21:13:28.190774375Z" + created: "2024-11-21T20:21:25.783988892Z" description: A Helm chart for the Splunk Operator for Kubernetes digest: 7ab3e92f9f9f0a964294b95bf32066edb1b6d5375cd59099c9525f3ca733327a maintainers: @@ -238,7 +273,7 @@ entries: version: 2.5.2 - apiVersion: v2 appVersion: 2.5.1 - created: "2024-08-21T21:13:28.178877651Z" + created: "2024-11-21T20:21:25.772066842Z" description: A Helm chart for the Splunk Operator for Kubernetes digest: 5c90889e175bbfc79cbb7f83bf213de43a46c4d688574d04ff82aa16dcd8681a maintainers: @@ -253,7 +288,7 @@ entries: version: 2.5.1 - apiVersion: v2 appVersion: 2.5.0 - created: "2024-08-21T21:13:28.168387288Z" + created: "2024-11-21T20:21:25.759832962Z" description: A Helm chart for the Splunk Operator for Kubernetes digest: ed93f8fac421f92cfdbfd043ec27911a07ec7db2c05b4efc3137cef4f2bfca4a maintainers: @@ -268,7 +303,7 @@ entries: version: 2.5.0 - apiVersion: v2 appVersion: 2.4.0 - created: "2024-08-21T21:13:28.156786911Z" + created: "2024-11-21T20:21:25.747760901Z" description: A Helm chart for the Splunk Operator for Kubernetes digest: 9d0377747e46df4bf4b9dbd447c9ff46c926bfe2c66fd07d6d27a61abb31cb42 maintainers: @@ -285,7 +320,7 @@ entries: version: 2.4.0 - apiVersion: v2 appVersion: 2.3.0 - created: "2024-08-21T21:13:28.145113519Z" + created: "2024-11-21T20:21:25.737386892Z" description: A Helm chart for the Splunk Operator for Kubernetes digest: 23e70ec4059bc92920d7d3adce3bff6b8aba0d5eb5d4c0efe225bf3b88d5b274 maintainers: @@ -302,7 +337,7 @@ entries: version: 2.3.0 - apiVersion: v2 appVersion: 2.2.1 - created: "2024-08-21T21:13:28.13398032Z" + created: "2024-11-21T20:21:25.726892331Z" description: A Helm chart for the Splunk Operator for Kubernetes digest: 8868b9ae2ebde0c667b13c97d71d904a31b5a9f2c803b199bc77324f1727e1fd name: splunk-operator @@ -312,7 +347,7 @@ entries: version: 2.2.1 - apiVersion: v2 appVersion: 2.2.0 - created: "2024-08-21T21:13:28.122659146Z" + created: "2024-11-21T20:21:25.715472838Z" description: A Helm chart for the Splunk Operator for Kubernetes digest: 49c72276bd7ff93465b0545d8b0814f684cade7d2cd191b6d73d4c3660bd1fb4 name: splunk-operator @@ -322,7 +357,7 @@ entries: version: 2.2.0 - apiVersion: v2 appVersion: 2.1.0 - created: "2024-08-21T21:13:28.113915786Z" + created: "2024-11-21T20:21:25.705328559Z" description: A Helm chart for the Splunk Operator for Kubernetes digest: 34e5463f8f5442655d05cb616b50391b738a0827b30d8440b4c7fce99a291d9a name: splunk-operator @@ -330,4 +365,4 @@ entries: urls: - https://splunk.github.io/splunk-operator/splunk-operator-1.0.0.tgz version: 1.0.0 -generated: "2024-08-21T21:13:27.753889272Z" +generated: "2024-11-21T20:21:25.246519808Z" diff --git a/docs/splunk-enterprise-2.7.0.tgz b/docs/splunk-enterprise-2.7.0.tgz new file mode 100644 index 000000000..e284cbed9 Binary files /dev/null and b/docs/splunk-enterprise-2.7.0.tgz differ diff --git a/docs/splunk-operator-2.7.0.tgz b/docs/splunk-operator-2.7.0.tgz new file mode 100644 index 000000000..bcf4a4bde Binary files /dev/null and b/docs/splunk-operator-2.7.0.tgz differ diff --git a/go.mod b/go.mod index 2244dbe73..8c9607c33 100644 --- a/go.mod +++ b/go.mod @@ -3,18 +3,26 @@ module github.com/splunk/splunk-operator go 1.23.0 require ( + cloud.google.com/go/storage v1.10.0 + github.com/Azure/azure-sdk-for-go/sdk/azcore v1.16.0 + github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.7.0 + github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.4.1 github.com/aws/aws-sdk-go v1.47.11 github.com/go-logr/logr v1.4.2 + github.com/go-resty/resty/v2 v2.15.3 github.com/google/go-cmp v0.6.0 + github.com/google/uuid v1.6.0 github.com/joho/godotenv v1.5.1 github.com/minio/minio-go/v7 v7.0.16 - github.com/onsi/ginkgo/v2 v2.20.2 - github.com/onsi/gomega v1.34.2 + github.com/onsi/ginkgo/v2 v2.22.2 + github.com/onsi/gomega v1.36.2 github.com/pkg/errors v0.9.1 github.com/prometheus/client_golang v1.14.0 - github.com/stretchr/testify v1.8.4 + github.com/stretchr/testify v1.9.0 github.com/wk8/go-ordered-map/v2 v2.1.7 go.uber.org/zap v1.24.0 + google.golang.org/api v0.30.0 + gopkg.in/yaml.v2 v2.4.0 k8s.io/api v0.26.2 k8s.io/apiextensions-apiserver v0.26.2 k8s.io/apimachinery v0.26.2 @@ -24,6 +32,9 @@ require ( ) require ( + cloud.google.com/go v0.65.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect + github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect github.com/bahlo/generic-list-go v0.2.0 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/buger/jsonparser v1.1.1 // indirect @@ -40,18 +51,21 @@ require ( github.com/go-openapi/swag v0.19.14 // indirect github.com/go-task/slim-sprig/v3 v3.0.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect + github.com/golang-jwt/jwt/v5 v5.2.1 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.3 // indirect github.com/google/gnostic v0.5.7-v3refs // indirect github.com/google/gofuzz v1.1.0 // indirect - github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5 // indirect - github.com/google/uuid v1.3.0 // indirect + github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad // indirect + github.com/googleapis/gax-go/v2 v2.0.5 // indirect github.com/imdario/mergo v0.3.12 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect + github.com/jstemmer/go-junit-report v0.9.1 // indirect github.com/klauspost/compress v1.13.5 // indirect github.com/klauspost/cpuid v1.3.1 // indirect + github.com/kylelemons/godebug v1.1.0 // indirect github.com/mailru/easyjson v0.7.7 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.2 // indirect github.com/minio/md5-simd v1.1.0 // indirect @@ -61,6 +75,7 @@ require ( github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect + github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/prometheus/client_model v0.3.0 // indirect github.com/prometheus/common v0.37.0 // indirect @@ -68,22 +83,28 @@ require ( github.com/rs/xid v1.2.1 // indirect github.com/sirupsen/logrus v1.8.1 // indirect github.com/spf13/pflag v1.0.5 // indirect + github.com/stretchr/objx v0.5.2 // indirect + go.opencensus.io v0.22.4 // indirect go.uber.org/atomic v1.7.0 // indirect go.uber.org/multierr v1.6.0 // indirect - golang.org/x/crypto v0.26.0 // indirect - golang.org/x/net v0.28.0 // indirect + golang.org/x/crypto v0.31.0 // indirect + golang.org/x/lint v0.0.0-20200302205851-738671d3881b // indirect + golang.org/x/mod v0.22.0 // indirect + golang.org/x/net v0.33.0 // indirect golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b // indirect - golang.org/x/sys v0.24.0 // indirect - golang.org/x/term v0.23.0 // indirect - golang.org/x/text v0.17.0 // indirect - golang.org/x/time v0.3.0 // indirect - golang.org/x/tools v0.24.0 // indirect + golang.org/x/sync v0.10.0 // indirect + golang.org/x/sys v0.28.0 // indirect + golang.org/x/term v0.27.0 // indirect + golang.org/x/text v0.21.0 // indirect + golang.org/x/time v0.6.0 // indirect + golang.org/x/tools v0.28.0 // indirect gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/protobuf v1.34.1 // indirect + google.golang.org/genproto v0.0.0-20220502173005-c8bf987b8c21 // indirect + google.golang.org/grpc v1.49.0 // indirect + google.golang.org/protobuf v1.36.1 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.66.4 // indirect - gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect k8s.io/component-base v0.26.2 // indirect k8s.io/klog/v2 v2.80.1 // indirect diff --git a/go.sum b/go.sum index c7931936e..3a7d5b83a 100644 --- a/go.sum +++ b/go.sum @@ -12,6 +12,7 @@ cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bP cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk= cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= +cloud.google.com/go v0.65.0 h1:Dg9iHVQfrhq82rUNu9ZxUDrJLaxFUe/HlCVaLyRruq8= cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= @@ -29,8 +30,21 @@ cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiy cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= +cloud.google.com/go/storage v1.10.0 h1:STgFzyU5/8miMl0//zKh2aQeTyeaUH3WN9bSUiJ09bA= cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.16.0 h1:JZg6HRh6W6U4OLl6lk7BZ7BLisIzM9dG1R50zUk9C/M= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.16.0/go.mod h1:YL1xnZ6QejvQHWJrX/AvhFl4WW4rqHVoKspWNVwFk0M= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.7.0 h1:tfLQ34V6F7tVSwoTf/4lH5sE0o6eCJuNDTmH09nDpbc= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.7.0/go.mod h1:9kIvujWAA58nmPmWB1m23fyWic1kYZMxD9CxaWn4Qpg= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 h1:ywEEhmNahHBihViHepv3xPBn1663uRv2t2q/ESv9seY= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0/go.mod h1:iZDifYGJTIgIIkYRNWPENUnqx6bJ2xnSDFI2tjwZNuY= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage v1.6.0 h1:PiSrjRPpkQNjrM8H0WwKMnZUdu1RGMtd/LdGKUrOo+c= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage v1.6.0/go.mod h1:oDrbWx4ewMylP7xHivfgixbfGBT6APAwsSoHRKotnIc= +github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.4.1 h1:cf+OIKbkmMHBaC3u78AXomweqM0oxQSgBXRZf3WH4yM= +github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.4.1/go.mod h1:ap1dmS6vQKJxSMNiGJcq4QuUQkOynyD93gLw6MDF7ek= +github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 h1:XHOnouVk1mxXfQidrMEnLlPk9UMeRtyBTnEFtxkV0kU= +github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= @@ -38,6 +52,7 @@ github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuy github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= +github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/aws/aws-sdk-go v1.47.11 h1:Dol+MA+hQblbnXUI3Vk9qvoekU6O1uDEuAItezjiWNQ= @@ -61,6 +76,11 @@ github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5P github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= +github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= +github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= @@ -75,6 +95,8 @@ github.com/emicklei/go-restful/v3 v3.10.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRr github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= +github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= +github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/evanphx/json-patch v0.5.2/go.mod h1:ZWS5hhDbVDyob71nXKNL0+PWn6ToqBHMikGIFbs31qQ= github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= @@ -83,6 +105,7 @@ github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJ github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= +github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= @@ -108,12 +131,16 @@ github.com/go-openapi/jsonreference v0.20.0/go.mod h1:Ag74Ico3lPc+zR+qjn4XBUmXym github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.14 h1:gm3vOOXfiuw5i9p5N9xJvfjvuofpyvLA9Wr6QfK5Fng= github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= +github.com/go-resty/resty/v2 v2.15.3 h1:bqff+hcqAflpiF591hhJzNdkRsFhlB96CYfBwSFvql8= +github.com/go-resty/resty/v2 v2.15.3/go.mod h1:0fHAoK7JoBy/Ch36N8VFeMsK7xQOHhvWaC3iOktwmIU= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk= +github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -158,12 +185,15 @@ github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/martian v2.1.0+incompatible h1:/CP5g8u/VJHijgedC/Legn3BAbAaWPgecwXBIDzw5no= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= +github.com/google/martian/v3 v3.0.0 h1:pMen7vLs8nvgEYhywH3KDWJIJTeEr2ULsVWHWYHQyBs= github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= @@ -172,16 +202,19 @@ github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hf github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5 h1:5iH8iuqE5apketRbSFBy+X1V0o+l+8NF1avt4HWl7cA= -github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= +github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad h1:a6HEuzUHeKH6hwfN/ZoQgRgVIWFJljSWa/zetS2WTvg= +github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= -github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= +github.com/googleapis/gax-go/v2 v2.0.5 h1:sjZBwGj9Jlw33ImPtvFviGYvseOtDM7hkSKB7+Tv3SM= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= @@ -203,6 +236,7 @@ github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= +github.com/jstemmer/go-junit-report v0.9.1 h1:6QPYqodiu3GuPL+7mfx+NwDdp2eTkp9IfEUpgAwUN0o= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= @@ -219,10 +253,14 @@ github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxv github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= +github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= @@ -252,12 +290,13 @@ github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= -github.com/onsi/ginkgo/v2 v2.20.2 h1:7NVCeyIWROIAheY21RLS+3j2bb52W0W82tkberYytp4= -github.com/onsi/ginkgo/v2 v2.20.2/go.mod h1:K9gyxPIlb+aIvnZ8bd9Ak+YP18w3APlR+5coaZoE2ag= -github.com/onsi/gomega v1.34.2 h1:pNCwDkzrsv7MS9kpaQvVb1aVLahQXyJ/Tv5oAZMI3i8= -github.com/onsi/gomega v1.34.2/go.mod h1:v1xfxRgk0KIsG+QOdm7p8UosrOzPYRo60fd3B/1Dukc= +github.com/onsi/ginkgo/v2 v2.22.2 h1:/3X8Panh8/WwhU/3Ssa6rCKqPLuAkVY2I0RoyDLySlU= +github.com/onsi/ginkgo/v2 v2.22.2/go.mod h1:oeMosUL+8LtarXBHu/c0bx2D/K9zyQ6uX3cTyztHwsk= +github.com/onsi/gomega v1.36.2 h1:koNYke6TVk6ZmnyHrCXba/T/MoLBXFjeC1PtvYgw0A8= +github.com/onsi/gomega v1.36.2/go.mod h1:DdwyADRjrc825LhMEkD76cHR5+pUnjhUN8GlHlRPHzY= +github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ= +github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= @@ -290,7 +329,10 @@ github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1 github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/procfs v0.8.0 h1:ODq8ZFEaYeCaZOJlZZdJA2AbQR98dSHSM1KW/You5mo= github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4= +github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= +github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= github.com/rs/xid v1.2.1 h1:mhH9Nq+C1fY2l1XIpgxIiUOfNpRBYH1kKcr+qfKgjRc= github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= @@ -305,14 +347,16 @@ github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= +github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/wk8/go-ordered-map/v2 v2.1.7 h1:aUZ1xBMdbvY8wnNt77qqo4nyT3y0pX4Usat48Vm+hik= github.com/wk8/go-ordered-map/v2 v2.1.7/go.mod h1:9Xvgm2mV2kSq2SAm0Y608tBmu8akTzI7c2bz7/G7ZN4= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -323,7 +367,9 @@ go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.4 h1:LYy1Hy3MJdrCdMwwzxA/dRok4ejH+RwNGbuoD9fCjto= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= go.uber.org/atomic v1.7.0 h1:ADUqmZGgLDDfbSL9ZmPxKTybcoEYHgpYfELNoN+7hsw= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= @@ -341,8 +387,8 @@ golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201216223049-8b5274cf687f/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= -golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw= -golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54= +golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= +golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -364,6 +410,7 @@ golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHl golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20200302205851-738671d3881b h1:Wh+f8QHJXR411sJR8/vRBTZ7YapZaRvUcLFFJhusH0k= golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= @@ -373,6 +420,8 @@ golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzB golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.22.0 h1:D4nJWe9zXqHOmWqj4VMOJhvzj7bEZg4wEYa759z1pH4= +golang.org/x/mod v0.22.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -402,11 +451,12 @@ golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81R golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE= -golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg= +golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= +golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -425,6 +475,8 @@ golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= +golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -459,34 +511,39 @@ golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg= -golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= +golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.23.0 h1:F6D4vR+EHoL9/sWAWgAR1H2DcHr4PareCbAaCo1RpuU= -golang.org/x/term v0.23.0/go.mod h1:DgV24QBUrK6jhZXl+20l6UWznPlwAHm1Q1mGHtydmSk= +golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q= +golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc= -golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= +golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= +golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U= +golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= @@ -531,8 +588,8 @@ golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.24.0 h1:J1shsA93PJUEVaUSaay7UXAyE8aimq3GW0pjlolpa24= -golang.org/x/tools v0.24.0/go.mod h1:YhNqVBIfWHdzvTLs0d8LCuMhkKUgSUKldakyV7W/WDQ= +golang.org/x/tools v0.28.0 h1:WuB6qZ4RPCQo5aP3WdKZS7i595EdWqWR8vqJTlwTVK8= +golang.org/x/tools v0.28.0/go.mod h1:dcIOrVd3mfQKTgrDVQHqCPMWy6lnhfhtX3hLXYVLfRw= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -554,6 +611,7 @@ google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/ google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= +google.golang.org/api v0.30.0 h1:yfrXXP61wVuLb0vBcG6qaOoIoqYEzOQS8jum51jkv2w= google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= @@ -586,6 +644,7 @@ google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfG google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= @@ -593,6 +652,8 @@ google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20220502173005-c8bf987b8c21 h1:hrbNEivu7Zn1pxvHk6MBrq9iE22woVILTHqexqBxe6I= +google.golang.org/genproto v0.0.0-20220502173005-c8bf987b8c21/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -605,6 +666,11 @@ google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKa google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= +google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/grpc v1.46.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk= +google.golang.org/grpc v1.49.0 h1:WTLtQzmQori5FUH25Pq4WT22oCsv8USpQ+F6rqtsmxw= +google.golang.org/grpc v1.49.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -617,14 +683,17 @@ google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGj google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg= -google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.36.1 h1:yBPeRvTftaleIgM3PZ/WBIZ7XM/eEYAaEyCwvyjq/gk= +google.golang.org/protobuf v1.36.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU= gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= @@ -633,6 +702,7 @@ gopkg.in/ini.v1 v1.66.4 h1:SsAcf+mM7mRZo2nJNGt8mZCjG8ZRaNGMURJw7BsIST4= gopkg.in/ini.v1 v1.66.4/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff --git a/helm-chart/splunk-enterprise/Chart.yaml b/helm-chart/splunk-enterprise/Chart.yaml index 046e47776..b6bf1c6ec 100644 --- a/helm-chart/splunk-enterprise/Chart.yaml +++ b/helm-chart/splunk-enterprise/Chart.yaml @@ -15,13 +15,13 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 2.6.1 +version: 2.7.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "2.6.1" +appVersion: "2.7.0" maintainers: - name: Vivek Reddy email: vivekr@splunk.com @@ -29,6 +29,6 @@ maintainers: email: akondur@splunk.com dependencies: - name: splunk-operator - version: "2.6.1" + version: "2.7.0" repository: "file://splunk-operator/helm-chart/splunk-operator" condition: splunk-operator.enabled diff --git a/helm-chart/splunk-enterprise/charts/splunk-operator-2.7.0.tgz b/helm-chart/splunk-enterprise/charts/splunk-operator-2.7.0.tgz new file mode 100644 index 000000000..bcf4a4bde Binary files /dev/null and b/helm-chart/splunk-enterprise/charts/splunk-operator-2.7.0.tgz differ diff --git a/helm-chart/splunk-operator/Chart.yaml b/helm-chart/splunk-operator/Chart.yaml index 36adcc3a7..fc8765b92 100644 --- a/helm-chart/splunk-operator/Chart.yaml +++ b/helm-chart/splunk-operator/Chart.yaml @@ -19,10 +19,10 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: "2.6.1" +version: "2.7.0" # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "2.6.1" +appVersion: "2.7.0" diff --git a/helm-chart/splunk-operator/crds/enterprise.splunk.com_clustermanagers.yaml b/helm-chart/splunk-operator/crds/enterprise.splunk.com_clustermanagers.yaml index 648e5ab14..e8baa84c3 100644 --- a/helm-chart/splunk-operator/crds/enterprise.splunk.com_clustermanagers.yaml +++ b/helm-chart/splunk-operator/crds/enterprise.splunk.com_clustermanagers.yaml @@ -971,7 +971,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -983,8 +983,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -2091,7 +2091,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -2103,8 +2103,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -4085,7 +4085,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -4097,8 +4097,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array @@ -4354,7 +4355,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -4366,8 +4367,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array diff --git a/helm-chart/splunk-operator/crds/enterprise.splunk.com_clustermasters.yaml b/helm-chart/splunk-operator/crds/enterprise.splunk.com_clustermasters.yaml index 4ba412e1f..f635b4ac4 100644 --- a/helm-chart/splunk-operator/crds/enterprise.splunk.com_clustermasters.yaml +++ b/helm-chart/splunk-operator/crds/enterprise.splunk.com_clustermasters.yaml @@ -967,7 +967,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -979,8 +979,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -2087,7 +2087,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -2099,8 +2099,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -4081,7 +4081,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -4093,8 +4093,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array @@ -4347,7 +4348,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -4359,8 +4360,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array diff --git a/helm-chart/splunk-operator/crds/enterprise.splunk.com_licensemanagers.yaml b/helm-chart/splunk-operator/crds/enterprise.splunk.com_licensemanagers.yaml index 75e417481..99d6291ab 100644 --- a/helm-chart/splunk-operator/crds/enterprise.splunk.com_licensemanagers.yaml +++ b/helm-chart/splunk-operator/crds/enterprise.splunk.com_licensemanagers.yaml @@ -961,7 +961,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -973,8 +973,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -3959,7 +3959,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -3971,8 +3971,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array diff --git a/helm-chart/splunk-operator/crds/enterprise.splunk.com_licensemasters.yaml b/helm-chart/splunk-operator/crds/enterprise.splunk.com_licensemasters.yaml index 6312c605c..ec5183c34 100644 --- a/helm-chart/splunk-operator/crds/enterprise.splunk.com_licensemasters.yaml +++ b/helm-chart/splunk-operator/crds/enterprise.splunk.com_licensemasters.yaml @@ -956,7 +956,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -968,8 +968,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -3954,7 +3954,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -3966,8 +3966,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array diff --git a/helm-chart/splunk-operator/crds/enterprise.splunk.com_monitoringconsoles.yaml b/helm-chart/splunk-operator/crds/enterprise.splunk.com_monitoringconsoles.yaml index edf4fad0c..c5833cba4 100644 --- a/helm-chart/splunk-operator/crds/enterprise.splunk.com_monitoringconsoles.yaml +++ b/helm-chart/splunk-operator/crds/enterprise.splunk.com_monitoringconsoles.yaml @@ -963,7 +963,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -975,8 +975,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -3960,7 +3960,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -3972,8 +3972,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array @@ -5082,7 +5083,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -5094,8 +5095,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -8079,7 +8080,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -8091,8 +8092,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array diff --git a/helm-chart/splunk-operator/crds/enterprise.splunk.com_searchheadclusters.yaml b/helm-chart/splunk-operator/crds/enterprise.splunk.com_searchheadclusters.yaml index c0e4754d5..e9a97c05d 100644 --- a/helm-chart/splunk-operator/crds/enterprise.splunk.com_searchheadclusters.yaml +++ b/helm-chart/splunk-operator/crds/enterprise.splunk.com_searchheadclusters.yaml @@ -969,7 +969,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -981,8 +981,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -3983,7 +3983,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -3995,8 +3995,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array @@ -5175,7 +5176,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -5187,8 +5188,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -8189,7 +8190,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -8201,8 +8202,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array diff --git a/helm-chart/splunk-operator/crds/enterprise.splunk.com_standalones.yaml b/helm-chart/splunk-operator/crds/enterprise.splunk.com_standalones.yaml index 897bde6e2..d497c1627 100644 --- a/helm-chart/splunk-operator/crds/enterprise.splunk.com_standalones.yaml +++ b/helm-chart/splunk-operator/crds/enterprise.splunk.com_standalones.yaml @@ -964,7 +964,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -976,8 +976,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -2088,7 +2088,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -2100,8 +2100,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -4083,7 +4083,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -4095,8 +4095,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array @@ -4346,7 +4347,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -4358,8 +4359,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -5327,7 +5328,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -5339,8 +5340,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -6451,7 +6452,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -6463,8 +6464,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array @@ -8446,7 +8447,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where @@ -8458,8 +8459,9 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: - s3, blob. s3 works with aws or minio providers, whereas - blob works with azure provider.' + s3, blob, gcs. s3 works with aws or minio providers, + whereas blob works with azure provider, gcs works + for gcp.' type: string type: object type: array @@ -8712,7 +8714,7 @@ spec: type: string provider: description: 'App Package Remote Store provider. Supported - values: aws, minio, azure.' + values: aws, minio, azure, gcp.' type: string region: description: Region of the remote storage volume where apps @@ -8724,8 +8726,8 @@ spec: type: string storageType: description: 'Remote Storage type. Supported values: s3, - blob. s3 works with aws or minio providers, whereas blob - works with azure provider.' + blob, gcs. s3 works with aws or minio providers, whereas + blob works with azure provider, gcs works for gcp.' type: string type: object type: array diff --git a/helm-chart/splunk-operator/values.yaml b/helm-chart/splunk-operator/values.yaml index d23f67a03..65436dbd7 100644 --- a/helm-chart/splunk-operator/values.yaml +++ b/helm-chart/splunk-operator/values.yaml @@ -3,7 +3,7 @@ splunk-operator: # Splunk image image: - repository: docker.io/splunk/splunk:9.3.0 + repository: docker.io/splunk/splunk:9.3.2 # The kube-rbac-proxy is a small HTTP proxy for a single upstream, that can perform RBAC # authorization against the Kubernetes API. @@ -32,7 +32,7 @@ splunkOperator: # Splunk operator image and pull policy # reference: https://github.com/splunk/splunk-operator image: - repository: docker.io/splunk/splunk-operator:2.6.1 + repository: docker.io/splunk/splunk-operator:2.7.0 pullPolicy: IfNotPresent # Set image pull secrets to pull image from a private registry @@ -144,7 +144,7 @@ splunkOperator: # Set storageClassName for the PersistentVolumeClaim persistentVolumeClaim: - storageClassName: "default" + storageClassName: "" # Specify volumes for Splunk Operator pod, append additional volumes to list # reference: https://kubernetes.io/docs/concepts/storage/volumes/ diff --git a/kuttl/kuttl-test-helm-sva.yaml b/kuttl/kuttl-test-helm-sva.yaml new file mode 100644 index 000000000..f659cc360 --- /dev/null +++ b/kuttl/kuttl-test-helm-sva.yaml @@ -0,0 +1,10 @@ +# Entrypoint for helm automation +apiVersion: kuttl.dev/v1beta1 +kind: TestSuite +testDirs: +- ./kuttl/tests/helm_sva +parallel: 1 +timeout: 7000 +startKIND: false +artifactsDir: kuttl-artifacts +kindNodeCache: false diff --git a/kuttl/tests/helm_sva/c3/00-assert.yaml b/kuttl/tests/helm_sva/c3/00-assert.yaml new file mode 100644 index 000000000..84aa8c23a --- /dev/null +++ b/kuttl/tests/helm_sva/c3/00-assert.yaml @@ -0,0 +1,9 @@ +--- +# assert for splunk operator deployment to be ready +apiVersion: apps/v1 +kind: Deployment +metadata: + name: splunk-operator-controller-manager +status: + readyReplicas: 1 + availableReplicas: 1 \ No newline at end of file diff --git a/kuttl/tests/helm_sva/c3/00-install-operator.yaml b/kuttl/tests/helm_sva/c3/00-install-operator.yaml new file mode 100644 index 000000000..602ebe0c1 --- /dev/null +++ b/kuttl/tests/helm_sva/c3/00-install-operator.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kuttl.dev/v1beta1 +kind: TestStep +commands: + - script: ../script/installoperator.sh + background: false \ No newline at end of file diff --git a/kuttl/tests/helm_sva/c3/01-assert.yaml b/kuttl/tests/helm_sva/c3/01-assert.yaml new file mode 100644 index 000000000..3e6fc7b5c --- /dev/null +++ b/kuttl/tests/helm_sva/c3/01-assert.yaml @@ -0,0 +1,90 @@ +--- +# assert for cluster manager custom resource to be ready +apiVersion: enterprise.splunk.com/v4 +kind: ClusterManager +metadata: + name: cm +status: + phase: Ready + +--- +# check if stateful sets are created +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: splunk-cm-cluster-manager +status: + replicas: 1 + +--- +# check if secret object are created +apiVersion: v1 +kind: Secret +metadata: + name: splunk-cm-cluster-manager-secret-v1 + +--- +# assert for indexer cluster custom resource to be ready +apiVersion: enterprise.splunk.com/v4 +kind: IndexerCluster +metadata: + name: idxc +status: + phase: Ready + +--- +# check for stateful set and replicas as configured +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: splunk-idxc-indexer +status: + replicas: 3 + +--- +# check if secret object are created +apiVersion: v1 +kind: Secret +metadata: + name: splunk-idxc-indexer-secret-v1 + +--- +# assert for SearchHeadCluster custom resource to be ready +apiVersion: enterprise.splunk.com/v4 +kind: SearchHeadCluster +metadata: + name: shc +status: + phase: Ready + +--- +# check if secret object are created +apiVersion: v1 +kind: Secret +metadata: + name: splunk-shc-deployer-secret-v1 + +--- +# check if secret object are created +apiVersion: v1 +kind: Secret +metadata: + name: splunk-shc-search-head-secret-v1 + +--- +# check for stateful set and replicas as configured +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: splunk-shc-search-head +status: + replicas: 3 + +--- +# check for statefull set +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: splunk-shc-deployer +status: + replicas: 1 diff --git a/kuttl/tests/helm_sva/c3/01-install-c3.yaml b/kuttl/tests/helm_sva/c3/01-install-c3.yaml new file mode 100644 index 000000000..4bca3d6e5 --- /dev/null +++ b/kuttl/tests/helm_sva/c3/01-install-c3.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kuttl.dev/v1beta1 +kind: TestStep +commands: + - command: helm install splunk-c3 $HELM_REPO_PATH/splunk-enterprise -f c3_config.yaml + namespaced: true \ No newline at end of file diff --git a/kuttl/tests/helm_sva/c3/02-assert.yaml b/kuttl/tests/helm_sva/c3/02-assert.yaml new file mode 100644 index 000000000..84b4ee495 --- /dev/null +++ b/kuttl/tests/helm_sva/c3/02-assert.yaml @@ -0,0 +1,17 @@ +--- +# assert for indexer cluster custom resource to be ready +apiVersion: enterprise.splunk.com/v4 +kind: IndexerCluster +metadata: + name: idxc +status: + phase: Ready + +--- +# check for stateful sets and replicas updated +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: splunk-idxc-indexer +status: + replicas: 4 diff --git a/kuttl/tests/helm_sva/c3/02-scaleup-c3.yaml b/kuttl/tests/helm_sva/c3/02-scaleup-c3.yaml new file mode 100644 index 000000000..49a676b51 --- /dev/null +++ b/kuttl/tests/helm_sva/c3/02-scaleup-c3.yaml @@ -0,0 +1,5 @@ +apiVersion: kuttl.dev/v1beta1 +kind: TestStep +commands: + - command: helm upgrade splunk-c3 $HELM_REPO_PATH/splunk-enterprise --reuse-values --set indexerCluster.replicaCount=4 + namespaced: true diff --git a/kuttl/tests/helm_sva/c3/03-uninstall-c3.yaml b/kuttl/tests/helm_sva/c3/03-uninstall-c3.yaml new file mode 100644 index 000000000..01ee67e58 --- /dev/null +++ b/kuttl/tests/helm_sva/c3/03-uninstall-c3.yaml @@ -0,0 +1,5 @@ +apiVersion: kuttl.dev/v1beta1 +kind: TestStep +commands: + - command: helm uninstall splunk-c3 + namespaced: true diff --git a/kuttl/tests/helm_sva/c3/c3_config.yaml b/kuttl/tests/helm_sva/c3/c3_config.yaml new file mode 100644 index 000000000..e41af84a0 --- /dev/null +++ b/kuttl/tests/helm_sva/c3/c3_config.yaml @@ -0,0 +1,41 @@ +splunk-operator: + enabled: false + splunkOperator: + clusterWideAccess: false + persistentVolumeClaim: + storageClassName: gp2 + +sva: + c3: + enabled: true + + clusterManager: + name: cm + + indexerClusters: + - name: idxc + + searchHeadClusters: + - name: shc + + +indexerCluster: + enabled: true + additionalLabels: + label: "true" + additionalAnnotations: + annotation: "true" + +clusterManager: + enabled: true + additionalLabels: + label: "true" + additionalAnnotations: + annotation: "true" + +searchHeadCluster: + enabled: true + additionalLabels: + label: "true" + additionalAnnotations: + annotation: "true" diff --git a/kuttl/tests/helm_sva/c3/c3_scale_config.yaml b/kuttl/tests/helm_sva/c3/c3_scale_config.yaml new file mode 100644 index 000000000..a40260e50 --- /dev/null +++ b/kuttl/tests/helm_sva/c3/c3_scale_config.yaml @@ -0,0 +1,15 @@ +splunk-operator: + enabled: false +sva: + c3: + enabled: true + + clusterManager: + name: cm + + indexerClusters: + - name: idxc + replicaCount: 4 + + searchHeadClusters: + - name: shc diff --git a/kuttl/tests/helm_sva/m4/00-install-operator.yaml b/kuttl/tests/helm_sva/m4/00-install-operator.yaml new file mode 100644 index 000000000..602ebe0c1 --- /dev/null +++ b/kuttl/tests/helm_sva/m4/00-install-operator.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kuttl.dev/v1beta1 +kind: TestStep +commands: + - script: ../script/installoperator.sh + background: false \ No newline at end of file diff --git a/kuttl/tests/helm_sva/m4/01-assert.yaml b/kuttl/tests/helm_sva/m4/01-assert.yaml new file mode 100644 index 000000000..f6443acd2 --- /dev/null +++ b/kuttl/tests/helm_sva/m4/01-assert.yaml @@ -0,0 +1,84 @@ + +--- +# assert for cluster manager custom resource to be ready +apiVersion: enterprise.splunk.com/v4 +kind: ClusterManager +metadata: + name: cm +status: + phase: Ready + +--- +# check for stateful set +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: splunk-cm-cluster-manager +status: + replicas: 1 + +--- +# check if secret object is created +apiVersion: v1 +kind: Secret +metadata: + name: splunk-cm-cluster-manager-secret-v1 + +--- +# assert for indexer cluster custom resource to be ready +apiVersion: enterprise.splunk.com/v4 +kind: IndexerCluster +metadata: + name: idx1 +status: + phase: Ready + +--- +# assert for indexer cluster custom resource to be ready +apiVersion: enterprise.splunk.com/v4 +kind: IndexerCluster +metadata: + name: idx2 +status: + phase: Ready + +--- +# assert for SearchHeadCluster custom resource to be ready +apiVersion: enterprise.splunk.com/v4 +kind: SearchHeadCluster +metadata: + name: shc1 +status: + phase: Ready + +--- +# check if secret object is created +apiVersion: v1 +kind: Secret +metadata: + name: splunk-shc1-deployer-secret-v1 + +--- +# check if secret object is created +apiVersion: v1 +kind: Secret +metadata: + name: splunk-shc1-search-head-secret-v1 + +--- +# check for stateful set and replicas +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: splunk-shc1-search-head +status: + replicas: 3 + +--- +# check for stateful set +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: splunk-shc1-deployer +status: + replicas: 1 diff --git a/kuttl/tests/helm_sva/m4/01-install-m4.yaml b/kuttl/tests/helm_sva/m4/01-install-m4.yaml new file mode 100644 index 000000000..70c03c4a8 --- /dev/null +++ b/kuttl/tests/helm_sva/m4/01-install-m4.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kuttl.dev/v1beta1 +kind: TestStep +commands: + - command: helm install splunk-m4 $HELM_REPO_PATH/splunk-enterprise -f m4_config.yaml + namespaced: true diff --git a/kuttl/tests/helm_sva/m4/02-uninstall-m4.yaml b/kuttl/tests/helm_sva/m4/02-uninstall-m4.yaml new file mode 100644 index 000000000..7b7e44f99 --- /dev/null +++ b/kuttl/tests/helm_sva/m4/02-uninstall-m4.yaml @@ -0,0 +1,5 @@ +apiVersion: kuttl.dev/v1beta1 +kind: TestStep +commands: + - command: helm uninstall splunk-m4 + namespaced: true diff --git a/kuttl/tests/helm_sva/m4/m4_config.yaml b/kuttl/tests/helm_sva/m4/m4_config.yaml new file mode 100644 index 000000000..a14e05bd8 --- /dev/null +++ b/kuttl/tests/helm_sva/m4/m4_config.yaml @@ -0,0 +1,28 @@ +splunk-operator: + enabled: false + splunkOperator: + clusterWideAccess: false + persistentVolumeClaim: + storageClassName: gp2 +sva: + m4: + enabled: true + + clusterManager: + name: cm + allSites: "site1,site2" + site: site1 + zone: us-west-2d + + indexerClusters: + - name: idx1 + site: site1 + zone: us-west-2d + - name: idx2 + site: site2 + zone: us-west-2b + + searchHeadClusters: + - name: shc1 + site: site2 + zone: us-west-2b diff --git a/kuttl/tests/helm_sva/s1/00-install-operator.yaml b/kuttl/tests/helm_sva/s1/00-install-operator.yaml new file mode 100644 index 000000000..602ebe0c1 --- /dev/null +++ b/kuttl/tests/helm_sva/s1/00-install-operator.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kuttl.dev/v1beta1 +kind: TestStep +commands: + - script: ../script/installoperator.sh + background: false \ No newline at end of file diff --git a/kuttl/tests/helm_sva/s1/00-install-service-account.yaml b/kuttl/tests/helm_sva/s1/00-install-service-account.yaml new file mode 100644 index 000000000..0bac79641 --- /dev/null +++ b/kuttl/tests/helm_sva/s1/00-install-service-account.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: helm-service-account +spec: {} diff --git a/kuttl/tests/helm_sva/s1/01-assert.yaml b/kuttl/tests/helm_sva/s1/01-assert.yaml new file mode 100644 index 000000000..41ddd97d2 --- /dev/null +++ b/kuttl/tests/helm_sva/s1/01-assert.yaml @@ -0,0 +1,7 @@ +# check for standalone to be in ready state +apiVersion: enterprise.splunk.com/v4 +kind: Standalone +metadata: + name: stdln +status: + phase: Ready diff --git a/kuttl/tests/helm_sva/s1/01-install-standalone.yaml b/kuttl/tests/helm_sva/s1/01-install-standalone.yaml new file mode 100644 index 000000000..191e42c79 --- /dev/null +++ b/kuttl/tests/helm_sva/s1/01-install-standalone.yaml @@ -0,0 +1,7 @@ +apiVersion: kuttl.dev/v1beta1 +kind: TestStep +commands: + - command: helm install splunk-stdl $HELM_REPO_PATH/splunk-enterprise --set splunk-operator.enabled=false --set standalone.enabled=true + namespaced: true +spec: + serviceAccount: helm-service-account diff --git a/kuttl/tests/helm_sva/s1/02-assert.yaml b/kuttl/tests/helm_sva/s1/02-assert.yaml new file mode 100644 index 000000000..be9139729 --- /dev/null +++ b/kuttl/tests/helm_sva/s1/02-assert.yaml @@ -0,0 +1,7 @@ +# check for standalone to be scaled +apiVersion: enterprise.splunk.com/v4 +kind: Standalone +metadata: + name: stdln +status: + replicas: 2 diff --git a/kuttl/tests/helm_sva/s1/02-scaleup-standalone.yaml b/kuttl/tests/helm_sva/s1/02-scaleup-standalone.yaml new file mode 100644 index 000000000..6695f352e --- /dev/null +++ b/kuttl/tests/helm_sva/s1/02-scaleup-standalone.yaml @@ -0,0 +1,7 @@ +apiVersion: kuttl.dev/v1beta1 +kind: TestStep +commands: + - command: helm upgrade --set standalone.replicaCount=2 --set splunk-operator.enabled=false --set standalone.enabled=true splunk-stdl ../../../../helm-chart/splunk-enterprise + namespaced: true +spec: + serviceAccount: helm-service-account diff --git a/kuttl/tests/helm_sva/s1/03-assert.yaml b/kuttl/tests/helm_sva/s1/03-assert.yaml new file mode 100644 index 000000000..328b504cf --- /dev/null +++ b/kuttl/tests/helm_sva/s1/03-assert.yaml @@ -0,0 +1,7 @@ +# check for standalone to be scaled down +apiVersion: enterprise.splunk.com/v4 +kind: Standalone +metadata: + name: stdln +status: + replicas: 1 diff --git a/kuttl/tests/helm_sva/s1/03-rollback-standalone.yaml b/kuttl/tests/helm_sva/s1/03-rollback-standalone.yaml new file mode 100644 index 000000000..6534b5811 --- /dev/null +++ b/kuttl/tests/helm_sva/s1/03-rollback-standalone.yaml @@ -0,0 +1,7 @@ +apiVersion: kuttl.dev/v1beta1 +kind: TestStep +commands: + - command: helm rollback splunk-stdl 1 + namespaced: true +spec: + serviceAccount: helm-service-account diff --git a/kuttl/tests/helm_sva/s1/04-assert.yaml b/kuttl/tests/helm_sva/s1/04-assert.yaml new file mode 100644 index 000000000..143f57d6e --- /dev/null +++ b/kuttl/tests/helm_sva/s1/04-assert.yaml @@ -0,0 +1,17 @@ +--- +# check for MonitoringConsole to be in ready state +apiVersion: enterprise.splunk.com/v4 +kind: MonitoringConsole +metadata: + name: mc +status: + phase: Ready + +--- +# check for standalone to be in ready state +apiVersion: enterprise.splunk.com/v4 +kind: Standalone +metadata: + name: stdln +status: + phase: Ready diff --git a/kuttl/tests/helm_sva/s1/04-monitoringconsole-standalone.yaml b/kuttl/tests/helm_sva/s1/04-monitoringconsole-standalone.yaml new file mode 100644 index 000000000..0584cb744 --- /dev/null +++ b/kuttl/tests/helm_sva/s1/04-monitoringconsole-standalone.yaml @@ -0,0 +1,7 @@ +apiVersion: kuttl.dev/v1beta1 +kind: TestStep +commands: + - command: helm upgrade splunk-stdl $HELM_REPO_PATH/splunk-enterprise --set splunk-operator.enabled=false --set standalone.enabled=true --set monitoringConsole.enabled=true + namespaced: true +spec: + serviceAccount: helm-service-account diff --git a/kuttl/tests/helm_sva/s1/05-assert.yaml b/kuttl/tests/helm_sva/s1/05-assert.yaml new file mode 100644 index 000000000..8cd3aca61 --- /dev/null +++ b/kuttl/tests/helm_sva/s1/05-assert.yaml @@ -0,0 +1,7 @@ +# check for License manager to be in ready state +apiVersion: enterprise.splunk.com/v4 +kind: LicenseManager +metadata: + name: lm +status: + phase: Ready diff --git a/kuttl/tests/helm_sva/s1/05-licensemanager-standalone.yaml b/kuttl/tests/helm_sva/s1/05-licensemanager-standalone.yaml new file mode 100644 index 000000000..6ae274d8b --- /dev/null +++ b/kuttl/tests/helm_sva/s1/05-licensemanager-standalone.yaml @@ -0,0 +1,7 @@ +apiVersion: kuttl.dev/v1beta1 +kind: TestStep +commands: + - command: helm upgrade splunk-stdl $HELM_REPO_PATH/splunk-enterprise --set splunk-operator.enabled=false --set standalone.enabled=true --set monitoringConsole.enabled=true --set licenseManager.enabled=true + namespaced: true +spec: + serviceAccount: helm-service-account \ No newline at end of file diff --git a/kuttl/tests/helm_sva/s1/06-delete-standalone.yaml b/kuttl/tests/helm_sva/s1/06-delete-standalone.yaml new file mode 100644 index 000000000..cdabbf173 --- /dev/null +++ b/kuttl/tests/helm_sva/s1/06-delete-standalone.yaml @@ -0,0 +1,7 @@ +apiVersion: kuttl.dev/v1beta1 +kind: TestStep +commands: + - command: helm uninstall splunk-stdl + namespaced: true +spec: + serviceAccount: helm-service-account diff --git a/kuttl/tests/helm_sva/s1/06-errors.yaml b/kuttl/tests/helm_sva/s1/06-errors.yaml new file mode 100644 index 000000000..8399de722 --- /dev/null +++ b/kuttl/tests/helm_sva/s1/06-errors.yaml @@ -0,0 +1,4 @@ +--- +apiVersion: enterprise.splunk.com/v3 +kind: Standalone +name: test diff --git a/kuttl/tests/helm_sva/script/installoperator.sh b/kuttl/tests/helm_sva/script/installoperator.sh new file mode 100755 index 000000000..9edd00e4f --- /dev/null +++ b/kuttl/tests/helm_sva/script/installoperator.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash + +if [ "${INSTALL_OPERATOR}" = true ]; then + echo "installing operator" + helm install splunk-operator $HELM_REPO_PATH/splunk-operator --namespace $NAMESPACE --set splunkOperator.persistentVolumeClaim.storageClassName=gp2 --set splunkOperator.clusterWideAccess=false --set splunkOperator.image.repository=${KUTTL_SPLUNK_OPERATOR_IMAGE} --set image.repository=${KUTTL_SPLUNK_ENTERPRISE_IMAGE} + retVal=$? + if [ $retVal -ne 0 ]; then + echo "operator installation failed" + echo "Error" + exit $retVal + else + kubectl wait --for=condition=ready pod -l control-plane=controller-manager --timeout=600s -n $NAMESPACE + retVal=$? + echo "operator installation success" + exit $retVal + fi +else + echo "INSTALL_OPERATOR env is not set, skip" +fi diff --git a/pkg/splunk/client/azureblobclient.go b/pkg/splunk/client/azureblobclient.go index f308e607c..c74036269 100644 --- a/pkg/splunk/client/azureblobclient.go +++ b/pkg/splunk/client/azureblobclient.go @@ -16,517 +16,336 @@ package client import ( - "bytes" "context" - "crypto/hmac" - "crypto/sha256" - "crypto/tls" - "encoding/base64" - "encoding/json" - "encoding/xml" - "errors" "fmt" "io" - "net/http" - "net/url" "os" - "sort" - "strconv" - "strings" - "time" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azidentity" + "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob" + "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob" + "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/container" "sigs.k8s.io/controller-runtime/pkg/log" ) -// blank assignment to verify that AzureBlobClient implements RemoteDataClient var _ RemoteDataClient = &AzureBlobClient{} -// AzureBlobClient is a client to implement Azure Blob specific APIs -type AzureBlobClient struct { - BucketName string - StorageAccountName string - SecretAccessKey string - Prefix string - StartAfter string - Endpoint string - HTTPClient SplunkHTTPClient +// ContainerClientInterface abstracts the methods used from the Azure SDK's ContainerClient. +type ContainerClientInterface interface { + NewListBlobsFlatPager(options *container.ListBlobsFlatOptions) *runtime.Pager[azblob.ListBlobsFlatResponse] + NewBlobClient(blobName string) BlobClientInterface } -// ContainerProperties represents blob properties -type ContainerProperties struct { - CreationTime string `xml:"Creation-Time"` - LastModified string `xml:"Last-Modified"` - ETag string `xml:"Etag"` - ContentLength string `xml:"Content-Length"` +// BlobClientInterface abstracts the methods used from the Azure SDK's BlobClient. +type BlobClientInterface interface { + DownloadStream(ctx context.Context, options *blob.DownloadStreamOptions) (blob.DownloadStreamResponse, error) } -// Blob represents a single blob -type Blob struct { - XMLName xml.Name `xml:"Blob"` - Name string `xml:"Name"` - Properties ContainerProperties `xml:"Properties"` +func (c *ContainerClientWrapper) NewListBlobsFlatPager(options *azblob.ListBlobsFlatOptions) *runtime.Pager[azblob.ListBlobsFlatResponse] { + return c.Client.NewListBlobsFlatPager(options) } -// Blobs represents a slice of blobs -type Blobs struct { - XMLName xml.Name `xml:"Blobs"` - Blob []Blob `xml:"Blob"` +// ContainerClientWrapper wraps the Azure SDK's ContainerClient and implements ContainerClientInterface. +type ContainerClientWrapper struct { + *container.Client } -// EnumerationResults holds unmarshaled data from listing APIs -type EnumerationResults struct { - XMLName xml.Name `xml:"EnumerationResults"` - Blobs Blobs `xml:"Blobs"` +// NewBlobClient wraps the Azure SDK's NewBlobClient method to return BlobClientInterface. +func (w *ContainerClientWrapper) NewBlobClient(blobName string) BlobClientInterface { + return &BlobClientWrapper{w.Client.NewBlobClient(blobName)} } -// TokenResponse holds the unmarshaled oauth token -type TokenResponse struct { - AccessToken string `json:"access_token"` - ClientID string `json:"client_id"` +// BlobClientWrapper wraps the Azure SDK's BlobClient and implements BlobClientInterface. +type BlobClientWrapper struct { + *blob.Client } -// ComputeHMACSHA256 generates a hash signature for an HTTP request or for a SAS. -func ComputeHMACSHA256(message string, base64DecodedAccountKey []byte) (base64String string) { - // Signature=Base64(HMAC-SHA256(UTF8(StringToSign), Base64.decode())) - h := hmac.New(sha256.New, base64DecodedAccountKey) - h.Write([]byte(message)) - return base64.StdEncoding.EncodeToString(h.Sum(nil)) +// DownloadStream wraps the Azure SDK's DownloadStream method. +func (w *BlobClientWrapper) DownloadStream(ctx context.Context, options *blob.DownloadStreamOptions) (blob.DownloadStreamResponse, error) { + return w.Client.DownloadStream(ctx, options) } -// buildStringToSign is a helper API for adding auth signature to HTTP headers -func buildStringToSign(request http.Request, accountName string) (string, error) { - // https://docs.microsoft.com/en-us/rest/api/storageservices/authentication-for-the-azure-storage-services - headers := request.Header - contentLength := headers.Get(headerContentLength) - if contentLength == "0" { - contentLength = "" - } +// CredentialType defines the type of credential used for authentication. +type CredentialType int - canonicalizedResource, err := buildCanonicalizedResource(request.URL, accountName) - if err != nil { - return "", err - } +const ( + // CredentialTypeSharedKey indicates Shared Key authentication. + CredentialTypeSharedKey CredentialType = iota + // CredentialTypeAzureAD indicates Azure AD authentication. + CredentialTypeAzureAD +) - stringToSign := strings.Join([]string{ - request.Method, - headers.Get(headerContentEncoding), - headers.Get(headerContentLanguage), - contentLength, - headers.Get(headerContentMD5), - headers.Get(headerContentType), - "", // Empty date because x-ms-date is expected (as per web page above) - headers.Get(headerIfModifiedSince), - headers.Get(headerIfMatch), - headers.Get(headerIfNoneMatch), - headers.Get(headerIfUnmodifiedSince), - headers.Get(headerRange), - buildCanonicalizedHeader(headers), - canonicalizedResource, - }, "\n") - return stringToSign, nil +// AzureBlobClient implements the RemoteDataClient interface for Azure Blob Storage. +type AzureBlobClient struct { + BucketName string + StorageAccountName string + Prefix string + StartAfter string + Endpoint string + ContainerClient ContainerClientInterface + CredentialType CredentialType } -// buildCanonicalizedHeader is a helper API for adding auth signature to HTTP headers -func buildCanonicalizedHeader(headers http.Header) string { - cm := map[string][]string{} - for k, v := range headers { - headerName := strings.TrimSpace(strings.ToLower(k)) - if strings.HasPrefix(headerName, "x-ms-") { - cm[headerName] = v // NOTE: the value must not have any whitespace around it. - } - } - if len(cm) == 0 { - return "" - } +// NewAzureBlobClient initializes and returns an AzureBlobClient. +// It supports both Shared Key and Azure AD authentication based on provided credentials. +// NewAzureBlobClient initializes a new AzureBlobClient with the provided parameters. +// It supports both Shared Key and Azure AD authentication methods. +// +// Parameters: +// - ctx: The context for the operation. +// - bucketName: The name of the Azure Blob container. +// - storageAccountName: The name of the Azure Storage account. +// - secretAccessKey: The shared key for authentication (optional; leave empty to use Azure AD). +// - prefix: The prefix for blob listing (optional). +// - startAfter: The marker for blob listing (optional). +// - region: The Azure region (e.g., "eastus"). +// - endpoint: A custom endpoint (optional). +// - initFunc: An initialization function to be executed (optional). +// +// Returns: +// - RemoteDataClient: An interface representing the remote data client. +// - error: An error object if the initialization fails. +// +// The function logs the initialization process and selects the appropriate +// authentication method based on the presence of the secretAccessKey. If the +// secretAccessKey is provided, Shared Key authentication is used; otherwise, +// Azure AD authentication is used. +func NewAzureBlobClient( + ctx context.Context, + bucketName string, // Azure Blob container name + storageAccountName string, // Azure Storage account name + secretAccessKey string, // Shared Key (optional; leave empty to use Azure AD) + prefix string, // Prefix for blob listing (optional) + startAfter string, // Marker for blob listing (optional) + region string, // Azure region (e.g., "eastus") + endpoint string, // Custom endpoint (optional) + initFunc GetInitFunc, // Initialization function +) (RemoteDataClient, error) { // Matches GetRemoteDataClient signature + reqLogger := log.FromContext(ctx) + scopedLog := reqLogger.WithName("NewAzureBlobClient") - keys := make([]string, 0, len(cm)) - for key := range cm { - keys = append(keys, key) - } - sort.Strings(keys) - ch := bytes.NewBufferString("") - for i, key := range keys { - if i > 0 { - ch.WriteRune('\n') - } - ch.WriteString(key) - ch.WriteRune(':') - ch.WriteString(strings.Join(cm[key], ",")) + scopedLog.Info("Initializing AzureBlobClient") + + // Execute the initialization function if provided. + if initFunc != nil { + initResult := initFunc(ctx, endpoint, storageAccountName, secretAccessKey) + // Currently, no action is taken with initResult. Modify if needed. + _ = initResult } - return ch.String() -} -// buildCanonicalizedResource is a helper API for adding auth signature to HTTP headers -func buildCanonicalizedResource(u *url.URL, accountName string) (string, error) { - // https://docs.microsoft.com/en-us/rest/api/storageservices/authentication-for-the-azure-storage-services - cr := bytes.NewBufferString("/") - cr.WriteString(accountName) - - if len(u.Path) > 0 { - // Any portion of the CanonicalizedResource string that is derived from - // the resource's URI should be encoded exactly as it is in the URI. - // -- https://msdn.microsoft.com/en-gb/library/azure/dd179428.aspx - cr.WriteString(u.EscapedPath()) + // Construct the service URL. + var serviceURL string + if endpoint != "" { + serviceURL = endpoint + if serviceURL[len(serviceURL)-1] == '/' { + serviceURL = serviceURL[:len(serviceURL)-1] + } + } else if region != "" { + serviceURL = fmt.Sprintf("https://%s.blob.%s.core.windows.net", storageAccountName, region) } else { - // a slash is required to indicate the root path - cr.WriteString("/") + serviceURL = fmt.Sprintf("https://%s.blob.core.windows.net", storageAccountName) } - // params is a map[string][]string; param name is key; params values is []string - params, err := url.ParseQuery(u.RawQuery) // Returns URL decoded values - if err != nil { - return "", errors.New("parsing query parameters must succeed, otherwise there might be serious problems in the SDK/generated code") - } + var containerClient ContainerClientInterface + var credentialType CredentialType - if len(params) > 0 { // There is at least 1 query parameter - paramNames := []string{} // We use this to sort the parameter key names - for paramName := range params { - paramNames = append(paramNames, paramName) // paramNames must be lowercase + if secretAccessKey != "" { + // Use Shared Key authentication. + scopedLog.Info("Using Shared Key authentication") + + // Create a Shared Key Credential. + sharedKeyCredential, err := azblob.NewSharedKeyCredential(storageAccountName, secretAccessKey) + if err != nil { + scopedLog.Error(err, "Failed to create SharedKeyCredential") + return nil, fmt.Errorf("failed to create SharedKeyCredential: %w", err) + } + + // Initialize the container client with Shared Key Credential. + rawContainerClient, err := container.NewClientWithSharedKeyCredential( + fmt.Sprintf("%s/%s", serviceURL, bucketName), + sharedKeyCredential, + nil, + ) + if err != nil { + scopedLog.Error(err, "Failed to create ContainerClient with SharedKeyCredential") + return nil, fmt.Errorf("failed to create ContainerClient with SharedKeyCredential: %w", err) } - sort.Strings(paramNames) - for _, paramName := range paramNames { - paramValues := params[paramName] - sort.Strings(paramValues) + // Wrap the container client. + containerClient = &ContainerClientWrapper{rawContainerClient} + + credentialType = CredentialTypeSharedKey + } else { + // Use Azure AD authentication. + scopedLog.Info("Using Azure AD authentication") + + // Create a Token Credential using DefaultAzureCredential. + // The Azure SDK uses environment variables to configure authentication when using DefaultAzureCredential. + // For Workload Identity, by adding annotations to the pod's service account: + // azure.workload.identity/client-id: + // the following environment variables are typically used: + // AZURE_AUTHORITY_HOST: The Azure Active Directory endpoint (default is https://login.microsoftonline.com/). + // AZURE_CLIENT_ID: The client ID of the Azure AD application linked to the pod's service account. + // AZURE_TENANT_ID: The tenant ID of the Azure Active Directory where the Azure AD application resides. + // AZURE_FEDERATED_TOKEN_FILE: The path to the file containing the token issued by Kubernetes, usually mounted as a volume. + // when using Azure AD Pod Identity (deprecated), the following environment variables are typically used: + // AZURE_POD_IDENTITY_AUTHORITY_HOST: The Azure Active Directory endpoint (default is https://login.microsoftonline.com/). + // AZURE_POD_IDENTITY_CLIENT_ID: The client ID of the Azure AD application linked to the pod's service account. + // AZURE_POD_IDENTITY_TENANT_ID: The tenant ID of the Azure Active Directory where the Azure AD application resides. + // AZURE_POD_IDENTITY_TOKEN_FILE: The path to the file containing the token issued by Kubernetes, usually mounted as a volume. + // AZURE_POD_IDENTITY_RESOURCE_ID: The resource ID of the Azure resource to access. + // AZURE_POD_IDENTITY_USE_MSI: Set to "true" to use Managed Service Identity (MSI) for authentication. + // AZURE_POD_IDENTITY_USER_ASSIGNED_ID + + tokenCredential, err := azidentity.NewDefaultAzureCredential(nil) + if err != nil { + scopedLog.Error(err, "Failed to create DefaultAzureCredential") + return nil, fmt.Errorf("failed to create DefaultAzureCredential: %w", err) + } - // Join the sorted key values separated by ',' - // Then prepend "keyName:"; then add this string to the buffer - cr.WriteString("\n" + paramName + ":" + strings.Join(paramValues, ",")) + // Initialize the container client with Token Credential. + rawContainerClient, err := container.NewClient( + fmt.Sprintf("%s/%s", serviceURL, bucketName), + tokenCredential, + nil, + ) + if err != nil { + scopedLog.Error(err, "Failed to create ContainerClient with TokenCredential") + return nil, fmt.Errorf("failed to create ContainerClient with TokenCredential: %w", err) } + + // Wrap the container client. + containerClient = &ContainerClientWrapper{rawContainerClient} + + credentialType = CredentialTypeAzureAD } - return cr.String(), nil -} -// NewAzureBlobClient returns an AzureBlob client -func NewAzureBlobClient(ctx context.Context, bucketName string, storageAccountName string, secretAccessKey string, prefix string, startAfter string, region string, endpoint string, fn GetInitFunc) (RemoteDataClient, error) { - // Get http client - azureHTTPClient := fn(ctx, endpoint, storageAccountName, secretAccessKey) + scopedLog.Info("AzureBlobClient initialized successfully", + "CredentialType", credentialType, + "BucketName", bucketName, + "StorageAccountName", storageAccountName, + ) return &AzureBlobClient{ BucketName: bucketName, StorageAccountName: storageAccountName, - SecretAccessKey: secretAccessKey, Prefix: prefix, StartAfter: startAfter, Endpoint: endpoint, - HTTPClient: azureHTTPClient.(SplunkHTTPClient), + ContainerClient: containerClient, + CredentialType: credentialType, }, nil } -// InitAzureBlobClientWrapper is a wrapper around InitAzureBlobClientSession -func InitAzureBlobClientWrapper(ctx context.Context, appAzureBlobEndPoint string, storageAccountName string, secretAccessKey string) interface{} { - return InitAzureBlobClientSession(ctx) -} - -// InitAzureBlobClientSession initializes and returns a client session object -func InitAzureBlobClientSession(ctx context.Context) SplunkHTTPClient { - reqLogger := log.FromContext(ctx) - scopedLog := reqLogger.WithName("InitAzureBlobClientSession") - - // Enforcing minimum version TLS1.2 - tr := &http.Transport{ - TLSClientConfig: &tls.Config{ - MinVersion: tls.VersionTLS12, - }, - } - tr.ForceAttemptHTTP2 = true - - httpClient := http.Client{ - Transport: tr, - Timeout: appFrameworkHttpclientTimeout * time.Second, - } - - // Validate transport - tlsVersion := "Unknown" - if tr, ok := httpClient.Transport.(*http.Transport); ok { - tlsVersion = getTLSVersion(tr) - } - - scopedLog.Info("Azure Blob Client Session initialization successful.", "TLS Version", tlsVersion) - - return &httpClient -} - -// Update http request header with secrets info -func updateAzureHTTPRequestHeaderWithSecrets(ctx context.Context, client *AzureBlobClient, httpRequest *http.Request) error { - reqLogger := log.FromContext(ctx) - scopedLog := reqLogger.WithName("updateHttpRequestHeaderWithSecrets") - - scopedLog.Info("Updating Azure Http Request with secrets") - - // Update httpRequest header with data and version - httpRequest.Header[headerXmsDate] = []string{time.Now().UTC().Format(http.TimeFormat)} - httpRequest.Header[headerXmsVersion] = []string{azureHTTPHeaderXmsVersion} - - // Get HMAC signature using storage account name and secret access key - stringToSign, err := buildStringToSign(*httpRequest, client.StorageAccountName) - if err != nil { - scopedLog.Error(err, "Azure Blob with secrets Failed to build string to sign") - return err - } - decodedAccountKey, err := base64.StdEncoding.DecodeString(client.SecretAccessKey) - if err != nil { - // failed to decode - scopedLog.Error(err, "Azure Blob with secrets failed to decode accountKey") - return err - } - signature := ComputeHMACSHA256(stringToSign, decodedAccountKey) - authHeader := strings.Join([]string{"SharedKey ", client.StorageAccountName, ":", signature}, "") - - // Update httpRequest header with the HMAC256 signature - httpRequest.Header[headerAuthorization] = []string{authHeader} - - return nil -} - -// Update http request header with IAM info -func updateAzureHTTPRequestHeaderWithIAM(ctx context.Context, client *AzureBlobClient, httpRequest *http.Request) error { - reqLogger := log.FromContext(ctx) - scopedLog := reqLogger.WithName("updateHttpRequestHeaderWithIAM") - - scopedLog.Info("Updating Azure Http Request with IAM") - - // Create http request to retrive IAM oauth token from metadata URL - oauthRequest, err := http.NewRequest("GET", azureTokenFetchURL, nil) - if err != nil { - scopedLog.Error(err, "Azure Blob Failed to create new token request") - return err - } - - // Mark metadata flag - oauthRequest.Header.Set("Metadata", "true") - - // Create raw query for http request - values := oauthRequest.URL.Query() - values.Add("api-version", azureIMDSApiVersion) - values.Add("resource", "https://storage.azure.com/") - oauthRequest.URL.RawQuery = values.Encode() - - // Retrieve oauth token - resp, err := client.HTTPClient.Do(oauthRequest) - if err != nil { - scopedLog.Error(err, "Azure blob,Errored when sending request to the server") - return err - } - - defer resp.Body.Close() - - // A response code other than 200 usually means that no managed indentity is - // configured with the aks cluster. - if resp.StatusCode != 200 { - return errors.New("please validate that your cluster is configured to use managed identity") - } - - // Read http response - responseBody, err := io.ReadAll(resp.Body) - if err != nil { - scopedLog.Error(err, "Azure blob,Errored when reading resp body") - return err - } - - // Extract the token from the http response - var azureOauthTokenResponse TokenResponse - err = json.Unmarshal(responseBody, &azureOauthTokenResponse) - if err != nil { - scopedLog.Error(err, "Unable to unmarshal response to token", "Response:", string(responseBody)) - return err - } - - // Update http request header with IAM access token - httpRequest.Header.Set(headerXmsVersion, azureHTTPHeaderXmsVersion) - httpRequest.Header.Set(headerAuthorization, "Bearer "+azureOauthTokenResponse.AccessToken) - - return nil -} - -// GetAppsList gets the list of apps from remote storage +// GetAppsList retrieves a list of blobs (apps) from the Azure Blob container. func (client *AzureBlobClient) GetAppsList(ctx context.Context) (RemoteDataListResponse, error) { reqLogger := log.FromContext(ctx) - scopedLog := reqLogger.WithName("AzureBlob:GetAppsList").WithValues("Endpoint", client.Endpoint, "Bucket", client.BucketName, - "Prefix", client.Prefix) - - scopedLog.Info("Getting Apps list") - - // create rest request URL with storage account name, container, prefix - appsListFetchURL := fmt.Sprintf(azureBlobListAppFetchURL, client.Endpoint, client.BucketName, client.Prefix) - - // Create a http request with the URL - httpRequest, err := http.NewRequest("GET", appsListFetchURL, nil) - if err != nil { - scopedLog.Error(err, "Azure Blob Failed to create request for App fetch URL") - return RemoteDataListResponse{}, err - } - - // Setup the httpRequest with required authentication - if client.StorageAccountName != "" && client.SecretAccessKey != "" { - // Use Secrets - err = updateAzureHTTPRequestHeaderWithSecrets(ctx, client, httpRequest) - } else { - // No Secret provided, try using IAM - err = updateAzureHTTPRequestHeaderWithIAM(ctx, client, httpRequest) - } - if err != nil { - scopedLog.Error(err, "Failed to get http request authenticated") - return RemoteDataListResponse{}, err - } - - // List the apps - httpResponse, err := client.HTTPClient.Do(httpRequest) - if err != nil { - scopedLog.Error(err, "Azure blob, unable to execute list apps http request") - return RemoteDataListResponse{}, err - } - - defer httpResponse.Body.Close() - - // Authorization unsuccessul - if httpResponse.StatusCode != 200 { - err = errors.New("error authorizing the rest call. check your IAM/secret configuration") - return RemoteDataListResponse{}, err - } - - // Extract response - azureRemoteDataResponse, err := extractResponse(ctx, httpResponse) - if err != nil { - scopedLog.Error(err, "unable to extract app packages list from http response") - return azureRemoteDataResponse, err - } - - // Successfully listed apps - scopedLog.Info("Listing apps successful") - - return azureRemoteDataResponse, err -} - -// Extract data from httpResponse and fill it in RemoteDataListResponse structs -func extractResponse(ctx context.Context, httpResponse *http.Response) (RemoteDataListResponse, error) { - reqLogger := log.FromContext(ctx) - scopedLog := reqLogger.WithName("AzureBlob:extractResponse") + scopedLog := reqLogger.WithName("AzureBlob:GetAppsList").WithValues("Bucket", client.BucketName) - azureAppsRemoteData := RemoteDataListResponse{} + scopedLog.Info("Fetching list of apps") - // Read response body - responseBody, err := io.ReadAll(httpResponse.Body) - if err != nil { - scopedLog.Error(err, "Errored when reading resp body for app packages list rest call") - return azureAppsRemoteData, err + // Define options for listing blobs. + options := &container.ListBlobsFlatOptions{ + Prefix: &client.Prefix, } - // Variable to hold unmarshaled data - data := &EnumerationResults{} + // Set the Marker if StartAfter is provided. + //if client.StartAfter != "" { + // options.Marker = &client.StartAfter + //} - // Unmarshal http response - err = xml.Unmarshal(responseBody, data) - if err != nil { - scopedLog.Error(err, "Errored unmarshalling app packages list", "rest call response:", string(responseBody)) - return azureAppsRemoteData, err - } + // Create a pager to iterate through blobs. + pager := client.ContainerClient.NewListBlobsFlatPager(options) - // Extract data from all blobs - for count := 0; count < len(data.Blobs.Blob); count++ { - // Extract blob - blob := data.Blobs.Blob[count] - - scopedLog.Info("Listing App package details", "Count:", count, "App package name", blob.Name, - "Etag", blob.Properties.ETag, "Created on", blob.Properties.CreationTime, - "Modified on", blob.Properties.LastModified, "Content Size", blob.Properties) - - // Extract properties - newETag := blob.Properties.ETag - newKey := blob.Name - newLastModified, errTime := time.Parse(http.TimeFormat, blob.Properties.LastModified) - if errTime != nil { - scopedLog.Error(err, "Unable to get lastModifiedTime, not adding to list", "App Package", newKey, "name", blob.Properties.LastModified) - continue - } - newSize, errInt := strconv.ParseInt(blob.Properties.ContentLength, 10, 64) - if errInt != nil { - scopedLog.Error(err, "Unable to get newSize, not adding to list", "App package", newKey, "name", blob.Properties.ContentLength) - continue + var blobs []*RemoteObject + for pager.More() { + resp, err := pager.NextPage(ctx) + if err != nil { + scopedLog.Error(err, "Error listing blobs") + return RemoteDataListResponse{}, fmt.Errorf("error listing blobs: %w", err) } - newStorageClass := "standard" //TODO : map to a azure blob field - // Create new object and append - newRemoteObject := RemoteObject{Etag: &newETag, Key: &newKey, LastModified: &newLastModified, Size: &newSize, StorageClass: &newStorageClass} - azureAppsRemoteData.Objects = append(azureAppsRemoteData.Objects, &newRemoteObject) + for _, blob := range resp.Segment.BlobItems { + etag := string(*blob.Properties.ETag) + name := *blob.Name + lastModified := blob.Properties.LastModified + size := blob.Properties.ContentLength + + remoteObject := &RemoteObject{ + Etag: &etag, + Key: &name, + LastModified: lastModified, + Size: size, + } + blobs = append(blobs, remoteObject) + } } - return azureAppsRemoteData, nil + scopedLog.Info("Successfully fetched list of apps", "TotalBlobs", len(blobs)) + + return RemoteDataListResponse{Objects: blobs}, nil } -// DownloadApp downloads an app package from remote storage +// DownloadApp downloads a specific blob from Azure Blob Storage to a local file. func (client *AzureBlobClient) DownloadApp(ctx context.Context, downloadRequest RemoteDataDownloadRequest) (bool, error) { reqLogger := log.FromContext(ctx) - scopedLog := reqLogger.WithName("AzureBlob:DownloadApp").WithValues("Endpoint", client.Endpoint, "Bucket", client.BucketName, - "Prefix", client.Prefix, "downloadRequest", downloadRequest) + scopedLog := reqLogger.WithName("AzureBlob:DownloadApp").WithValues( + "Bucket", client.BucketName, + "RemoteFile", downloadRequest.RemoteFile, + "LocalFile", downloadRequest.LocalFile, + ) - scopedLog.Info("Download App package") + scopedLog.Info("Initiating blob download") - // create rest request URL with storage account name, container, prefix - appPackageFetchURL := fmt.Sprintf(azureBlobDownloadAppFetchURL, client.Endpoint, client.BucketName, downloadRequest.RemoteFile) + // Create a blob client for the specific blob. + blobClient := client.ContainerClient.NewBlobClient(downloadRequest.RemoteFile) - // Create a http request with the URL - httpRequest, err := http.NewRequest("GET", appPackageFetchURL, nil) + // Download the blob content. + get, err := blobClient.DownloadStream(ctx, nil) if err != nil { - scopedLog.Error(err, "Azure Blob Failed to create request for App package fetch URL") - return false, err + scopedLog.Error(err, "Failed to download blob") + return false, fmt.Errorf("failed to download blob: %w", err) } + defer get.Body.Close() - // Setup the httpRequest with required authentication - if client.StorageAccountName != "" && client.SecretAccessKey != "" { - // Use Secrets - err = updateAzureHTTPRequestHeaderWithSecrets(ctx, client, httpRequest) - } else { - // No Secret provided, try using IAM - err = updateAzureHTTPRequestHeaderWithIAM(ctx, client, httpRequest) - } - if err != nil { - scopedLog.Error(err, "Failed to get http request authenticated") - return false, err - } - - scopedLog.Info("Calling the download rest request") - - // Download the app - httpResponse, err := client.HTTPClient.Do(httpRequest) - if err != nil { - scopedLog.Error(err, "Azure blob, unable to execute download apps http request") - return false, err - } - - defer httpResponse.Body.Close() - - // Authorization unsuccessul for download rest call - if httpResponse.StatusCode != 200 { - err = errors.New("error authorizing the rest call. check your IAM/secret configuration") - return false, err - } - - // Create local file on operator + // Create or truncate the local file. localFile, err := os.Create(downloadRequest.LocalFile) if err != nil { - scopedLog.Error(err, "Unable to open local file") - return false, err + scopedLog.Error(err, "Failed to create local file") + return false, fmt.Errorf("failed to create local file: %w", err) } defer localFile.Close() - scopedLog.Info("Copying the download response to localFile") - - // Copy the http response (app packages to the local file path) - _, err = io.Copy(localFile, httpResponse.Body) + // Write the content to the local file. + _, err = io.Copy(localFile, get.Body) if err != nil { - fmt.Println(err.Error(), "Failed when copying resp body for app download") - return false, err + scopedLog.Error(err, "Failed to write blob content to local file") + return false, fmt.Errorf("failed to write blob content to local file: %w", err) } - // Successfully downloaded app package - scopedLog.Info("Download app package successful") + scopedLog.Info("Blob downloaded successfully") - return true, err + return true, nil } -// RegisterAzureBlobClient will add the corresponding function pointer to the map +// NoOpInitFunc performs no additional initialization. +// It satisfies the GetInitFunc type and can be used when no extra setup is needed. +func NoOpInitFunc( + ctx context.Context, + appAzureBlobEndPoint string, + storageAccountName string, + secretAccessKey string, // Optional: can be empty +) interface{} { + // No additional initialization required. + return nil +} + +// RegisterAzureBlobClient registers the AzureBlobClient in the RemoteDataClientsMap. func RegisterAzureBlobClient() { - wrapperObject := GetRemoteDataClientWrapper{GetRemoteDataClient: NewAzureBlobClient, GetInitFunc: InitAzureBlobClientWrapper} + wrapperObject := GetRemoteDataClientWrapper{ + GetRemoteDataClient: NewAzureBlobClient, + GetInitFunc: NoOpInitFunc, // Use CustomInitFunc if additional initialization is needed + } RemoteDataClientsMap["azure"] = wrapperObject } diff --git a/pkg/splunk/client/azureblobclient_test.go b/pkg/splunk/client/azureblobclient_test.go index cd73f4160..e53a0193d 100644 --- a/pkg/splunk/client/azureblobclient_test.go +++ b/pkg/splunk/client/azureblobclient_test.go @@ -17,1188 +17,410 @@ package client import ( "context" - "encoding/json" - "encoding/xml" - "errors" "fmt" - "net/http" - "net/http/httptest" - "net/url" + "io" "os" "strings" "testing" "time" - enterpriseApi "github.com/splunk/splunk-operator/api/v4" - spltest "github.com/splunk/splunk-operator/pkg/splunk/test" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob" + "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob" + "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/container" + "github.com/stretchr/testify/mock" + "github.com/stretchr/testify/require" ) -// Helpers for faulty http request/response -type errReader int - -func (errReader) Read(p []byte) (n int, err error) { - return 0, errors.New("test error") +// MockContainerClient is a mock implementation of ContainerClientInterface. +type MockContainerClient struct { + mock.Mock } -func TestInitAzureBlobClientWrapper(t *testing.T) { - ctx := context.TODO() - azureBlobClientSession := InitAzureBlobClientWrapper(ctx, "https://mystorageaccount.blob.core.windows.net", "abcd", "1234") - if azureBlobClientSession == nil { - t.Errorf("We should not have got a nil Azure Blob Client") - } +// NewListBlobsFlatPager mocks the NewListBlobsFlatPager method. +func (m *MockContainerClient) NewListBlobsFlatPager(options *azblob.ListBlobsFlatOptions) *runtime.Pager[azblob.ListBlobsFlatResponse] { + args := m.Called(options) + return args.Get(0).(*runtime.Pager[azblob.ListBlobsFlatResponse]) } -func TestNewAzureBlobClient(t *testing.T) { - ctx := context.TODO() - fn := InitAzureBlobClientWrapper - - azureBlobClient, err := NewAzureBlobClient(ctx, "sample_bucket", "abcd", "xyz", "admin/", "admin", "us-west-2", "https://mystorageaccount.blob.core.windows.net", fn) - if azureBlobClient == nil || err != nil { - t.Errorf("NewAzureBlobClient should have returned a valid Azure Blob client.") - } +// NewBlobClient mocks the NewBlobClient method. +func (m *MockContainerClient) NewBlobClient(blobName string) BlobClientInterface { + args := m.Called(blobName) + return args.Get(0).(BlobClientInterface) } -func TestBuildStringToSign(t *testing.T) { - hd := make(map[string][]string) - - hd["Content-Length"] = []string{"0"} - hreq := http.Request{ - Header: hd, - URL: &url.URL{ - Path: "", - RawQuery: ";", - }, - } - _, _ = buildStringToSign(hreq, "") - - // Test invalid scenario - hreq = http.Request{ - URL: &url.URL{ - Path: "", - RawQuery: ";", - }, - } - _, _ = buildStringToSign(hreq, "") -} - -func TestBuildCanonicalizedHeader(t *testing.T) { - hd := make(map[string][]string) - buildCanonicalizedHeader(hd) -} - -func TestUpdateAzureHTTPRequestHeaderWithSecrets(t *testing.T) { - ctx := context.TODO() - hd := make(map[string][]string) - - hd["Content-Length"] = []string{"0"} - hreq := http.Request{ - Header: hd, - URL: &url.URL{ - Path: "", - RawQuery: ";", - }, - } - - azClient := &AzureBlobClient{ - StorageAccountName: "saname", - SecretAccessKey: "skey", - } - updateAzureHTTPRequestHeaderWithSecrets(ctx, azClient, &hreq) - - hreq.URL.RawQuery = "validquery" - azClient.SecretAccessKey = "!;." - updateAzureHTTPRequestHeaderWithSecrets(ctx, azClient, &hreq) +// MockBlobClient is a mock implementation of BlobClientInterface. +type MockBlobClient struct { + mock.Mock } -func TestExtractResponse(t *testing.T) { - ctx := context.TODO() - testRequest := httptest.NewRequest(http.MethodPost, "/something", errReader(0)) - - httpRes := http.Response{ - Body: testRequest.Body, - } - - extractResponse(ctx, &httpRes) +// DownloadStream mocks the DownloadStream method. +func (m *MockBlobClient) DownloadStream(ctx context.Context, options *blob.DownloadStreamOptions) (blob.DownloadStreamResponse, error) { + args := m.Called(ctx, options) + return args.Get(0).(blob.DownloadStreamResponse), args.Error(1) } -func TestAzureBlobGetAppsListShouldNotFail(t *testing.T) { - ctx := context.TODO() - appFrameworkRef := enterpriseApi.AppFrameworkSpec{ - Defaults: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - VolList: []enterpriseApi.VolumeSpec{ - { - Name: "azure_vol1", - Endpoint: "https://mystorageaccount.blob.core.windows.net", - Path: "appscontainer1", - SecretRef: "blob-secret", - Type: "blob", - Provider: "azure", - }, - }, - AppSources: []enterpriseApi.AppSourceSpec{ - { - Name: "adminApps", - Location: "adminAppsRepo", - AppSourceDefaultSpec: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - }, - }, - } - - // Initialize clients - azureBlobClient := &AzureBlobClient{} - mclient := spltest.MockHTTPClient{} - - // Add handler for mock client(handles secrets case initially) - wantRequest, _ := http.NewRequest("GET", "https://mystorageaccount.blob.core.windows.net/appscontainer1?prefix=adminAppsRepo&restype=container&comp=list&include=snapshots&include=metadata", nil) - respdata := &EnumerationResults{ - Blobs: Blobs{ - Blob: []Blob{ - { - Properties: ContainerProperties{ - CreationTime: time.Now().UTC().Format(http.TimeFormat), - LastModified: time.Now().UTC().Format(http.TimeFormat), - ETag: "abcd", - ContentLength: fmt.Sprint(64), +// TestAzureBlobClient_GetAppsList_SharedKey tests the GetAppsList method using Shared Key authentication. +func TestAzureBlobClient_GetAppsList_SharedKey(t *testing.T) { + // Initialize mocks. + mockContainerClient := new(MockContainerClient) + + // Create a runtime pager that returns the mockListResponse. + // Create a runtime pager for simulating paginated blob listing + runtimePager := runtime.NewPager(runtime.PagingHandler[azblob.ListBlobsFlatResponse]{ + More: func(resp azblob.ListBlobsFlatResponse) bool { + // If resp is zero value (before first fetch), we have more pages + if resp.Segment == nil && resp.NextMarker == nil { + return true + } + // If NextMarker is not empty, we have more pages + if resp.NextMarker != nil && *resp.NextMarker != "" { + return true + } + // No more pages + return false + }, + Fetcher: func(ctx context.Context, cur *azblob.ListBlobsFlatResponse) (azblob.ListBlobsFlatResponse, error) { + if cur == nil { + // Simulate the first page of blobs + return azblob.ListBlobsFlatResponse{ + ListBlobsFlatSegmentResponse: container.ListBlobsFlatSegmentResponse{ + ContainerName: to.Ptr("test-container"), + ServiceEndpoint: to.Ptr("https://test.blob.core.windows.net/"), + MaxResults: to.Ptr(int32(1)), + Segment: &container.BlobFlatListSegment{ + BlobItems: []*container.BlobItem{ + { + Name: to.Ptr("blob1"), + Properties: &container.BlobProperties{ + ETag: to.Ptr(azcore.ETag("etag1")), + LastModified: to.Ptr(time.Now()), + ContentLength: to.Ptr(int64(100)), + }, + }, + { + Name: to.Ptr("blob2"), + Properties: &container.BlobProperties{ + ETag: to.Ptr(azcore.ETag("etag2")), + LastModified: to.Ptr(time.Now()), + ContentLength: to.Ptr(int64(200)), + }, + }, + }, + }, + NextMarker: nil, }, - }, - }, - }, - } - mrespdata, _ := xml.Marshal(respdata) - mclient.AddHandler(wantRequest, 200, string(mrespdata), nil) - - // Get App source and volume from spec - appSource := appFrameworkRef.AppSources[0] - vol, err := GetAppSrcVolume(ctx, appSource, &appFrameworkRef) - if err != nil { - t.Errorf("Unable to get volume for app source : %s", appSource.Name) - } - - // Update the GetRemoteDataClient function pointer - getClientWrapper := RemoteDataClientsMap[vol.Provider] - getClientWrapper.SetRemoteDataClientFuncPtr(ctx, vol.Provider, NewMockAzureBlobClient) - - // Update the GetRemoteDataClientInit function pointer - initFn := func(ctx context.Context, region, accessKeyID, secretAccessKey string) interface{} { - return &mclient - } - getClientWrapper.SetRemoteDataClientInitFuncPtr(ctx, vol.Provider, initFn) - - // Init azure blob client - getRemoteDataClientFn := getClientWrapper.GetRemoteDataClientInitFuncPtr(ctx) - azureBlobClient.HTTPClient = getRemoteDataClientFn(ctx, "us-west-2", "abcd", "1234").(*spltest.MockHTTPClient) - azureBlobClient.BucketName = vol.Path - azureBlobClient.Prefix = appSource.Location - azureBlobClient.Endpoint = vol.Endpoint - - // Test Listing apps with secrets - azureBlobClient.StorageAccountName = vol.Path - azureBlobClient.SecretAccessKey = "abcd" - - respList, err := azureBlobClient.GetAppsList(ctx) - if err != nil { - t.Errorf("GetAppsList should not return nil") - } - - if len(respList.Objects) != 1 { - t.Errorf("GetAppsList should have returned 1 blob object") - } - - // Out of two blobs one has Incorrect last modified time so the - // list should return only one blob - respdata = &EnumerationResults{ - Blobs: Blobs{ - Blob: []Blob{ - { - Properties: ContainerProperties{ - CreationTime: time.Now().UTC().Format(http.TimeFormat), - LastModified: fmt.Sprint(time.Now()), - ETag: "etag1", - ContentLength: fmt.Sprint(64), - }, - }, - { - Properties: ContainerProperties{ - CreationTime: time.Now().UTC().Format(http.TimeFormat), - LastModified: time.Now().UTC().Format(http.TimeFormat), - ETag: "etag2", - ContentLength: fmt.Sprint(64), - }, - }, - }, - }, - } - mrespdata, _ = xml.Marshal(respdata) - mclient.AddHandler(wantRequest, 200, string(mrespdata), nil) - // GetAppsList doesn't return error as we move onto the next blob - resp, err := azureBlobClient.GetAppsList(ctx) - if err != nil { - t.Errorf("Did not expect error but one blob should have been returned") - } - //check only one blob is returned as it has correct lastmodified date - if len(resp.Objects) != 1 { - t.Errorf("Expected only one blob to be returned") - } - - // GetAppsList covering code for incorrect content length - respdata.Blobs.Blob[0].Properties.ContentLength = "09999999999999999999" - respdata.Blobs.Blob[0].Properties.LastModified = time.Now().UTC().Format(http.TimeFormat) - mrespdata, _ = xml.Marshal(respdata) - mclient.AddHandler(wantRequest, 200, string(mrespdata), nil) - resp, err = azureBlobClient.GetAppsList(ctx) - if err != nil { - t.Errorf("Did not expect error but one blob should have been returned") - } - - // Test Listing Apps with IAM - azureBlobClient.StorageAccountName = "" - azureBlobClient.SecretAccessKey = "" - wantRequest, _ = http.NewRequest("GET", "http://169.254.169.254/metadata/identity/oauth2/token?api-version=2021-10-01&resource=https%3A%2F%2Fstorage.azure.com%2F", nil) - respTokenData := &TokenResponse{ - AccessToken: "acctoken", - ClientID: "ClientId", - } - mrespdata, _ = json.Marshal(respTokenData) - mclient.AddHandler(wantRequest, 200, string(mrespdata), nil) - - _, err = azureBlobClient.GetAppsList(ctx) - if err != nil { - t.Errorf("GetAppsList should not return nil") - } - + }, nil + } + // Simulate no more pages + return azblob.ListBlobsFlatResponse{}, nil + }, + }) + + // Setup mock behavior to return the pager. + mockContainerClient.On("NewListBlobsFlatPager", mock.Anything).Return(runtimePager) + + // Initialize AzureBlobClient with the mock container client. + azureClient := &AzureBlobClient{ + BucketName: "test-container", + StorageAccountName: "test-account", + Prefix: "", + StartAfter: "", + Endpoint: "", + ContainerClient: mockContainerClient, + CredentialType: CredentialTypeSharedKey, + } + + // Execute GetAppsList. + ctx := context.Background() + resp, err := azureClient.GetAppsList(ctx) + + // Assertions. + require.NoError(t, err) + require.Len(t, resp.Objects, 2) + require.Equal(t, "blob1", *resp.Objects[0].Key) + require.Equal(t, "blob2", *resp.Objects[1].Key) + + // Verify that all expectations were met. + mockContainerClient.AssertExpectations(t) } -func TestAzureBlobGetAppsListShouldFail(t *testing.T) { - ctx := context.TODO() - appFrameworkRef := enterpriseApi.AppFrameworkSpec{ - Defaults: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - VolList: []enterpriseApi.VolumeSpec{ - { - Name: "azure_vol1", - Endpoint: "https://mystorageaccount.blob.core.windows.net", - Path: "appscontainer1", - SecretRef: "blob-secret", - Type: "blob", - Provider: "azure", - }, - }, - AppSources: []enterpriseApi.AppSourceSpec{ - { - Name: "adminApps", - Location: "adminAppsRepo", - AppSourceDefaultSpec: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - }, - }, - } - - // Initialize clients - azureBlobClient := &AzureBlobClient{} - mclient := spltest.MockHTTPClient{} - - // Add handler for mock client(handles secrets case initially) - wantRequest, _ := http.NewRequest("GET", "https://mystorageaccount.blob.core.windows.net/appscontainer1?prefix=adminAppsRepo&restype=container&comp=list&include=snapshots&include=metadata", nil) - respdata := &EnumerationResults{ - Blobs: Blobs{ - Blob: []Blob{ - { - Properties: ContainerProperties{ - CreationTime: time.Now().UTC().Format(http.TimeFormat), - LastModified: time.Now().UTC().Format(http.TimeFormat), - ETag: "abcd", - ContentLength: fmt.Sprint(64), +// TestAzureBlobClient_GetAppsList_AzureAD tests the GetAppsList method using Azure AD authentication. +func TestAzureBlobClient_GetAppsList_AzureAD(t *testing.T) { + // Initialize mocks. + mockContainerClient := new(MockContainerClient) + + // Create a runtime pager for simulating paginated blob listing + runtimePager := runtime.NewPager(runtime.PagingHandler[azblob.ListBlobsFlatResponse]{ + More: func(resp azblob.ListBlobsFlatResponse) bool { + // If resp is zero value (before first fetch), we have more pages + if resp.Segment == nil && resp.NextMarker == nil { + return true + } + // If NextMarker is not empty, we have more pages + if resp.NextMarker != nil && *resp.NextMarker != "" { + return true + } + // No more pages + return false + }, + Fetcher: func(ctx context.Context, cur *azblob.ListBlobsFlatResponse) (azblob.ListBlobsFlatResponse, error) { + if cur == nil { + // Simulate the first page of blobs + return azblob.ListBlobsFlatResponse{ + ListBlobsFlatSegmentResponse: container.ListBlobsFlatSegmentResponse{ + ContainerName: to.Ptr("test-container"), + ServiceEndpoint: to.Ptr("https://test.blob.core.windows.net/"), + MaxResults: to.Ptr(int32(1)), + Segment: &container.BlobFlatListSegment{ + BlobItems: []*container.BlobItem{ + { + Name: to.Ptr("blob3"), + Properties: &container.BlobProperties{ + ETag: to.Ptr(azcore.ETag("etag3")), + LastModified: to.Ptr(time.Now()), + ContentLength: to.Ptr(int64(100)), + }, + }, + }, + }, + NextMarker: nil, }, - }, - }, - }, - } - mrespdata, _ := xml.Marshal(respdata) - mclient.AddHandler(wantRequest, 200, string(mrespdata), nil) - - // Get App source and volume from spec - appSource := appFrameworkRef.AppSources[0] - vol, err := GetAppSrcVolume(ctx, appSource, &appFrameworkRef) - if err != nil { - t.Errorf("Unable to get volume for app source : %s", appSource.Name) - } - - // Update the GetRemoteDataClient function pointer - getClientWrapper := RemoteDataClientsMap[vol.Provider] - getClientWrapper.SetRemoteDataClientFuncPtr(ctx, vol.Provider, NewMockAzureBlobClient) - - // Update the GetRemoteDataClientInit function pointer - initFn := func(ctx context.Context, region, accessKeyID, secretAccessKey string) interface{} { - return &mclient - } - getClientWrapper.SetRemoteDataClientInitFuncPtr(ctx, vol.Provider, initFn) - - // Init azure blob client - getRemoteDataClientFn := getClientWrapper.GetRemoteDataClientInitFuncPtr(ctx) - azureBlobClient.HTTPClient = getRemoteDataClientFn(ctx, "us-west-2", "abcd", "1234").(*spltest.MockHTTPClient) - azureBlobClient.BucketName = vol.Path - azureBlobClient.Prefix = appSource.Location - - // Test Listing apps with secrets but bad end point - azureBlobClient.StorageAccountName = vol.Path - azureBlobClient.SecretAccessKey = "abcd" - azureBlobClient.Endpoint = string(invalidUrlByteArray) - _, err = azureBlobClient.GetAppsList(ctx) - if err == nil { - t.Errorf("Expected error for invalid endpoint") - } - - // Test Listing apps with secrets but bad end point - azureBlobClient.StorageAccountName = vol.Path - azureBlobClient.SecretAccessKey = "abcd" - azureBlobClient.Endpoint = "not-a-valid-end-point" - _, err = azureBlobClient.GetAppsList(ctx) - if err == nil { - t.Errorf("Expected error for invalid endpoint") - } - azureBlobClient.Endpoint = vol.Endpoint - // Test error conditions - - // Test error for Ouath request - azureBlobClient.StorageAccountName = "" - azureBlobClient.SecretAccessKey = "" - - _, err = azureBlobClient.GetAppsList(ctx) - if err == nil { - t.Errorf("Expected error for incorrect oauth request") - } - - // Test error for get app list request - mclient.AddHandler(wantRequest, 200, string(mrespdata), nil) - _, err = azureBlobClient.GetAppsList(ctx) - if err == nil { - t.Errorf("Expected error for incorrect get apps list request") - } - - // Test error for extract response - wantRequest, _ = http.NewRequest("GET", "https://mystorageaccount.blob.core.windows.net/appscontainer1?prefix=adminAppsRepo&restype=container&comp=list&include=snapshots&include=metadata", nil) - mclient.AddHandler(wantRequest, 200, string("FailToUnmarshal"), nil) - _, err = azureBlobClient.GetAppsList(ctx) - if err == nil { - t.Errorf("Expected error for incorrect http response from get apps list, unable to unmarshal") - } + }, nil + } + // Simulate no more pages + return azblob.ListBlobsFlatResponse{}, nil + }, + }) + + // Setup mock behavior to return the pager. + mockContainerClient.On("NewListBlobsFlatPager", mock.Anything).Return(runtimePager) + + // Initialize AzureBlobClient with the mock container client. + azureClient := &AzureBlobClient{ + BucketName: "test-container", + StorageAccountName: "test-account", + Prefix: "", + StartAfter: "", + Endpoint: "", + ContainerClient: mockContainerClient, + CredentialType: CredentialTypeAzureAD, + } + + // Execute GetAppsList. + ctx := context.Background() + resp, err := azureClient.GetAppsList(ctx) + + // Assertions. + require.NoError(t, err) + require.Len(t, resp.Objects, 1) + require.Equal(t, "blob3", *resp.Objects[0].Key) + + // Verify that all expectations were met. + mockContainerClient.AssertExpectations(t) } -func TestAzureBlobDownloadAppShouldNotFail(t *testing.T) { - ctx := context.TODO() - appFrameworkRef := enterpriseApi.AppFrameworkSpec{ - Defaults: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - VolList: []enterpriseApi.VolumeSpec{ - { - Name: "azure_vol1", - Endpoint: "https://mystorageaccount.blob.core.windows.net", - Path: "appscontainer1", - SecretRef: "blob-secret", - Type: "blob", - Provider: "azure", - }, - }, - AppSources: []enterpriseApi.AppSourceSpec{ - { - Name: "adminApps", - Location: "adminAppsRepo", - AppSourceDefaultSpec: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - }, - }, - } - - // Initialize clients - azureBlobClient := &AzureBlobClient{} - mclient := spltest.MockHTTPClient{} - - // Add handler for mock client(handles secrets case initially) - wantRequest, _ := http.NewRequest("GET", "https://mystorageaccount.blob.core.windows.net/appscontainer1/adminAppsRepo/app1.tgz", nil) - respdata := "This is a test body of an app1.tgz package. In real use it would be a binary file but for test it is just a string data" - - mclient.AddHandler(wantRequest, 200, respdata, nil) - - // Get App source and volume from spec - appSource := appFrameworkRef.AppSources[0] - vol, err := GetAppSrcVolume(ctx, appSource, &appFrameworkRef) - if err != nil { - t.Errorf("Unable to get volume for app source : %s", appSource.Name) - } - - // Update the GetRemoteDataClient function pointer - getClientWrapper := RemoteDataClientsMap[vol.Provider] - getClientWrapper.SetRemoteDataClientFuncPtr(ctx, vol.Provider, NewMockAzureBlobClient) - - // Update the GetRemoteDataClientInit function pointer - initFn := func(ctx context.Context, region, accessKeyID, secretAccessKey string) interface{} { - return &mclient - } - getClientWrapper.SetRemoteDataClientInitFuncPtr(ctx, vol.Provider, initFn) - - // Init azure blob client - getRemoteDataClientFn := getClientWrapper.GetRemoteDataClientInitFuncPtr(ctx) - azureBlobClient.HTTPClient = getRemoteDataClientFn(ctx, "us-west-2", "abcd", "1234").(*spltest.MockHTTPClient) - azureBlobClient.BucketName = vol.Path - azureBlobClient.Prefix = appSource.Location - azureBlobClient.Endpoint = vol.Endpoint - - // Test Download App package with secret - azureBlobClient.StorageAccountName = vol.Path - azureBlobClient.SecretAccessKey = "abcd" - - // Create RemoteDownload request - downloadRequest := RemoteDataDownloadRequest{ - LocalFile: "app1.tgz", - RemoteFile: "adminAppsRepo/app1.tgz", - } - _, err = azureBlobClient.DownloadApp(ctx, downloadRequest) - if err != nil { - t.Errorf("DownloadApps should not return nil") - } - - downloadedAppData, err := os.ReadFile(downloadRequest.LocalFile) - if err != nil { - t.Errorf("DownloadApps failed reading downloaded file. Error is: %s", err.Error()) - } - - if strings.Compare(respdata, string(downloadedAppData)) != 0 { - t.Errorf("DownloadApps failed as it did not download correct data") - } - - os.Remove(downloadRequest.LocalFile) - - // Test Download App package with IAM - azureBlobClient.StorageAccountName = "" - azureBlobClient.SecretAccessKey = "" - wantRequest, _ = http.NewRequest("GET", "http://169.254.169.254/metadata/identity/oauth2/token?api-version=2021-10-01&resource=https%3A%2F%2Fstorage.azure.com%2F", nil) - respTokenData := &TokenResponse{ - AccessToken: "acctoken", - ClientID: "ClientId", - } - mrespdata, _ := json.Marshal(respTokenData) - mclient.AddHandler(wantRequest, 200, string(mrespdata), nil) - - _, err = azureBlobClient.DownloadApp(ctx, downloadRequest) - if err != nil { - t.Errorf("DownloadApps should not return nil") - } - - if strings.Compare(respdata, string(downloadedAppData)) != 0 { - t.Errorf("DownloadApps failed usign IAM as it did not download correct data") - } - - os.Remove(downloadRequest.LocalFile) +// TestAzureBlobClient_GetAppsList_Error tests the GetAppsList method handling an error scenario. +func TestAzureBlobClient_GetAppsList_Error(t *testing.T) { + // Initialize mocks. + mockContainerClient := new(MockContainerClient) + + // Create a runtime pager for simulating paginated blob listing + runtimePager := runtime.NewPager(runtime.PagingHandler[azblob.ListBlobsFlatResponse]{ + More: func(resp azblob.ListBlobsFlatResponse) bool { + // If resp is zero value (before first fetch), we have more pages + if resp.Segment == nil && resp.NextMarker == nil { + return true + } + // If NextMarker is not empty, we have more pages + if resp.NextMarker != nil && *resp.NextMarker != "" { + return true + } + // No more pages + return false + }, + Fetcher: func(ctx context.Context, cur *azblob.ListBlobsFlatResponse) (azblob.ListBlobsFlatResponse, error) { + return container.ListBlobsFlatResponse{}, fmt.Errorf("failed to list blobs") + }, + }) + + // Setup mock behavior to return the pager. + mockContainerClient.On("NewListBlobsFlatPager", mock.Anything).Return(runtimePager) + + // Initialize AzureBlobClient with the mock container client. + azureClient := &AzureBlobClient{ + BucketName: "test-container", + StorageAccountName: "test-account", + Prefix: "", + StartAfter: "", + Endpoint: "", + ContainerClient: mockContainerClient, + CredentialType: CredentialTypeAzureAD, + } + + // Execute GetAppsList. + ctx := context.Background() + resp, err := azureClient.GetAppsList(ctx) + + // Assertions. + require.Error(t, err) + require.Equal(t, RemoteDataListResponse{}, resp) + + // Verify that all expectations were met. + mockContainerClient.AssertExpectations(t) } -func TestAzureBlobDownloadAppShouldFail(t *testing.T) { - ctx := context.TODO() - appFrameworkRef := enterpriseApi.AppFrameworkSpec{ - Defaults: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - VolList: []enterpriseApi.VolumeSpec{ - { - Name: "azure_vol1", - Endpoint: "https://mystorageaccount.blob.core.windows.net", - Path: "appscontainer1", - SecretRef: "blob-secret", - Type: "blob", - Provider: "azure", - }, - }, - AppSources: []enterpriseApi.AppSourceSpec{ - { - Name: "adminApps", - Location: "adminAppsRepo", - AppSourceDefaultSpec: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - }, - }, - } - - // Initialize clients - azureBlobClient := &AzureBlobClient{} - mclient := spltest.MockHTTPClient{} - - // Add handler for mock client(handles secrets case initially) - wantRequest, _ := http.NewRequest("GET", "https://mystorageaccount.blob.core.windows.net/appscontainer1/adminAppsRepo/app1.tgz", nil) - respdata := "This is a test body of an app1.tgz package. In real use it would be a binary file but for test it is just a string data" - - mclient.AddHandler(wantRequest, 200, respdata, nil) +// TestAzureBlobClient_DownloadApp_SharedKey tests the DownloadApp method using Shared Key authentication. +func TestAzureBlobClient_DownloadApp_SharedKey(t *testing.T) { + // Initialize mocks. + mockContainerClient := new(MockContainerClient) + mockBlobClient := new(MockBlobClient) - // Get App source and volume from spec - appSource := appFrameworkRef.AppSources[0] - vol, err := GetAppSrcVolume(ctx, appSource, &appFrameworkRef) - if err != nil { - t.Errorf("Unable to get volume for app source : %s", appSource.Name) - } - - // Update the GetRemoteDataClient function pointer - getClientWrapper := RemoteDataClientsMap[vol.Provider] - getClientWrapper.SetRemoteDataClientFuncPtr(ctx, vol.Provider, NewMockAzureBlobClient) - - // Update the GetRemoteDataClientInit function pointer - initFn := func(ctx context.Context, region, accessKeyID, secretAccessKey string) interface{} { - return &mclient - } - getClientWrapper.SetRemoteDataClientInitFuncPtr(ctx, vol.Provider, initFn) - - // Init azure blob client - getRemoteDataClientFn := getClientWrapper.GetRemoteDataClientInitFuncPtr(ctx) - azureBlobClient.HTTPClient = getRemoteDataClientFn(ctx, "us-west-2", "abcd", "1234").(*spltest.MockHTTPClient) - azureBlobClient.BucketName = vol.Path - azureBlobClient.Prefix = appSource.Location - azureBlobClient.Endpoint = vol.Endpoint - - // Test Download App package with secret - azureBlobClient.StorageAccountName = vol.Path - azureBlobClient.SecretAccessKey = "abcd" - - // Create RemoteDownload request - downloadRequest := RemoteDataDownloadRequest{ - LocalFile: "app1.tgz", - RemoteFile: "adminAppsRepo/app1.tgz", - } - - // Test error conditions - - // Test error for http request to download - azureBlobClient.Endpoint = "dummy" - _, err = azureBlobClient.DownloadApp(ctx, downloadRequest) - if err == nil { - t.Errorf("Expected error for incorrect oauth request") - } - - // Test error for http request to download - azureBlobClient.Endpoint = string(invalidUrlByteArray) - _, err = azureBlobClient.DownloadApp(ctx, downloadRequest) - if err == nil { - t.Errorf("Expected error for incorrect oauth request") - } - - // Test empty local file - downloadRequest.LocalFile = "" - _, err = azureBlobClient.DownloadApp(ctx, downloadRequest) - if err == nil { - t.Errorf("Expected error for incorrect oauth request") - } -} - -func TestAzureBlobGetAppsListShouldFailBadSecret(t *testing.T) { - ctx := context.TODO() - appFrameworkRef := enterpriseApi.AppFrameworkSpec{ - Defaults: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - VolList: []enterpriseApi.VolumeSpec{ - { - Name: "azure_vol1", - Endpoint: "https://mystorageaccount.blob.core.windows.net", - Path: "appscontainer1", - SecretRef: "blob-secret", - Type: "blob", - Provider: "azure", - }, - }, - AppSources: []enterpriseApi.AppSourceSpec{ - { - Name: "adminApps", - Location: "adminAppsRepo", - AppSourceDefaultSpec: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - }, - }, - } - - // Initialize clients - azureBlobClient := &AzureBlobClient{} - mclient := spltest.MockHTTPClient{} - - // Add handler for mock client(handles secrets case initially) - wantRequest, _ := http.NewRequest("GET", "https://mystorageaccount.blob.core.windows.net/appscontainer1?prefix=adminAppsRepo&restype=container&comp=list&include=snapshots&include=metadata", nil) - - mclient.AddHandler(wantRequest, 403, "unauthorized", nil) - - // Get App source and volume from spec - appSource := appFrameworkRef.AppSources[0] - vol, err := GetAppSrcVolume(ctx, appSource, &appFrameworkRef) - if err != nil { - t.Errorf("Unable to get volume for app source : %s", appSource.Name) - } - - // Update the GetRemoteDataClient function pointer - getClientWrapper := RemoteDataClientsMap[vol.Provider] - getClientWrapper.SetRemoteDataClientFuncPtr(ctx, vol.Provider, NewMockAzureBlobClient) - - // Update the GetRemoteDataClientInit function pointer - initFn := func(ctx context.Context, region, accessKeyID, secretAccessKey string) interface{} { - return &mclient - } - getClientWrapper.SetRemoteDataClientInitFuncPtr(ctx, vol.Provider, initFn) - - // Init azure blob client - getRemoteDataClientFn := getClientWrapper.GetRemoteDataClientInitFuncPtr(ctx) - azureBlobClient.HTTPClient = getRemoteDataClientFn(ctx, "us-west-2", "abcd", "1234").(*spltest.MockHTTPClient) - azureBlobClient.BucketName = vol.Path - azureBlobClient.Prefix = appSource.Location - azureBlobClient.Endpoint = vol.Endpoint - - // Test Listing apps with secrets - azureBlobClient.StorageAccountName = vol.Path - azureBlobClient.SecretAccessKey = "abcd" - - respList, err := azureBlobClient.GetAppsList(ctx) - if err == nil { - t.Errorf("GetAppsList should return err") - } - - if err.Error() != "error authorizing the rest call. check your IAM/secret configuration" { - t.Errorf("GetAppsList should return authorization error") - } - - // authorizing the rest call. check your IAM/secret configuration - - if len(respList.Objects) != 0 { - t.Errorf("GetAppsList should not return any response objects") - } -} - -// Test that although the rest call returned 200 response code -// but the response body was not as expected (unmarshelled failed) -func TestAzureBlobGetAppsListShouldFailBadXmlResponse(t *testing.T) { - ctx := context.TODO() - appFrameworkRef := enterpriseApi.AppFrameworkSpec{ - Defaults: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - VolList: []enterpriseApi.VolumeSpec{ - { - Name: "azure_vol1", - Endpoint: "https://mystorageaccount.blob.core.windows.net", - Path: "appscontainer1", - SecretRef: "blob-secret", - Type: "blob", - Provider: "azure", - }, - }, - AppSources: []enterpriseApi.AppSourceSpec{ - { - Name: "adminApps", - Location: "adminAppsRepo", - AppSourceDefaultSpec: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - }, - }, - } - - // Initialize clients - azureBlobClient := &AzureBlobClient{} - mclient := spltest.MockHTTPClient{} - - // Add handler for mock client(handles secrets case initially) - wantRequest, _ := http.NewRequest("GET", "https://mystorageaccount.blob.core.windows.net/appscontainer1?prefix=adminAppsRepo&restype=container&comp=list&include=snapshots&include=metadata", nil) - - mclient.AddHandler(wantRequest, 200, "I am not a valid app list response", nil) - - // Get App source and volume from spec - appSource := appFrameworkRef.AppSources[0] - vol, err := GetAppSrcVolume(ctx, appSource, &appFrameworkRef) - if err != nil { - t.Errorf("Unable to get volume for app source : %s", appSource.Name) - } - - // Update the GetRemoteDataClient function pointer - getClientWrapper := RemoteDataClientsMap[vol.Provider] - getClientWrapper.SetRemoteDataClientFuncPtr(ctx, vol.Provider, NewMockAzureBlobClient) - - // Update the GetRemoteDataClientInit function pointer - initFn := func(ctx context.Context, region, accessKeyID, secretAccessKey string) interface{} { - return &mclient - } - getClientWrapper.SetRemoteDataClientInitFuncPtr(ctx, vol.Provider, initFn) - - // Init azure blob client - getRemoteDataClientFn := getClientWrapper.GetRemoteDataClientInitFuncPtr(ctx) - azureBlobClient.HTTPClient = getRemoteDataClientFn(ctx, "us-west-2", "abcd", "1234").(*spltest.MockHTTPClient) - azureBlobClient.BucketName = vol.Path - azureBlobClient.Prefix = appSource.Location - azureBlobClient.Endpoint = vol.Endpoint - - // Test Listing apps with secrets - azureBlobClient.StorageAccountName = vol.Path - azureBlobClient.SecretAccessKey = "abcd" - - respList, err := azureBlobClient.GetAppsList(ctx) - if err == nil { - t.Errorf("GetAppsList should return err") - } - - // Expecting error : "expected element type but have ..." - if !strings.Contains(err.Error(), "expected element type but have") { - t.Errorf("GetAppsList should return that it could not extract the app packages list") - } - - if len(respList.Objects) != 0 { - t.Errorf("GetAppsList should not return any response objects") - } -} - -func TestAzureBlobGetAppsListShouldFailNoIdentity(t *testing.T) { - ctx := context.TODO() - appFrameworkRef := enterpriseApi.AppFrameworkSpec{ - Defaults: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - VolList: []enterpriseApi.VolumeSpec{ - { - Name: "azure_vol1", - Endpoint: "https://mystorageaccount.blob.core.windows.net", - Path: "appscontainer1", - Type: "blob", - Provider: "azure", - }, - }, - AppSources: []enterpriseApi.AppSourceSpec{ - { - Name: "adminApps", - Location: "adminAppsRepo", - AppSourceDefaultSpec: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - }, - }, - } - - // Initialize clients - azureBlobClient := &AzureBlobClient{} - mclient := spltest.MockHTTPClient{} - - // mock IAM token fetch call to a failed response - // no valid managed identity found - wantRequestIAMTokenFetch, _ := http.NewRequest("GET", "http://169.254.169.254/metadata/identity/oauth2/token?api-version=2021-10-01&resource=https%3A%2F%2Fstorage.azure.com%2F", nil) - - mclient.AddHandler(wantRequestIAMTokenFetch, 400, "No managed identity", nil) - - // Add mock for the azure rest call for list apps - wantRequest, _ := http.NewRequest("GET", "https://mystorageaccount.blob.core.windows.net/appscontainer1?prefix=adminAppsRepo&restype=container&comp=list&include=snapshots&include=metadata", nil) - - mclient.AddHandler(wantRequest, 403, "unauthorized", nil) - - // Get App source and volume from spec - appSource := appFrameworkRef.AppSources[0] - vol, err := GetAppSrcVolume(ctx, appSource, &appFrameworkRef) - if err != nil { - t.Errorf("Unable to get volume for app source : %s", appSource.Name) - } - - // Update the GetRemoteDataClient function pointer - getClientWrapper := RemoteDataClientsMap[vol.Provider] - getClientWrapper.SetRemoteDataClientFuncPtr(ctx, vol.Provider, NewMockAzureBlobClient) - - // Update the GetRemoteDataClientInit function pointer - initFn := func(ctx context.Context, region, accessKeyID, secretAccessKey string) interface{} { - return &mclient - } - getClientWrapper.SetRemoteDataClientInitFuncPtr(ctx, vol.Provider, initFn) - - // Init azure blob client - getRemoteDataClientFn := getClientWrapper.GetRemoteDataClientInitFuncPtr(ctx) - azureBlobClient.HTTPClient = getRemoteDataClientFn(ctx, "us-west-2", "abcd", "1234").(*spltest.MockHTTPClient) - azureBlobClient.BucketName = vol.Path - azureBlobClient.Prefix = appSource.Location - azureBlobClient.Endpoint = vol.Endpoint - - // Test Listing apps with secrets - azureBlobClient.StorageAccountName = vol.Path - azureBlobClient.SecretAccessKey = "abcd" - - respList, err := azureBlobClient.GetAppsList(ctx) - if err == nil { - t.Errorf("GetAppsList should return err") - } - - if err.Error() != "error authorizing the rest call. check your IAM/secret configuration" { - t.Errorf("GetAppsList should return authorization error") - } - - // authorizing the rest call. check your IAM/secret configuration - - if len(respList.Objects) != 0 { - t.Errorf("GetAppsList should not return any response objects") - } - - mclient.RemoveHandlers() -} - -// check identity is assigned to AKS but it is not authorized -// to access the buckets -func TestAzureBlobGetAppsListShouldFailInvalidIdentity(t *testing.T) { - ctx := context.TODO() - appFrameworkRef := enterpriseApi.AppFrameworkSpec{ - Defaults: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - VolList: []enterpriseApi.VolumeSpec{ - { - Name: "azure_vol1", - Endpoint: "https://mystorageaccount.blob.core.windows.net", - Path: "appscontainer1", - Type: "blob", - Provider: "azure", - }, - }, - AppSources: []enterpriseApi.AppSourceSpec{ - { - Name: "adminApps", - Location: "adminAppsRepo", - AppSourceDefaultSpec: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - }, + // Define the blob download response. + mockDownloadResponse := blob.DownloadStreamResponse{ + DownloadResponse: blob.DownloadResponse{ + Body: io.NopCloser(strings.NewReader("mock blob content")), }, } - // Initialize clients - azureBlobClient := &AzureBlobClient{} - mclient := spltest.MockHTTPClient{} + // Setup mock behavior. + mockContainerClient.On("NewBlobClient", "test-file-sharedkey.txt").Return(mockBlobClient) + mockBlobClient.On("DownloadStream", mock.Anything, mock.Anything).Return(mockDownloadResponse, nil) - // Identity call return a token - that means AKS cluster has an identity configured. - wantRequest, _ := http.NewRequest("GET", "http://169.254.169.254/metadata/identity/oauth2/token?api-version=2021-10-01&resource=https%3A%2F%2Fstorage.azure.com%2F", nil) - respTokenData := &TokenResponse{ - AccessToken: "acctoken", - ClientID: "ClientId", + // Initialize AzureBlobClient with the mock container client. + azureClient := &AzureBlobClient{ + BucketName: "test-container", + StorageAccountName: "test-account", + Prefix: "", + StartAfter: "", + Endpoint: "", + ContainerClient: mockContainerClient, + CredentialType: CredentialTypeSharedKey, } - mrespdata, _ := json.Marshal(respTokenData) - mclient.AddHandler(wantRequest, 200, string(mrespdata), nil) - - // Add mock for the azure rest call for list apps - wantRequest, _ = http.NewRequest("GET", "https://mystorageaccount.blob.core.windows.net/appscontainer1?prefix=adminAppsRepo&restype=container&comp=list&include=snapshots&include=metadata", nil) - // Expect the identity does not have authorization to access the buckets - mclient.AddHandler(wantRequest, 403, "identity not authorized", nil) + // Create a temporary file to simulate download. + tempFile, err := os.CreateTemp("", "test-download-sharedkey") + require.NoError(t, err) + defer os.Remove(tempFile.Name()) - // Get App source and volume from spec - appSource := appFrameworkRef.AppSources[0] - vol, err := GetAppSrcVolume(ctx, appSource, &appFrameworkRef) - if err != nil { - t.Errorf("Unable to get volume for app source : %s", appSource.Name) + // Execute DownloadApp. + ctx := context.Background() + req := RemoteDataDownloadRequest{ + LocalFile: tempFile.Name(), + RemoteFile: "test-file-sharedkey.txt", } + success, err := azureClient.DownloadApp(ctx, req) - // Update the GetRemoteDataClient function pointer - getClientWrapper := RemoteDataClientsMap[vol.Provider] - getClientWrapper.SetRemoteDataClientFuncPtr(ctx, vol.Provider, NewMockAzureBlobClient) + // Assertions. + require.NoError(t, err) + require.True(t, success) - // Update the GetRemoteDataClientInit function pointer - initFn := func(ctx context.Context, region, accessKeyID, secretAccessKey string) interface{} { - return &mclient - } - getClientWrapper.SetRemoteDataClientInitFuncPtr(ctx, vol.Provider, initFn) - - // Init azure blob client - getRemoteDataClientFn := getClientWrapper.GetRemoteDataClientInitFuncPtr(ctx) - azureBlobClient.HTTPClient = getRemoteDataClientFn(ctx, "us-west-2", "abcd", "1234").(*spltest.MockHTTPClient) - azureBlobClient.BucketName = vol.Path - azureBlobClient.Prefix = appSource.Location - azureBlobClient.Endpoint = vol.Endpoint - - respList, err := azureBlobClient.GetAppsList(ctx) - if err == nil { - t.Errorf("GetAppsList should return err") - } + // Verify file content. + fileContent, err := os.ReadFile(tempFile.Name()) + require.NoError(t, err) + require.Equal(t, "mock blob content", string(fileContent)) - if err.Error() != "error authorizing the rest call. check your IAM/secret configuration" { - t.Errorf("GetAppsList should return authorization error") - } - - // authorizing the rest call. check your IAM/secret configuration - - if len(respList.Objects) != 0 { - t.Errorf("GetAppsList should not return any response objects") - } - mclient.RemoveHandlers() + // Verify that all expectations were met. + mockContainerClient.AssertExpectations(t) + mockBlobClient.AssertExpectations(t) } -func TestAzureBlobDownloadFailBadSecret(t *testing.T) { - ctx := context.TODO() - appFrameworkRef := enterpriseApi.AppFrameworkSpec{ - Defaults: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - VolList: []enterpriseApi.VolumeSpec{ - { - Name: "azure_vol1", - Endpoint: "https://mystorageaccount.blob.core.windows.net", - Path: "appscontainer1", - SecretRef: "blob-secret", - Type: "blob", - Provider: "azure", - }, - }, - AppSources: []enterpriseApi.AppSourceSpec{ - { - Name: "adminApps", - Location: "adminAppsRepo", - AppSourceDefaultSpec: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - }, - }, - } - - // Initialize clients - azureBlobClient := &AzureBlobClient{} - mclient := spltest.MockHTTPClient{} - - // Add handler for mock client(handles secrets case initially) - wantRequest, _ := http.NewRequest("GET", "https://mystorageaccount.blob.core.windows.net/appscontainer1/adminAppsRepo/app1.tgz", nil) - - mclient.AddHandler(wantRequest, 403, "auth failed dummy response", nil) - - // Get App source and volume from spec - appSource := appFrameworkRef.AppSources[0] - vol, err := GetAppSrcVolume(ctx, appSource, &appFrameworkRef) - if err != nil { - t.Errorf("Unable to get volume for app source : %s", appSource.Name) - } - - // Update the GetRemoteDataClient function pointer - getClientWrapper := RemoteDataClientsMap[vol.Provider] - getClientWrapper.SetRemoteDataClientFuncPtr(ctx, vol.Provider, NewMockAzureBlobClient) - - // Update the GetRemoteDataClientInit function pointer - initFn := func(ctx context.Context, region, accessKeyID, secretAccessKey string) interface{} { - return &mclient - } - getClientWrapper.SetRemoteDataClientInitFuncPtr(ctx, vol.Provider, initFn) - - // Init azure blob client - getRemoteDataClientFn := getClientWrapper.GetRemoteDataClientInitFuncPtr(ctx) - azureBlobClient.HTTPClient = getRemoteDataClientFn(ctx, "us-west-2", "abcd", "1234").(*spltest.MockHTTPClient) - azureBlobClient.BucketName = vol.Path - azureBlobClient.Prefix = appSource.Location - azureBlobClient.Endpoint = vol.Endpoint - - // Test Download App package with secret - azureBlobClient.StorageAccountName = "mystorageaccount" - azureBlobClient.SecretAccessKey = "abcd" - - // Create RemoteDownload request - downloadRequest := RemoteDataDownloadRequest{ - LocalFile: "app1.tgz", - RemoteFile: "adminAppsRepo/app1.tgz", - } - resp, err := azureBlobClient.DownloadApp(ctx, downloadRequest) - if err == nil { - t.Errorf("DownloadApps should return error") - } - if resp == true { - t.Errorf("DownloadApps should return false") - } - if err.Error() != "error authorizing the rest call. check your IAM/secret configuration" { - t.Errorf("DownloadApp should return authorization error") - } - mclient.RemoveHandlers() -} +// TestAzureBlobClient_DownloadApp_AzureAD tests the DownloadApp method using Azure AD authentication. +func TestAzureBlobClient_DownloadApp_AzureAD(t *testing.T) { + // Initialize mocks. + mockContainerClient := new(MockContainerClient) + mockBlobClient := new(MockBlobClient) -func TestAzureBlobDownloadAppShouldFailNoIdentity(t *testing.T) { - ctx := context.TODO() - appFrameworkRef := enterpriseApi.AppFrameworkSpec{ - Defaults: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - VolList: []enterpriseApi.VolumeSpec{ - { - Name: "azure_vol1", - Endpoint: "https://mystorageaccount.blob.core.windows.net", - Path: "appscontainer1", - Type: "blob", - Provider: "azure", - }, - }, - AppSources: []enterpriseApi.AppSourceSpec{ - { - Name: "adminApps", - Location: "adminAppsRepo", - AppSourceDefaultSpec: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - }, + // Define the blob download response. + mockDownloadResponse := blob.DownloadStreamResponse{ + DownloadResponse: blob.DownloadResponse{ + Body: io.NopCloser(strings.NewReader("mock blob content AD")), }, } - // Initialize clients - azureBlobClient := &AzureBlobClient{} - mclient := spltest.MockHTTPClient{} - - //mock IAM token fetch call to a failed response - //no valid managed identity found - wantRequestIAMTokenFetch, _ := http.NewRequest("GET", "http://169.254.169.254/metadata/identity/oauth2/token?api-version=2021-10-01&resource=https%3A%2F%2Fstorage.azure.com%2F", nil) + // Setup mock behavior. + mockContainerClient.On("NewBlobClient", "test-file-azuread.txt").Return(mockBlobClient) + mockBlobClient.On("DownloadStream", mock.Anything, mock.Anything).Return(mockDownloadResponse, nil) - mclient.AddHandler(wantRequestIAMTokenFetch, 400, "No managed identity", nil) - - // Get App source and volume from spec - appSource := appFrameworkRef.AppSources[0] - vol, err := GetAppSrcVolume(ctx, appSource, &appFrameworkRef) - if err != nil { - t.Errorf("Unable to get volume for app source : %s", appSource.Name) + // Initialize AzureBlobClient with the mock container client. + azureClient := &AzureBlobClient{ + BucketName: "test-container", + StorageAccountName: "test-account", + Prefix: "", + StartAfter: "", + Endpoint: "", + ContainerClient: mockContainerClient, + CredentialType: CredentialTypeAzureAD, } - // Update the GetRemoteDataClient function pointer - getClientWrapper := RemoteDataClientsMap[vol.Provider] - getClientWrapper.SetRemoteDataClientFuncPtr(ctx, vol.Provider, NewMockAzureBlobClient) + // Create a temporary file to simulate download. + tempFile, err := os.CreateTemp("", "test-download-azuread") + require.NoError(t, err) + defer os.Remove(tempFile.Name()) - // Update the GetRemoteDataClientInit function pointer - initFn := func(ctx context.Context, region, accessKeyID, secretAccessKey string) interface{} { - return &mclient + // Execute DownloadApp. + ctx := context.Background() + req := RemoteDataDownloadRequest{ + LocalFile: tempFile.Name(), + RemoteFile: "test-file-azuread.txt", } - getClientWrapper.SetRemoteDataClientInitFuncPtr(ctx, vol.Provider, initFn) + success, err := azureClient.DownloadApp(ctx, req) - // Init azure blob client - getRemoteDataClientFn := getClientWrapper.GetRemoteDataClientInitFuncPtr(ctx) - azureBlobClient.HTTPClient = getRemoteDataClientFn(ctx, "us-west-2", "abcd", "1234").(*spltest.MockHTTPClient) - azureBlobClient.BucketName = vol.Path - azureBlobClient.Prefix = appSource.Location - azureBlobClient.Endpoint = vol.Endpoint + // Assertions. + require.NoError(t, err) + require.True(t, success) - // Create RemoteDownload request - downloadRequest := RemoteDataDownloadRequest{ - LocalFile: "app1.tgz", - RemoteFile: "adminAppsRepo/app1.tgz", - } + // Verify file content. + fileContent, err := os.ReadFile(tempFile.Name()) + require.NoError(t, err) + require.Equal(t, "mock blob content AD", string(fileContent)) - resp, err := azureBlobClient.DownloadApp(ctx, downloadRequest) - if err == nil { - t.Errorf("DownloadApps should return error") - } - if resp == true { - t.Errorf("DownloadApps should return false") - } - if err.Error() != "please validate that your cluster is configured to use managed identity" { - t.Errorf("DownloadApp should return authorization error") - } - mclient.RemoveHandlers() + // Verify that all expectations were met. + mockContainerClient.AssertExpectations(t) + mockBlobClient.AssertExpectations(t) } -func TestAzureBlobDownloadAppShouldFailInvalidIdentity(t *testing.T) { - ctx := context.TODO() - appFrameworkRef := enterpriseApi.AppFrameworkSpec{ - Defaults: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - VolList: []enterpriseApi.VolumeSpec{ - { - Name: "azure_vol1", - Endpoint: "https://mystorageaccount.blob.core.windows.net", - Path: "appscontainer1", - Type: "blob", - Provider: "azure", - }, - }, - AppSources: []enterpriseApi.AppSourceSpec{ - { - Name: "adminApps", - Location: "adminAppsRepo", - AppSourceDefaultSpec: enterpriseApi.AppSourceDefaultSpec{ - VolName: "azure_vol1", - Scope: enterpriseApi.ScopeLocal, - }, - }, - }, - } - - // Initialize clients - azureBlobClient := &AzureBlobClient{} - mclient := spltest.MockHTTPClient{} - - // mock for IAM token fetch is successful - // but later we see that the token does not give - // permission to access the bucket for downloading app package - wantRequest, _ := http.NewRequest("GET", "http://169.254.169.254/metadata/identity/oauth2/token?api-version=2021-10-01&resource=https%3A%2F%2Fstorage.azure.com%2F", nil) - respTokenData := &TokenResponse{ - AccessToken: "acctoken", - ClientID: "ClientId", - } - mrespdata, _ := json.Marshal(respTokenData) - mclient.AddHandler(wantRequest, 200, string(mrespdata), nil) - - // Mock the download rest call to return 403 unauthorized emulating that - // the token did not give permission to read the bucket/app_package - wantRequestDownload, _ := http.NewRequest("GET", "https://mystorageaccount.blob.core.windows.net/appscontainer1/adminAppsRepo/app1.tgz", nil) - - mclient.AddHandler(wantRequestDownload, 403, "auth failed dummy response", nil) - - // Get App source and volume from spec - appSource := appFrameworkRef.AppSources[0] - vol, err := GetAppSrcVolume(ctx, appSource, &appFrameworkRef) - if err != nil { - t.Errorf("Unable to get volume for app source : %s", appSource.Name) - } - - // Update the GetRemoteDataClient function pointer - getClientWrapper := RemoteDataClientsMap[vol.Provider] - getClientWrapper.SetRemoteDataClientFuncPtr(ctx, vol.Provider, NewMockAzureBlobClient) - - // Update the GetRemoteDataClientInit function pointer - initFn := func(ctx context.Context, region, accessKeyID, secretAccessKey string) interface{} { - return &mclient - } - getClientWrapper.SetRemoteDataClientInitFuncPtr(ctx, vol.Provider, initFn) - - // Init azure blob client - getRemoteDataClientFn := getClientWrapper.GetRemoteDataClientInitFuncPtr(ctx) - azureBlobClient.HTTPClient = getRemoteDataClientFn(ctx, "us-west-2", "abcd", "1234").(*spltest.MockHTTPClient) - azureBlobClient.BucketName = vol.Path - azureBlobClient.Prefix = appSource.Location - azureBlobClient.Endpoint = vol.Endpoint - - // Create RemoteDownload request - downloadRequest := RemoteDataDownloadRequest{ - LocalFile: "app1.tgz", - RemoteFile: "adminAppsRepo/app1.tgz", - } - - resp, err := azureBlobClient.DownloadApp(ctx, downloadRequest) - if err == nil { - t.Errorf("DownloadApps should return error") - } - if resp == true { - t.Errorf("DownloadApps should return false") - } - if err.Error() != "error authorizing the rest call. check your IAM/secret configuration" { - t.Errorf("DownloadApp should return authorization error") - } - mclient.RemoveHandlers() +// TestAzureBlobClient_DownloadApp_Error tests the DownloadApp method handling an error scenario. +func TestAzureBlobClient_DownloadApp_Error(t *testing.T) { + // Initialize mocks. + mockContainerClient := new(MockContainerClient) + mockBlobClient := new(MockBlobClient) + + // Setup mock behavior to return an error. + mockContainerClient.On("NewBlobClient", "nonexistent-file.txt").Return(mockBlobClient) + mockBlobClient.On("DownloadStream", mock.Anything, mock.Anything).Return(blob.DownloadStreamResponse{}, fmt.Errorf("blob not found")) + + // Initialize AzureBlobClient with the mock container client. + azureClient := &AzureBlobClient{ + BucketName: "test-container", + StorageAccountName: "test-account", + Prefix: "", + StartAfter: "", + Endpoint: "", + ContainerClient: mockContainerClient, + CredentialType: CredentialTypeAzureAD, + } + + // Create a temporary file to simulate download. + tempFile, err := os.CreateTemp("", "test-download-error") + require.NoError(t, err) + defer os.Remove(tempFile.Name()) + + // Execute DownloadApp. + ctx := context.Background() + req := RemoteDataDownloadRequest{ + LocalFile: tempFile.Name(), + RemoteFile: "nonexistent-file.txt", + } + success, err := azureClient.DownloadApp(ctx, req) + + // Assertions. + require.Error(t, err) + require.False(t, success) + + // Verify that all expectations were met. + mockContainerClient.AssertExpectations(t) + mockBlobClient.AssertExpectations(t) } diff --git a/pkg/splunk/client/enterprise.go b/pkg/splunk/client/enterprise.go index a8e4c580d..7a627a892 100644 --- a/pkg/splunk/client/enterprise.go +++ b/pkg/splunk/client/enterprise.go @@ -26,6 +26,7 @@ import ( "strings" "time" + "github.com/go-resty/resty/v2" splcommon "github.com/splunk/splunk-operator/pkg/splunk/common" ) @@ -67,33 +68,52 @@ func NewSplunkClient(managementURI, username, password string) *SplunkClient { // Do processes a Splunk REST API request and unmarshals response into obj, if not nil. func (c *SplunkClient) Do(request *http.Request, expectedStatus []int, obj interface{}) error { - // send HTTP response and check status + client := resty.New() + client.SetTLSClientConfig(&tls.Config{InsecureSkipVerify: true}) + client.SetDebug(true) //FIXME TODO + + // Set basic auth request.SetBasicAuth(c.Username, c.Password) - response, err := c.Client.Do(request) + + // Convert request.Header to map[string]string + headers := make(map[string]string) + for key, values := range request.Header { + for _, value := range values { + headers[key] = value + } + } + // Convert http.Request to resty.Request + restyRequest := client.R(). + SetBasicAuth(c.Username, c.Password). + SetHeaders(headers). + SetBody(request.Body) + + // Execute the request + response, err := restyRequest.Execute(request.Method, request.URL.String()) if err != nil { return err } - //default set flag to false and the check response code + + // Check response status code expectedStatusFlag := false - for i := 0; i < len(expectedStatus); i++ { - if expectedStatus[i] == response.StatusCode { + for _, status := range expectedStatus { + if response.StatusCode() == status { expectedStatusFlag = true break } } if !expectedStatusFlag { - return fmt.Errorf("response code=%d from %s; want %d", response.StatusCode, request.URL, expectedStatus) - } - if obj == nil { - return nil + return fmt.Errorf("response code=%d from %s; want %v", response.StatusCode(), request.URL, expectedStatus) } - // unmarshall response if obj != nil - data, _ := io.ReadAll(response.Body) - if len(data) == 0 { - return fmt.Errorf("received empty response body from %s", request.URL) + // Unmarshal response if obj is not nil + if obj != nil { + if err := json.Unmarshal(response.Body(), obj); err != nil { + return fmt.Errorf("failed to unmarshal response: %v", err) + } } - return json.Unmarshal(data, obj) + + return nil } // Get sends a REST API request and unmarshals response into obj, if not nil. diff --git a/pkg/splunk/client/gcpbucketclient.go b/pkg/splunk/client/gcpbucketclient.go new file mode 100644 index 000000000..1bda36d08 --- /dev/null +++ b/pkg/splunk/client/gcpbucketclient.go @@ -0,0 +1,265 @@ +// Copyright (c) 2018-2022 Splunk Inc. +// All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package client + +import ( + "context" + "io" + "os" + "strings" + + "cloud.google.com/go/storage" + //"golang.org/x/oauth2/google" + "google.golang.org/api/iterator" + "google.golang.org/api/option" + "sigs.k8s.io/controller-runtime/pkg/log" +) + +// blank assignment to verify that GCSClient implements RemoteDataClient +var _ RemoteDataClient = &GCSClient{} + +// GCSClientInterface defines the interface for GCS client operations +type GCSClientInterface interface { + Bucket(bucketName string) BucketHandleInterface +} + +// GCSClientWrapper wraps the actual GCS client to implement the interface +type GCSClientWrapper struct { + Client *storage.Client +} + +// Bucket is a wrapper around the actual GCS Bucket method +func (g *GCSClientWrapper) Bucket(bucketName string) BucketHandleInterface { + return &RealBucketHandleWrapper{BucketHandle: g.Client.Bucket(bucketName)} +} + +// BucketHandleInterface is an interface for wrapping both real and mock bucket handles +type BucketHandleInterface interface { + Objects(ctx context.Context, query *storage.Query) ObjectIteratorInterface + Object(name string) ObjectHandleInterface +} + +// RealBucketHandleWrapper wraps the real *storage.BucketHandle and implements BucketHandleInterface +type RealBucketHandleWrapper struct { + BucketHandle *storage.BucketHandle +} + +// Objects delegates to the real *storage.BucketHandle's Objects method +func (r *RealBucketHandleWrapper) Objects(ctx context.Context, query *storage.Query) ObjectIteratorInterface { + return &RealObjectIteratorWrapper{Iterator: r.BucketHandle.Objects(ctx, query)} +} + +// Object delegates to the real *storage.BucketHandle's Object method +func (r *RealBucketHandleWrapper) Object(name string) ObjectHandleInterface { + return &RealObjectHandleWrapper{ObjectHandle: r.BucketHandle.Object(name)} +} + +// ObjectIteratorInterface defines the interface for object iterators +type ObjectIteratorInterface interface { + Next() (*storage.ObjectAttrs, error) +} + +// RealObjectIteratorWrapper wraps the real *storage.ObjectIterator and implements ObjectIteratorInterface +type RealObjectIteratorWrapper struct { + Iterator *storage.ObjectIterator +} + +// Next delegates to the real *storage.ObjectIterator's Next method +func (r *RealObjectIteratorWrapper) Next() (*storage.ObjectAttrs, error) { + return r.Iterator.Next() +} + +// ObjectHandleInterface defines the interface for object handles +type ObjectHandleInterface interface { + NewReader(ctx context.Context) (io.ReadCloser, error) +} + +// RealObjectHandleWrapper wraps the real *storage.ObjectHandle and implements ObjectHandleInterface +type RealObjectHandleWrapper struct { + ObjectHandle *storage.ObjectHandle +} + +// NewReader delegates to the real *storage.ObjectHandle's NewReader method +func (r *RealObjectHandleWrapper) NewReader(ctx context.Context) (io.ReadCloser, error) { + return r.ObjectHandle.NewReader(ctx) +} + +// GCSClient is a client to implement GCS specific APIs +type GCSClient struct { + BucketName string + GCPCredentials string + Prefix string + StartAfter string + Client GCSClientInterface + BucketHandle BucketHandleInterface +} + +// InitGCSClient initializes and returns a GCS client implementing GCSClientInterface +func InitGCSClient(ctx context.Context, gcpCredentials string) (GCSClientInterface, error) { + reqLogger := log.FromContext(ctx) + scopedLog := reqLogger.WithName("InitGCSClient") + + var client *storage.Client + var err error + + if len(gcpCredentials) == 0 { + // The storage.NewClient(ctx) internally uses Application Default Credentials (ADC) to authenticate, + // and ADC works with Workload Identity when the required environment variables and setup are correctly configured. + // If the environment variables are not set, the client will use the default service account credentials. + // To use Google Workload Identity with storage.NewClient(ctx), ensure the following environment variables are properly set in your pod: + // GOOGLE_APPLICATION_CREDENTIALS (Optional): + // If you're not using the default workload identity path (/var/run/secrets/google.cloud/com.google.cloudsecrets/metadata/token), + // you can set GOOGLE_APPLICATION_CREDENTIALS to point to the federated token file manually. + // Otherwise, this can be left unset when Workload Identity is configured correctly. + // GOOGLE_CLOUD_PROJECT (Optional): + // Set this to your Google Cloud project ID if the SDK is not detecting it automatically. + // Additional Kubernetes Setup for Workload Identity: + // The Workload Identity configuration on your cluster ensures that the necessary tokens are automatically mounted for the pod and available without needing GOOGLE_APPLICATION_CREDENTIALS. + client, err = storage.NewClient(ctx) + } else { + client, err = storage.NewClient(ctx, option.WithCredentialsJSON([]byte(gcpCredentials))) + } + + if err != nil { + scopedLog.Error(err, "Failed to initialize a GCS client.") + return nil, err + } + + scopedLog.Info("GCS Client initialization successful.") + return &GCSClientWrapper{Client: client}, nil +} + +// InitGcloudClientWrapper is a wrapper around InitGCSClient +func InitGcloudClientWrapper(ctx context.Context, region, accessKeyID, secretAccessKey string) interface{} { + client, _ := InitGCSClient(ctx, secretAccessKey) + return client +} + +// NewGCSClient returns a GCS client +func NewGCSClient(ctx context.Context, bucketName string, gcpCredentials string, secretAccessKey string, prefix string, startAfter string, region string, endpoint string, fn GetInitFunc) (RemoteDataClient, error) { + client, err := InitGCSClient(ctx, secretAccessKey) + if err != nil { + return nil, err + } + + bucketHandle := client.Bucket(bucketName) + + return &GCSClient{ + BucketName: bucketName, + GCPCredentials: secretAccessKey, + Prefix: prefix, + StartAfter: startAfter, + Client: client, + BucketHandle: bucketHandle, + }, nil +} + +// RegisterGCSClient will add the corresponding function pointer to the map +func RegisterGCSClient() { + wrapperObject := GetRemoteDataClientWrapper{GetRemoteDataClient: NewGCSClient, GetInitFunc: InitGcloudClientWrapper} + RemoteDataClientsMap["gcp"] = wrapperObject +} + +// GetAppsList gets the list of apps from remote storage +func (gcsClient *GCSClient) GetAppsList(ctx context.Context) (RemoteDataListResponse, error) { + reqLogger := log.FromContext(ctx) + scopedLog := reqLogger.WithName("GetAppsList") + + scopedLog.Info("Getting Apps list", "GCS Bucket", gcsClient.BucketName) + remoteDataClientResponse := RemoteDataListResponse{} + + query := &storage.Query{ + Prefix: gcsClient.Prefix, + Delimiter: "/", + } + + startAfterFound := gcsClient.StartAfter == "" // If StartAfter is empty, skip this check + it := gcsClient.BucketHandle.Objects(ctx, query) + + var objects []*RemoteObject + maxKeys := 4000 // Limit the number of objects manually + + if strings.HasSuffix(gcsClient.StartAfter, "/") { + startAfterFound = true + } + + for count := 0; count < maxKeys; { + objAttrs, err := it.Next() + if err == iterator.Done { + break + } + if err != nil { + scopedLog.Error(err, "Error fetching object from GCS", "GCS Bucket", gcsClient.BucketName) + return remoteDataClientResponse, err + } + + // Implement "StartAfter" logic to skip objects until the desired one is found + if !startAfterFound { + if objAttrs.Name == gcsClient.StartAfter { + startAfterFound = true // Start adding objects after this point + } + continue + } + + // Map GCS object attributes to RemoteObject + remoteObj := &RemoteObject{ + Etag: &objAttrs.Etag, + Key: &objAttrs.Name, + LastModified: &objAttrs.Updated, + Size: &objAttrs.Size, + StorageClass: &objAttrs.StorageClass, + } + + objects = append(objects, remoteObj) + count++ + } + + remoteDataClientResponse.Objects = objects + + return remoteDataClientResponse, nil +} + +// DownloadApp downloads the app from remote storage to the local file system +func (gcsClient *GCSClient) DownloadApp(ctx context.Context, downloadRequest RemoteDataDownloadRequest) (bool, error) { + reqLogger := log.FromContext(ctx) + scopedLog := reqLogger.WithName("DownloadApp").WithValues("remoteFile", downloadRequest.RemoteFile, "localFile", + downloadRequest.LocalFile, "etag", downloadRequest.Etag) + + file, err := os.Create(downloadRequest.LocalFile) + if err != nil { + scopedLog.Error(err, "Unable to open local file") + return false, err + } + defer file.Close() + + objHandle := gcsClient.BucketHandle.Object(downloadRequest.RemoteFile) + reader, err := objHandle.NewReader(ctx) + if err != nil { + scopedLog.Error(err, "Unable to download item", "RemoteFile", downloadRequest.RemoteFile) + os.Remove(downloadRequest.LocalFile) + return false, err + } + defer reader.Close() + + if _, err := io.Copy(file, reader); err != nil { + scopedLog.Error(err, "Unable to copy data to local file") + return false, err + } + + scopedLog.Info("File downloaded") + + return true, nil +} diff --git a/pkg/splunk/client/gcpbucketclient_test.go b/pkg/splunk/client/gcpbucketclient_test.go new file mode 100644 index 000000000..eccf3a067 --- /dev/null +++ b/pkg/splunk/client/gcpbucketclient_test.go @@ -0,0 +1,264 @@ +// Copyright (c) 2018-2022 Splunk Inc. +// All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package client + +import ( + "context" + "errors" + "io" + "os" + "testing" + "time" + + "cloud.google.com/go/storage" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/mock" + "google.golang.org/api/iterator" +) + +// MockGCSClientInterface is a mock implementation of GCSClientInterface +type MockGCSClientInterface struct { + mock.Mock +} + +// Bucket mocks the Bucket method of GCSClientInterface +func (m *MockGCSClientInterface) Bucket(bucketName string) BucketHandleInterface { + args := m.Called(bucketName) + if args.Get(0) == nil { + return nil + } + return args.Get(0).(BucketHandleInterface) +} + +// MockBucketHandle is a mock implementation of BucketHandleInterface +type MockBucketHandle struct { + mock.Mock +} + +// Objects mocks the Objects method of BucketHandleInterface +func (m *MockBucketHandle) Objects(ctx context.Context, query *storage.Query) ObjectIteratorInterface { + args := m.Called(ctx, query) + if args.Get(0) == nil { + return nil + } + return args.Get(0).(ObjectIteratorInterface) +} + +// Object mocks the Object method of BucketHandleInterface +func (m *MockBucketHandle) Object(name string) ObjectHandleInterface { + args := m.Called(name) + if args.Get(0) == nil { + return nil + } + return args.Get(0).(ObjectHandleInterface) +} + +// MockObjectIterator is a mock implementation of ObjectIteratorInterface +type MockObjectIterator struct { + mock.Mock + Objects []*storage.ObjectAttrs +} + +// Next mocks the Next method of ObjectIteratorInterface +func (m *MockObjectIterator) Next() (*storage.ObjectAttrs, error) { + if len(m.Objects) == 0 { + return nil, iterator.Done + } + obj := m.Objects[0] + m.Objects = m.Objects[1:] + return obj, nil +} + +// MockObjectHandle is a mock implementation of ObjectHandleInterface +type MockObjectHandle struct { + mock.Mock +} + +// NewReader mocks the NewReader method of ObjectHandleInterface +func (m *MockObjectHandle) NewReader(ctx context.Context) (io.ReadCloser, error) { + args := m.Called(ctx) + if args.Get(0) == nil { + return nil, args.Error(1) + } + return args.Get(0).(io.ReadCloser), args.Error(1) +} + +// MockReader is a mock implementation of io.ReadCloser +type MockReader struct { + mock.Mock +} + +// Read mocks the Read method of io.Reader +func (m *MockReader) Read(p []byte) (n int, err error) { + args := m.Called(p) + return args.Int(0), args.Error(1) +} + +// Close mocks the Close method of io.Closer +func (m *MockReader) Close() error { + args := m.Called() + return args.Error(0) +} + +// TestGetAppsList tests the GetAppsList method of GCSClient +func TestGetAppsList(t *testing.T) { + // Create a mock GCS client + mockClient := new(MockGCSClientInterface) + mockBucket := new(MockBucketHandle) + mockIterator := new(MockObjectIterator) + + // Setup mock objects + mockObjects := []*storage.ObjectAttrs{ + { + Name: "test-prefix/app1", + Etag: "etag1", + Updated: time.Now(), + Size: 1024, + StorageClass: "STANDARD", + }, + { + Name: "test-prefix/app2", + Etag: "etag2", + Updated: time.Now(), + Size: 2048, + StorageClass: "STANDARD", + }, + } + mockIterator.Objects = mockObjects + + // No need to set expectation on Bucket since it's not called + // mockClient.On("Bucket", "test-bucket").Return(mockBucket) + + // Mock the Objects method to return the custom MockObjectIterator + mockBucket.On("Objects", mock.Anything, mock.Anything).Return(mockIterator) + + // Create the GCSClient with the mock client + gcsClient := &GCSClient{ + BucketName: "test-bucket", + Prefix: "test-prefix/", + StartAfter: "test-prefix/app1", + Client: mockClient, + BucketHandle: mockBucket, // Set the mocked bucket handle + } + + // Call the GetAppsList method + resp, err := gcsClient.GetAppsList(context.Background()) + + // Assertions + assert.NoError(t, err) + assert.Equal(t, 1, len(resp.Objects)) // Only app2 should be returned due to StartAfter logic + assert.Equal(t, "test-prefix/app2", *resp.Objects[0].Key) + assert.Equal(t, int64(2048), *resp.Objects[0].Size) + assert.Equal(t, "etag2", *resp.Objects[0].Etag) + + // Verify expectations + mockBucket.AssertExpectations(t) +} + +// TestDownloadApp tests the DownloadApp method of GCSClient +func TestDownloadApp(t *testing.T) { + // Create a mock GCS client + mockClient := new(MockGCSClientInterface) + mockBucket := new(MockBucketHandle) + mockObject := new(MockObjectHandle) + mockReader := new(MockReader) + + // No need to set expectation on Bucket since it's not called + // mockClient.On("Bucket", "test-bucket").Return(mockBucket) + + // Mock the Object method to return the mock ObjectHandle + mockBucket.On("Object", "remote-file").Return(mockObject) + + // Mock the NewReader method to return the mock Reader + mockObject.On("NewReader", mock.Anything).Return(mockReader, nil) + + // Simulate reading from the mock Reader + mockReader.On("Read", mock.AnythingOfType("[]uint8")).Return(0, io.EOF) + mockReader.On("Close").Return(nil) + + // Create a temporary file to simulate local file + tmpFile, err := os.CreateTemp("", "testfile") + assert.NoError(t, err) + defer os.Remove(tmpFile.Name()) + + // Create the GCSClient with the mock client + gcsClient := &GCSClient{ + BucketName: "test-bucket", + Client: mockClient, + BucketHandle: mockBucket, // Set the mocked bucket handle + } + + // Prepare download request + downloadRequest := RemoteDataDownloadRequest{ + RemoteFile: "remote-file", + LocalFile: tmpFile.Name(), + Etag: "etag", + } + + // Call the DownloadApp method + success, err := gcsClient.DownloadApp(context.Background(), downloadRequest) + + // Assertions + assert.NoError(t, err) + assert.True(t, success) + + // Verify expectations + mockBucket.AssertExpectations(t) + mockObject.AssertExpectations(t) + mockReader.AssertExpectations(t) +} + +// TestDownloadAppError tests the DownloadApp method of GCSClient for error case +func TestDownloadAppError(t *testing.T) { + // Create a mock GCS client + mockClient := new(MockGCSClientInterface) + mockBucket := new(MockBucketHandle) + mockObject := new(MockObjectHandle) + + // No need to set expectation on Bucket since it's not called + // mockClient.On("Bucket", "test-bucket").Return(mockBucket) + + // Mock the Object method to return the mock ObjectHandle + mockBucket.On("Object", "remote-file").Return(mockObject) + + // Mock the NewReader method to return an error + mockObject.On("NewReader", mock.Anything).Return(nil, errors.New("failed to create reader")) + + // Create the GCSClient with the mock client + gcsClient := &GCSClient{ + BucketName: "test-bucket", + Client: mockClient, + BucketHandle: mockBucket, // Set the mocked bucket handle + } + + // Prepare download request + downloadRequest := RemoteDataDownloadRequest{ + RemoteFile: "remote-file", + LocalFile: "testfile", + Etag: "etag", + } + + // Call the DownloadApp method + success, err := gcsClient.DownloadApp(context.Background(), downloadRequest) + + // Assertions + assert.Error(t, err) + assert.False(t, success) + + // Verify expectations + mockBucket.AssertExpectations(t) + mockObject.AssertExpectations(t) +} diff --git a/pkg/splunk/client/remotedataclient.go b/pkg/splunk/client/remotedataclient.go index 7e3cbecd7..3120622ab 100644 --- a/pkg/splunk/client/remotedataclient.go +++ b/pkg/splunk/client/remotedataclient.go @@ -122,6 +122,8 @@ func RegisterRemoteDataClient(ctx context.Context, provider string) { RegisterMinioClient() case "azure": RegisterAzureBlobClient() + case "gcp": + RegisterGCSClient() default: scopedLog.Error(nil, "Invalid provider specified", "provider", provider) } diff --git a/pkg/splunk/client/util.go b/pkg/splunk/client/util.go index d53cd1f91..c8cadb58c 100644 --- a/pkg/splunk/client/util.go +++ b/pkg/splunk/client/util.go @@ -92,10 +92,8 @@ func NewMockAzureBlobClient(ctx context.Context, bucketName string, storageAccou return &AzureBlobClient{ BucketName: bucketName, StorageAccountName: storageAccountName, - SecretAccessKey: secretAccessKey, Prefix: prefix, Endpoint: endpoint, - HTTPClient: cl.(*spltest.MockHTTPClient), }, nil } diff --git a/pkg/splunk/client/vault_setup.go b/pkg/splunk/client/vault_setup.go new file mode 100644 index 000000000..6fe62f5f3 --- /dev/null +++ b/pkg/splunk/client/vault_setup.go @@ -0,0 +1,420 @@ +// Copyright (c) 2018-2022 Splunk Inc. All rights reserved. + +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific +// +// Package enterprise provides functionality for integrating with Vault and managing secrets for Splunk Enterprise deployments. +// +// This package includes the following key components: +// +// - SecretData: Represents the structure of a secret's data. +// - Data: Wraps SecretData to represent the data field in a Vault response. +// - Metadata: Contains metadata information about a secret, such as creation time, deletion time, and version. +// - VaultResponse: Represents the structure of a response from a Vault request, including request ID, lease details, data, and metadata. +// - VaultError: Represents the structure of an error response from Vault. +// +// Functions: +// +// - InjectVaultSecret: Adds Vault injection annotations to the StatefulSet Pods deployed by the Splunk Operator. It validates the Vault configuration, constructs the necessary annotations, and applies them to the PodTemplateSpec. +// - CheckAndRestartStatefulSet: Checks if the password version in Vault has changed and restarts the StatefulSet if needed. It authenticates with Vault, retrieves secret metadata, compares versions, and updates the StatefulSet annotations to trigger a rolling restart if any secret version has changed. + +package client + +import ( + "context" + //"encoding/json" + "fmt" + "os" + "strconv" + + "github.com/go-resty/resty/v2" + enterpriseApi "github.com/splunk/splunk-operator/api/v4" + splcommon "github.com/splunk/splunk-operator/pkg/splunk/common" + appsv1 "k8s.io/api/apps/v1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/types" + "sigs.k8s.io/controller-runtime/pkg/log" + // Marshal the splunkConfig to JSON + "gopkg.in/yaml.v2" +) + +var logger = log.Log.WithName("vault_setup") + +type SecretData struct { + Value string `json:"value,omitempty"` +} + +// Metadata contains metadata information about a secret, such as creation time, +// deletion time, and version. It also includes custom metadata and a flag indicating +// whether the secret has been destroyed. +type Metadata struct { + CreatedTime string `json:"created_time,omitempty"` + CustomMetadata interface{} `json:"custom_metadata,omitempty"` + DeletionTime string `json:"deletion_time,omitempty"` + Destroyed bool `json:"destroyed,omitempty"` + Version int `json:"version,omitempty"` +} + +type Data struct { + Data SecretData `json:"data,omitempty"` + Metadata Metadata `json:"metadata,omitempty"` +} + +// VaultResponse represents the structure of a response from a Vault request. +// It includes details such as the request ID, lease ID, lease duration, and +// whether the lease is renewable. It also contains nested Data and Metadata +// structures that hold additional information returned by the Vault. +type VaultResponse struct { + RequestId string `json:"request_id,omitempty"` + LeaseId string `json:"lease_id,omitempty"` + Renewable bool `json:"renewable,omitempty"` + LeaseDuration int `json:"lease_duration,omitempty"` + Data Data `json:"data,omitempty"` +} + +type VaultError struct { + Errors []string `json:"errors,omitempty"` +} + + +func InjectVaultSecret(ctx context.Context, client splcommon.ControllerClient, statefulSet *appsv1.StatefulSet, vaultSpec *enterpriseApi.VaultIntegration) error { + logger.Info("InjectVaultSecret called", "vaultSpec", vaultSpec) + + latestStatefulSet := &appsv1.StatefulSet{} + namedNamespace := types.NamespacedName{Name: statefulSet.Name, Namespace: statefulSet.Namespace} + err := client.Get(ctx, namedNamespace, latestStatefulSet) + if errors.IsNotFound(err) { + latestStatefulSet = statefulSet + } else if err != nil { + logger.Error(err, "Failed to get the latest StatefulSet", "statefulSet", statefulSet.Name) + return fmt.Errorf("failed to get the latest StatefulSet: %v", err) + } + + podTemplateSpec := statefulSet.Spec.Template + if !vaultSpec.Enable { + logger.Info("Vault integration is disabled") + return nil + } + + // Validate if role and secretPath are provided + if vaultSpec.Role == "" { + logger.Error(fmt.Errorf("vault role is required when vault is enabled"), "Missing vault role") + return fmt.Errorf("vault role is required when vault is enabled") + } + if vaultSpec.SecretPath == "" { + logger.Error(fmt.Errorf("vault secretPath is required when vault is enabled"), "Missing vault secretPath") + return fmt.Errorf("vault secretPath is required when vault is enabled") + } + + secretPath := vaultSpec.SecretPath + vaultRole := vaultSpec.Role + secretKeyToEnv := []string{ + "hec_token", + "idxc_secret", + "pass4SymmKey", + "password", + "shc_secret", + } + + // Adding annotations for vault injection + annotations := map[string]string{ + "vault.hashicorp.com/agent-inject": "true", + "vault.hashicorp.com/agent-inject-path": "/mnt/splunk-secrets", + "vault.hashicorp.com/role": vaultRole, + } + + splunkConfig := map[string]interface{}{ + "splunk": map[string]interface{}{ + "hec_disabled": 0, + "hec_enableSSL": 0, + "hec_token": `{{- with secret "secret/data/splunk/hec_token" -}}{{ .Data.data.value }}{{- end }}`, + "password": `{{- with secret "secret/data/splunk/password" -}}{{ .Data.data.value }}{{- end }}`, + "pass4SymmKey": `{{- with secret "secret/data/splunk/pass4SymmKey" -}}{{ .Data.data.value }}{{- end }}`, + "idxc": map[string]interface{}{ + "secret": `{{- with secret "secret/data/splunk/idxc_secret" -}}{{ .Data.data.value }}{{- end }}`, + }, + "shc": map[string]interface{}{ + "secret": `{{- with secret "secret/data/splunk/shc_secret" -}}{{ .Data.data.value }}{{- end }}`, + }, + }, + } + + splunkConfigYAML, err := yaml.Marshal(splunkConfig) + if err != nil { + return err + } + // Convert JSON to string for annotation + splunkConfigString := string(splunkConfigYAML) + + // Adding annotations to indicate specific secrets to be injected as separate files + // Adding annotation for default configuration file + annotations["vault.hashicorp.com/agent-inject-file-defaults"] = "default.yml" + annotations["vault.hashicorp.com/secret-volume-path-defaults"] = "/mnt/splunk-secrets" + annotations["vault.hashicorp.com/agent-inject-template-defaults"] = splunkConfigString + for _, key := range secretKeyToEnv { + annotationKey := fmt.Sprintf("vault.hashicorp.com/agent-inject-secret-%s", key) + annotations[annotationKey] = fmt.Sprintf("%s/%s", secretPath, key) + annotationFile := fmt.Sprintf("vault.hashicorp.com/agent-inject-file-%s", key) + annotations[annotationFile] = key + annotationVolumeKey := fmt.Sprintf("vault.hashicorp.com/secret-volume-path-%s", key) + annotations[annotationVolumeKey] = fmt.Sprintf("/mnt/splunk-secrets/%s", key) + } + + // Apply these annotations to the StatefulSet PodTemplateSpec without overwriting existing ones + if podTemplateSpec.ObjectMeta.Annotations == nil { + podTemplateSpec.ObjectMeta.Annotations = make(map[string]string) + } + for key, value := range annotations { + if existingValue, exists := latestStatefulSet.Spec.Template.ObjectMeta.Annotations[key]; !exists || existingValue == "" { + podTemplateSpec.ObjectMeta.Annotations[key] = value + } else { + podTemplateSpec.ObjectMeta.Annotations[key] = existingValue + } + } + + logger.Info("Vault annotations added to PodTemplateSpec", "annotations", annotations) + return nil +} + +// CheckAndRestartStatefulSet checks the versions of specified secrets in Vault and updates the StatefulSet +// annotations to trigger a rolling restart if any secret version has changed. +// +// Parameters: +// - ctx: The context for the operation. +// - kubeClient: The Kubernetes client to interact with the cluster. +// - statefulSet: The StatefulSet to be checked and potentially updated. +// - vaultIntegration: The Vault integration configuration containing the Vault address, role, and secret path. +// +// Returns: +// - error: An error if the operation fails, otherwise nil. +// +// The function performs the following steps: +// 1. Initializes a Vault client and reads the Kubernetes service account token. +// 2. Authenticates with Vault using the Kubernetes auth method. +// 3. Iterates over specified keys to check if any secret version has changed in Vault. +// 4. Updates the StatefulSet annotations to trigger a rolling restart if any secret version has changed. +func CheckAndRestartStatefulSet(ctx context.Context, kubeClient splcommon.ControllerClient, statefulSet *appsv1.StatefulSet, vaultIntegration *enterpriseApi.VaultIntegration) error { + + logger.Info("CheckAndRestartStatefulSet called", "statefulSet", statefulSet.Name, "vaultIntegration", vaultIntegration) + + // Initialize Vault client + client := resty.New() + client.SetDebug(true) //FIXME TODO remove once code complete + + // Read the Kubernetes service account token + tokenFile := "/var/run/secrets/kubernetes.io/serviceaccount/token" + token, err := os.ReadFile(tokenFile) + if err != nil { + logger.Error(err, "Failed to read service account token") + return fmt.Errorf("failed to read service account token: %v", err) + } + + // Authenticate with Vault using the Kubernetes auth method + data := map[string]interface{}{ + "role": vaultIntegration.Role, + "jwt": string(token), + } + var authResponse map[string]interface{} + resp, err := client.R(). + SetBody(data). + SetResult(&authResponse). + Post(fmt.Sprintf("%s/v1/auth/kubernetes/login", vaultIntegration.Address)) + if err != nil { + logger.Error(err, "Failed to authenticate with Vault") + return fmt.Errorf("failed to authenticate with Vault: %v", err) + } + if resp.StatusCode() != 200 { + logger.Error(fmt.Errorf("failed to authenticate with Vault"), "Vault authentication failed", "response", resp.String()) + return fmt.Errorf("failed to authenticate with Vault: %v", resp.String()) + } + + // Set the client token after successful authentication + tokenValue := authResponse["auth"].(map[string]interface{})["client_token"].(string) + logger.Info("Authenticated with Vault", "client_token", tokenValue) + + // Define the keys to be checked. + keys := []string{"password", "hec_token", "idxc_secret", "pass4SymmKey", "shc_secret"} + + // Iterate over each specified key and check if any version has changed + for _, key := range keys { + // Construct the metadata path for each key + metadataPath := fmt.Sprintf("%s/%s", vaultIntegration.SecretPath, key) + if vaultIntegration.SecretPath[len(vaultIntegration.SecretPath)-1] == '/' { + metadataPath = fmt.Sprintf("%smetadata/%s", vaultIntegration.SecretPath, key) + } + vaultError := &VaultError{} + // Read the secret metadata from Vault to get the version + var metadataResponse VaultResponse + resp, err := client.R(). + SetHeader("X-Vault-Token", tokenValue). + SetResult(&metadataResponse). + SetError(vaultError). + ForceContentType("application/json"). + Get(fmt.Sprintf("%s/v1/%s", vaultIntegration.Address, metadataPath)) + if err != nil { + logger.Error(err, "Failed to read secret metadata from Vault", "metadataPath", metadataPath) + return fmt.Errorf("failed to read secret metadata from Vault: %v", err) + } + if resp.StatusCode() != 200 { + logger.Error(fmt.Errorf("failed to read secret metadata from Vault"), "Vault metadata read failed", "response", vaultError) + return fmt.Errorf("failed to read secret metadata from Vault: %v", vaultError) + } + + version := metadataResponse.Data.Metadata.Version + + // Get the current version from the StatefulSet annotations + annotationKey := fmt.Sprintf("vault-secret-version-%s", key) + + if statefulSet.Spec.Template.Annotations == nil { + statefulSet.Spec.Template.Annotations = make(map[string]string) + } + statefulSet.Spec.Template.Annotations[annotationKey] = strconv.Itoa(int(version)) + } + + return nil +} + +// GetSpecificSecretTokenFromVault retrieves a specific secret token's value from a Pod +func GetSpecificSecretTokenFromVault(ctx context.Context, c splcommon.ControllerClient, vaultIntegration *enterpriseApi.VaultIntegration, secretToken string) (string, error) { + logger.Info("CheckAndRestartStatefulSet called") + + // Initialize Vault client + client := resty.New() + client.SetDebug(true) //FIXME TODO remove once code complete + + // Read the Kubernetes service account token + tokenFile := "/var/run/secrets/kubernetes.io/serviceaccount/token" + token, err := os.ReadFile(tokenFile) + if err != nil { + logger.Error(err, "Failed to read service account token") + return "", fmt.Errorf("failed to read service account token: %v", err) + } + + // Authenticate with Vault using the Kubernetes auth method + data := map[string]interface{}{ + "role": vaultIntegration.Role, + "jwt": string(token), + } + var authResponse map[string]interface{} + resp, err := client.R(). + SetBody(data). + SetResult(&authResponse). + Post(fmt.Sprintf("%s/v1/auth/kubernetes/login", vaultIntegration.Address)) + if err != nil { + logger.Error(err, "Failed to authenticate with Vault") + return "", fmt.Errorf("failed to authenticate with Vault: %v", err) + } + if resp.StatusCode() != 200 { + logger.Error(fmt.Errorf("failed to authenticate with Vault"), "Vault authentication failed", "response", resp.String()) + return "", fmt.Errorf("failed to authenticate with Vault: %v", resp.String()) + } + + // Set the client token after successful authentication + tokenValue := authResponse["auth"].(map[string]interface{})["client_token"].(string) + logger.Info("Authenticated with Vault", "client_token", tokenValue) + + key := secretToken + // Construct the metadata path for each key + metadataPath := fmt.Sprintf("%s/%s", vaultIntegration.SecretPath, key) + if vaultIntegration.SecretPath[len(vaultIntegration.SecretPath)-1] == '/' { + metadataPath = fmt.Sprintf("%smetadata/%s", vaultIntegration.SecretPath, key) + } + vaultError := &VaultError{} + // Read the secret metadata from Vault to get the version + var metadataResponse VaultResponse + resp, err = client.R(). + SetHeader("X-Vault-Token", tokenValue). + SetResult(&metadataResponse). + SetError(vaultError). + ForceContentType("application/json"). + Get(fmt.Sprintf("%s/v1/%s", vaultIntegration.Address, metadataPath)) + if err != nil { + logger.Error(err, "Failed to read secret metadata from Vault", "metadataPath", metadataPath) + return "", fmt.Errorf("failed to read secret metadata from Vault: %v", err) + } + if resp.StatusCode() != 200 { + logger.Error(fmt.Errorf("failed to read secret metadata from Vault"), "Vault metadata read failed", "response", vaultError) + return "", fmt.Errorf("failed to read secret metadata from Vault: %v", vaultError) + } + + password := metadataResponse.Data.Data.Value + + return password, nil +} + +// GetSpecificSecretTokenVersionFromVault retrieves a specific secret token's value from a Pod +func GetSpecificSecretTokenVersionFromVault(ctx context.Context, c splcommon.ControllerClient, vaultIntegration *enterpriseApi.VaultIntegration, secretToken string) (string, error) { + logger.Info("CheckAndRestartStatefulSet called") + + // Initialize Vault client + client := resty.New() + client.SetDebug(true) //FIXME TODO remove once code complete + + // Read the Kubernetes service account token + tokenFile := "/var/run/secrets/kubernetes.io/serviceaccount/token" + token, err := os.ReadFile(tokenFile) + if err != nil { + logger.Error(err, "Failed to read service account token") + return "", fmt.Errorf("failed to read service account token: %v", err) + } + + // Authenticate with Vault using the Kubernetes auth method + data := map[string]interface{}{ + "role": vaultIntegration.Role, + "jwt": string(token), + } + var authResponse map[string]interface{} + resp, err := client.R(). + SetBody(data). + SetResult(&authResponse). + Post(fmt.Sprintf("%s/v1/auth/kubernetes/login", vaultIntegration.Address)) + if err != nil { + logger.Error(err, "Failed to authenticate with Vault") + return "", fmt.Errorf("failed to authenticate with Vault: %v", err) + } + if resp.StatusCode() != 200 { + logger.Error(fmt.Errorf("failed to authenticate with Vault"), "Vault authentication failed", "response", resp.String()) + return "", fmt.Errorf("failed to authenticate with Vault: %v", resp.String()) + } + + // Set the client token after successful authentication + tokenValue := authResponse["auth"].(map[string]interface{})["client_token"].(string) + logger.Info("Authenticated with Vault", "client_token", tokenValue) + + key := secretToken + // Construct the metadata path for each key + metadataPath := fmt.Sprintf("%s/%s", vaultIntegration.SecretPath, key) + if vaultIntegration.SecretPath[len(vaultIntegration.SecretPath)-1] == '/' { + metadataPath = fmt.Sprintf("%smetadata/%s", vaultIntegration.SecretPath, key) + } + vaultError := &VaultError{} + // Read the secret metadata from Vault to get the version + var metadataResponse VaultResponse + resp, err = client.R(). + SetHeader("X-Vault-Token", tokenValue). + SetResult(&metadataResponse). + SetError(vaultError). + ForceContentType("application/json"). + Get(fmt.Sprintf("%s/v1/%s", vaultIntegration.Address, metadataPath)) + if err != nil { + logger.Error(err, "Failed to read secret metadata from Vault", "metadataPath", metadataPath) + return "", fmt.Errorf("failed to read secret metadata from Vault: %v", err) + } + if resp.StatusCode() != 200 { + logger.Error(fmt.Errorf("failed to read secret metadata from Vault"), "Vault metadata read failed", "response", vaultError) + return "", fmt.Errorf("failed to read secret metadata from Vault: %v", vaultError) + } + + version := metadataResponse.Data.Metadata.Version + + return strconv.Itoa(version), nil +} diff --git a/pkg/splunk/common/names.go b/pkg/splunk/common/names.go index bdfd92e6d..32e892b96 100644 --- a/pkg/splunk/common/names.go +++ b/pkg/splunk/common/names.go @@ -17,6 +17,8 @@ package common import "fmt" +type contextKey string + const ( // namespace scoped secret name namespaceScopedSecretNameTemplateStr = "splunk-%s-secret" @@ -114,6 +116,8 @@ const ( // sgontla: ToDo: being a constant will be a blocker for the UT to pass. relaxing a bit. Find a better alternative var AppDownloadVolume string = "/opt/splunk/appframework/" +var EventPublisherKey contextKey = "eventPublisher" + // GetVersionedSecretName returns a versioned secret name func GetVersionedSecretName(versionedSecretIdentifier string, version string) string { return fmt.Sprintf(versionedSecretNameTemplateStr, versionedSecretIdentifier, version) diff --git a/pkg/splunk/enterprise/clustermanager.go b/pkg/splunk/enterprise/clustermanager.go index 4ba7ca38a..1d2d2e7ef 100644 --- a/pkg/splunk/enterprise/clustermanager.go +++ b/pkg/splunk/enterprise/clustermanager.go @@ -50,7 +50,9 @@ func ApplyClusterManager(ctx context.Context, client splcommon.ControllerClient, reqLogger := log.FromContext(ctx) scopedLog := reqLogger.WithName("ApplyClusterManager") eventPublisher, _ := newK8EventPublisher(client, cr) + ctx = context.WithValue(ctx, splcommon.EventPublisherKey, eventPublisher) cr.Kind = "ClusterManager" + if cr.Status.ResourceRevMap == nil { cr.Status.ResourceRevMap = make(map[string]string) } @@ -185,10 +187,22 @@ func ApplyClusterManager(ctx context.Context, client splcommon.ControllerClient, return result, err } - // check if the ClusterManager is ready for version upgrade, if required - continueReconcile, err := UpgradePathValidation(ctx, client, cr, cr.Spec.CommonSplunkSpec, nil) - if err != nil || !continueReconcile { - return result, err + // CSPL-3060 - If statefulSet is not created, avoid upgrade path validation + if !statefulSet.CreationTimestamp.IsZero() { + // check if the ClusterManager is ready for version upgrade, if required + continueReconcile, err := UpgradePathValidation(ctx, client, cr, cr.Spec.CommonSplunkSpec, nil) + if err != nil || !continueReconcile { + return result, err + } + } + + if cr.Spec.VaultIntegration.Enable { + //The InjectVaultSecret function is responsible for injecting secrets from HashiCorp Vault into the specified pod template. + splclient.InjectVaultSecret(ctx, client, statefulSet, &cr.Spec.VaultIntegration) + err := splclient.CheckAndRestartStatefulSet(ctx, client, statefulSet, &cr.Spec.VaultIntegration) + if err != nil { + return result, err + } } clusterManagerManager := splctrl.DefaultStatefulSetPodManager{} @@ -348,7 +362,6 @@ func PerformCmBundlePush(ctx context.Context, c splcommon.ControllerClient, cr * // Reconciler can be called for multiple reasons. If we are waiting on configMap update to happen, // do not increment the Retry Count unless the last check was 5 seconds ago. // This helps, to wait for the required time - //eventPublisher, _ := newK8EventPublisher(c, cr) currentEpoch := time.Now().Unix() if cr.Status.BundlePushTracker.LastCheckInterval+5 > currentEpoch { @@ -383,7 +396,6 @@ func PerformCmBundlePush(ctx context.Context, c splcommon.ControllerClient, cr * cr.Status.BundlePushTracker.NeedToPushManagerApps = false } - //eventPublisher.Warning(ctx, "BundlePush", fmt.Sprintf("Bundle push failed %s", err.Error())) return err } diff --git a/pkg/splunk/enterprise/clustermaster.go b/pkg/splunk/enterprise/clustermaster.go index 7bb699f83..c199883ac 100644 --- a/pkg/splunk/enterprise/clustermaster.go +++ b/pkg/splunk/enterprise/clustermaster.go @@ -11,7 +11,7 @@ // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and -// limitations under the License. +// limitations under the License package enterprise @@ -183,6 +183,15 @@ func ApplyClusterMaster(ctx context.Context, client splcommon.ControllerClient, return result, err } + if cr.Spec.VaultIntegration.Enable { + //The InjectVaultSecret function is responsible for injecting secrets from HashiCorp Vault into the specified pod template. + splclient.InjectVaultSecret(ctx, client, statefulSet, &cr.Spec.VaultIntegration) + err := splclient.CheckAndRestartStatefulSet(ctx, client, statefulSet, &cr.Spec.VaultIntegration) + if err != nil { + return result, err + } + } + clusterMasterManager := splctrl.DefaultStatefulSetPodManager{} phase, err := clusterMasterManager.Update(ctx, client, statefulSet, 1) if err != nil { @@ -334,7 +343,6 @@ func PerformCmasterBundlePush(ctx context.Context, c splcommon.ControllerClient, // Reconciler can be called for multiple reasons. If we are waiting on configMap update to happen, // do not increment the Retry Count unless the last check was 5 seconds ago. // This helps, to wait for the required time - //eventPublisher, _ := newK8EventPublisher(c, cr) currentEpoch := time.Now().Unix() if cr.Status.BundlePushTracker.LastCheckInterval+5 > currentEpoch { @@ -369,7 +377,6 @@ func PerformCmasterBundlePush(ctx context.Context, c splcommon.ControllerClient, cr.Status.BundlePushTracker.NeedToPushMasterApps = false } - //eventPublisher.Warning(ctx, "BundlePush", fmt.Sprintf("Bundle push failed %s", err.Error())) return err } diff --git a/pkg/splunk/enterprise/configuration.go b/pkg/splunk/enterprise/configuration.go index 42dcd34bb..efe511ee7 100644 --- a/pkg/splunk/enterprise/configuration.go +++ b/pkg/splunk/enterprise/configuration.go @@ -737,6 +737,31 @@ func getSmartstoreConfigMap(ctx context.Context, client splcommon.ControllerClie } // updateSplunkPodTemplateWithConfig modifies the podTemplateSpec object based on configuration of the Splunk Enterprise resource. +// updateSplunkPodTemplateWithConfig updates the given PodTemplateSpec with the configuration +// specified in the CommonSplunkSpec and other parameters. +// +// Parameters: +// - ctx: The context for the operation. +// - client: The controller client used for interacting with Kubernetes resources. +// - podTemplateSpec: The PodTemplateSpec to be updated. +// - cr: The custom resource object containing metadata. +// - spec: The CommonSplunkSpec containing the configuration details. +// - instanceType: The type of Splunk instance (e.g., Standalone, Indexer, etc.). +// - extraEnv: Additional environment variables to be added to the containers. +// - secretToMount: The name of the secret to be mounted. +// +// The function performs the following updates: +// - Adds custom ports to Splunk containers based on the ServiceTemplate specification. +// - Adds custom volumes and volume mounts to Splunk containers, excluding the Monitoring Console (MC). +// - Prepares and sets the SPLUNK_DEFAULTS_URL environment variable based on various defaults URLs. +// - Injects Vault secrets and adds a secret monitor sidecar container if Vault integration is enabled. +// - Adds a secret volume to the PodTemplateSpec if Vault integration is not enabled. +// - Adds a ConfigMap volume for inline defaults if specified. +// - Updates the PodTemplateSpec annotations with the resource version of the ConfigMap to trigger pod recycling on changes. +// - Adds a ConfigMap volume for SmartStore configuration if applicable and updates annotations for standalone instances. +// - Sets the security context for the PodTemplateSpec. +// - Prepares and sets various environment variables for the Splunk containers, including licensing and cluster manager URLs. +// - Updates the containers in the PodTemplateSpec with the specified resources, probes, environment variables, and security context. func updateSplunkPodTemplateWithConfig(ctx context.Context, client splcommon.ControllerClient, podTemplateSpec *corev1.PodTemplateSpec, cr splcommon.MetaObject, spec *enterpriseApi.CommonSplunkSpec, instanceType InstanceType, extraEnv []corev1.EnvVar, secretToMount string) { reqLogger := log.FromContext(ctx) @@ -768,14 +793,29 @@ func updateSplunkPodTemplateWithConfig(ctx context.Context, client splcommon.Con } } - // Explicitly set the default value here so we can compare for changes correctly with current statefulset. - secretVolDefaultMode := int32(corev1.SecretVolumeSourceDefaultMode) - addSplunkVolumeToTemplate(podTemplateSpec, "mnt-splunk-secrets", "/mnt/splunk-secrets", corev1.VolumeSource{ - Secret: &corev1.SecretVolumeSource{ - SecretName: secretToMount, - DefaultMode: &secretVolDefaultMode, - }, - }) + // prepare defaults variable + splunkDefaults := "/mnt/splunk-secrets/default.yml" + // Check for apps defaults and add it to only the standalone or deployer/cm/mc instances + if spec.DefaultsURLApps != "" && instanceType != SplunkIndexer && instanceType != SplunkSearchHead { + splunkDefaults = fmt.Sprintf("%s,%s", spec.DefaultsURLApps, splunkDefaults) + } + if spec.DefaultsURL != "" { + splunkDefaults = fmt.Sprintf("%s,%s", spec.DefaultsURL, splunkDefaults) + } + if spec.Defaults != "" { + splunkDefaults = fmt.Sprintf("%s,%s", "/mnt/splunk-defaults/default.yml", splunkDefaults) + } + + if !spec.VaultIntegration.Enable { + // Explicitly set the default value here so we can compare for changes correctly with current statefulset. + secretVolDefaultMode := int32(corev1.SecretVolumeSourceDefaultMode) + addSplunkVolumeToTemplate(podTemplateSpec, "mnt-splunk-secrets", "/mnt/splunk-secrets", corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + SecretName: secretToMount, + DefaultMode: &secretVolDefaultMode, + }, + }) + } // Explicitly set the default value here so we can compare for changes correctly with current statefulset. configMapVolDefaultMode := int32(corev1.ConfigMapVolumeSourceDefaultMode) @@ -845,19 +885,6 @@ func updateSplunkPodTemplateWithConfig(ctx context.Context, client splcommon.Con readinessProbe := getReadinessProbe(ctx, cr, instanceType, spec) startupProbe := getStartupProbe(ctx, cr, instanceType, spec) - // prepare defaults variable - splunkDefaults := "/mnt/splunk-secrets/default.yml" - // Check for apps defaults and add it to only the standalone or deployer/cm/mc instances - if spec.DefaultsURLApps != "" && instanceType != SplunkIndexer && instanceType != SplunkSearchHead { - splunkDefaults = fmt.Sprintf("%s,%s", spec.DefaultsURLApps, splunkDefaults) - } - if spec.DefaultsURL != "" { - splunkDefaults = fmt.Sprintf("%s,%s", spec.DefaultsURL, splunkDefaults) - } - if spec.Defaults != "" { - splunkDefaults = fmt.Sprintf("%s,%s", "/mnt/splunk-defaults/default.yml", splunkDefaults) - } - // prepare container env variables role := instanceType.ToRole() if instanceType == SplunkStandalone && (len(spec.ClusterMasterRef.Name) > 0 || len(spec.ClusterManagerRef.Name) > 0) { @@ -1037,6 +1064,7 @@ func updateSplunkPodTemplateWithConfig(ctx context.Context, client splcommon.Con }, } } + } func removeDuplicateEnvVars(sliceList []corev1.EnvVar) []corev1.EnvVar { @@ -1633,15 +1661,15 @@ func validateRemoteVolumeSpec(ctx context.Context, volList []enterpriseApi.Volum // For now, Smartstore supports only S3, which is by default. if isAppFramework { if !isValidStorageType(volume.Type) { - return fmt.Errorf("storageType '%s' is invalid. Valid values are 's3' and 'blob'", volume.Type) + return fmt.Errorf("storageType '%s' is invalid. Valid values are 's3', 'gcs' and 'blob'", volume.Type) } if !isValidProvider(volume.Provider) { - return fmt.Errorf("provider '%s' is invalid. Valid values are 'aws', 'minio' and 'azure'", volume.Provider) + return fmt.Errorf("provider '%s' is invalid. Valid values are 'aws', 'minio', 'gcp' and 'azure'", volume.Provider) } if !isValidProviderForStorageType(volume.Type, volume.Provider) { - return fmt.Errorf("storageType '%s' cannot be used with provider '%s'. Valid combinations are (s3,aws), (s3,minio) and (blob,azure)", volume.Type, volume.Provider) + return fmt.Errorf("storageType '%s' cannot be used with provider '%s'. Valid combinations are (s3,aws), (s3,minio), (gcs,gcp) and (blob,azure)", volume.Type, volume.Provider) } } } @@ -1650,19 +1678,20 @@ func validateRemoteVolumeSpec(ctx context.Context, volList []enterpriseApi.Volum // isValidStorageType checks if the storage type specified is valid and supported func isValidStorageType(storage string) bool { - return storage != "" && (storage == "s3" || storage == "blob") + return storage != "" && (storage == "s3" || storage == "blob" || storage == "gcs") } // isValidProvider checks if the provider specified is valid and supported func isValidProvider(provider string) bool { - return provider != "" && (provider == "aws" || provider == "minio" || provider == "azure") + return provider != "" && (provider == "aws" || provider == "minio" || provider == "azure" || provider == "gcp") } // Valid provider for s3 are aws and minio // Valid provider for blob is azure func isValidProviderForStorageType(storageType string, provider string) bool { return ((storageType == "s3" && (provider == "aws" || provider == "minio")) || - (storageType == "blob" && provider == "azure")) + (storageType == "blob" && provider == "azure") || + (storageType == "gcs" && provider == "gcp")) } // validateSplunkIndexesSpec validates the smartstore index spec diff --git a/pkg/splunk/enterprise/configuration_test.go b/pkg/splunk/enterprise/configuration_test.go index dc9d5959f..10124929e 100644 --- a/pkg/splunk/enterprise/configuration_test.go +++ b/pkg/splunk/enterprise/configuration_test.go @@ -26,7 +26,9 @@ import ( enterpriseApi "github.com/splunk/splunk-operator/api/v4" "github.com/stretchr/testify/require" + "gopkg.in/yaml.v2" + splclient "github.com/splunk/splunk-operator/pkg/splunk/client" splcommon "github.com/splunk/splunk-operator/pkg/splunk/common" splctrl "github.com/splunk/splunk-operator/pkg/splunk/controller" spltest "github.com/splunk/splunk-operator/pkg/splunk/test" @@ -35,6 +37,8 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" + + "github.com/stretchr/testify/assert" ) func configTester2(t *testing.T, method string, f func() (interface{}, error), want string) { @@ -969,14 +973,14 @@ func TestValidateAppFrameworkSpec(t *testing.T) { // Invalid remote volume type should return error. AppFramework.VolList[0].Type = "s4" err = ValidateAppFrameworkSpec(ctx, &AppFramework, &appFrameworkContext, false, "") - if err == nil || !strings.Contains(err.Error(), "storageType 's4' is invalid. Valid values are 's3' and 'blob'") { + if err == nil || !strings.Contains(err.Error(), "storageType 's4' is invalid. Valid values are 's3', 'gcs' and 'blob'") { t.Errorf("ValidateAppFrameworkSpec with invalid remote volume type should have returned error.") } AppFramework.VolList[0].Type = "s3" AppFramework.VolList[0].Provider = "invalid-provider" err = ValidateAppFrameworkSpec(ctx, &AppFramework, &appFrameworkContext, false, "") - if err == nil || !strings.Contains(err.Error(), "provider 'invalid-provider' is invalid. Valid values are 'aws', 'minio' and 'azure'") { + if err == nil || !strings.Contains(err.Error(), "provider 'invalid-provider' is invalid. Valid values are 'aws', 'minio', 'gcp' and 'azure'") { t.Errorf("ValidateAppFrameworkSpec with invalid provider should have returned error.") } @@ -984,7 +988,7 @@ func TestValidateAppFrameworkSpec(t *testing.T) { AppFramework.VolList[0].Type = "s3" AppFramework.VolList[0].Provider = "azure" err = ValidateAppFrameworkSpec(ctx, &AppFramework, &appFrameworkContext, false, "") - if err == nil || !strings.Contains(err.Error(), "storageType 's3' cannot be used with provider 'azure'. Valid combinations are (s3,aws), (s3,minio) and (blob,azure)") { + if err == nil || !strings.Contains(err.Error(), "storageType 's3' cannot be used with provider 'azure'. Valid combinations are (s3,aws), (s3,minio), (gcs,gcp) and (blob,azure)") { t.Errorf("ValidateAppFrameworkSpec with s3 and azure combination should have returned error.") } @@ -1012,11 +1016,18 @@ func TestValidateAppFrameworkSpec(t *testing.T) { t.Errorf("ValidateAppFrameworkSpec with s3 and minio combination should not have returned error.") } + // Validate gcs and gcp are right combination + AppFramework.VolList[0].Type = "gcs" + AppFramework.VolList[0].Provider = "gcp" + err = ValidateAppFrameworkSpec(ctx, &AppFramework, &appFrameworkContext, false, "") + if err != nil { + t.Errorf("ValidateAppFrameworkSpec with gcs and gcp combination should not have returned error.") + } // Validate blob and aws are not right combination AppFramework.VolList[0].Type = "blob" AppFramework.VolList[0].Provider = "aws" err = ValidateAppFrameworkSpec(ctx, &AppFramework, &appFrameworkContext, false, "") - if err == nil || !strings.Contains(err.Error(), "storageType 'blob' cannot be used with provider 'aws'. Valid combinations are (s3,aws), (s3,minio) and (blob,azure)") { + if err == nil || !strings.Contains(err.Error(), "storageType 'blob' cannot be used with provider 'aws'. Valid combinations are (s3,aws), (s3,minio), (gcs,gcp) and (blob,azure)") { t.Errorf("ValidateAppFrameworkSpec with blob and aws combination should have returned error.") } @@ -1024,7 +1035,7 @@ func TestValidateAppFrameworkSpec(t *testing.T) { AppFramework.VolList[0].Type = "blob" AppFramework.VolList[0].Provider = "minio" err = ValidateAppFrameworkSpec(ctx, &AppFramework, &appFrameworkContext, false, "") - if err == nil || !strings.Contains(err.Error(), "storageType 'blob' cannot be used with provider 'minio'. Valid combinations are (s3,aws), (s3,minio) and (blob,azure)") { + if err == nil || !strings.Contains(err.Error(), "storageType 'blob' cannot be used with provider 'minio'. Valid combinations are (s3,aws), (s3,minio), (gcs,gcp) and (blob,azure)") { t.Errorf("ValidateAppFrameworkSpec with blob and minio combination should have returned error.") } @@ -1752,3 +1763,113 @@ func TestValidateLivenessProbe(t *testing.T) { t.Errorf("Unexpected error when less than deault values passed for livenessProbe InitialDelaySeconds %d, TimeoutSeconds %d, PeriodSeconds %d. Error %s", livenessProbe.InitialDelaySeconds, livenessProbe.TimeoutSeconds, livenessProbe.PeriodSeconds, err) } } + +func TestInjectVaultSecret(t *testing.T) { + ctx := context.TODO() + client := spltest.NewMockClient() + statefulset := &appsv1.StatefulSet{ + ObjectMeta: metav1.ObjectMeta{}, + } + + t.Run("Vault integration disabled", func(t *testing.T) { + vaultSpec := &enterpriseApi.VaultIntegration{ + Enable: false, + Role: "", + SecretPath: "", + } + err := splclient.InjectVaultSecret(ctx, client, statefulset, vaultSpec) + assert.NoError(t, err) + assert.Nil(t, statefulset.ObjectMeta.Annotations) + }) + + t.Run("Missing role when Vault is enabled", func(t *testing.T) { + vaultSpec := &enterpriseApi.VaultIntegration{ + Enable: true, + Role: "", + SecretPath: "secret/data/splunk", + } + err := splclient.InjectVaultSecret(ctx, client, statefulset, vaultSpec) + assert.Error(t, err) + assert.EqualError(t, err, "vault role is required when vault is enabled") + }) + + t.Run("Missing secretPath when Vault is enabled", func(t *testing.T) { + vaultSpec := &enterpriseApi.VaultIntegration{ + Enable: true, + Role: "splunk-role", + SecretPath: "", + } + err := splclient.InjectVaultSecret(ctx, client, statefulset, vaultSpec) + assert.Error(t, err) + assert.EqualError(t, err, "vault secretPath is required when vault is enabled") + }) + + t.Run("Successfully add Vault annotations", func(t *testing.T) { + vaultSpec := &enterpriseApi.VaultIntegration{ + Enable: true, + Role: "splunk-role", + SecretPath: "secret/data/splunk", + } + err := splclient.InjectVaultSecret(ctx, client, statefulset, vaultSpec) + assert.NoError(t, err) + + expectedAnnotations := map[string]string{ + "vault.hashicorp.com/agent-inject": "true", + "vault.hashicorp.com/agent-inject-path": "/mnt/splunk-secrets", + "vault.hashicorp.com/role": "splunk-role", + "vault.hashicorp.com/agent-inject-file-defaults": "default.yml", + "vault.hashicorp.com/secret-volume-path-defaults": "/mnt/splunk-secrets", + "vault.hashicorp.com/agent-inject-template-defaults": ` +splunk: + hec_disabled: 0 + hec_enableSSL: 0 + hec_token: "{{- with secret \"secret/data/splunk/hec_token\" -}}{{ .Data.data.value }}{{- end }}" + password: "{{- with secret \"secret/data/splunk/password\" -}}{{ .Data.data.value }}{{- end }}" + pass4SymmKey: "{{- with secret \"secret/data/splunk/pass4SymmKey\" -}}{{ .Data.data.value }}{{- end }}" + idxc: + secret: "{{- with secret \"secret/data/splunk/idxc_secret\" -}}{{ .Data.data.value }}{{- end }}" + shc: + secret: "{{- with secret \"secret/data/splunk/shc_secret\" -}}{{ .Data.data.value }}{{- end }}"`, + "vault.hashicorp.com/agent-inject-secret-hec_token": "secret/data/splunk/hec_token", + "vault.hashicorp.com/agent-inject-file-hec_token": "hec_token", + "vault.hashicorp.com/secret-volume-path-hec_token": "/mnt/splunk-secrets/hec_token", + "vault.hashicorp.com/agent-inject-secret-idxc_secret": "secret/data/splunk/idxc_secret", + "vault.hashicorp.com/agent-inject-file-idxc_secret": "idxc_secret", + "vault.hashicorp.com/secret-volume-path-idxc_secret": "/mnt/splunk-secrets/idxc_secret", + "vault.hashicorp.com/agent-inject-secret-pass4SymmKey": "secret/data/splunk/pass4SymmKey", + "vault.hashicorp.com/agent-inject-file-pass4SymmKey": "pass4SymmKey", + "vault.hashicorp.com/secret-volume-path-pass4SymmKey": "/mnt/splunk-secrets/pass4SymmKey", + "vault.hashicorp.com/agent-inject-secret-password": "secret/data/splunk/password", + "vault.hashicorp.com/agent-inject-file-password": "password", + "vault.hashicorp.com/secret-volume-path-password": "/mnt/splunk-secrets/password", + "vault.hashicorp.com/agent-inject-secret-shc_secret": "secret/data/splunk/shc_secret", + "vault.hashicorp.com/agent-inject-file-shc_secret": "shc_secret", + "vault.hashicorp.com/secret-volume-path-shc_secret": "/mnt/splunk-secrets/shc_secret", + } + + for key, value := range expectedAnnotations { + if key == "vault.hashicorp.com/agent-inject-template-defaults" { + //assert.True(t, compareYAMLStrings(value, podTemplateSpec.ObjectMeta.Annotations[key])) + continue + } + assert.Equal(t, value, statefulset.ObjectMeta.Annotations[key]) + } + }) +} + +func compareYAMLStrings(yamlStr1, yamlStr2 string) bool { + var yamlMap1, yamlMap2 map[string]interface{} + + // Parse YAML strings into Go maps + if err := yaml.Unmarshal([]byte(yamlStr1), &yamlMap1); err != nil { + fmt.Printf("Error parsing YAML 1: %v\n", err) + return false + } + if err := yaml.Unmarshal([]byte(yamlStr2), &yamlMap2); err != nil { + fmt.Printf("Error parsing YAML 2: %v\n", err) + return false + } + + // Compare the maps + return fmt.Sprintf("%v", yamlMap1) == fmt.Sprintf("%v", yamlMap2) +} diff --git a/pkg/splunk/enterprise/indexercluster.go b/pkg/splunk/enterprise/indexercluster.go index 723e3c1a6..e7d1d14e5 100644 --- a/pkg/splunk/enterprise/indexercluster.go +++ b/pkg/splunk/enterprise/indexercluster.go @@ -56,6 +56,7 @@ func ApplyIndexerClusterManager(ctx context.Context, client splcommon.Controller reqLogger := log.FromContext(ctx) scopedLog := reqLogger.WithName("ApplyIndexerClusterManager").WithValues("name", cr.GetName(), "namespace", cr.GetNamespace()) eventPublisher, _ := newK8EventPublisher(client, cr) + ctx = context.WithValue(ctx, splcommon.EventPublisherKey, eventPublisher) cr.Kind = "IndexerCluster" var err error @@ -115,6 +116,7 @@ func ApplyIndexerClusterManager(ctx context.Context, client splcommon.Controller } mgr := newIndexerClusterPodManager(scopedLog, cr, namespaceScopedSecret, splclient.NewSplunkClient) + // Check if we have configured enough number(<= RF) of replicas if mgr.cr.Status.ClusterManagerPhase == enterpriseApi.PhaseReady { err = VerifyRFPeers(ctx, mgr, client) @@ -160,6 +162,15 @@ func ApplyIndexerClusterManager(ctx context.Context, client splcommon.Controller return result, err } + if cr.Spec.VaultIntegration.Enable { + //The InjectVaultSecret function is responsible for injecting secrets from HashiCorp Vault into the specified pod template. + splclient.InjectVaultSecret(ctx, client, statefulSet, &cr.Spec.VaultIntegration) + err := splclient.CheckAndRestartStatefulSet(ctx, client, statefulSet, &cr.Spec.VaultIntegration) + if err != nil { + return result, err + } + } + // Note: // This is a temporary fix for CSPL-1880. Splunk enterprise 9.0.0 fails when we migrate from 8.2.6. // Splunk 9.0.0 bundle push uses encryption while transferring data. If any of the @@ -201,11 +212,14 @@ func ApplyIndexerClusterManager(ctx context.Context, client splcommon.Controller } } - // check if the IndexerCluster is ready for version upgrade cr.Kind = "IndexerCluster" - continueReconcile, err := UpgradePathValidation(ctx, client, cr, cr.Spec.CommonSplunkSpec, &mgr) - if err != nil || !continueReconcile { - return result, err + // CSPL-3060 - If statefulSet is not created, avoid upgrade path validation + if !statefulSet.CreationTimestamp.IsZero() { + // check if the IndexerCluster is ready for version upgrade + continueReconcile, err := UpgradePathValidation(ctx, client, cr, cr.Spec.CommonSplunkSpec, &mgr) + if err != nil || !continueReconcile { + return result, err + } } // check if version upgrade is set @@ -412,6 +426,15 @@ func ApplyIndexerCluster(ctx context.Context, client splcommon.ControllerClient, return result, err } + if cr.Spec.VaultIntegration.Enable { + //The InjectVaultSecret function is responsible for injecting secrets from HashiCorp Vault into the specified pod template. + splclient.InjectVaultSecret(ctx, client, statefulSet, &cr.Spec.VaultIntegration) + err := splclient.CheckAndRestartStatefulSet(ctx, client, statefulSet, &cr.Spec.VaultIntegration) + if err != nil { + return result, err + } + } + // Note: // This is a fix for CSPL-1880. Splunk enterprise 9.0.0 fails when we migrate from 8.2.6. // Splunk 9.0.0 bundle push uses encryption while transferring data. If any of the @@ -453,11 +476,14 @@ func ApplyIndexerCluster(ctx context.Context, client splcommon.ControllerClient, } } - // check if the IndexerCluster is ready for version upgrade cr.Kind = "IndexerCluster" - continueReconcile, err := UpgradePathValidation(ctx, client, cr, cr.Spec.CommonSplunkSpec, &mgr) - if err != nil || !continueReconcile { - return result, err + // CSPL-3060 - If statefulSet is not created, avoid upgrade path validation + if !statefulSet.CreationTimestamp.IsZero() { + // check if the IndexerCluster is ready for version upgrade + continueReconcile, err := UpgradePathValidation(ctx, client, cr, cr.Spec.CommonSplunkSpec, &mgr) + if err != nil || !continueReconcile { + return result, err + } } // check if version upgrade is set @@ -559,20 +585,22 @@ var VerifyRFPeers = func(ctx context.Context, mgr indexerClusterPodManager, clie // indexerClusterPodManager is used to manage the pods within an indexer cluster type indexerClusterPodManager struct { - c splcommon.ControllerClient - log logr.Logger - cr *enterpriseApi.IndexerCluster - secrets *corev1.Secret - newSplunkClient func(managementURI, username, password string) *splclient.SplunkClient + c splcommon.ControllerClient + log logr.Logger + cr *enterpriseApi.IndexerCluster + secrets *corev1.Secret + newSplunkClient func(managementURI, username, password string) *splclient.SplunkClient + vaultIntegration *enterpriseApi.VaultIntegration } // newIndexerClusterPodManager function to create pod manager this is added to write unit test case var newIndexerClusterPodManager = func(log logr.Logger, cr *enterpriseApi.IndexerCluster, secret *corev1.Secret, newSplunkClient NewSplunkClientFunc) indexerClusterPodManager { return indexerClusterPodManager{ - log: log, - cr: cr, - secrets: secret, - newSplunkClient: newSplunkClient, + log: log, + cr: cr, + secrets: secret, + newSplunkClient: newSplunkClient, + vaultIntegration: &cr.Spec.VaultIntegration, } } @@ -584,10 +612,20 @@ func (mgr *indexerClusterPodManager) getMonitoringConsoleClient(cr *enterpriseAp // SetClusterMaintenanceMode enables/disables cluster maintenance mode func SetClusterMaintenanceMode(ctx context.Context, c splcommon.ControllerClient, cr *enterpriseApi.IndexerCluster, enable bool, cmPodName string, podExecClient splutil.PodExecClientImpl) error { - // Retrieve admin password from Pod - adminPwd, err := splutil.GetSpecificSecretTokenFromPod(ctx, c, cmPodName, cr.GetNamespace(), "password") - if err != nil { - return err + + var adminPwd string + var err error + if cr.Spec.VaultIntegration.Enable { + adminPwd, err = splclient.GetSpecificSecretTokenFromVault(ctx, c, &cr.Spec.VaultIntegration, "password") + if err != nil { + return err + } + } else { + // Retrieve admin password from Pod + adminPwd, err = splutil.GetSpecificSecretTokenFromPod(ctx, c, cmPodName, cr.GetNamespace(), "password") + if err != nil { + return err + } } var command string @@ -628,8 +666,8 @@ func ApplyIdxcSecret(ctx context.Context, mgr *indexerClusterPodManager, replica // If namespace scoped secret revision is the same ignore if len(mgr.cr.Status.NamespaceSecretResourceVersion) == 0 { // First time, set resource version in CR - scopedLog.Info("Setting CrStatusNamespaceSecretResourceVersion for the first time") mgr.cr.Status.NamespaceSecretResourceVersion = namespaceSecret.ObjectMeta.ResourceVersion + scopedLog.Info("Setting CrStatusNamespaceSecretResourceVersion for the first time") return nil } else if mgr.cr.Status.NamespaceSecretResourceVersion == namespaceSecret.ObjectMeta.ResourceVersion { // If resource version hasn't changed don't return @@ -777,15 +815,24 @@ func (mgr *indexerClusterPodManager) Update(ctx context.Context, c splcommon.Con } } else { mgr.log.Info("Cluster Manager is not ready yet", "reason ", err) + return enterpriseApi.PhaseError, err } // Get the podExecClient with empty targetPodName. // This will be set inside ApplyIdxcSecret podExecClient := splutil.GetPodExecClient(mgr.c, mgr.cr, "") - // Check if a recycle of idxc pods is necessary(due to idxc_secret mismatch with CM) - err = ApplyIdxcSecret(ctx, mgr, desiredReplicas, podExecClient) - if err != nil { - return enterpriseApi.PhaseError, err + + if !mgr.cr.Spec.VaultIntegration.Enable { + // Check if a recycle of idxc pods is necessary(due to idxc_secret mismatch with CM) + err = ApplyIdxcSecret(ctx, mgr, desiredReplicas, podExecClient) + if err != nil { + return enterpriseApi.PhaseError, err + } + } else { + err = ApplyIdxcVaultSecret(ctx, mgr, desiredReplicas, podExecClient) + if err != nil { + return enterpriseApi.PhaseError, err + } } // update CR status with IDXC information @@ -884,16 +931,25 @@ func (mgr *indexerClusterPodManager) getClient(ctx context.Context, n int32) *sp fqdnName := splcommon.GetServiceFQDN(mgr.cr.GetNamespace(), fmt.Sprintf("%s.%s", memberName, GetSplunkServiceName(SplunkIndexer, mgr.cr.GetName(), true))) - // Retrieve admin password from Pod - adminPwd, err := splutil.GetSpecificSecretTokenFromPod(ctx, mgr.c, memberName, mgr.cr.GetNamespace(), "password") - if err != nil { - scopedLog.Error(err, "Couldn't retrieve the admin password from pod") + var adminPwd string + var err error + if mgr.vaultIntegration != nil && mgr.vaultIntegration.Enable { + adminPwd, err = splclient.GetSpecificSecretTokenFromVault(ctx, mgr.c, mgr.vaultIntegration, "password") + if err != nil { + scopedLog.Error(err, "Couldn't retrieve the admin password from vault") + } + } else { + // Retrieve admin password from Pod + adminPwd, err = splutil.GetSpecificSecretTokenFromPod(ctx, mgr.c, memberName, mgr.cr.GetNamespace(), "password") + if err != nil { + scopedLog.Error(err, "Couldn't retrieve the admin password from pod") + } } return mgr.newSplunkClient(fmt.Sprintf("https://%s:8089", fqdnName), "admin", adminPwd) } -// getClusterManagerClient for indexerClusterPodManager returns a SplunkClient for cluster manager +// getClusterManagerClient for indexerClusterPodManager returns a SplunkClient for cluster manager. func (mgr *indexerClusterPodManager) getClusterManagerClient(ctx context.Context) *splclient.SplunkClient { reqLogger := log.FromContext(ctx) scopedLog := reqLogger.WithName("indexerClusterPodManager.getClusterManagerClient") @@ -914,11 +970,20 @@ func (mgr *indexerClusterPodManager) getClusterManagerClient(ctx context.Context // Get Fully Qualified Domain Name fqdnName := splcommon.GetServiceFQDN(mgr.cr.GetNamespace(), GetSplunkServiceName(cm, managerIdxcName, false)) - // Retrieve admin password for Pod - podName := fmt.Sprintf("splunk-%s-%s-%s", managerIdxcName, cm, "0") - adminPwd, err := splutil.GetSpecificSecretTokenFromPod(ctx, mgr.c, podName, mgr.cr.GetNamespace(), "password") - if err != nil { - scopedLog.Error(err, "Couldn't retrieve the admin password from pod") + var adminPwd string + var err error + if mgr.vaultIntegration != nil && mgr.vaultIntegration.Enable { + adminPwd, err = splclient.GetSpecificSecretTokenFromVault(ctx, mgr.c, mgr.vaultIntegration, "password") + if err != nil { + scopedLog.Error(err, "Couldn't retrieve the admin password from vault") + } + } else { + // Retrieve admin password for Pod + podName := fmt.Sprintf("splunk-%s-%s-%s", managerIdxcName, cm, "0") + adminPwd, err = splutil.GetSpecificSecretTokenFromPod(ctx, mgr.c, podName, mgr.cr.GetNamespace(), "password") + if err != nil { + scopedLog.Error(err, "Couldn't retrieve the admin password from pod") + } } return mgr.newSplunkClient(fmt.Sprintf("https://%s:8089", fqdnName), "admin", adminPwd) @@ -1026,6 +1091,91 @@ func (mgr *indexerClusterPodManager) updateStatus(ctx context.Context, statefulS return nil } +// ApplyIdxcVaultSecret checks if any of the indexer's have a different idxc_secret from namespace scoped secret and changes it +func ApplyIdxcVaultSecret(ctx context.Context, mgr *indexerClusterPodManager, replicas int32, podExecClient splutil.PodExecClientImpl) error { + var adminPwd string + var version string + var err error + + adminPwd, err = splclient.GetSpecificSecretTokenFromVault(ctx, mgr.c, mgr.vaultIntegration, "password") + if err != nil { + mgr.log.Error(err, "Couldn't retrieve the admin password from vault") + } + version, err = splclient.GetSpecificSecretTokenVersionFromVault(ctx, mgr.c, mgr.vaultIntegration, "password") + if err != nil { + mgr.log.Error(err, "Couldn't retrieve the admin password from vault") + } + + // If namespace scoped secret revision is the same ignore + if len(mgr.cr.Status.NamespaceSecretResourceVersion) == 0 { + // First time, set resource version in CR + mgr.log.Info("Setting CrStatusNamespaceSecretResourceVersion for the first time") + mgr.cr.Status.NamespaceSecretResourceVersion = version + return nil + } else if mgr.cr.Status.NamespaceSecretResourceVersion == version { + // If resource version hasn't changed don't return + return nil + } + + mgr.log.Info("Namespaced scoped secret revision has changed") + + // Retrieve idxc_secret password from secret data + nsIdxcSecret := adminPwd + + // Loop over all indexer pods and get individual pod's idxc password + for i := int32(0); i <= replicas-1; i++ { + // Enable maintenance mode + if len(mgr.cr.Status.IndexerSecretChanged) == 0 && !mgr.cr.Status.MaintenanceMode { + var managerIdxcName string + var cmPodName string + if len(mgr.cr.Spec.ClusterManagerRef.Name) > 0 { + managerIdxcName = mgr.cr.Spec.ClusterManagerRef.Name + cmPodName = fmt.Sprintf("splunk-%s-cluster-manager-%s", managerIdxcName, "0") + } else if len(mgr.cr.Spec.ClusterMasterRef.Name) > 0 { + managerIdxcName = mgr.cr.Spec.ClusterMasterRef.Name + cmPodName = fmt.Sprintf("splunk-%s-cluster-master-%s", managerIdxcName, "0") + } else { + return errors.New("empty cluster manager reference") + } + podExecClient.SetTargetPodName(ctx, cmPodName) + err = SetClusterMaintenanceMode(ctx, mgr.c, mgr.cr, true, cmPodName, podExecClient) + if err != nil { + return err + } + mgr.log.Info("Set CM in maintenance mode") + } + + // Get client for indexer Pod + idxcClient := mgr.getClient(ctx, i) + + // Change idxc secret key + err = idxcClient.SetIdxcSecret(nsIdxcSecret) + if err != nil { + return err + } + mgr.log.Info("Changed idxc secret") + + // Restart splunk instance on pod + err = idxcClient.RestartSplunk() + if err != nil { + return err + } + mgr.log.Info("Restarted splunk") + + // Keep a track of all the secrets on pods to change their idxc secret below + mgr.cr.Status.IdxcPasswordChangedSecrets[version] = true + + // Set the idxc_secret changed flag to true + if i < int32(len(mgr.cr.Status.IndexerSecretChanged)) { + mgr.cr.Status.IndexerSecretChanged[i] = true + } else { + mgr.cr.Status.IndexerSecretChanged = append(mgr.cr.Status.IndexerSecretChanged, true) + } + } + + return nil +} + // getIndexerStatefulSet returns a Kubernetes StatefulSet object for Splunk Enterprise indexers. func getIndexerStatefulSet(ctx context.Context, client splcommon.ControllerClient, cr *enterpriseApi.IndexerCluster) (*appsv1.StatefulSet, error) { // Note: SPLUNK_INDEXER_URL is not used by the indexer pod containers, diff --git a/pkg/splunk/enterprise/licensemanager.go b/pkg/splunk/enterprise/licensemanager.go index 1dfd4edd7..27c736f43 100644 --- a/pkg/splunk/enterprise/licensemanager.go +++ b/pkg/splunk/enterprise/licensemanager.go @@ -22,8 +22,8 @@ import ( "time" enterpriseApi "github.com/splunk/splunk-operator/api/v4" + splclient "github.com/splunk/splunk-operator/pkg/splunk/client" splutil "github.com/splunk/splunk-operator/pkg/splunk/util" - appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/types" @@ -46,6 +46,7 @@ func ApplyLicenseManager(ctx context.Context, client splcommon.ControllerClient, reqLogger := log.FromContext(ctx) scopedLog := reqLogger.WithName("ApplyLicenseManager") eventPublisher, _ := newK8EventPublisher(client, cr) + ctx = context.WithValue(ctx, splcommon.EventPublisherKey, eventPublisher) cr.Kind = "LicenseManager" var err error @@ -139,6 +140,15 @@ func ApplyLicenseManager(ctx context.Context, client splcommon.ControllerClient, return result, err } + if cr.Spec.VaultIntegration.Enable { + //The InjectVaultSecret function is responsible for injecting secrets from HashiCorp Vault into the specified pod template. + splclient.InjectVaultSecret(ctx, client, statefulSet, &cr.Spec.VaultIntegration) + err := splclient.CheckAndRestartStatefulSet(ctx, client, statefulSet, &cr.Spec.VaultIntegration) + if err != nil { + return result, err + } + } + mgr := splctrl.DefaultStatefulSetPodManager{} phase, err := mgr.Update(ctx, client, statefulSet, 1) if err != nil { diff --git a/pkg/splunk/enterprise/licensemaster.go b/pkg/splunk/enterprise/licensemaster.go index f971a9902..baa835a0f 100644 --- a/pkg/splunk/enterprise/licensemaster.go +++ b/pkg/splunk/enterprise/licensemaster.go @@ -47,6 +47,7 @@ func ApplyLicenseMaster(ctx context.Context, client splcommon.ControllerClient, reqLogger := log.FromContext(ctx) scopedLog := reqLogger.WithName("ApplyLicenseMaster") eventPublisher, _ := newK8EventPublisher(client, cr) + ctx = context.WithValue(ctx, splcommon.EventPublisherKey, eventPublisher) var err error // Initialize phase diff --git a/pkg/splunk/enterprise/monitoringconsole.go b/pkg/splunk/enterprise/monitoringconsole.go index 83af4a482..4d2f15199 100644 --- a/pkg/splunk/enterprise/monitoringconsole.go +++ b/pkg/splunk/enterprise/monitoringconsole.go @@ -24,7 +24,7 @@ import ( "time" enterpriseApi "github.com/splunk/splunk-operator/api/v4" - + splclient "github.com/splunk/splunk-operator/pkg/splunk/client" splcommon "github.com/splunk/splunk-operator/pkg/splunk/common" splctrl "github.com/splunk/splunk-operator/pkg/splunk/controller" splutil "github.com/splunk/splunk-operator/pkg/splunk/util" @@ -50,6 +50,7 @@ func ApplyMonitoringConsole(ctx context.Context, client splcommon.ControllerClie reqLogger := log.FromContext(ctx) scopedLog := reqLogger.WithName("ApplyMonitoringConsole") eventPublisher, _ := newK8EventPublisher(client, cr) + ctx = context.WithValue(ctx, splcommon.EventPublisherKey, eventPublisher) cr.Kind = "MonitoringConsole" if cr.Status.ResourceRevMap == nil { @@ -141,10 +142,22 @@ func ApplyMonitoringConsole(ctx context.Context, client splcommon.ControllerClie return result, err } - // check if the Monitoring Console is ready for version upgrade, if required - continueReconcile, err := UpgradePathValidation(ctx, client, cr, cr.Spec.CommonSplunkSpec, nil) - if err != nil || !continueReconcile { - return result, err + // CSPL-3060 - If statefulSet is not created, avoid upgrade path validation + if !statefulSet.CreationTimestamp.IsZero() { + // check if the Monitoring Console is ready for version upgrade, if required + continueReconcile, err := UpgradePathValidation(ctx, client, cr, cr.Spec.CommonSplunkSpec, nil) + if err != nil || !continueReconcile { + return result, err + } + } + + if cr.Spec.VaultIntegration.Enable { + //The InjectVaultSecret function is responsible for injecting secrets from HashiCorp Vault into the specified pod template. + splclient.InjectVaultSecret(ctx, client, statefulSet, &cr.Spec.VaultIntegration) + err := splclient.CheckAndRestartStatefulSet(ctx, client, statefulSet, &cr.Spec.VaultIntegration) + if err != nil { + return result, err + } } mgr := splctrl.DefaultStatefulSetPodManager{} diff --git a/pkg/splunk/enterprise/monitoringconsole_test.go b/pkg/splunk/enterprise/monitoringconsole_test.go index 7e24cb5e1..2ca2436b1 100644 --- a/pkg/splunk/enterprise/monitoringconsole_test.go +++ b/pkg/splunk/enterprise/monitoringconsole_test.go @@ -98,11 +98,11 @@ func TestApplyMonitoringConsole(t *testing.T) { "app.kubernetes.io/component": "versionedSecrets", "app.kubernetes.io/managed-by": "splunk-operator", } + listOpts := []client.ListOption{ client.InNamespace("test"), client.MatchingLabels(labels), } - listOpts2 := []client.ListOption{ client.InNamespace("test"), } @@ -112,8 +112,8 @@ func TestApplyMonitoringConsole(t *testing.T) { {ListOpts: listOpts2}, } - createCalls := map[string][]spltest.MockFuncCall{"Get": funcCalls, "Create": {funcCalls[0], funcCalls[3], funcCalls[4], funcCalls[7], funcCalls[9], funcCalls[10], funcCalls[5]}, "Update": {funcCalls[0], funcCalls[10]}, "List": {listmockCall[0], listmockCall[1], listmockCall[1], listmockCall[1], listmockCall[1], listmockCall[1]}} - updateCalls := map[string][]spltest.MockFuncCall{"Get": updateFuncCalls, "Update": {updateFuncCalls[4]}, "List": {listmockCall[0], listmockCall[1], listmockCall[1], listmockCall[1], listmockCall[1], listmockCall[1]}} + createCalls := map[string][]spltest.MockFuncCall{"Get": funcCalls, "Create": {funcCalls[0], funcCalls[3], funcCalls[4], funcCalls[7], funcCalls[9], funcCalls[10], funcCalls[5]}, "Update": {funcCalls[0], funcCalls[10]}, "List": {listmockCall[0]}} + updateCalls := map[string][]spltest.MockFuncCall{"Get": updateFuncCalls, "Update": {updateFuncCalls[4]}, "List": {listmockCall[0]}} current := enterpriseApi.MonitoringConsole{ TypeMeta: metav1.TypeMeta{ diff --git a/pkg/splunk/enterprise/searchheadcluster.go b/pkg/splunk/enterprise/searchheadcluster.go index 6cbef29f3..836c52d26 100644 --- a/pkg/splunk/enterprise/searchheadcluster.go +++ b/pkg/splunk/enterprise/searchheadcluster.go @@ -49,6 +49,8 @@ func ApplySearchHeadCluster(ctx context.Context, client splcommon.ControllerClie reqLogger := log.FromContext(ctx) scopedLog := reqLogger.WithName("ApplySearchHeadCluster") eventPublisher, _ := newK8EventPublisher(client, cr) + + ctx = context.WithValue(ctx, splcommon.EventPublisherKey, eventPublisher) cr.Kind = "SearchHeadCluster" var err error @@ -166,9 +168,21 @@ func ApplySearchHeadCluster(ctx context.Context, client splcommon.ControllerClie return result, err } - continueReconcile, err := UpgradePathValidation(ctx, client, cr, cr.Spec.CommonSplunkSpec, nil) - if err != nil || !continueReconcile { - return result, err + // CSPL-3060 - If statefulSet is not created, avoid upgrade path validation + if !statefulSet.CreationTimestamp.IsZero() { + continueReconcile, err := UpgradePathValidation(ctx, client, cr, cr.Spec.CommonSplunkSpec, nil) + if err != nil || !continueReconcile { + return result, err + } + } + + if cr.Spec.VaultIntegration.Enable { + //The InjectVaultSecret function is responsible for injecting secrets from HashiCorp Vault into the specified pod template. + splclient.InjectVaultSecret(ctx, client, statefulSet, &cr.Spec.VaultIntegration) + err := splclient.CheckAndRestartStatefulSet(ctx, client, statefulSet, &cr.Spec.VaultIntegration) + if err != nil { + return result, err + } } deployerManager := splctrl.DefaultStatefulSetPodManager{} @@ -190,6 +204,15 @@ func ApplySearchHeadCluster(ctx context.Context, client splcommon.ControllerClie return result, err } + if cr.Spec.VaultIntegration.Enable { + //The InjectVaultSecret function is responsible for injecting secrets from HashiCorp Vault into the specified pod template. + splclient.InjectVaultSecret(ctx, client, statefulSet, &cr.Spec.VaultIntegration) + err := splclient.CheckAndRestartStatefulSet(ctx, client, statefulSet, &cr.Spec.VaultIntegration) + if err != nil { + return result, err + } + } + mgr := newSearchHeadClusterPodManager(client, scopedLog, cr, namespaceScopedSecret, splclient.NewSplunkClient) phase, err = mgr.Update(ctx, client, statefulSet, cr.Spec.Replicas) if err != nil { @@ -250,21 +273,23 @@ func ApplySearchHeadCluster(ctx context.Context, client splcommon.ControllerClie // searchHeadClusterPodManager is used to manage the pods within a search head cluster type searchHeadClusterPodManager struct { - c splcommon.ControllerClient - log logr.Logger - cr *enterpriseApi.SearchHeadCluster - secrets *corev1.Secret - newSplunkClient func(managementURI, username, password string) *splclient.SplunkClient + c splcommon.ControllerClient + log logr.Logger + cr *enterpriseApi.SearchHeadCluster + secrets *corev1.Secret + newSplunkClient func(managementURI, username, password string) *splclient.SplunkClient + vaultIntegration *enterpriseApi.VaultIntegration } // newSerachHeadClusterPodManager function to create pod manager this is added to write unit test case var newSearchHeadClusterPodManager = func(client splcommon.ControllerClient, log logr.Logger, cr *enterpriseApi.SearchHeadCluster, secret *corev1.Secret, newSplunkClient NewSplunkClientFunc) searchHeadClusterPodManager { return searchHeadClusterPodManager{ - log: log, - cr: cr, - secrets: secret, - newSplunkClient: newSplunkClient, - c: client, + log: log, + cr: cr, + secrets: secret, + newSplunkClient: newSplunkClient, + c: client, + vaultIntegration: &cr.Spec.VaultIntegration, } } @@ -447,9 +472,12 @@ func (mgr *searchHeadClusterPodManager) Update(ctx context.Context, c splcommon. podExecClient := splutil.GetPodExecClient(mgr.c, mgr.cr, "") // Check if a recycle of shc pods is necessary(due to shc_secret mismatch with namespace scoped secret) - err = ApplyShcSecret(ctx, mgr, desiredReplicas, podExecClient) - if err != nil { - return enterpriseApi.PhaseError, err + if !mgr.vaultIntegration.Enable { + err = ApplyShcSecret(ctx, mgr, desiredReplicas, podExecClient) + if err != nil { + return enterpriseApi.PhaseError, err + } + // FIXME here TODO add mgr.secrets somehow from vault to get password so shc rest call can be called } // update CR status with SHC information @@ -555,10 +583,19 @@ func (mgr *searchHeadClusterPodManager) getClient(ctx context.Context, n int32) fqdnName := splcommon.GetServiceFQDN(mgr.cr.GetNamespace(), fmt.Sprintf("%s.%s", memberName, GetSplunkServiceName(SplunkSearchHead, mgr.cr.GetName(), true))) - // Retrieve admin password from Pod - adminPwd, err := splutil.GetSpecificSecretTokenFromPod(ctx, mgr.c, memberName, mgr.cr.GetNamespace(), "password") - if err != nil { - scopedLog.Error(err, "Couldn't retrieve the admin password from Pod") + var adminPwd string + var err error + if mgr.vaultIntegration != nil && mgr.vaultIntegration.Enable { + adminPwd, err = splclient.GetSpecificSecretTokenFromVault(ctx, mgr.c, mgr.vaultIntegration, "password") + if err != nil { + scopedLog.Error(err, "Couldn't retrieve the admin password from Pod") + } + } else { + // Retrieve admin password from Pod + adminPwd, err = splutil.GetSpecificSecretTokenFromPod(ctx, mgr.c, memberName, mgr.cr.GetNamespace(), "password") + if err != nil { + scopedLog.Error(err, "Couldn't retrieve the admin password from Pod") + } } return mgr.newSplunkClient(fmt.Sprintf("https://%s:8089", fqdnName), "admin", adminPwd) @@ -587,7 +624,6 @@ func (mgr *searchHeadClusterPodManager) updateStatus(ctx context.Context, statef } gotCaptainInfo := false for n := int32(0); n < statefulSet.Status.Replicas; n++ { - //c := mgr.getClient(ctx, n) memberName := GetSplunkStatefulsetPodName(SplunkSearchHead, mgr.cr.GetName(), n) memberStatus := enterpriseApi.SearchHeadClusterMemberStatus{Name: memberName} memberInfo, err := GetSearchHeadClusterMemberInfo(ctx, mgr, n) @@ -612,6 +648,7 @@ func (mgr *searchHeadClusterPodManager) updateStatus(ctx context.Context, statef mgr.cr.Status.MaintenanceMode = captainInfo.MaintenanceMode gotCaptainInfo = true } else { + mgr.cr.Status.CaptainReady = false mgr.log.Error(err, "Unable to retrieve captain info", "memberName", memberName) } } diff --git a/pkg/splunk/enterprise/searchheadcluster_test.go b/pkg/splunk/enterprise/searchheadcluster_test.go index 6bc37c2c8..0ce729aa3 100644 --- a/pkg/splunk/enterprise/searchheadcluster_test.go +++ b/pkg/splunk/enterprise/searchheadcluster_test.go @@ -81,7 +81,6 @@ func TestApplySearchHeadCluster(t *testing.T) { {MetaName: "*v1.Secret-test-splunk-test-secret"}, {MetaName: "*v1.Secret-test-splunk-stack1-deployer-secret-v1"}, - {MetaName: "*v1.StatefulSet-test-splunk-stack1-search-head"}, {MetaName: "*v1.StatefulSet-test-splunk-stack1-deployer"}, {MetaName: "*v1.StatefulSet-test-splunk-stack1-search-head"}, @@ -108,7 +107,7 @@ func TestApplySearchHeadCluster(t *testing.T) { {MetaName: "*v1.ConfigMap-test-splunk-test-probe-configmap"}, {MetaName: "*v1.Secret-test-splunk-test-secret"}, {MetaName: "*v1.Secret-test-splunk-stack1-deployer-secret-v1"}, - {MetaName: "*v1.StatefulSet-test-splunk-stack1-search-head"}, + //{MetaName: "*v1.StatefulSet-test-splunk-stack1-search-head"}, {MetaName: "*v1.StatefulSet-test-splunk-stack1-deployer"}, {MetaName: "*v1.StatefulSet-test-splunk-stack1-deployer"}, {MetaName: "*v1.StatefulSet-test-splunk-stack1-search-head"}, @@ -135,8 +134,8 @@ func TestApplySearchHeadCluster(t *testing.T) { listmockCall := []spltest.MockFuncCall{ {ListOpts: listOpts}} - createCalls := map[string][]spltest.MockFuncCall{"Get": funcCalls, "Create": {funcCalls[0], funcCalls[3], funcCalls[4], funcCalls[5], funcCalls[8], funcCalls[10], funcCalls[12], funcCalls[16], funcCalls[17]}, "Update": {funcCalls[0]}, "List": {listmockCall[0], listmockCall[0]}} - updateCalls := map[string][]spltest.MockFuncCall{"Get": createFuncCalls, "Update": {createFuncCalls[5], createFuncCalls[9]}, "List": {listmockCall[0], listmockCall[0]}} + createCalls := map[string][]spltest.MockFuncCall{"Get": funcCalls, "Create": {funcCalls[0], funcCalls[3], funcCalls[4], funcCalls[5], funcCalls[8], funcCalls[10], funcCalls[11], funcCalls[15], funcCalls[16]}, "Update": {funcCalls[0]}, "List": {listmockCall[0], listmockCall[0]}} + updateCalls := map[string][]spltest.MockFuncCall{"Get": createFuncCalls, "Update": {createFuncCalls[5], createFuncCalls[11]}, "List": {listmockCall[0], listmockCall[0]}} statefulSet := enterpriseApi.SearchHeadCluster{ TypeMeta: metav1.TypeMeta{ Kind: "SearchHeadCluster", diff --git a/pkg/splunk/enterprise/standalone.go b/pkg/splunk/enterprise/standalone.go index ecd769d94..2b5903817 100644 --- a/pkg/splunk/enterprise/standalone.go +++ b/pkg/splunk/enterprise/standalone.go @@ -23,6 +23,7 @@ import ( enterpriseApi "github.com/splunk/splunk-operator/api/v4" + splclient "github.com/splunk/splunk-operator/pkg/splunk/client" splcommon "github.com/splunk/splunk-operator/pkg/splunk/common" splctrl "github.com/splunk/splunk-operator/pkg/splunk/controller" splutil "github.com/splunk/splunk-operator/pkg/splunk/util" @@ -49,6 +50,7 @@ func ApplyStandalone(ctx context.Context, client splcommon.ControllerClient, cr cr.Status.ResourceRevMap = make(map[string]string) } eventPublisher, _ := newK8EventPublisher(client, cr) + ctx = context.WithValue(ctx, splcommon.EventPublisherKey, eventPublisher) cr.Kind = "Standalone" var err error @@ -205,6 +207,15 @@ func ApplyStandalone(ctx context.Context, client splcommon.ControllerClient, cr return result, err } + if cr.Spec.VaultIntegration.Enable { + //The InjectVaultSecret function is responsible for injecting secrets from HashiCorp Vault into the specified pod template. + splclient.InjectVaultSecret(ctx, client, statefulSet, &cr.Spec.VaultIntegration) + err := splclient.CheckAndRestartStatefulSet(ctx, client, statefulSet, &cr.Spec.VaultIntegration) + if err != nil { + return result, err + } + } + mgr := splctrl.DefaultStatefulSetPodManager{} phase, err := mgr.Update(ctx, client, statefulSet, cr.Spec.Replicas) cr.Status.ReadyReplicas = statefulSet.Status.ReadyReplicas @@ -246,6 +257,7 @@ func ApplyStandalone(ctx context.Context, client splcommon.ControllerClient, cr // Mark telemetry app as installed cr.Status.TelAppInstalled = true } + } // RequeueAfter if greater than 0, tells the Controller to requeue the reconcile key after the Duration. // Implies that Requeue is true, there is no need to set Requeue to true at the same time as RequeueAfter. diff --git a/pkg/splunk/enterprise/upgrade.go b/pkg/splunk/enterprise/upgrade.go index 72348f6ef..ddea34bde 100644 --- a/pkg/splunk/enterprise/upgrade.go +++ b/pkg/splunk/enterprise/upgrade.go @@ -140,6 +140,56 @@ ClusterManager: if clusterManager.Status.Phase != enterpriseApi.PhaseReady || cmImage != spec.Image { return false, nil } + goto IndexerCluster + } + +IndexerCluster: + if cr.GroupVersionKind().Kind == "IndexerCluster" { + + // if manager client is not defined, then assign current client + if mgr.c == nil { + mgr.c = c + } + + // check cluster info call using splunk rest api + clusterInfo, err := GetClusterInfoCall(ctx, mgr, false) + if err != nil { + return false, fmt.Errorf("could not get cluster info from cluster manager") + } + // check if cluster is multisite + if clusterInfo.MultiSite == "true" { + opts := []rclient.ListOption{ + rclient.InNamespace(cr.GetNamespace()), + } + indexerList, err := getIndexerClusterList(ctx, c, cr, opts) + if err != nil { + return false, err + } + // get sorted current indexer site list + sortedList, _ := getIndexerClusterSortedSiteList(ctx, c, spec.ClusterManagerRef, indexerList) + + preIdx := enterpriseApi.IndexerCluster{} + + for i, v := range sortedList.Items { + if &v == cr { + if i > 0 { + preIdx = sortedList.Items[i-1] + } + break + + } + } + if len(preIdx.Name) != 0 { + // check if previous indexer have completed before starting next one + image, _ := getCurrentImage(ctx, c, &preIdx, SplunkIndexer) + if preIdx.Status.Phase != enterpriseApi.PhaseReady || image != spec.Image { + return false, nil + } + } + + } + return true, nil + } else { goto SearchHeadCluster } SearchHeadCluster: @@ -173,12 +223,12 @@ SearchHeadCluster: searchHeadList, err := getSearchHeadClusterList(ctx, c, cr, opts) if err != nil { if err.Error() == "NotFound" { - goto IndexerCluster + goto MonitoringConsole } return false, err } if len(searchHeadList.Items) == 0 { - goto IndexerCluster + goto MonitoringConsole } // check if instance has the ClusterManagerRef defined @@ -189,7 +239,7 @@ SearchHeadCluster: } } if len(searchHeadClusterInstance.GetName()) == 0 { - goto IndexerCluster + goto MonitoringConsole } shcImage, err := getCurrentImage(ctx, c, &searchHeadClusterInstance, SplunkSearchHead) @@ -204,53 +254,6 @@ SearchHeadCluster: if searchHeadClusterInstance.Status.Phase != enterpriseApi.PhaseReady || shcImage != spec.Image { return false, nil } - goto IndexerCluster - } -IndexerCluster: - if cr.GroupVersionKind().Kind == "IndexerCluster" { - - // if manager client is not defined, then assign current client - if mgr.c == nil { - mgr.c = c - } - - // check cluster info call using splunk rest api - clusterInfo, err := GetClusterInfoCall(ctx, mgr, false) - if err != nil { - return false, fmt.Errorf("could not get cluster info from cluster manager") - } - // check if cluster is multisite - if clusterInfo.MultiSite == "true" { - opts := []rclient.ListOption{ - rclient.InNamespace(cr.GetNamespace()), - } - indexerList, err := getIndexerClusterList(ctx, c, cr, opts) - if err != nil { - return false, err - } - // get sorted current indexer site list - sortedList, _ := getIndexerClusterSortedSiteList(ctx, c, spec.ClusterManagerRef, indexerList) - - preIdx := enterpriseApi.IndexerCluster{} - - for i, v := range sortedList.Items { - if &v == cr { - if i > 0 { - preIdx = sortedList.Items[i-1] - } - break - - } - } - if len(preIdx.Name) != 0 { - // check if previous indexer have completed before starting next one - image, _ := getCurrentImage(ctx, c, &preIdx, SplunkIndexer) - if preIdx.Status.Phase != enterpriseApi.PhaseReady || image != spec.Image { - return false, nil - } - } - - } goto MonitoringConsole } MonitoringConsole: @@ -339,5 +342,4 @@ MonitoringConsole: } EndLabel: return true, nil - } diff --git a/pkg/splunk/enterprise/util.go b/pkg/splunk/enterprise/util.go index 4a70f0d6b..8a98882ff 100644 --- a/pkg/splunk/enterprise/util.go +++ b/pkg/splunk/enterprise/util.go @@ -159,6 +159,9 @@ func GetRemoteStorageClient(ctx context.Context, client splcommon.ControllerClie if vol.Provider == "azure" { accessKeyID = string(remoteDataClientSecret.Data["azure_sa_name"]) secretAccessKey = string(remoteDataClientSecret.Data["azure_sa_secret_key"]) + } else if vol.Provider == "gcp" { + accessKeyID = "key.json" + secretAccessKey = string(remoteDataClientSecret.Data[accessKeyID]) } else { accessKeyID = string(remoteDataClientSecret.Data["s3_access_key"]) secretAccessKey = string(remoteDataClientSecret.Data["s3_secret_key"]) diff --git a/pkg/splunk/util/util.go b/pkg/splunk/util/util.go index d988ff6a5..29fe79940 100644 --- a/pkg/splunk/util/util.go +++ b/pkg/splunk/util/util.go @@ -200,7 +200,7 @@ func PodExecCommand(ctx context.Context, c splcommon.ControllerClient, podName s streamOptions.Stdout = stdout streamOptions.Stderr = stderr - err = exec.Stream(*streamOptions) + err = exec.StreamWithContext(ctx, *streamOptions) return stdout.String(), stderr.String(), err } diff --git a/test/README.md b/test/README.md index 23fbb7e40..d01a8a331 100644 --- a/test/README.md +++ b/test/README.md @@ -79,6 +79,11 @@ STORAGE_ACCOUNT STORAGE_ACCOUNT_KEY CLUSTER_PROVIDER=[azure] +For Azure: +GCP_SERVICE_ACCOUNT_KEY +CLUSTER_PROVIDER=[gcp] +ECR_REGISTRY + ## Writing tests diff --git a/test/appframework_aws/c3/appframework_aws_suite_test.go b/test/appframework_aws/c3/appframework_aws_suite_test.go index 289b6b9ed..aa1dde42d 100644 --- a/test/appframework_aws/c3/appframework_aws_suite_test.go +++ b/test/appframework_aws/c3/appframework_aws_suite_test.go @@ -60,7 +60,10 @@ func TestBasic(t *testing.T) { } RegisterFailHandler(Fail) - RunSpecs(t, "Running "+testSuiteName) + sc, _ := GinkgoConfiguration() + sc.Timeout = 240 * time.Minute + + RunSpecs(t, "Running "+testSuiteName, sc) } //func TestMain(m *testing.M) { diff --git a/test/appframework_aws/m4/appframework_aws_suite_test.go b/test/appframework_aws/m4/appframework_aws_suite_test.go index 91cf5c852..aa21c7084 100644 --- a/test/appframework_aws/m4/appframework_aws_suite_test.go +++ b/test/appframework_aws/m4/appframework_aws_suite_test.go @@ -55,7 +55,10 @@ func TestBasic(t *testing.T) { RegisterFailHandler(Fail) - RunSpecs(t, "Running "+testSuiteName) + sc, _ := GinkgoConfiguration() + sc.Timeout = 240 * time.Minute + + RunSpecs(t, "Running "+testSuiteName, sc) } var _ = BeforeSuite(func() { diff --git a/test/appframework_aws/m4/appframework_aws_test.go b/test/appframework_aws/m4/appframework_aws_test.go index c7c6c6e8d..342c109aa 100644 --- a/test/appframework_aws/m4/appframework_aws_test.go +++ b/test/appframework_aws/m4/appframework_aws_test.go @@ -155,7 +155,7 @@ var _ = Describe("m4appfw test", func() { // Upload V1 apps to S3 for Indexer Cluster testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err = testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -245,7 +245,7 @@ var _ = Describe("m4appfw test", func() { appFileList = testenv.GetAppFileList(appListV2) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err = testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV2) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V2 apps to S3 for Search Head Cluster @@ -373,7 +373,7 @@ var _ = Describe("m4appfw test", func() { // Upload V2 apps to S3 for Indexer Cluster testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err = testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV2) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V2 apps to S3 for Search Head Cluster @@ -446,7 +446,7 @@ var _ = Describe("m4appfw test", func() { appFileList = testenv.GetAppFileList(appListV1) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err = testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -550,7 +550,7 @@ var _ = Describe("m4appfw test", func() { appFileList := testenv.GetAppFileList(appListV1) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err := testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -816,7 +816,7 @@ var _ = Describe("m4appfw test", func() { appFileList := testenv.GetAppFileList(appListV1) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err := testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -877,7 +877,7 @@ var _ = Describe("m4appfw test", func() { appFileList = testenv.GetAppFileList(appListV2) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err = testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV2) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V2 apps to S3 for Search Head Cluster @@ -986,7 +986,7 @@ var _ = Describe("m4appfw test", func() { // Upload V1 apps to S3 for Indexer Cluster testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err = testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -1052,7 +1052,7 @@ var _ = Describe("m4appfw test", func() { appFileList = testenv.GetAppFileList(appListV2) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err = testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV2) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V2 apps to S3 for Search Head Cluster @@ -1207,7 +1207,7 @@ var _ = Describe("m4appfw test", func() { appFileList := testenv.GetAppFileList(appListV1) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err := testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -1267,7 +1267,7 @@ var _ = Describe("m4appfw test", func() { appFileList = testenv.GetAppFileList(appListV2) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err = testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV2) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V2 apps to S3 for Search Head Cluster @@ -1882,7 +1882,7 @@ var _ = Describe("m4appfw test", func() { appVersion := "V1" testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err := testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -1974,7 +1974,7 @@ var _ = Describe("m4appfw test", func() { appVersion := "V1" testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err := testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -2064,7 +2064,7 @@ var _ = Describe("m4appfw test", func() { // Upload V1 apps to S3 for Indexer Cluster testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err := testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -2181,7 +2181,7 @@ var _ = Describe("m4appfw test", func() { appFileList := testenv.GetAppFileList(appListV1) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err := testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -2292,7 +2292,7 @@ var _ = Describe("m4appfw test", func() { appFileList = testenv.GetAppFileList(appListV2) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err = testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV2) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V2 apps to S3 for Search Head Cluster @@ -2367,7 +2367,7 @@ var _ = Describe("m4appfw test", func() { // Upload V1 apps to S3 for Indexer Cluster testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err := testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -2399,7 +2399,7 @@ var _ = Describe("m4appfw test", func() { appFileList = testenv.GetAppFileList(appListV2) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err = testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV2) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V2 apps to S3 for Search Head Cluster @@ -2484,7 +2484,7 @@ var _ = Describe("m4appfw test", func() { testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) s3TestDirIdxc := "m4appfw-idxc-" + testenv.RandomDNSName(4) uploadedFiles, err := testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirPVTestApps) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload apps to S3 for Search Head Cluster @@ -2653,7 +2653,7 @@ var _ = Describe("m4appfw test", func() { // Upload V1 apps to S3 for Indexer Cluster testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err := testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster diff --git a/test/appframework_aws/m4/manager_appframework_test.go b/test/appframework_aws/m4/manager_appframework_test.go index 5310000cb..9671e745d 100644 --- a/test/appframework_aws/m4/manager_appframework_test.go +++ b/test/appframework_aws/m4/manager_appframework_test.go @@ -154,7 +154,7 @@ var _ = Describe("m4appfw test", func() { // Upload V1 apps to S3 for Indexer Cluster testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err = testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -244,7 +244,7 @@ var _ = Describe("m4appfw test", func() { appFileList = testenv.GetAppFileList(appListV2) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err = testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV2) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V2 apps to S3 for Search Head Cluster @@ -372,7 +372,7 @@ var _ = Describe("m4appfw test", func() { // Upload V2 apps to S3 for Indexer Cluster testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err = testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV2) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V2 apps to S3 for Search Head Cluster @@ -445,7 +445,7 @@ var _ = Describe("m4appfw test", func() { appFileList = testenv.GetAppFileList(appListV1) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err = testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -549,7 +549,7 @@ var _ = Describe("m4appfw test", func() { appFileList := testenv.GetAppFileList(appListV1) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err := testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -815,7 +815,7 @@ var _ = Describe("m4appfw test", func() { appFileList := testenv.GetAppFileList(appListV1) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err := testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -876,7 +876,7 @@ var _ = Describe("m4appfw test", func() { appFileList = testenv.GetAppFileList(appListV2) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err = testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV2) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V2 apps to S3 for Search Head Cluster @@ -985,7 +985,7 @@ var _ = Describe("m4appfw test", func() { // Upload V1 apps to S3 for Indexer Cluster testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err = testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -1051,7 +1051,7 @@ var _ = Describe("m4appfw test", func() { appFileList = testenv.GetAppFileList(appListV2) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err = testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV2) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V2 apps to S3 for Search Head Cluster @@ -1206,7 +1206,7 @@ var _ = Describe("m4appfw test", func() { appFileList := testenv.GetAppFileList(appListV1) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err := testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -1266,7 +1266,7 @@ var _ = Describe("m4appfw test", func() { appFileList = testenv.GetAppFileList(appListV2) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err = testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV2) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V2 apps to S3 for Search Head Cluster @@ -1881,7 +1881,7 @@ var _ = Describe("m4appfw test", func() { appVersion := "V1" testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err := testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -1973,7 +1973,7 @@ var _ = Describe("m4appfw test", func() { appVersion := "V1" testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err := testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -2063,7 +2063,7 @@ var _ = Describe("m4appfw test", func() { // Upload V1 apps to S3 for Indexer Cluster testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err := testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -2180,7 +2180,7 @@ var _ = Describe("m4appfw test", func() { appFileList := testenv.GetAppFileList(appListV1) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err := testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -2291,7 +2291,7 @@ var _ = Describe("m4appfw test", func() { appFileList = testenv.GetAppFileList(appListV2) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err = testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV2) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V2 apps to S3 for Search Head Cluster @@ -2366,7 +2366,7 @@ var _ = Describe("m4appfw test", func() { // Upload V1 apps to S3 for Indexer Cluster testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err := testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster @@ -2398,7 +2398,7 @@ var _ = Describe("m4appfw test", func() { appFileList = testenv.GetAppFileList(appListV2) testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err = testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV2) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V2 apps to S3 for Search Head Cluster @@ -2483,7 +2483,7 @@ var _ = Describe("m4appfw test", func() { testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) s3TestDirIdxc := "m4appfw-idxc-" + testenv.RandomDNSName(4) uploadedFiles, err := testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirPVTestApps) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload apps to S3 for Search Head Cluster @@ -2652,7 +2652,7 @@ var _ = Describe("m4appfw test", func() { // Upload V1 apps to S3 for Indexer Cluster testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3 for Indexer Cluster", appVersion)) uploadedFiles, err := testenv.UploadFilesToS3(testS3Bucket, s3TestDirIdxc, appFileList, downloadDirV1) - Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster", appVersion)) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3 test directory for Indexer Cluster %s", appVersion, testS3Bucket)) uploadedApps = append(uploadedApps, uploadedFiles...) // Upload V1 apps to S3 for Search Head Cluster diff --git a/test/appframework_aws/s1/appframework_aws_test.go b/test/appframework_aws/s1/appframework_aws_test.go index 0ec65486e..51f360820 100644 --- a/test/appframework_aws/s1/appframework_aws_test.go +++ b/test/appframework_aws/s1/appframework_aws_test.go @@ -79,7 +79,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("smoke, s1, appframeworks1, appframework: can deploy a Standalone instance with App Framework enabled, install apps then upgrade them", func() { + It("smoke, s1, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, install apps then upgrade them", func() { /* Test Steps ################## SETUP #################### @@ -250,7 +250,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("smoke, s1, appframeworks1, appframework: can deploy a Standalone instance with App Framework enabled, install apps then downgrade them", func() { + It("smoke, s1, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, install apps then downgrade them", func() { /* Test Steps ################## SETUP #################### @@ -413,7 +413,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("s1, smoke, appframeworks1, appframework: can deploy a Standalone instance with App Framework enabled, install apps, scale up, install apps on new pod, scale down", func() { + It("s1, smoke, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, install apps, scale up, install apps on new pod, scale down", func() { /* Test Steps ################## SETUP #################### @@ -608,7 +608,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("s1, integration, appframeworks1, appframework: can deploy a Standalone instance with App Framework enabled, install apps, scale up, upgrade apps", func() { + It("s1, integration, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, install apps, scale up, upgrade apps", func() { /* Test Steps ################## SETUP #################### @@ -742,7 +742,7 @@ var _ = Describe("s1appfw test", func() { // ES App Installation not supported at the time. Will be added back at a later time. Context("Standalone deployment (S1) with App Framework", func() { - It("s1, integration, appframeworks1, appframework: can deploy a Standalone and have ES app installed", func() { + It("s1, integration, appframeworksS1, appframework: can deploy a Standalone and have ES app installed", func() { /* Test Steps ################## SETUP #################### @@ -843,7 +843,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworks1, appframework: can deploy a Standalone instance with App Framework enabled and install around 350MB of apps at once", func() { + It("integration, s1, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled and install around 350MB of apps at once", func() { /* Test Steps ################## SETUP #################### @@ -912,7 +912,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("s1, smoke, appframeworks1, appframework: can deploy a standalone instance with App Framework enabled for manual poll", func() { + It("s1, smoke, appframeworksS1, appframework: can deploy a standalone instance with App Framework enabled for manual poll", func() { /* Test Steps ################## SETUP #################### @@ -1090,7 +1090,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworks1, appframework: can deploy Several standalone CRs in the same namespace with App Framework enabled", func() { + It("integration, s1, appframeworksS1, appframework: can deploy Several standalone CRs in the same namespace with App Framework enabled", func() { /* Test Steps ################## SETUP #################### @@ -1191,7 +1191,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworks1, appframework: can add new apps to app source while install is in progress and have all apps installed", func() { + It("integration, s1, appframeworksS1, appframework: can add new apps to app source while install is in progress and have all apps installed", func() { /* Test Steps ################## SETUP #################### @@ -1303,7 +1303,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworks1, appframework: Deploy a Standalone instance with App Framework enabled and reset operator pod while app install is in progress", func() { + It("integration, s1, appframeworksS1, appframework: Deploy a Standalone instance with App Framework enabled and reset operator pod while app install is in progress", func() { /* Test Steps ################## SETUP #################### @@ -1399,7 +1399,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworks1, appframework: Deploy a Standalone instance with App Framework enabled and reset operator pod while app download is in progress", func() { + It("integration, s1, appframeworksS1, appframework: Deploy a Standalone instance with App Framework enabled and reset operator pod while app download is in progress", func() { /* Test Steps ################## SETUP #################### @@ -1467,7 +1467,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworks1, appframework: can deploy a Standalone instance with App Framework enabled, install an app then disable it and remove it from app source", func() { + It("integration, s1, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, install an app then disable it and remove it from app source", func() { /* Test Steps ################## SETUP #################### @@ -1561,7 +1561,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworks1, appframework: can deploy a Standalone instance with App Framework enabled, attempt to update using incorrect S3 credentials", func() { + It("integration, s1, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, attempt to update using incorrect S3 credentials", func() { /* Test Steps ################## SETUP #################### @@ -1698,7 +1698,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworks1, appframework: Deploy a Standalone instance with App Framework enabled and update apps after app download is completed", func() { + It("integration, s1, appframeworksS1, appframework: Deploy a Standalone instance with App Framework enabled and update apps after app download is completed", func() { /* Test Steps ################## SETUP #################### @@ -1782,7 +1782,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworks1, appframework: can deploy a Standalone instance and install a bigger volume of apps than the operator PV disk space", func() { + It("integration, s1, appframeworksS1, appframework: can deploy a Standalone instance and install a bigger volume of apps than the operator PV disk space", func() { /* Test Steps ################## SETUP #################### @@ -1857,7 +1857,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("integration, s1, appframeworks1, appframework: Deploy a Standalone instance with App Framework enabled and delete apps from app directory when app download is complete", func() { + It("integration, s1, appframeworksS1, appframework: Deploy a Standalone instance with App Framework enabled and delete apps from app directory when app download is complete", func() { /* Test Steps ################## SETUP #################### @@ -1928,7 +1928,7 @@ var _ = Describe("s1appfw test", func() { }) Context("Standalone deployment (S1) with App Framework", func() { - It("smoke, s1, appframeworks1, appframework: can deploy a Standalone instance with App Framework enabled, install apps and check isDeploymentInProgress is set for Standaloen and MC CR's", func() { + It("smoke, s1, appframeworksS1, appframework: can deploy a Standalone instance with App Framework enabled, install apps and check isDeploymentInProgress is set for Standaloen and MC CR's", func() { /* Test Steps ################## SETUP #################### diff --git a/test/appframework_gcp/c3/appframework_gcs_suite_test.go b/test/appframework_gcp/c3/appframework_gcs_suite_test.go new file mode 100644 index 000000000..9aa061bad --- /dev/null +++ b/test/appframework_gcp/c3/appframework_gcs_suite_test.go @@ -0,0 +1,102 @@ +// Copyright (c) 2018-2022 Splunk Inc. All rights reserved. + +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package c3gcpappfw + +import ( + "os" + "path/filepath" + "testing" + "time" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + + "github.com/splunk/splunk-operator/test/testenv" +) + +const ( + // PollInterval specifies the polling interval + PollInterval = 5 * time.Second + + // ConsistentPollInterval is the interval to use to consistently check a state is stable + ConsistentPollInterval = 200 * time.Millisecond + ConsistentDuration = 2000 * time.Millisecond +) + +var ( + testenvInstance *testenv.TestEnv + testSuiteName = "c3appfw-" + testenv.RandomDNSName(3) + appListV1 []string + appListV2 []string + testDataGcsBucket = os.Getenv("TEST_BUCKET") + testGcsBucket = os.Getenv("TEST_INDEXES_S3_BUCKET") + gcsAppDirV1 = testenv.AppLocationV1 + gcsAppDirV2 = testenv.AppLocationV2 + gcsPVTestApps = testenv.PVTestAppsLocation + currDir, _ = os.Getwd() + downloadDirV1 = filepath.Join(currDir, "c3appfwV1-"+testenv.RandomDNSName(4)) + downloadDirV2 = filepath.Join(currDir, "c3appfwV2-"+testenv.RandomDNSName(4)) + downloadDirPVTestApps = filepath.Join(currDir, "c3appfwPVTestApps-"+testenv.RandomDNSName(4)) +) + +// TestBasic is the main entry point +func TestBasic(t *testing.T) { + + RegisterFailHandler(Fail) + + RunSpecs(t, "Running "+testSuiteName) +} + +var _ = BeforeSuite(func() { + var err error + testenvInstance, err = testenv.NewDefaultTestEnv(testSuiteName) + Expect(err).ToNot(HaveOccurred()) + + if testenv.ClusterProvider == "gcp" { + // Create a list of apps to upload to Gcs + appListV1 = testenv.BasicApps + appFileList := testenv.GetAppFileList(appListV1) + + // Download V1 Apps from Gcs + err = testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download V1 app files") + + // Create a list of apps to upload to Gcs after poll period + appListV2 = append(appListV1, testenv.NewAppsAddedBetweenPolls...) + appFileList = testenv.GetAppFileList(appListV2) + + // Download V2 Apps from Gcs + err = testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV2, downloadDirV2, appFileList) + Expect(err).To(Succeed(), "Unable to download V2 app files") + } else { + testenvInstance.Log.Info("Skipping Before Suite Setup", "Cluster Provider", testenv.ClusterProvider) + } + +}) + +var _ = AfterSuite(func() { + if testenvInstance != nil { + Expect(testenvInstance.Teardown()).ToNot(HaveOccurred()) + } + + if testenvInstance != nil { + Expect(testenvInstance.Teardown()).ToNot(HaveOccurred()) + } + + // Delete locally downloaded app files + err := os.RemoveAll(downloadDirV1) + Expect(err).To(Succeed(), "Unable to delete locally downloaded V1 app files.") + err = os.RemoveAll(downloadDirV2) + Expect(err).To(Succeed(), "Unable to delete locally downloaded V2 app files.") +}) diff --git a/test/appframework_gcp/c3/appframework_gcs_test.go b/test/appframework_gcp/c3/appframework_gcs_test.go new file mode 100644 index 000000000..d73a02eeb --- /dev/null +++ b/test/appframework_gcp/c3/appframework_gcs_test.go @@ -0,0 +1,722 @@ +// Copyright (c) 2018-2022 Splunk Inc. All rights reserved. + +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License.s +package c3gcpappfw + +import ( + "context" + //"encoding/json" + "fmt" + "path/filepath" + + //"strings" + //"time" + + //enterpriseApiV3 "github.com/splunk/splunk-operator/api/v3" + enterpriseApi "github.com/splunk/splunk-operator/api/v4" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + + //splcommon "github.com/splunk/splunk-operator/pkg/splunk/common" + "github.com/splunk/splunk-operator/pkg/splunk/enterprise" + testenv "github.com/splunk/splunk-operator/test/testenv" + corev1 "k8s.io/api/core/v1" +) + +var _ = Describe("c3appfw test", func() { + + var testcaseEnvInst *testenv.TestCaseEnv + + var deployment *testenv.Deployment + var gcsTestDirShc string + var gcsTestDirIdxc string + //var gcsTestDirShcLocal string + //var gcsTestDirIdxcLocal string + //var gcsTestDirShcCluster string + //var gcsTestDirIdxcCluster string + var appSourceNameIdxc string + var appSourceNameShc string + var uploadedApps []string + var filePresentOnOperator bool + + ctx := context.TODO() + + BeforeEach(func() { + + var err error + name := fmt.Sprintf("%s-%s", "master"+testenvInstance.GetName(), testenv.RandomDNSName(3)) + testcaseEnvInst, err = testenv.NewDefaultTestCaseEnv(testenvInstance.GetKubeClient(), name) + Expect(err).To(Succeed(), "Unable to create testcaseenv") + testenv.SpecifiedTestTimeout = 5000 + deployment, err = testcaseEnvInst.NewDeployment(testenv.RandomDNSName(3)) + Expect(err).To(Succeed(), "Unable to create deployment") + }) + + AfterEach(func() { + // When a test spec failed, skip the teardown so we can troubleshoot. + if CurrentGinkgoTestDescription().Failed { + testcaseEnvInst.SkipTeardown = true + } + if deployment != nil { + deployment.Teardown() + } + + if testcaseEnvInst != nil { + Expect(testcaseEnvInst.Teardown()).ToNot(HaveOccurred()) + } + + // Delete files uploaded to GCS + if !testcaseEnvInst.SkipTeardown { + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + } + + if filePresentOnOperator { + //Delete files from app-directory + opPod := testenv.GetOperatorPodName(testcaseEnvInst) + podDownloadPath := filepath.Join(testenv.AppDownloadVolume, "test_file.img") + testenv.DeleteFilesOnOperatorPod(ctx, deployment, opPod, []string{podDownloadPath}) + } + }) + + Context("Single Site Indexer Cluster with Search Head Cluster (C3) and App Framework", func() { + It(" c3gcp, masterappframeworkc3gcp, c3_gcp_sanity: can deploy a C3 SVA with App Framework enabled, install apps then upgrade them", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to GCS for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console CRD with app framework and wait for the pod to be ready + * Upload V1 apps to GCS for Indexer Cluster and Search Head Cluster + * Create app sources for Cluster Master and Deployer + * Prepare and deploy C3 CRD with app framework and wait for the pods to be ready + ######### INITIAL VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V1 apps are copied, installed on Monitoring Console and on Search Heads and Indexers pods + ############### UPGRADE APPS ################ + * Upload V2 apps on GCS + * Wait for Monitoring Console and C3 pods to be ready + ############ FINAL VERIFICATIONS ############ + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V2 apps are copied and upgraded on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP #################### + // Upload V1 apps to GCS for Monitoring Console + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Monitoring Console", appVersion)) + gcsTestDirMC := "c3appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Prepare Monitoring Console spec with its own app source + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + appSourceVolumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, gcsTestDirMC, 60) + + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Upload V1 apps to GCS for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Bucket for Indexer Cluster", appVersion)) + gcsTestDirIdxc = "c3appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCS for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Search Head Cluster", appVersion)) + gcsTestDirShc = "c3appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for C3 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // get revision number of the resource + resourceVersion := testenv.GetResourceVersion(ctx, deployment, testcaseEnvInst, mc) + + // Deploy C3 CRD + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster with Search Head Cluster") + indexerReplicas := 3 + shReplicas := 3 + cm, _, shc, err := deployment.DeploySingleSiteClusterMasterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, mcName, "") + + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Ensure Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // wait for custom resource resource version to change + testenv.VerifyCustomResourceVersionChanged(ctx, deployment, testcaseEnvInst, mc, resourceVersion) + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Verify no SH in disconnected status is present on CM + testenv.VerifyNoDisconnectedSHPresentOnCM(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ############ Verify livenessProbe and readinessProbe config object and scripts############ + testcaseEnvInst.Log.Info("Get config map for livenessProbe and readinessProbe") + ConfigMapName := enterprise.GetProbeConfigMapName(testcaseEnvInst.GetName()) + _, err = testenv.GetConfigMap(ctx, deployment, testcaseEnvInst.GetName(), ConfigMapName) + Expect(err).To(Succeed(), "Unable to get config map for livenessProbe and readinessProbe", "ConfigMap name", ConfigMapName) + scriptsNames := []string{enterprise.GetLivenessScriptName(), enterprise.GetReadinessScriptName(), enterprise.GetStartupScriptName()} + allPods := testenv.DumpGetPods(testcaseEnvInst.GetName()) + testenv.VerifyFilesInDirectoryOnPod(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), allPods, scriptsNames, enterprise.GetProbeMountDirectory(), false, true) + + //######### INITIAL VERIFICATIONS ############# + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), indexerReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterMasterPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + mcPod := []string{fmt.Sprintf(testenv.MonitoringConsolePod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + mcAppSourceInfo := testenv.AppSourceInfo{CrKind: mc.Kind, CrName: mc.Name, CrAppSourceName: appSourceNameMC, CrAppSourceVolumeName: appSourceNameMC, CrPod: mcPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + ClusterMasterBundleHash := testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############### UPGRADE APPS ################ + // Delete apps on GCS + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on GCS", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // get revision number of the resource + resourceVersion = testenv.GetResourceVersion(ctx, deployment, testcaseEnvInst, mc) + + // Upload V2 apps to GCS for Indexer Cluster + appVersion = "V2" + appFileList = testenv.GetAppFileList(appListV2) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to GCS for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to GCS for Monitoring Console + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Monitoring Console", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirMC, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + testenv.VerifyCustomResourceVersionChanged(ctx, deployment, testcaseEnvInst, mc, resourceVersion) + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############ FINAL VERIFICATIONS ############ + cmAppSourceInfo.CrAppVersion = appVersion + cmAppSourceInfo.CrAppList = appListV2 + cmAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + shcAppSourceInfo.CrAppVersion = appVersion + shcAppSourceInfo.CrAppList = appListV2 + shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + mcAppSourceInfo.CrAppVersion = appVersion + mcAppSourceInfo.CrAppList = appListV2 + mcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, ClusterMasterBundleHash) + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + }) + }) + + Context("Single Site Indexer Cluster with Search Head Cluster (C3) with App Framework", func() { + It(" c3gcp, masterappframeworkc3gcp, c3_gcp_sanity: can deploy a C3 SVA with App Framework enabled, install apps then downgrade them", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V2 apps to GCS for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console CRD with app framework and wait for the pod to be ready + * Upload V2 apps to GCS for Indexer Cluster and Search Head Cluster + * Create app source for Cluster Master and Deployer + * Prepare and deploy C3 CRD with app framework and wait for the pods to be ready + ########### INITIAL VERIFICATIONS ########### + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V2 apps are copied, installed on Monitoring Console and also on Search Heads and Indexers pods + ############## DOWNGRADE APPS ############### + * Upload V1 apps on GCS + * Wait for Monitoring Console and C3 pods to be ready + ########### FINAL VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied and downgraded on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP #################### + // Upload V2 apps to GCS for Monitoring Console + appVersion := "V2" + appFileList := testenv.GetAppFileList(appListV2) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Monitoring Console", appVersion)) + gcsTestDirMC := "c3appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirMC, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for Monitoring Console + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceVolumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, gcsTestDirMC, 60) + + // Monitoring Console AppFramework Spec + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Upload V2 apps to GCS for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Indexer Cluster", appVersion)) + gcsTestDirIdxc = "c3appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to GCS for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Search Head Cluster", appVersion)) + gcsTestDirShc = "c3appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for C3 + appSourceNameIdxc := "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc := "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // get revision number of the resource + resourceVersion := testenv.GetResourceVersion(ctx, deployment, testcaseEnvInst, mc) + + // Deploy C3 CRD + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster with Search Head Cluster") + indexerReplicas := 3 + shReplicas := 3 + cm, _, shc, err := deployment.DeploySingleSiteClusterMasterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, mcName, "") + + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Ensure Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // wait for custom resource resource version to change + testenv.VerifyCustomResourceVersionChanged(ctx, deployment, testcaseEnvInst, mc, resourceVersion) + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########### INITIAL VERIFICATIONS ########### + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), indexerReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterMasterPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + mcPod := []string{fmt.Sprintf(testenv.MonitoringConsolePod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: "V2", CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: "V2", CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + mcAppSourceInfo := testenv.AppSourceInfo{CrKind: mc.Kind, CrName: mc.Name, CrAppSourceName: appSourceNameMC, CrAppSourceVolumeName: appSourceNameMC, CrPod: mcPod, CrAppVersion: "V2", CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + ClusterMasterBundleHash := testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############## DOWNGRADE APPS ############### + // Delete apps on GCS + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on GCS", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // get revision number of the resource + resourceVersion = testenv.GetResourceVersion(ctx, deployment, testcaseEnvInst, mc) + + // Upload V1 apps to GCS for Indexer Cluster + appVersion = "V1" + appFileList = testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Indexers", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Indexers", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCS for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCS for Monitoring Console + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Monitoring Console", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + testenv.VerifyCustomResourceVersionChanged(ctx, deployment, testcaseEnvInst, mc, resourceVersion) + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########### FINAL VERIFICATIONS ############# + cmAppSourceInfo.CrAppVersion = appVersion + cmAppSourceInfo.CrAppList = appListV1 + cmAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV1) + shcAppSourceInfo.CrAppVersion = appVersion + shcAppSourceInfo.CrAppList = appListV1 + shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV1) + mcAppSourceInfo.CrAppVersion = appVersion + mcAppSourceInfo.CrAppList = appListV1 + mcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV1) + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, ClusterMasterBundleHash) + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Clustered deployment (C3 - clustered indexer, search head cluster)", func() { + It(" c3gcp, masterappframeworkc3gcp, c3_gcp_sanity: can deploy a C3 SVA and have apps installed locally on Cluster Manager and Deployer", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to GCS + * Create app source with local scope for C3 SVA (Cluster Master and Deployer) + * Prepare and deploy C3 CRD with app framework and wait for pods to be ready + ############# INITIAL VERIFICATIONS ########## + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify apps are installed locally on Cluster Master and Deployer + ############### UPGRADE APPS ################ + * Upgrade apps in app sources + * Wait for pods to be ready + ########### UPGRADE VERIFICATIONS ########### + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify apps are copied, installed and upgraded on Cluster Master and Deployer + */ + + //################## SETUP #################### + // Upload V1 apps to GCS for Indexer Cluster + appVersion := "V1" + gcsTestDirIdxc = "c3appfw-idxc-" + testenv.RandomDNSName(4) + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCS for Search Head Cluster + gcsTestDirShc = "c3appfw-shc-" + testenv.RandomDNSName(4) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeLocal, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeLocal, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy C3 CRD + indexerReplicas := 3 + shReplicas := 3 + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster with Search Head Cluster") + cm, _, shc, err := deployment.DeploySingleSiteClusterMasterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, "", "") + + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############## INITIAL VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), indexerReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterMasterPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############### UPGRADE APPS ################ + // Delete V1 apps on GCS + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on GCS", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // Upload V2 apps to GCS + appVersion = "V2" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS", appVersion)) + appFileList = testenv.GetAppFileList(appListV2) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########### UPGRADE VERIFICATIONS ########### + cmAppSourceInfo.CrAppVersion = appVersion + cmAppSourceInfo.CrAppList = appListV2 + cmAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + shcAppSourceInfo.CrAppVersion = appVersion + shcAppSourceInfo.CrAppList = appListV2 + shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Single Site Indexer Cluster with Search Head Cluster (C3) and App Framework", func() { + It(" c3gcp, masterappframeworkc3gcp, c3_gcp_sanity: can deploy a C3 SVA with App Framework enabled and check isDeploymentInProgressFlag for CM and SHC CR's", func() { + + /* + Test Steps + ################## SETUP ################## + * Upload V1 apps to GCS for Indexer Cluster and Search Head Cluster + * Prepare and deploy C3 CRD with app framework + * Verify IsDeploymentInProgress is set + * Wait for the pods to be ready + */ + + //################## SETUP #################### + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + + // Upload V1 apps to GCS for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Indexer Cluster", appVersion)) + gcsTestDirIdxc = "c3appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCS for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Search Head Cluster", appVersion)) + gcsTestDirShc = "c3appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for C3 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy C3 CRD + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster with Search Head Cluster") + indexerReplicas := 3 + cm, _, shc, err := deployment.DeploySingleSiteClusterMasterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, "", "") + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Verify IsDeploymentInProgress Flag is set to true for Cluster Master CR + testcaseEnvInst.Log.Info("Checking isDeploymentInProgress Flag") + testenv.VerifyIsDeploymentInProgressFlagIsSet(ctx, deployment, testcaseEnvInst, cm.Name, cm.Kind) + + // Ensure Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Verify IsDeploymentInProgress Flag is set to true for SHC CR + testcaseEnvInst.Log.Info("Checking isDeploymentInProgress Flag") + testenv.VerifyIsDeploymentInProgressFlagIsSet(ctx, deployment, testcaseEnvInst, shc.Name, shc.Kind) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + }) + }) +}) diff --git a/test/appframework_gcp/c3/manager_appframework_test.go b/test/appframework_gcp/c3/manager_appframework_test.go new file mode 100644 index 000000000..4bf7d8dcd --- /dev/null +++ b/test/appframework_gcp/c3/manager_appframework_test.go @@ -0,0 +1,3410 @@ +// Copyright (c) 2018-2022 Splunk Inc. All rights reserved. + +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License.s +package c3gcpappfw + +import ( + "context" + "encoding/json" + "fmt" + "path/filepath" + "strings" + "time" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + + enterpriseApi "github.com/splunk/splunk-operator/api/v4" + splcommon "github.com/splunk/splunk-operator/pkg/splunk/common" + "github.com/splunk/splunk-operator/pkg/splunk/enterprise" + testenv "github.com/splunk/splunk-operator/test/testenv" + corev1 "k8s.io/api/core/v1" +) + +var _ = Describe("c3appfw test", func() { + + var testcaseEnvInst *testenv.TestCaseEnv + + var deployment *testenv.Deployment + var gcsTestDirShc string + var gcsTestDirIdxc string + var gcsTestDirShcLocal string + var gcsTestDirIdxcLocal string + var gcsTestDirShcCluster string + var gcsTestDirIdxcCluster string + var appSourceNameIdxc string + var appSourceNameShc string + var uploadedApps []string + var filePresentOnOperator bool + + ctx := context.TODO() + + BeforeEach(func() { + + var err error + name := fmt.Sprintf("%s-%s", testenvInstance.GetName(), testenv.RandomDNSName(3)) + testcaseEnvInst, err = testenv.NewDefaultTestCaseEnv(testenvInstance.GetKubeClient(), name) + Expect(err).To(Succeed(), "Unable to create testcaseenv") + deployment, err = testcaseEnvInst.NewDeployment(testenv.RandomDNSName(3)) + Expect(err).To(Succeed(), "Unable to create deployment") + testenv.SpecifiedTestTimeout = 100000 + }) + + AfterEach(func() { + // When a test spec failed, skip the teardown so we can troubleshoot. + if CurrentGinkgoTestDescription().Failed { + testcaseEnvInst.SkipTeardown = true + } + if deployment != nil { + deployment.Teardown() + } + + if testcaseEnvInst != nil { + Expect(testcaseEnvInst.Teardown()).ToNot(HaveOccurred()) + } + + // Delete files uploaded to Gcs + if !testcaseEnvInst.SkipTeardown { + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + } + + if filePresentOnOperator { + //Delete files from app-directory + opPod := testenv.GetOperatorPodName(testcaseEnvInst) + podDownloadPath := filepath.Join(testenv.AppDownloadVolume, "test_file.img") + testenv.DeleteFilesOnOperatorPod(ctx, deployment, opPod, []string{podDownloadPath}) + } + }) + + XContext("Single Site Indexer Cluster with Search Head Cluster (C3) and App Framework", func() { + It(" c3gcp, c3_mgr_gcp_sanity: can deploy a C3 SVA with App Framework enabled, install apps then upgrade them", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to Gcs for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console CRD with app framework and wait for the pod to be ready + * Upload V1 apps to Gcs for Indexer Cluster and Search Head Cluster + * Create app sources for Cluster Manager and Deployer + * Prepare and deploy C3 CRD with app framework and wait for the pods to be ready + ######### INITIAL VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V1 apps are copied, installed on Monitoring Console and on Search Heads and Indexers pods + ############### UPGRADE APPS ################ + * Upload V2 apps on Gcs + * Wait for Monitoring Console and C3 pods to be ready + ############ FINAL VERIFICATIONS ############ + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V2 apps are copied and upgraded on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP #################### + // Upload V1 apps to Gcs for Monitoring Console + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Monitoring Console", appVersion)) + gcsTestDirMC := "c3appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Prepare Monitoring Console spec with its own app source + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + appSourceVolumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, gcsTestDirMC, 60) + + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Upload V1 apps to Gcs for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Indexer Cluster", appVersion)) + gcsTestDirIdxc = "c3appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to Gcs for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Search Head Cluster", appVersion)) + gcsTestDirShc = "c3appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for C3 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // get revision number of the resource + resourceVersion := testenv.GetResourceVersion(ctx, deployment, testcaseEnvInst, mc) + + // Deploy C3 CRD + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster with Search Head Cluster") + indexerReplicas := 3 + shReplicas := 3 + cm, _, shc, err := deployment.DeploySingleSiteClusterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, mcName, "") + + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Ensure Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // wait for custom resource resource version to change + testenv.VerifyCustomResourceVersionChanged(ctx, deployment, testcaseEnvInst, mc, resourceVersion) + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Verify no SH in disconnected status is present on CM + testenv.VerifyNoDisconnectedSHPresentOnCM(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ############ Verify livenessProbe and readinessProbe config object and scripts############ + testcaseEnvInst.Log.Info("Get config map for livenessProbe and readinessProbe") + ConfigMapName := enterprise.GetProbeConfigMapName(testcaseEnvInst.GetName()) + _, err = testenv.GetConfigMap(ctx, deployment, testcaseEnvInst.GetName(), ConfigMapName) + Expect(err).To(Succeed(), "Unable to get config map for livenessProbe and readinessProbe", "ConfigMap name", ConfigMapName) + scriptsNames := []string{enterprise.GetLivenessScriptName(), enterprise.GetReadinessScriptName(), enterprise.GetStartupScriptName()} + allPods := testenv.DumpGetPods(testcaseEnvInst.GetName()) + testenv.VerifyFilesInDirectoryOnPod(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), allPods, scriptsNames, enterprise.GetProbeMountDirectory(), false, true) + + //######### INITIAL VERIFICATIONS ############# + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), indexerReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + mcPod := []string{fmt.Sprintf(testenv.MonitoringConsolePod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + mcAppSourceInfo := testenv.AppSourceInfo{CrKind: mc.Kind, CrName: mc.Name, CrAppSourceName: appSourceNameMC, CrAppSourceVolumeName: appSourceNameMC, CrPod: mcPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + clusterManagerBundleHash := testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############### UPGRADE APPS ################ + // Delete apps on Gcs + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on Gcs", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // get revision number of the resource + resourceVersion = testenv.GetResourceVersion(ctx, deployment, testcaseEnvInst, mc) + + // Upload V2 apps to Gcs for Indexer Cluster + appVersion = "V2" + appFileList = testenv.GetAppFileList(appListV2) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to Gcs for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to Gcs for Monitoring Console + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Monitoring Console", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirMC, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + testenv.VerifyCustomResourceVersionChanged(ctx, deployment, testcaseEnvInst, mc, resourceVersion) + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############ FINAL VERIFICATIONS ############ + cmAppSourceInfo.CrAppVersion = appVersion + cmAppSourceInfo.CrAppList = appListV2 + cmAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + shcAppSourceInfo.CrAppVersion = appVersion + shcAppSourceInfo.CrAppList = appListV2 + shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + mcAppSourceInfo.CrAppVersion = appVersion + mcAppSourceInfo.CrAppList = appListV2 + mcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, clusterManagerBundleHash) + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + }) + }) + + XContext("Single Site Indexer Cluster with Search Head Cluster (C3) and App Framework and Image Upgrade", func() { + It(" c3gcp, c3_mgr_gcp_sanity: can deploy a C3 SVA with App Framework enabled, install apps then upgrade the image and apps", func() { + + //################## SETUP #################### + + // Download License File + downloadDir := "licenseFolder" + switch testenv.ClusterProvider { + case "eks": + licenseFilePath, err := testenv.DownloadLicenseFromGCPBucket() + Expect(err).To(Succeed(), "Unable to download license file from Gcs") + // Create License Config Map + testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) + case "azure": + licenseFilePath, err := testenv.DownloadLicenseFromAzure(ctx, downloadDir) + Expect(err).To(Succeed(), "Unable to download license file from Azure") + // Create License Config Map + testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) + case "gcp": + licenseFilePath, err := testenv.DownloadLicenseFromGCPBucket() + Expect(err).To(Succeed(), "Unable to download license file from GCP") + // Create License Config Map + testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) + default: + fmt.Printf("Unable to download license file") + testcaseEnvInst.Log.Info(fmt.Sprintf("Unable to download license file with Cluster Provider set as %v", testenv.ClusterProvider)) + } + + // Upload V1 apps to Gcs for Monitoring Console + oldImage := "Refer to RELATED_SPLUNK_IMAGE_ENTERPRISE" + newImage := "splunk/splunk:latest" + + lm, err := deployment.DeployLicenseManager(ctx, deployment.GetName()) + cm, err := deployment.DeployClusterManager(ctx, deployment.GetName(), lm.GetName(), "", "") + + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + ClusterManagerRef: corev1.ObjectReference{ + Name: cm.GetName(), + }, + }, + } + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + shcName := fmt.Sprintf("%s-shc", deployment.GetName()) + idxName := fmt.Sprintf("%s-idxc", deployment.GetName()) + shc, err := deployment.DeploySearchHeadCluster(ctx, shcName, cm.GetName(), lm.GetName(), "", mcName) + idxc, err := deployment.DeployIndexerCluster(ctx, idxName, lm.GetName(), 3, cm.GetName(), "") + + // Wait for License Manager to be in READY phase + testenv.LicenseManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Monitoring Console goes to Ready phase + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // // Verify no SH in disconnected status is present on CM + testenv.VerifyNoDisconnectedSHPresentOnCM(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ############ Verify livenessProbe and readinessProbe config object and scripts############ + testcaseEnvInst.Log.Info("Get config map for livenessProbe and readinessProbe") + ConfigMapName := enterprise.GetProbeConfigMapName(testcaseEnvInst.GetName()) + _, err = testenv.GetConfigMap(ctx, deployment, testcaseEnvInst.GetName(), ConfigMapName) + Expect(err).To(Succeed(), "Unable to get config map for livenessProbe and readinessProbe", "ConfigMap name", ConfigMapName) + scriptsNames := []string{enterprise.GetLivenessScriptName(), enterprise.GetReadinessScriptName(), enterprise.GetStartupScriptName()} + allPods := testenv.DumpGetPods(testcaseEnvInst.GetName()) + testenv.VerifyFilesInDirectoryOnPod(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), allPods, scriptsNames, enterprise.GetProbeMountDirectory(), false, true) + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############### UPGRADE IMAGE ################ + + // Update LM Image + + testcaseEnvInst.Log.Info("Upgrading the License Manager Image", "Current Image", oldImage, "New Image", newImage) + lm.Spec.Image = newImage + err = deployment.UpdateCR(ctx, lm) + Expect(err).To(Succeed(), "Failed upgrade License Manager image") + + // Update CM image + + testcaseEnvInst.Log.Info("Upgrading the Cluster Manager Image", "Current Image", oldImage, "New Image", newImage) + cm.Spec.Image = newImage + err = deployment.UpdateCR(ctx, cm) + Expect(err).To(Succeed(), "Failed upgrade Cluster Manager image") + + // Update MC image + + testcaseEnvInst.Log.Info("Upgrading the Monitoring Console Image", "Current Image", oldImage, "New Image", newImage) + mc.Spec.Image = newImage + err = deployment.UpdateCR(ctx, mc) + Expect(err).To(Succeed(), "Failed upgrade Monitoring Console image") + + // Update SHC image + + testcaseEnvInst.Log.Info("Upgrading the Search Head Cluster Image", "Current Image", oldImage, "New Image", newImage) + shc.Spec.Image = newImage + err = deployment.UpdateCR(ctx, shc) + Expect(err).To(Succeed(), "Failed upgrade Search Head Cluster image") + + // // Update IDXC image + + testcaseEnvInst.Log.Info("Upgrading the Indexer Cluster Image", "Current Image", oldImage, "New Image", newImage) + idxc.Spec.Image = newImage + err = deployment.UpdateCR(ctx, idxc) + Expect(err).To(Succeed(), "Failed upgrade Indexer Cluster image") + + // Ensure Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Wait for License Manager to be in READY phase + testenv.LicenseManagerReady(ctx, deployment, testcaseEnvInst) + + // // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + }) + }) + + Context("Single Site Indexer Cluster with Search Head Cluster (C3) with App Framework", func() { + It(" c3gcp, c3_mgr_gcp_sanity: can deploy a C3 SVA with App Framework enabled, install apps then downgrade them", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V2 apps to Gcs for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console CRD with app framework and wait for the pod to be ready + * Upload V2 apps to Gcs for Indexer Cluster and Search Head Cluster + * Create app source for Cluster Manager and Deployer + * Prepare and deploy C3 CRD with app framework and wait for the pods to be ready + ########### INITIAL VERIFICATIONS ########### + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V2 apps are copied, installed on Monitoring Console and also on Search Heads and Indexers pods + ############## DOWNGRADE APPS ############### + * Upload V1 apps on Gcs + * Wait for Monitoring Console and C3 pods to be ready + ########### FINAL VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied and downgraded on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP #################### + // Upload V2 apps to Gcs for Monitoring Console + appVersion := "V2" + appFileList := testenv.GetAppFileList(appListV2) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Monitoring Console", appVersion)) + gcsTestDirMC := "c3appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirMC, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for Monitoring Console + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceVolumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, gcsTestDirMC, 60) + + // Monitoring Console AppFramework Spec + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Upload V2 apps to Gcs for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Indexer Cluster", appVersion)) + gcsTestDirIdxc = "c3appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to Gcs for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Search Head Cluster", appVersion)) + gcsTestDirShc = "c3appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for C3 + appSourceNameIdxc := "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc := "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // get revision number of the resource + resourceVersion := testenv.GetResourceVersion(ctx, deployment, testcaseEnvInst, mc) + + // Deploy C3 CRD + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster with Search Head Cluster") + indexerReplicas := 3 + shReplicas := 3 + cm, _, shc, err := deployment.DeploySingleSiteClusterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, mcName, "") + + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Ensure Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // wait for custom resource resource version to change + testenv.VerifyCustomResourceVersionChanged(ctx, deployment, testcaseEnvInst, mc, resourceVersion) + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########### INITIAL VERIFICATIONS ########### + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), indexerReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + mcPod := []string{fmt.Sprintf(testenv.MonitoringConsolePod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: "V2", CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: "V2", CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + mcAppSourceInfo := testenv.AppSourceInfo{CrKind: mc.Kind, CrName: mc.Name, CrAppSourceName: appSourceNameMC, CrAppSourceVolumeName: appSourceNameMC, CrPod: mcPod, CrAppVersion: "V2", CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + clusterManagerBundleHash := testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############## DOWNGRADE APPS ############### + // Delete apps on Gcs + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on Gcs", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // get revision number of the resource + resourceVersion = testenv.GetResourceVersion(ctx, deployment, testcaseEnvInst, mc) + + // Upload V1 apps to Gcs for Indexer Cluster + appVersion = "V1" + appFileList = testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Indexers", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Indexers", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to Gcs for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to Gcs for Monitoring Console + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Monitoring Console", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + testenv.VerifyCustomResourceVersionChanged(ctx, deployment, testcaseEnvInst, mc, resourceVersion) + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########### FINAL VERIFICATIONS ############# + cmAppSourceInfo.CrAppVersion = appVersion + cmAppSourceInfo.CrAppList = appListV1 + cmAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV1) + shcAppSourceInfo.CrAppVersion = appVersion + shcAppSourceInfo.CrAppList = appListV1 + shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV1) + mcAppSourceInfo.CrAppVersion = appVersion + mcAppSourceInfo.CrAppList = appListV1 + mcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV1) + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, clusterManagerBundleHash) + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Single Site Indexer Cluster with Search Head Cluster (C3) with App Framework", func() { + It("integration, c3, appframework: can deploy a C3 SVA with App Framework enabled, install apps, scale up clusters, install apps on new pods, scale down", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps on Gcs for Indexer Cluster and Search Head Cluster + * Create app sources for Cluster Manager and Deployer + * Prepare and deploy C3 CRD with app config and wait for pods to be ready + ########## INITIAL VERIFICATIONS ############ + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied, installed on Search Heads and Indexers + ############# SCALING UP ################### + * Scale up indexers and Search Heads + * Wait for C3 to be ready + ########## SCALING UP VERIFICATIONS ######### + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is sucessful + * Verify apps are copied and installed on all Search Heads and Indexers pods + ############### SCALING DOWN ################ + * Scale down Indexers and Search Heads + * Wait for C3 to be ready + ######## SCALING DOWN VERIFICATIONS ######### + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is sucessful + * Verify apps are still copied and installed on all Search Heads and Indexers pods + */ + + //################## SETUP ################## + // Upload V1 apps to Gcs for Indexer Cluster + appVersion := "V1" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Indexer Cluster", appVersion)) + appFileList := testenv.GetAppFileList(appListV1) + gcsTestDirIdxc = "c3appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to Gcs for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Search Head Cluster", appVersion)) + gcsTestDirShc = "c3appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for C3 + appSourceNameIdxc := "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc := "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy C3 CRD + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster with Search Head Cluster") + indexerReplicas := 3 + shReplicas := 3 + cm, _, shc, err := deployment.DeploySingleSiteClusterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, "", "") + + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ############ Verify livenessProbe and readinessProbe config object and scripts############ + testcaseEnvInst.Log.Info("Get config map for livenessProbe and readinessProbe") + ConfigMapName := enterprise.GetProbeConfigMapName(testcaseEnvInst.GetName()) + _, err = testenv.GetConfigMap(ctx, deployment, testcaseEnvInst.GetName(), ConfigMapName) + Expect(err).To(Succeed(), "Unable to get config map for livenessProbe and readinessProbe", "ConfigMap name", ConfigMapName) + + //########## INITIAL VERIFICATIONS ############ + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), indexerReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + time.Sleep(60 * time.Second) + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //Delete configMap Object + err = testenv.DeleteConfigMap(testcaseEnvInst.GetName(), ConfigMapName) + Expect(err).To(Succeed(), "Unable to delete ConfigMao", "ConfigMap name", ConfigMapName) + + //############# SCALING UP ################### + // Get instance of current Search Head Cluster CR with latest config + err = deployment.GetInstance(ctx, deployment.GetName()+"-shc", shc) + + Expect(err).To(Succeed(), "Failed to get instance of Search Head Cluster") + + // Scale up Search Head Cluster + defaultSHReplicas := shc.Spec.Replicas + scaledSHReplicas := defaultSHReplicas + 1 + testcaseEnvInst.Log.Info("Scale up Search Head Cluster", "Current Replicas", defaultSHReplicas, "New Replicas", scaledSHReplicas) + + // Update Replicas of Search Head Cluster + shc.Spec.Replicas = int32(scaledSHReplicas) + err = deployment.UpdateCR(ctx, shc) + Expect(err).To(Succeed(), "Failed to scale up Search Head Cluster") + + // Ensure Search Head Cluster scales up and go to ScalingUp phase + testenv.VerifySearchHeadClusterPhase(ctx, deployment, testcaseEnvInst, enterpriseApi.PhaseScalingUp) + + // Get instance of current Indexer CR with latest config + idxcName := deployment.GetName() + "-idxc" + idxc := &enterpriseApi.IndexerCluster{} + err = deployment.GetInstance(ctx, idxcName, idxc) + Expect(err).To(Succeed(), "Failed to get instance of Indexer Cluster") + defaultIndexerReplicas := idxc.Spec.Replicas + scaledIndexerReplicas := defaultIndexerReplicas + 1 + testcaseEnvInst.Log.Info("Scale up Indexer Cluster", "Current Replicas", defaultIndexerReplicas, "New Replicas", scaledIndexerReplicas) + + // Update Replicas of Indexer Cluster + idxc.Spec.Replicas = int32(scaledIndexerReplicas) + err = deployment.UpdateCR(ctx, idxc) + Expect(err).To(Succeed(), "Failed to scale up Indexer Cluster") + + // Ensure Indexer Cluster scales up and go to ScalingUp phase + testenv.VerifyIndexerClusterPhase(ctx, deployment, testcaseEnvInst, enterpriseApi.PhaseScalingUp, idxcName) + + // Ensure Indexer Cluster go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify New Indexer On Cluster Manager + indexerName := fmt.Sprintf(testenv.IndexerPod, deployment.GetName(), scaledIndexerReplicas-1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Checking for New Indexer %s On Cluster Manager", indexerName)) + Expect(testenv.CheckIndexerOnCM(ctx, deployment, indexerName)).To(Equal(true)) + + // Ingest data on Indexers + for i := 0; i < int(scaledIndexerReplicas); i++ { + podName := fmt.Sprintf(testenv.IndexerPod, deployment.GetName(), i) + logFile := fmt.Sprintf("test-log-%s.log", testenv.RandomDNSName(3)) + testenv.CreateMockLogfile(logFile, 2000) + testenv.IngestFileViaMonitor(ctx, logFile, "main", podName, deployment) + } + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Search for data on newly added indexer + searchPod := fmt.Sprintf(testenv.SearchHeadPod, deployment.GetName(), scaledSHReplicas-1) + searchString := fmt.Sprintf("index=%s host=%s | stats count by host", "main", indexerName) + searchResultsResp, err := testenv.PerformSearchSync(ctx, searchPod, searchString, deployment) + Expect(err).To(Succeed(), "Failed to execute search '%s' on pod %s", searchPod, searchString) + + // Verify result + searchResponse := strings.Split(searchResultsResp, "\n")[0] + var searchResults map[string]interface{} + jsonErr := json.Unmarshal([]byte(searchResponse), &searchResults) + Expect(jsonErr).To(Succeed(), "Failed to unmarshal JSON Search Results from response '%s'", searchResultsResp) + + testcaseEnvInst.Log.Info("Search results :", "searchResults", searchResults["result"]) + Expect(searchResults["result"]).ShouldNot(BeNil(), "No results in search response '%s' on pod %s", searchResults, searchPod) + + resultLine := searchResults["result"].(map[string]interface{}) + testcaseEnvInst.Log.Info("Sync Search results host count:", "count", resultLine["count"].(string), "host", resultLine["host"].(string)) + testHostname := strings.Compare(resultLine["host"].(string), indexerName) + Expect(testHostname).To(Equal(0), "Incorrect search result hostname. Expect: %s Got: %s", indexerName, resultLine["host"].(string)) + + //########## SCALING UP VERIFICATIONS ######### + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // ############ Verify livenessProbe and readinessProbe config object and scripts############ + testcaseEnvInst.Log.Info("Get config map for livenessProbe and readinessProbe") + _, err = testenv.GetConfigMap(ctx, deployment, testcaseEnvInst.GetName(), ConfigMapName) + Expect(err).To(Succeed(), "Unable to get config map for livenessProbe and readinessProbe", "ConfigMap name", ConfigMapName) + scriptsNames := []string{enterprise.GetLivenessScriptName(), enterprise.GetReadinessScriptName(), enterprise.GetStartupScriptName()} + allPods := testenv.DumpGetPods(testcaseEnvInst.GetName()) + testenv.VerifyFilesInDirectoryOnPod(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), allPods, scriptsNames, enterprise.GetProbeMountDirectory(), false, true) + + // Verify no pods reset by checking the pod age + shcPodNames = []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + shcPodNames = append(shcPodNames, testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1)...) + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, shcPodNames) + + //############### SCALING DOWN ################ + // Get instance of current Search Head Cluster CR with latest config + shc = &enterpriseApi.SearchHeadCluster{} + err = deployment.GetInstance(ctx, deployment.GetName()+"-shc", shc) + + Expect(err).To(Succeed(), "Failed to get instance of Search Head Cluster") + + // Scale down Search Head Cluster + defaultSHReplicas = shc.Spec.Replicas + scaledSHReplicas = defaultSHReplicas - 1 + testcaseEnvInst.Log.Info("Scale down Search Head Cluster", "Current Replicas", defaultSHReplicas, "New Replicas", scaledSHReplicas) + + // Update Replicas of Search Head Cluster + shc.Spec.Replicas = int32(scaledSHReplicas) + err = deployment.UpdateCR(ctx, shc) + Expect(err).To(Succeed(), "Failed to scale down Search Head Cluster") + + // Ensure Search Head Cluster scales down and go to ScalingDown phase + testenv.VerifySearchHeadClusterPhase(ctx, deployment, testcaseEnvInst, enterpriseApi.PhaseScalingDown) + + // Get instance of current Indexer CR with latest config + err = deployment.GetInstance(ctx, idxcName, idxc) + Expect(err).To(Succeed(), "Failed to get instance of Indexer Cluster") + defaultIndexerReplicas = idxc.Spec.Replicas + scaledIndexerReplicas = defaultIndexerReplicas - 1 + testcaseEnvInst.Log.Info("Scaling down Indexer Cluster", "Current Replicas", defaultIndexerReplicas, "New Replicas", scaledIndexerReplicas) + + // Update Replicas of Indexer Cluster + idxc.Spec.Replicas = int32(scaledIndexerReplicas) + err = deployment.UpdateCR(ctx, idxc) + Expect(err).To(Succeed(), "Failed to Scale down Indexer Cluster") + + // Ensure Indexer Cluster scales down and go to ScalingDown phase + testenv.VerifyIndexerClusterPhase(ctx, deployment, testcaseEnvInst, enterpriseApi.PhaseScalingDown, idxcName) + + // Ensure Indexer Cluster go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Search for data from removed indexer + searchPod = fmt.Sprintf(testenv.SearchHeadPod, deployment.GetName(), scaledSHReplicas-1) + searchString = fmt.Sprintf("index=%s host=%s | stats count by host", "main", indexerName) + searchResultsResp, err = testenv.PerformSearchSync(ctx, searchPod, searchString, deployment) + Expect(err).To(Succeed(), "Failed to execute search '%s' on pod %s", searchPod, searchString) + + // Verify result + searchResponse = strings.Split(searchResultsResp, "\n")[0] + jsonErr = json.Unmarshal([]byte(searchResponse), &searchResults) + Expect(jsonErr).To(Succeed(), "Failed to unmarshal JSON Search Results from response '%s'", searchResultsResp) + + testcaseEnvInst.Log.Info("Search results :", "searchResults", searchResults["result"]) + Expect(searchResults["result"]).ShouldNot(BeNil(), "No results in search response '%s' on pod %s", searchResults, searchPod) + + resultLine = searchResults["result"].(map[string]interface{}) + testcaseEnvInst.Log.Info("Sync Search results host count:", "count", resultLine["count"].(string), "host", resultLine["host"].(string)) + testHostname = strings.Compare(resultLine["host"].(string), indexerName) + Expect(testHostname).To(Equal(0), "Incorrect search result hostname. Expect: %s Got: %s", indexerName, resultLine["host"].(string)) + + //######## SCALING DOWN VERIFICATIONS ######### + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, shcPodNames) + + }) + }) + + Context("Clustered deployment (C3 - clustered indexer, search head cluster)", func() { + It(" c3gcp, c3_mgr_gcp_sanity: can deploy a C3 SVA and have apps installed locally on Cluster Manager and Deployer", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to Gcs + * Create app source with local scope for C3 SVA (Cluster Manager and Deployer) + * Prepare and deploy C3 CRD with app framework and wait for pods to be ready + ############# INITIAL VERIFICATIONS ########## + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify apps are installed locally on Cluster Manager and Deployer + ############### UPGRADE APPS ################ + * Upgrade apps in app sources + * Wait for pods to be ready + ########### UPGRADE VERIFICATIONS ########### + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify apps are copied, installed and upgraded on Cluster Manager and Deployer + */ + + //################## SETUP #################### + // Upload V1 apps to Gcs for Indexer Cluster + appVersion := "V1" + gcsTestDirIdxc = "c3appfw-idxc-" + testenv.RandomDNSName(4) + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to Gcs for Search Head Cluster + gcsTestDirShc = "c3appfw-shc-" + testenv.RandomDNSName(4) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeLocal, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeLocal, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy C3 CRD + indexerReplicas := 3 + shReplicas := 3 + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster with Search Head Cluster") + cm, _, shc, err := deployment.DeploySingleSiteClusterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, "", "") + + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############## INITIAL VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), indexerReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############### UPGRADE APPS ################ + // Delete V1 apps on Gcs + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on Gcs", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // Upload V2 apps to Gcs + appVersion = "V2" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs", appVersion)) + appFileList = testenv.GetAppFileList(appListV2) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########### UPGRADE VERIFICATIONS ########### + cmAppSourceInfo.CrAppVersion = appVersion + cmAppSourceInfo.CrAppList = appListV2 + cmAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + shcAppSourceInfo.CrAppVersion = appVersion + shcAppSourceInfo.CrAppList = appListV2 + shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Clustered deployment (C3 - clustered indexer, search head cluster)", func() { + It("c3, integration, appframework: can deploy a C3 SVA with apps installed locally on Cluster Manager and Deployer, cluster-wide on Peers and Search Heads, then upgrade them", func() { + + /* Test Steps + ################## SETUP #################### + * Split Applist into clusterlist and local list + * Upload V1 apps to Gcs for Indexer Cluster and Search Head Cluster for local and cluster scope + * Create app sources for Cluster Manager and Deployer with local and cluster scope + * Prepare and deploy C3 CRD with app framework and wait for the pods to be ready + ######### INITIAL VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V1 apps are copied, installed on Monitoring Console and on Search Heads and Indexers pods + ############### UPGRADE APPS ################ + * Upload V2 apps on Gcs + * Wait for all C3 pods to be ready + ############ FINAL VERIFICATIONS ############ + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V2 apps are copied and upgraded on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP #################### + // Split Applist into 2 lists for local and cluster install + appVersion := "V1" + appListLocal := appListV1[len(appListV1)/2:] + appListCluster := appListV1[:len(appListV1)/2] + + // Upload appListLocal list of apps to Gcs (to be used for local install) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for local install (local scope)", appVersion)) + + gcsTestDirIdxcLocal = "c3appfw-" + testenv.RandomDNSName(4) + localappFileList := testenv.GetAppFileList(appListLocal) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxcLocal, localappFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for local install for Indexers", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for local install (local scope)", appVersion)) + + gcsTestDirShcLocal = "c3appfw-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShcLocal, localappFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for local install for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload appListCluster list of apps to Gcs (to be used for cluster-wide install) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for cluster-wide install (cluster scope)", appVersion)) + + gcsTestDirIdxcCluster = "c3appfw-cluster-" + testenv.RandomDNSName(4) + clusterappFileList := testenv.GetAppFileList(appListCluster) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxcCluster, clusterappFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps (cluster scope) to Gcs test directory", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload appListCluster list of apps to Gcs (to be used for cluster-wide install) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for cluster-wide install (cluster scope)", appVersion)) + + gcsTestDirShcCluster = "c3appfw-cluster-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShcCluster, clusterappFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps (cluster scope) to Gcs test directory", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceNameLocalIdxc := "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceNameLocalShc := "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceNameClusterIdxc := "appframework-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameClusterShc := "appframework-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxcLocal := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShcLocal := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appSourceVolumeNameIdxcCluster := "appframework-test-volume-idxc-cluster-" + testenv.RandomDNSName(3) + appSourceVolumeNameShcCluster := "appframework-test-volume-shc-cluster-" + testenv.RandomDNSName(3) + + // Create App framework Spec for Cluster manager with scope local and append cluster scope + + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxcLocal, enterpriseApi.ScopeLocal, appSourceNameLocalIdxc, gcsTestDirIdxcLocal, 60) + volumeSpecCluster := []enterpriseApi.VolumeSpec{testenv.GenerateIndexVolumeSpec(appSourceVolumeNameIdxcCluster, testenv.GetGCPEndpoint(), testcaseEnvInst.GetIndexSecretName(), "aws", "gcs", testenv.GetDefaultGCPRegion())} + + appFrameworkSpecIdxc.VolList = append(appFrameworkSpecIdxc.VolList, volumeSpecCluster...) + appSourceClusterDefaultSpec := enterpriseApi.AppSourceDefaultSpec{ + VolName: appSourceVolumeNameIdxcCluster, + Scope: enterpriseApi.ScopeCluster, + } + appSourceSpecCluster := []enterpriseApi.AppSourceSpec{testenv.GenerateAppSourceSpec(appSourceNameClusterIdxc, gcsTestDirIdxcCluster, appSourceClusterDefaultSpec)} + appFrameworkSpecIdxc.AppSources = append(appFrameworkSpecIdxc.AppSources, appSourceSpecCluster...) + + // Create App framework Spec for Search head cluster with scope local and append cluster scope + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShcLocal, enterpriseApi.ScopeLocal, appSourceNameLocalShc, gcsTestDirShcLocal, 60) + volumeSpecCluster = []enterpriseApi.VolumeSpec{testenv.GenerateIndexVolumeSpec(appSourceVolumeNameShcCluster, testenv.GetGCPEndpoint(), testcaseEnvInst.GetIndexSecretName(), "aws", "gcs", testenv.GetDefaultGCPRegion())} + appFrameworkSpecShc.VolList = append(appFrameworkSpecShc.VolList, volumeSpecCluster...) + appSourceClusterDefaultSpec = enterpriseApi.AppSourceDefaultSpec{ + VolName: appSourceVolumeNameShcCluster, + Scope: enterpriseApi.ScopeCluster, + } + appSourceSpecCluster = []enterpriseApi.AppSourceSpec{testenv.GenerateAppSourceSpec(appSourceNameClusterShc, gcsTestDirShcCluster, appSourceClusterDefaultSpec)} + appFrameworkSpecShc.AppSources = append(appFrameworkSpecShc.AppSources, appSourceSpecCluster...) + + // Create Single site Cluster and Search Head Cluster, with App Framework enabled on Cluster Manager and Deployer + testcaseEnvInst.Log.Info("Deploy Single site Indexer Cluster with both Local and Cluster scope for apps installation") + indexerReplicas := 3 + shReplicas := 3 + cm, _, shc, err := deployment.DeploySingleSiteClusterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, "", "") + + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############ INITIAL VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), indexerReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfoLocal := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameLocalIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxcLocal, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListLocal, CrAppFileList: localappFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + cmAppSourceInfoCluster := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameClusterIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxcCluster, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListCluster, CrAppFileList: clusterappFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + shcAppSourceInfoLocal := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameLocalShc, CrAppSourceVolumeName: appSourceVolumeNameShcLocal, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListLocal, CrAppFileList: localappFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + shcAppSourceInfoCluster := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameClusterShc, CrAppSourceVolumeName: appSourceVolumeNameShcCluster, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListCluster, CrAppFileList: clusterappFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfoLocal, cmAppSourceInfoCluster, shcAppSourceInfoLocal, shcAppSourceInfoCluster} + clusterManagerBundleHash := testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############### UPGRADE APPS ################ + // Delete apps on Gcs + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on Gcs", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // Redefine app lists as LDAP app isn't in V1 apps + appListLocal = appListV1[len(appListV1)/2:] + appListCluster = appListV1[:len(appListV1)/2] + + // Upload appListLocal list of V2 apps to Gcs (to be used for local install) + appVersion = "V2" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for local install (local scope)", appVersion)) + localappFileList = testenv.GetAppFileList(appListLocal) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxcLocal, localappFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for local install for Indexers", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShcLocal, localappFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for local install for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload appListCluster list of V2 apps to Gcs (to be used for cluster-wide install) + clusterappFileList = testenv.GetAppFileList(appListCluster) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxcCluster, clusterappFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for cluster-wide install", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShcCluster, clusterappFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for cluster-wide install", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameClusterIdxc, clusterappFileList) + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## UPGRADE VERIFICATION ############# + cmAppSourceInfoLocal.CrAppVersion = appVersion + cmAppSourceInfoLocal.CrAppList = appListLocal + cmAppSourceInfoLocal.CrAppFileList = localappFileList + cmAppSourceInfoCluster.CrAppVersion = appVersion + cmAppSourceInfoCluster.CrAppList = appListCluster + cmAppSourceInfoCluster.CrAppFileList = clusterappFileList + shcAppSourceInfoLocal.CrAppVersion = appVersion + shcAppSourceInfoLocal.CrAppList = appListLocal + shcAppSourceInfoLocal.CrAppFileList = localappFileList + shcAppSourceInfoCluster.CrAppVersion = appVersion + shcAppSourceInfoCluster.CrAppList = appListCluster + shcAppSourceInfoCluster.CrAppFileList = clusterappFileList + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfoLocal, cmAppSourceInfoCluster, shcAppSourceInfoLocal, shcAppSourceInfoCluster} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, clusterManagerBundleHash) + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + }) + }) + + Context("Clustered deployment (C3 - clustered indexer, search head cluster)", func() { + It("c3, integration, appframework: can deploy a C3 SVA with apps installed locally on Cluster Manager and Deployer, cluster-wide on Peers and Search Heads, then downgrade them", func() { + + /* Test Steps + ################## SETUP #################### + * Split Applist into clusterlist and local list + * Upload V2 apps to Gcs for Indexer Cluster and Search Head Cluster for local and cluster scope + * Create app sources for Cluster Manager and Deployer with local and cluster scope + * Prepare and deploy C3 CRD with app framework and wait for the pods to be ready + ######### INITIAL VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V2 apps are copied, installed on Monitoring Console and on Search Heads and Indexers pods + ############### Downgrade APPS ################ + * Upload V1 apps on Gcs + * Wait for all C3 pods to be ready + ############ FINAL VERIFICATIONS ############ + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V1 apps are copied and upgraded on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP #################### + // Split Applist into 2 lists for local and cluster install + appVersion := "V2" + appListLocal := appListV2[len(appListV2)/2:] + appListCluster := appListV2[:len(appListV2)/2] + + // Upload appListLocal list of apps to Gcs (to be used for local install) for Idxc + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for local install (local scope)", appVersion)) + gcsTestDirIdxcLocal = "c3appfw-" + testenv.RandomDNSName(4) + localappFileList := testenv.GetAppFileList(appListLocal) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxcLocal, localappFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps (local scope) to Gcs test directory", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload appListLocal list of apps to Gcs (to be used for local install) for Shc + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for local install (local scope)", appVersion)) + gcsTestDirShcLocal = "c3appfw-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShcLocal, localappFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps (local scope) to Gcs test directory", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload appListCluster list of apps to Gcs (to be used for cluster-wide install) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for cluster-wide install (cluster scope)", appVersion)) + gcsTestDirIdxcCluster = "c3appfw-cluster-" + testenv.RandomDNSName(4) + clusterappFileList := testenv.GetAppFileList(appListCluster) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxcCluster, clusterappFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps (cluster scope) to Gcs test directory", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload appListCluster list of apps to Gcs (to be used for cluster-wide install) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for cluster-wide install (cluster scope)", appVersion)) + gcsTestDirShcCluster = "c3appfw-cluster-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShcCluster, clusterappFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps (cluster scope) to Gcs test directory", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceNameLocalIdxc := "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceNameLocalShc := "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceNameClusterIdxc := "appframework-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameClusterShc := "appframework-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxcLocal := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShcLocal := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appSourceVolumeNameIdxcCluster := "appframework-test-volume-idxc-cluster-" + testenv.RandomDNSName(3) + appSourceVolumeNameShcCluster := "appframework-test-volume-shc-cluster-" + testenv.RandomDNSName(3) + + // Create App framework Spec for Cluster manager with scope local and append cluster scope + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxcLocal, enterpriseApi.ScopeLocal, appSourceNameLocalIdxc, gcsTestDirIdxcLocal, 60) + volumeSpecCluster := []enterpriseApi.VolumeSpec{testenv.GenerateIndexVolumeSpec(appSourceVolumeNameIdxcCluster, testenv.GetGCPEndpoint(), testcaseEnvInst.GetIndexSecretName(), "aws", "gcs", testenv.GetDefaultGCPRegion())} + appFrameworkSpecIdxc.VolList = append(appFrameworkSpecIdxc.VolList, volumeSpecCluster...) + appSourceClusterDefaultSpec := enterpriseApi.AppSourceDefaultSpec{ + VolName: appSourceVolumeNameIdxcCluster, + Scope: enterpriseApi.ScopeCluster, + } + appSourceSpecCluster := []enterpriseApi.AppSourceSpec{testenv.GenerateAppSourceSpec(appSourceNameClusterIdxc, gcsTestDirIdxcCluster, appSourceClusterDefaultSpec)} + appFrameworkSpecIdxc.AppSources = append(appFrameworkSpecIdxc.AppSources, appSourceSpecCluster...) + + // Create App framework Spec for Search head cluster with scope local and append cluster scope + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShcLocal, enterpriseApi.ScopeLocal, appSourceNameLocalShc, gcsTestDirShcLocal, 60) + volumeSpecCluster = []enterpriseApi.VolumeSpec{testenv.GenerateIndexVolumeSpec(appSourceVolumeNameShcCluster, testenv.GetGCPEndpoint(), testcaseEnvInst.GetIndexSecretName(), "aws", "gcs", testenv.GetDefaultGCPRegion())} + appFrameworkSpecShc.VolList = append(appFrameworkSpecShc.VolList, volumeSpecCluster...) + appSourceClusterDefaultSpec = enterpriseApi.AppSourceDefaultSpec{ + VolName: appSourceVolumeNameShcCluster, + Scope: enterpriseApi.ScopeCluster, + } + appSourceSpecCluster = []enterpriseApi.AppSourceSpec{testenv.GenerateAppSourceSpec(appSourceNameClusterShc, gcsTestDirShcCluster, appSourceClusterDefaultSpec)} + appFrameworkSpecShc.AppSources = append(appFrameworkSpecShc.AppSources, appSourceSpecCluster...) + + // Create Single site Cluster and Search Head Cluster, with App Framework enabled on Cluster Manager and Deployer + testcaseEnvInst.Log.Info("Deploy Single site Indexer Cluster with both Local and Cluster scope for apps installation") + indexerReplicas := 3 + shReplicas := 3 + cm, _, shc, err := deployment.DeploySingleSiteClusterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, "", "") + + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############ INITIAL VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), indexerReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfoLocal := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameLocalIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxcLocal, CrPod: cmPod, CrAppVersion: "V2", CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListLocal, CrAppFileList: localappFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + cmAppSourceInfoCluster := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameClusterIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxcCluster, CrPod: cmPod, CrAppVersion: "V2", CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListCluster, CrAppFileList: clusterappFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + shcAppSourceInfoLocal := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameLocalShc, CrAppSourceVolumeName: appSourceVolumeNameShcLocal, CrPod: deployerPod, CrAppVersion: "V2", CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListLocal, CrAppFileList: localappFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + shcAppSourceInfoCluster := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameClusterShc, CrAppSourceVolumeName: appSourceVolumeNameShcCluster, CrPod: deployerPod, CrAppVersion: "V2", CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListCluster, CrAppFileList: clusterappFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfoLocal, cmAppSourceInfoCluster, shcAppSourceInfoLocal, shcAppSourceInfoCluster} + time.Sleep(2 * time.Minute) // FIXME adding sleep to see if verification succeedes + clusterManagerBundleHash := testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############# DOWNGRADE APPS ################ + // Delete apps on Gcs + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on Gcs", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // Redefine app lists as LDAP app isn't in V1 apps + appListLocal = appListV1[len(appListV1)/2:] + appListCluster = appListV1[:len(appListV1)/2] + + // Upload appListLocal list of V1 apps to Gcs (to be used for local install) + appVersion = "V1" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for local install (local scope)", appVersion)) + localappFileList = testenv.GetAppFileList(appListLocal) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxcLocal, localappFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for local install", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShcLocal, localappFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for local install", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload appListCluster list of V2 apps to Gcs (to be used for cluster-wide install) + clusterappFileList = testenv.GetAppFileList(appListCluster) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxcCluster, clusterappFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for cluster-wide install", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShcCluster, clusterappFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for cluster-wide install", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameClusterIdxc, clusterappFileList) + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## DOWNGRADE VERIFICATION ############# + cmAppSourceInfoLocal.CrAppVersion = appVersion + cmAppSourceInfoLocal.CrAppList = appListLocal + cmAppSourceInfoLocal.CrAppFileList = localappFileList + cmAppSourceInfoCluster.CrAppVersion = appVersion + cmAppSourceInfoCluster.CrAppList = appListCluster + cmAppSourceInfoCluster.CrAppFileList = clusterappFileList + shcAppSourceInfoLocal.CrAppVersion = appVersion + shcAppSourceInfoLocal.CrAppList = appListLocal + shcAppSourceInfoLocal.CrAppFileList = localappFileList + shcAppSourceInfoCluster.CrAppVersion = appVersion + shcAppSourceInfoCluster.CrAppList = appListCluster + shcAppSourceInfoCluster.CrAppFileList = clusterappFileList + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfoLocal, cmAppSourceInfoCluster, shcAppSourceInfoLocal, shcAppSourceInfoCluster} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, clusterManagerBundleHash) + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + }) + }) + + Context("Clustered deployment (C3 - clustered indexer, search head cluster)", func() { + It("integration, c3, appframework: can deploy a C3 SVA instance with App Framework enabled and install above 200MB of apps at once", func() { + + /* Test Steps + ################## SETUP #################### + * Create App Source for C3 SVA (Cluster Manager and Deployer) + * Add more apps than usual on Gcs for this test + * Prepare and deploy C3 CRD with app framework and wait for pods to be ready + ############### VERIFICATIONS ############### + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied, installed on Search Heads and Indexers pods + */ + + //################## SETUP #################### + // Creating a bigger list of apps to be installed than the default one + appList := []string{"splunk_app_db_connect", "splunk_app_aws", "Splunk_TA_microsoft-cloudservices", "Splunk_ML_Toolkit", "Splunk_Security_Essentials"} + appFileList := testenv.GetAppFileList(appList) + appVersion := "V1" + + // Download apps from Gcs + testcaseEnvInst.Log.Info("Download bigger amount of apps from Gcs for this test") + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download apps files") + + // Create consolidated list of app files + appList = append(appListV1, appList...) + appFileList = testenv.GetAppFileList(appList) + + // Upload app to Gcs for Indexer Cluster + gcsTestDirIdxc = "c3appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload apps to Gcs test directory for Indexer Cluster") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload app to Gcs for Search Head Cluster + gcsTestDirShc = "c3appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload apps to Gcs test directory for Search Head Cluster") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // Create Single site Cluster and Search Head Cluster, with App Framework enabled on Cluster Manager and Deployer + testcaseEnvInst.Log.Info("Create Single Site Indexer Cluster and Search Head Cluster") + indexerReplicas := 3 + shReplicas := 3 + cm, _, shc, err := deployment.DeploySingleSiteClusterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, "", "") + + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ############### VERIFICATIONS ############### + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), indexerReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Single Site Indexer Cluster with Search Head Cluster (C3) with App Framework", func() { + It("integration, c3, appframework: can deploy a C3 SVA with App Framework enabled for manual update", func() { + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to Gcs for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console CRD with app framework and wait for the pod to be ready + * Upload V1 apps to Gcs + * Create app source with manaul poll for M4 SVA (Cluster Manager and Deployer) + * Prepare and deploy C3 CRD with app framework and wait for pods to be ready + ########## INITIAL VERIFICATION ############# + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify apps are installed locally on Cluster Manager and Deployer + ############### UPGRADE APPS ################ + * Upgrade apps in app sources + * Wait for pods to be ready + ############ VERIFICATION APPS ARE NOT UPDATED BEFORE ENABLING MANUAL POLL ############ + * Verify Apps are not updated + ############ ENABLE MANUAL POLL ############ + * Verify Manual Poll disabled after the check + ############## UPGRADE VERIFICATIONS ############ + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify App Directory in under splunk path + * Verify apps are installed locally on Cluster Manager and Deployer + */ + + // ################## SETUP #################### + // Upload V1 apps to Gcs for Monitoring Console + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Monitoring Console", appVersion)) + gcsTestDirMC := "c3appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Prepare Monitoring Console spec with its own app source + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + appSourceVolumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, gcsTestDirMC, 0) + + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Upload V1 apps to Gcs for Indexer Cluster + gcsTestDirIdxc = "c3appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to Gcs for Search Head Cluster + gcsTestDirShc = "c3appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 0) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 0) + + // Create Single site Cluster and Search Head Cluster, with App Framework enabled on Cluster Manager and Deployer + indexerReplicas := 3 + shReplicas := 3 + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster") + cm, _, shc, err := deployment.DeploySingleSiteClusterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, mcName, "") + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with App framework") + + // Ensure Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //######### INITIAL VERIFICATIONS ############# + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + mcPod := []string{fmt.Sprintf(testenv.MonitoringConsolePod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + mcAppSourceInfo := testenv.AppSourceInfo{CrKind: mc.Kind, CrName: mc.Name, CrAppSourceName: appSourceNameMC, CrAppSourceVolumeName: appSourceNameMC, CrPod: mcPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + clusterManagerBundleHash := testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + // ############### UPGRADE APPS ################ + // Delete V1 apps on Gcs + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on Gcs", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // Upload V2 apps to Gcs for C3 + appVersion = "V2" + appFileList = testenv.GetAppFileList(appListV2) + testcaseEnvInst.Log.Info(fmt.Sprintf("Uploading %s apps to Gcs", appVersion)) + + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to Gcs for Monitoring Console + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Monitoring Console", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirMC, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // ############ VERIFICATION APPS ARE NOT UPDATED BEFORE ENABLING MANUAL POLL ############ + appVersion = "V1" + allPodNames := append(idxcPodNames, shcPodNames...) + testenv.VerifyAppInstalled(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), allPodNames, appListV1, true, "enabled", false, true) + + // ############ ENABLE MANUAL POLL ############ + testcaseEnvInst.Log.Info("Get config map for triggering manual update") + config, err := testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map for manual poll") + + testcaseEnvInst.Log.Info("Modify config map to trigger manual update") + config.Data["ClusterManager"] = strings.Replace(config.Data["ClusterManager"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + testcaseEnvInst.Log.Info("Get config map for triggering manual update") + config, err = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map for manual poll") + + testcaseEnvInst.Log.Info("Modify config map to trigger manual update") + config.Data["SearchHeadCluster"] = strings.Replace(config.Data["SearchHeadCluster"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map") + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + testcaseEnvInst.Log.Info("Get config map for triggering manual update") + config, err = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map for manual poll") + + testcaseEnvInst.Log.Info("Modify config map to trigger manual update") + config.Data["MonitoringConsole"] = strings.Replace(config.Data["MonitoringConsole"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map") + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // Verify config map set back to off after poll trigger + testcaseEnvInst.Log.Info("Verify config map set back to off after poll trigger for app", "version", appVersion) + config, _ = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(strings.Contains(config.Data["ClusterManager"], "status: off") && strings.Contains(config.Data["SearchHeadCluster"], "status: off") && strings.Contains(config.Data["MonitoringConsole"], "status: off")).To(Equal(true), "Config map update not complete") + + // ############## UPGRADE VERIFICATIONS ############ + appVersion = "V2" + cmAppSourceInfo.CrAppVersion = appVersion + cmAppSourceInfo.CrAppList = appListV2 + cmAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + shcAppSourceInfo.CrAppVersion = appVersion + shcAppSourceInfo.CrAppList = appListV2 + shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + mcAppSourceInfo.CrAppVersion = appVersion + mcAppSourceInfo.CrAppList = appListV2 + mcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, clusterManagerBundleHash) + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Clustered deployment (C3 - clustered indexer, search head cluster)", func() { + It("integration, c3, appframework: can deploy a C3 SVA and have apps installed and updated locally on Cluster Manager and Deployer for manual polling", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to Gcs + * Create app source with local scope for C3 SVA (Cluster Manager and Deployer) + * Prepare and deploy C3 CRD with app framework and wait for pods to be ready + ############# INITIAL VERIFICATION ########## + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify apps are installed locally on Cluster Manager and Deployer + ############### UPGRADE APPS ################ + * Upgrade apps in app sources + * Wait for pods to be ready + ############ VERIFICATION APPS ARE NOT UPDATED BEFORE ENABLING MANUAL POLL ############ + * Verify Apps are not updated + ############ ENABLE MANUAL POLL ############ + * Verify Manual Poll disabled after the poll is triggered + ########### UPGRADE VERIFICATIONS ########### + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify apps are copied, installed and upgraded on Cluster Manager and Deployer + */ + + //################## SETUP #################### + // Upload V1 apps to Gcs for Indexer Cluster + appVersion := "V1" + gcsTestDirIdxc = "c3appfw-idxc-" + testenv.RandomDNSName(4) + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to Gcs for Search Head Cluster + gcsTestDirShc = "c3appfw-shc-" + testenv.RandomDNSName(4) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeLocal, appSourceNameIdxc, gcsTestDirIdxc, 0) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeLocal, appSourceNameShc, gcsTestDirShc, 0) + + // Deploy C3 CRD + indexerReplicas := 3 + shReplicas := 3 + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster with Search Head Cluster") + cm, _, shc, err := deployment.DeploySingleSiteClusterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, "", "") + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############## INITIAL VERIFICATION ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), indexerReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############### UPGRADE APPS ################ + // Delete V1 apps on Gcs + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on Gcs", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // Upload V2 apps to Gcs + appVersion = "V2" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs", appVersion)) + appFileList = testenv.GetAppFileList(appListV2) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // ############ VERIFICATION APPS ARE NOT UPDATED BEFORE ENABLING MANUAL POLL ############ + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // ############ ENABLE MANUAL POLL ############ + testcaseEnvInst.Log.Info("Get config map for triggering manual update") + config, err := testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map for manual poll") + + testcaseEnvInst.Log.Info("Modify config map to trigger manual update") + config.Data["ClusterManager"] = strings.Replace(config.Data["ClusterManager"], "off", "on", 1) + + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + testcaseEnvInst.Log.Info("Get config map for triggering manual update") + config, err = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map for manual poll") + + testcaseEnvInst.Log.Info("Modify config map to trigger manual update") + config.Data["SearchHeadCluster"] = strings.Replace(config.Data["SearchHeadCluster"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map") + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ########## Verify Manual Poll config map disabled after the poll is triggered ################# + // Verify config map set back to off after poll trigger + testcaseEnvInst.Log.Info("Verify config map set back to off after poll trigger for app", "version", appVersion) + config, _ = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(strings.Contains(config.Data["ClusterManager"], "status: off") && strings.Contains(config.Data["SearchHeadCluster"], "status: off")).To(Equal(true), "Config map update not complete") + + //########### UPGRADE VERIFICATIONS ########### + cmAppSourceInfo.CrAppVersion = appVersion + cmAppSourceInfo.CrAppList = appListV2 + cmAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + shcAppSourceInfo.CrAppVersion = appVersion + shcAppSourceInfo.CrAppList = appListV2 + shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Clustered deployment (C3 - clustered indexer, search head cluster)", func() { + It("c3, integration, appframework: can deploy a C3 SVA with apps installed locally on Cluster Manager and Deployer, cluster-wide on Peers and Search Heads, then upgrade them via a manual poll", func() { + + /* Test Steps + ################## SETUP #################### + * Split Applist into clusterlist and local list + * Upload V1 apps to Gcs for Indexer Cluster and Search Head Cluster for local and cluster scope + * Create app sources for Cluster Manager and Deployer with local and cluster scope + * Prepare and deploy C3 CRD with app framework and wait for the pods to be ready + ######### INITIAL VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V1 apps are copied, installed on Monitoring Console and on Search Heads and Indexers pods + ############### UPGRADE APPS ################ + * Upload V2 apps on Gcs + * Wait for all C3 pods to be ready + ############ FINAL VERIFICATIONS ############ + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V2 apps are copied and upgraded on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP #################### + // Split Applist into 2 lists for local and cluster install + appVersion := "V1" + appListLocal := appListV1[len(appListV1)/2:] + appListCluster := appListV1[:len(appListV1)/2] + + // Upload appListLocal list of apps to Gcs (to be used for local install) for Idxc + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for local install (local scope)", appVersion)) + gcsTestDirIdxcLocal = "c3appfw-" + testenv.RandomDNSName(4) + localappFileList := testenv.GetAppFileList(appListLocal) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxcLocal, localappFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps (local scope) to Gcs test directory", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload appListLocal list of apps to Gcs (to be used for local install) for Shc + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for local install (local scope)", appVersion)) + gcsTestDirShcLocal = "c3appfw-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShcLocal, localappFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps (local scope) to Gcs test directory", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload appListCluster list of apps to Gcs (to be used for cluster-wide install) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for cluster-wide install (cluster scope)", appVersion)) + gcsTestDirIdxcCluster = "c3appfw-cluster-" + testenv.RandomDNSName(4) + clusterappFileList := testenv.GetAppFileList(appListCluster) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxcCluster, clusterappFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps (cluster scope) to Gcs test directory", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload appListCluster list of apps to Gcs (to be used for cluster-wide install) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for cluster-wide install (cluster scope)", appVersion)) + gcsTestDirShcCluster = "c3appfw-cluster-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShcCluster, clusterappFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps (cluster scope) to Gcs test directory", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceNameLocalIdxc := "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceNameLocalShc := "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceNameClusterIdxc := "appframework-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameClusterShc := "appframework-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxcLocal := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShcLocal := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appSourceVolumeNameIdxcCluster := "appframework-test-volume-idxc-cluster-" + testenv.RandomDNSName(3) + appSourceVolumeNameShcCluster := "appframework-test-volume-shc-cluster-" + testenv.RandomDNSName(3) + + // Create App framework Spec for Cluster manager with scope local and append cluster scope + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxcLocal, enterpriseApi.ScopeLocal, appSourceNameLocalIdxc, gcsTestDirIdxcLocal, 0) + volumeSpecCluster := []enterpriseApi.VolumeSpec{testenv.GenerateIndexVolumeSpec(appSourceVolumeNameIdxcCluster, testenv.GetGCPEndpoint(), testcaseEnvInst.GetIndexSecretName(), "aws", "gcs", testenv.GetDefaultGCPRegion())} + appFrameworkSpecIdxc.VolList = append(appFrameworkSpecIdxc.VolList, volumeSpecCluster...) + appSourceClusterDefaultSpec := enterpriseApi.AppSourceDefaultSpec{ + VolName: appSourceVolumeNameIdxcCluster, + Scope: enterpriseApi.ScopeCluster, + } + appSourceSpecCluster := []enterpriseApi.AppSourceSpec{testenv.GenerateAppSourceSpec(appSourceNameClusterIdxc, gcsTestDirIdxcCluster, appSourceClusterDefaultSpec)} + appFrameworkSpecIdxc.AppSources = append(appFrameworkSpecIdxc.AppSources, appSourceSpecCluster...) + + // Create App framework Spec for Search head cluster with scope local and append cluster scope + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShcLocal, enterpriseApi.ScopeLocal, appSourceNameLocalShc, gcsTestDirShcLocal, 0) + volumeSpecCluster = []enterpriseApi.VolumeSpec{testenv.GenerateIndexVolumeSpec(appSourceVolumeNameShcCluster, testenv.GetGCPEndpoint(), testcaseEnvInst.GetIndexSecretName(), "aws", "gcs", testenv.GetDefaultGCPRegion())} + appFrameworkSpecShc.VolList = append(appFrameworkSpecShc.VolList, volumeSpecCluster...) + appSourceClusterDefaultSpec = enterpriseApi.AppSourceDefaultSpec{ + VolName: appSourceVolumeNameShcCluster, + Scope: enterpriseApi.ScopeCluster, + } + appSourceSpecCluster = []enterpriseApi.AppSourceSpec{testenv.GenerateAppSourceSpec(appSourceNameClusterShc, gcsTestDirShcCluster, appSourceClusterDefaultSpec)} + appFrameworkSpecShc.AppSources = append(appFrameworkSpecShc.AppSources, appSourceSpecCluster...) + + // Create Single site Cluster and Search Head Cluster, with App Framework enabled on Cluster Manager and Deployer + testcaseEnvInst.Log.Info("Deploy Single site Indexer Cluster with both Local and Cluster scope for apps installation") + indexerReplicas := 3 + shReplicas := 3 + cm, _, shc, err := deployment.DeploySingleSiteClusterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, "", "") + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############ INITIAL VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), indexerReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfoLocal := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameLocalIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxcLocal, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListLocal, CrAppFileList: localappFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + cmAppSourceInfoCluster := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameClusterIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxcCluster, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListCluster, CrAppFileList: clusterappFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + shcAppSourceInfoLocal := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameLocalShc, CrAppSourceVolumeName: appSourceVolumeNameShcLocal, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListLocal, CrAppFileList: localappFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + shcAppSourceInfoCluster := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameClusterShc, CrAppSourceVolumeName: appSourceVolumeNameShcCluster, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListCluster, CrAppFileList: clusterappFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfoLocal, cmAppSourceInfoCluster, shcAppSourceInfoLocal, shcAppSourceInfoCluster} + clusterManagerBundleHash := testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############### UPGRADE APPS ################ + // Delete apps on Gcs + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on Gcs", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // Redefine app lists as LDAP app isn't in V1 apps + appListLocal = appListV1[len(appListV1)/2:] + appListCluster = appListV1[:len(appListV1)/2] + + // Upload appListLocal list of V2 apps to Gcs (to be used for local install) + appVersion = "V2" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for local install (local scope)", appVersion)) + localappFileList = testenv.GetAppFileList(appListLocal) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxcLocal, localappFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for local install", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShcLocal, localappFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for local install", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload appListCluster list of V2 apps to Gcs (to be used for cluster-wide install) + clusterappFileList = testenv.GetAppFileList(appListCluster) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxcCluster, clusterappFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for cluster-wide install", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShcCluster, clusterappFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for cluster-wide install", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // ############ ENABLE MANUAL POLL ############ + + testcaseEnvInst.Log.Info("Get config map for triggering manual update") + config, err := testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map for manual poll") + + testcaseEnvInst.Log.Info("Modify config map to trigger manual update") + config.Data["ClusterManager"] = strings.Replace(config.Data["ClusterManager"], "off", "on", 1) + config.Data["SearchHeadCluster"] = strings.Replace(config.Data["SearchHeadCluster"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map") + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameClusterIdxc, clusterappFileList) + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ########## Verify Manual Poll config map disabled after the poll is triggered ################# + + // Verify config map set back to off after poll trigger + testcaseEnvInst.Log.Info("Verify config map set back to off after poll trigger for app", "version", appVersion) + config, _ = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(strings.Contains(config.Data["ClusterManager"], "status: off") && strings.Contains(config.Data["SearchHeadCluster"], "status: off")).To(Equal(true), "Config map update not complete") + + //########## UPGRADE VERIFICATION ############# + cmAppSourceInfoLocal.CrAppVersion = appVersion + cmAppSourceInfoLocal.CrAppList = appListLocal + cmAppSourceInfoLocal.CrAppFileList = localappFileList + cmAppSourceInfoCluster.CrAppVersion = appVersion + cmAppSourceInfoCluster.CrAppList = appListCluster + cmAppSourceInfoCluster.CrAppFileList = clusterappFileList + shcAppSourceInfoLocal.CrAppVersion = appVersion + shcAppSourceInfoLocal.CrAppList = appListLocal + shcAppSourceInfoLocal.CrAppFileList = localappFileList + shcAppSourceInfoCluster.CrAppVersion = appVersion + shcAppSourceInfoCluster.CrAppList = appListCluster + shcAppSourceInfoCluster.CrAppFileList = clusterappFileList + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfoLocal, cmAppSourceInfoCluster, shcAppSourceInfoLocal, shcAppSourceInfoCluster} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, clusterManagerBundleHash) + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Single Site Indexer Cluster with Search Head Cluster (C3) and App Framework", func() { + It("integration, c3, appframework: can deploy a C3, add new apps to app source while install is in progress and have all apps installed locally on Cluster Manager and Deployer", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to Gcs for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console CRD with app framework and wait for the pod to be ready + * Upload big-size app to Gcs for Indexer Cluster and Search Head Cluster + * Create app sources for Cluster Manager and Deployer + * Prepare and deploy C3 CRD with app framework + ############## VERIFICATIONS ################ + * Verify app installation is in progress on Cluster Manager and Deployer + * Upload more apps from Gcs during bigger app install + * Wait for polling interval to pass + * Verify all apps are installed on Cluster Manager and Deployer + */ + + //################## SETUP #################### + // Upload V1 apps to Gcs for Monitoring Console + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Monitoring Console", appVersion)) + gcsTestDirMC := "c3appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Prepare Monitoring Console spec with its own app source + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + appSourceVolumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, gcsTestDirMC, 60) + + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Download all apps from Gcs + appList := append(testenv.BigSingleApp, testenv.ExtraApps...) + appFileList = testenv.GetAppFileList(appList) + err = testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download big-size app") + + // Upload big-size app to Gcs for Cluster Manager + appList = testenv.BigSingleApp + appFileList = testenv.GetAppFileList(appList) + testcaseEnvInst.Log.Info("Upload big-size app to Gcs for Cluster Manager") + gcsTestDirIdxc = "c3appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big-size app to Gcs test directory for Cluster Manager") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload big-size app to Gcs for Search Head Cluster + testcaseEnvInst.Log.Info("Upload big-size app to Gcs for Search Head Cluster") + gcsTestDirShc = "c3appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big-size app to Gcs test directory for Search Head Cluster") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for C3 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeLocal, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeLocal, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy C3 CRD + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster with Search Head Cluster") + indexerReplicas := 3 + cm, _, _, err := deployment.DeploySingleSiteClusterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, mcName, "") + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Verify App installation is in progress on Cluster Manager + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList, enterpriseApi.AppPkgInstallComplete, enterpriseApi.AppPkgPodCopyComplete) + + // Upload more apps to Gcs for Cluster Manager + appList = testenv.ExtraApps + appFileList = testenv.GetAppFileList(appList) + testcaseEnvInst.Log.Info("Upload more apps to Gcs for Cluster Manager") + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload more apps to Gcs test directory for Cluster Manager") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload more apps to Gcs for Deployer + testcaseEnvInst.Log.Info("Upload more apps to Gcs for Deployer") + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload more apps to Gcs test directory for Deployer") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Ensure Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Wait for polling interval to pass + testenv.WaitForAppInstall(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Verify all apps are installed on Cluster Manager + appList = append(testenv.BigSingleApp, testenv.ExtraApps...) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + testcaseEnvInst.Log.Info(fmt.Sprintf("Verify all apps %v are installed on Cluster Manager", appList)) + testenv.VerifyAppInstalled(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), cmPod, appList, true, "enabled", false, false) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify all apps are installed on Deployer + appList = append(testenv.BigSingleApp, testenv.ExtraApps...) + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + testcaseEnvInst.Log.Info(fmt.Sprintf("Verify all apps %v are installed on Deployer", appList)) + testenv.VerifyAppInstalled(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), deployerPod, appList, true, "enabled", false, false) + }) + }) + // Vivek need testing + Context("Single Site Indexer Cluster with Search Head Cluster (C3) and App Framework", func() { + It("integration, c3, appframework: can deploy a C3, add new apps to app source while install is in progress and have all apps installed cluster-wide", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to Gcs for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console CRD with app framework and wait for the pod to be ready + * Upload big-size app to Gcs for Indexer Cluster and Search Head Cluster + * Create app sources for Cluster Manager and Deployer + * Prepare and deploy C3 CRD with app framework and wait for the pods to be ready + ############## VERIFICATIONS ################ + * Verify App installation is in progress on Cluster Manager and Deployer + * Upload more apps from Gcs during bigger app install + * Wait for polling interval to pass + * Verify all apps are installed on Cluster Manager and Deployer + */ + + //################## SETUP #################### + // Upload V1 apps to Gcs for Monitoring Console + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Monitoring Console", appVersion)) + gcsTestDirMC := "c3appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Prepare Monitoring Console spec with its own app source + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + appSourceVolumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, gcsTestDirMC, 60) + + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Download all apps from Gcs + appList := append(testenv.BigSingleApp, testenv.ExtraApps...) + appFileList = testenv.GetAppFileList(appList) + err = testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download big-size app") + + // Upload big-size app to Gcs for Cluster Manager + appList = testenv.BigSingleApp + appFileList = testenv.GetAppFileList(appList) + testcaseEnvInst.Log.Info("Upload big-size app to Gcs for Cluster Manager") + gcsTestDirIdxc = "c3appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big-size app to Gcs test directory for Cluster Manager") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload big-size app to Gcs for Search Head Cluster + testcaseEnvInst.Log.Info("Upload big-size app to Gcs for Search Head Cluster") + gcsTestDirShc = "c3appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big-size app to Gcs test directory for Search Head Cluster") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for C3 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy C3 CRD + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster with Search Head Cluster") + indexerReplicas := 3 + shReplicas := 3 + cm, _, shc, err := deployment.DeploySingleSiteClusterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, mcName, "") + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList, enterpriseApi.AppPkgInstallComplete, enterpriseApi.AppPkgPodCopyComplete) + + // Upload more apps to Gcs for Cluster Manager + appList = testenv.ExtraApps + appFileList = testenv.GetAppFileList(appList) + testcaseEnvInst.Log.Info("Upload more apps to Gcs for Cluster Manager") + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload more apps to Gcs test directory for Cluster Manager") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload more apps to Gcs for Deployer + testcaseEnvInst.Log.Info("Upload more apps to Gcs for Deployer") + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload more apps to Gcs test directory for Deployer") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Ensure Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Wait for polling interval to pass + testenv.WaitForAppInstall(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify all apps are installed on indexers + appList = append(testenv.BigSingleApp, testenv.ExtraApps...) + appFileList = testenv.GetAppFileList(appList) + idxcPodNames := testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Verify all apps %v are installed on indexers", appList)) + testenv.VerifyAppInstalled(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), idxcPodNames, appList, true, "enabled", false, true) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Wait for polling interval to pass + testenv.WaitForAppInstall(ctx, deployment, testcaseEnvInst, deployment.GetName()+"-shc", shc.Kind, appSourceNameShc, appFileList) + + // Verify all apps are installed on Search Heads + shcPodNames := testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Verify all apps %v are installed on Search Heads", appList)) + testenv.VerifyAppInstalled(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), shcPodNames, appList, true, "enabled", false, true) + + }) + }) + // Vivek need testing + Context("Single Site Indexer Cluster with Search Head Cluster (C3) and App Framework", func() { + It("integration, c3, appframework: can deploy a C3 SVA with App Framework enabled and reset operator pod while app install is in progress", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to Gcs for Indexer Cluster and Search Head Cluster + * Create app sources for Cluster Manager and Deployer + * Prepare and deploy C3 CRD with app framework and wait for the pods to be ready + * While app install is in progress, restart the operator + ######### VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V1 apps are copied, installed on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP #################### + // Download all apps from Gcs + appList := append(testenv.BigSingleApp, testenv.ExtraApps...) + appFileList := testenv.GetAppFileList(appList) + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download big-size app") + + // Upload V1 apps to Gcs for Indexer Cluster + appVersion := "V1" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Indexer Cluster", appVersion)) + gcsTestDirIdxc = "c3appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to Gcs for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Search Head Cluster", appVersion)) + gcsTestDirShc = "c3appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for C3 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy C3 CRD + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster with Search Head Cluster") + indexerReplicas := 3 + shReplicas := 3 + cm, _, shc, err := deployment.DeploySingleSiteClusterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, "", "") + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Verify App installation is in progress on Cluster Manager + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList, enterpriseApi.AppPkgInstallComplete, enterpriseApi.AppPkgInstallPending) + + // Delete Operator pod while Install in progress + testenv.DeleteOperatorPod(testcaseEnvInst) + + // Ensure Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //######### VERIFICATIONS ############# + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), indexerReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + }) + }) + + Context("Single Site Indexer Cluster with Search Head Cluster (C3) and App Framework", func() { + It("integration, c3, appframework: can deploy a C3 SVA with App Framework enabled and reset operator pod while app download is in progress", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to Gcs for Indexer Cluster and Search Head Cluster + * Create app sources for Cluster Manager and Deployer + * Prepare and deploy C3 CRD with app framework and wait for the pods to be ready + * While app download is in progress, restart the operator + ######### VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V1 apps are copied, installed on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP #################### + // Download all apps from Gcs + appList := append(testenv.BigSingleApp, testenv.ExtraApps...) + appFileList := testenv.GetAppFileList(appList) + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download big-size app") + + // Upload V1 apps to Gcs for Indexer Cluster + appVersion := "V1" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Indexer Cluster", appVersion)) + gcsTestDirIdxc = "c3appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to Gcs for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Search Head Cluster", appVersion)) + gcsTestDirShc = "c3appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for C3 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy C3 CRD + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster with Search Head Cluster") + indexerReplicas := 3 + shReplicas := 3 + cm, _, shc, err := deployment.DeploySingleSiteClusterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, "", "") + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Verify App Download is in progress on Cluster Manager + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList, enterpriseApi.AppPkgDownloadComplete, enterpriseApi.AppPkgDownloadPending) + + // Delete Operator pod while Install in progress + testenv.DeleteOperatorPod(testcaseEnvInst) + + // Ensure Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //######### VERIFICATIONS ############# + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), indexerReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + }) + }) + + Context("Single Site Indexer Cluster with Search Head Cluster (C3) and App Framework", func() { + It("integration, c3, appframework: can deploy a C3 SVA with App Framework enabled, install an app, then disable it by using a disabled version of the app and then remove it from app source", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to Gcs for Indexer Cluster and Search Head Cluster + * Create app sources for Cluster Manager and Deployer + * Prepare and deploy C3 CRD with app framework and wait for the pods to be ready + ######### VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V1 apps are copied, installed on Monitoring Console and on Search Heads and Indexers pods + * Disable the app + * Delete the app from Gcs + * Check for repo state in App Deployment Info + */ + + //################## SETUP #################### + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + // Upload V1 apps to Gcs for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Indexer Cluster", appVersion)) + gcsTestDirIdxc = "c3appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to Gcs for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Search Head Cluster", appVersion)) + gcsTestDirShc = "c3appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for C3 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy C3 CRD + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster with Search Head Cluster") + indexerReplicas := 3 + shReplicas := 3 + cm, _, shc, err := deployment.DeploySingleSiteClusterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, "", "") + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Ensure Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // //######### INITIAL VERIFICATIONS ############# + idxcPodNames := testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + shcPodNames := testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), indexerReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify repo state on App to be disabled to be 1 (i.e app present on Gcs bucket) + appName := appListV1[0] + appFileName := testenv.GetAppFileList([]string{appName}) + testenv.VerifyAppRepoState(ctx, deployment, testcaseEnvInst, cm.Name, cm.Kind, appSourceNameIdxc, 1, appFileName[0]) + + // Disable the app + testenv.DisableAppsToGCP(downloadDirV1, appFileName, gcsTestDirIdxc) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileName) + + // Ensure Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Wait for App state to update after config file change + testenv.WaitforAppInstallState(ctx, deployment, testcaseEnvInst, idxcPodNames, testcaseEnvInst.GetName(), appName, "disabled", true) + + // Delete the file from Gcs + gcsFilepath := filepath.Join(gcsTestDirIdxc, appFileName[0]) + err = testenv.DeleteFileOnGCP(testGcsBucket, gcsFilepath) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to delete %s app on Gcs test directory", appFileName[0])) + + // Verify repo state is set to 2 (i.e app deleted from Gcs bucket) + testenv.VerifyAppRepoState(ctx, deployment, testcaseEnvInst, cm.Name, cm.Kind, appSourceNameIdxc, 2, appFileName[0]) + + }) + }) + + Context("Single Site Indexer Cluster with Search Head Cluster (C3) and App Framework", func() { + It("integration, c3, appframework: can deploy a C3 SVA with App Framework enabled and update apps after app download is completed", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to Gcs for Indexer Cluster and Search Head Cluster + * Create app sources for Cluster Manager and Deployer + * Prepare and deploy C3 CRD with app framework and wait for the pods to be ready + * While app download is completed, upload new versions of the apps + ######### VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V1 apps are copied, installed on Search Heads and Indexers pods + ######### UPGRADE VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V1 apps are copied, installed on Search Heads and Indexers pods + */ + + //################## SETUP #################### + // Download all apps from Gcs + appVersion := "V1" + appListV1 := []string{appListV1[0]} + appFileList := testenv.GetAppFileList(appListV1) + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download apps") + + // Upload V1 apps to Gcs for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Indexer Cluster", appVersion)) + gcsTestDirIdxc = "c3appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to Gcs for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Search Head Cluster", appVersion)) + gcsTestDirShc = "c3appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for C3 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeLocal, appSourceNameIdxc, gcsTestDirIdxc, 120) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeLocal, appSourceNameShc, gcsTestDirShc, 120) + + // Deploy C3 CRD + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster with Search Head Cluster") + indexerReplicas := 3 + shReplicas := 3 + cm, _, shc, err := deployment.DeploySingleSiteClusterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, "", "") + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Verify App Download is in progress on Cluster Manager + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList, enterpriseApi.AppPkgInstallComplete, enterpriseApi.AppPkgPodCopyPending) + + // Upload V2 apps to Gcs for Indexer Cluster + appVersion = "V2" + appListV2 := []string{appListV2[0]} + appFileList = testenv.GetAppFileList(appListV2) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to Gcs for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //######### VERIFICATIONS ############# + appVersion = "V1" + testenv.VerifyAppInstalled(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())}, appListV1, false, "enabled", false, false) + + // Check for changes in App phase to determine if next poll has been triggered + appFileList = testenv.GetAppFileList(appListV2) + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + //############ UPGRADE VERIFICATIONS ############ + appVersion = "V2" + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), indexerReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV2, CrAppFileList: appFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV2, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + }) + }) + + Context("Clustered deployment (C3 - clustered indexer, search head cluster)", func() { + It("c3, integration, appframework: can deploy a C3 SVA and install a bigger volume of apps than the operator PV disk space", func() { + + /* Test Steps + ################## SETUP #################### + * Upload 15 apps of 100MB size each to Gcs for Indexer Cluster and Search Head Cluster for cluster scope + * Create app sources for Cluster Master and Deployer with cluster scope + * Prepare and deploy C3 CRD with app framework and wait for the pods to be ready + ######### INITIAL VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied, installed on Search Heads and Indexers pods + */ + + //################## SETUP #################### + // Create a large file on Operator pod + opPod := testenv.GetOperatorPodName(testcaseEnvInst) + err := testenv.CreateDummyFileOnOperator(ctx, deployment, opPod, testenv.AppDownloadVolume, "1G", "test_file.img") + Expect(err).To(Succeed(), "Unable to create file on operator") + filePresentOnOperator = true + + // Download apps for test + appVersion := "V1" + appList := testenv.PVTestApps + appFileList := testenv.GetAppFileList(appList) + err = testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsPVTestApps, downloadDirPVTestApps, appFileList) + Expect(err).To(Succeed(), "Unable to download app files") + + // Upload apps to Gcs for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Indexer Cluster", appVersion)) + gcsTestDirIdxc := "c3appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirPVTestApps) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload apps to Gcs for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Search head Cluster", appVersion)) + gcsTestDirShc := "c3appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirPVTestApps) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Maximum apps to be downloaded in parallel + maxConcurrentAppDownloads := 30 + + // Create App framework Spec for C3 + appSourceNameIdxc := "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc := "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecIdxc.MaxConcurrentAppDownloads = uint64(maxConcurrentAppDownloads) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + appFrameworkSpecShc.MaxConcurrentAppDownloads = uint64(maxConcurrentAppDownloads) + + // Deploy C3 CRD + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster with Search Head Cluster") + indexerReplicas := 3 + shReplicas := 3 + cm, _, shc, err := deployment.DeploySingleSiteClusterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, "", "") + + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############ INITIAL VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), indexerReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + }) + }) + + Context("Single Site Indexer Cluster with Search Head Cluster (C3) and App Framework", func() { + It("integration, c3, appframework: can deploy a C3 SVA with App Framework enabled and delete apps from app directory when download is complete", func() { + + /* Test Steps + ################## SETUP #################### + * Upload big-size app to Gcs for Indexer Cluster and Search Head Cluster + * Create app sources for Cluster Manager and Deployer + * Prepare and deploy C3 CRD with app framework and wait for the pods to be ready + * When app download is complete, delete apps from app directory + ######### VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V1 apps are copied, installed on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP #################### + // Download big size apps from Gcs + appList := testenv.BigSingleApp + appFileList := testenv.GetAppFileList(appList) + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download big-size app") + + // Upload big size app to Gcs for Indexer Cluster + appVersion := "V1" + testcaseEnvInst.Log.Info("Upload big size app to Gcs for Indexer Cluster") + gcsTestDirIdxc = "c3appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big size to Gcs test directory for Indexer Cluster") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload big size app to Gcs for Search Head Cluster + testcaseEnvInst.Log.Info("Upload big size app to Gcs for Search Head Cluster") + gcsTestDirShc = "c3appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big size to Gcs test directory for Search Head Cluster") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for C3 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy C3 CRD + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster with Search Head Cluster") + indexerReplicas := 3 + shReplicas := 3 + cm, _, shc, err := deployment.DeploySingleSiteClusterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, "", "") + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Verify App Download is completed on Cluster Manager + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList, enterpriseApi.AppPkgPodCopyComplete, enterpriseApi.AppPkgPodCopyPending) + + //Delete apps from app directory when app download is complete + opPod := testenv.GetOperatorPodName(testcaseEnvInst) + podDownloadPath := filepath.Join(splcommon.AppDownloadVolume, "downloadedApps", testenvInstance.GetName(), cm.Kind, deployment.GetName(), enterpriseApi.ScopeCluster, appSourceNameIdxc, testenv.AppInfo[appList[0]]["filename"]) + err = testenv.DeleteFilesOnOperatorPod(ctx, deployment, opPod, []string{podDownloadPath}) + Expect(err).To(Succeed(), "Unable to delete file on pod") + + // Ensure Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //######### VERIFICATIONS ############# + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), indexerReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + }) + }) + + Context("Single Site Indexer Cluster with Search Head Cluster (C3) and App Framework", func() { + It(" c3gcp, c3_mgr_gcp_sanity: can deploy a C3 SVA with App Framework enabled and check isDeploymentInProgressFlag for CM and SHC CR's", func() { + + /* + Test Steps + ################## SETUP ################## + * Upload V1 apps to Gcs for Indexer Cluster and Search Head Cluster + * Prepare and deploy C3 CRD with app framework + * Verify IsDeploymentInProgress is set + * Wait for the pods to be ready + */ + + //################## SETUP #################### + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + + // Upload V1 apps to Gcs for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Indexer Cluster", appVersion)) + gcsTestDirIdxc = "c3appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to Gcs for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to Gcs for Search Head Cluster", appVersion)) + gcsTestDirShc = "c3appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcs test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for C3 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy C3 CRD + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster with Search Head Cluster") + indexerReplicas := 3 + cm, _, shc, err := deployment.DeploySingleSiteClusterWithGivenAppFrameworkSpec(ctx, deployment.GetName(), indexerReplicas, true, appFrameworkSpecIdxc, appFrameworkSpecShc, "", "") + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Verify IsDeploymentInProgress Flag is set to true for Cluster Manager CR + testcaseEnvInst.Log.Info("Checking isDeploymentInProgress Flag") + testenv.VerifyIsDeploymentInProgressFlagIsSet(ctx, deployment, testcaseEnvInst, cm.Name, cm.Kind) + + // Ensure Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Verify IsDeploymentInProgress Flag is set to true for SHC CR + testcaseEnvInst.Log.Info("Checking isDeploymentInProgress Flag") + testenv.VerifyIsDeploymentInProgressFlagIsSet(ctx, deployment, testcaseEnvInst, shc.Name, shc.Kind) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + }) + }) + + Context("Clustered deployment (C3 - clustered indexer, search head cluster)", func() { + It("integration, c3: can deploy a C3 SVA and a Standalone, then add that Standalone as a Search Head to the cluster", func() { + + /* Test Steps + ################## SETUP ################### + * Deploy C3 CRD + * Deploy Standalone with clusterMasterRef + ############# VERIFICATION ################# + * Verify clusterMasterRef is present in Standalone's server.conf file + */ + //################## SETUP #################### + // Deploy C3 CRD + indexerReplicas := 3 + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster") + err := deployment.DeploySingleSiteCluster(ctx, deployment.GetName(), indexerReplicas, false, "") + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster") + + // Create spec with clusterMasterRef for Standalone + spec := enterpriseApi.StandaloneSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + ClusterManagerRef: corev1.ObjectReference{ + Name: deployment.GetName(), + }, + }, + } + + // Deploy Standalone with clusterMasterRef + testcaseEnvInst.Log.Info("Deploy Standalone with clusterManagerRef") + standalone, err := deployment.DeployStandaloneWithGivenSpec(ctx, deployment.GetName(), spec) + Expect(err).To(Succeed(), "Unable to deploy Standalone instance with clusterMasterRef") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Ensure that the Standalone goes to Ready phase + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############# VERIFICATION ################# + // Verify Standalone is configured as a Search Head for the Cluster Manager + standalonePodName := fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 0) + Expect(testenv.CheckSearchHeadOnCM(ctx, deployment, standalonePodName)).To(Equal(true)) + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Clustered deployment (C3 - clustered indexer, search head cluster)", func() { + It("integration, c3, appframework: can deploy a C3 SVA and have ES app installed on Search Head Cluster", func() { + + /* Test Steps + ################## SETUP #################### + * Upload ES app to Gcs + * Upload TA add-on app to location for Indexer cluster + * Create App Source with 'ScopeClusterWithPreConfig' scope for C3 SVA + * Prepare and deploy C3 CRD with app framework and wait for pods to be ready + ################## VERIFICATION ############# + * Verify ES app is installed on Deployer and on Search Heads + * Verify TA add-on app is installed on indexers + ################## UPGRADE VERIFICATION ############# + * Update ES app on Gcs location + * Verify updated ES app is installed on Deployer and on Search Heads + */ + + //################## SETUP #################### + // Download ES app from Gcs + appVersion := "V1" + testcaseEnvInst.Log.Info("Download ES app from Gcs") + esApp := []string{"SplunkEnterpriseSecuritySuite"} + appFileList := testenv.GetAppFileList(esApp) + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download ES app file from Gcs") + + // Download Technology add-on app from Gcs + testcaseEnvInst.Log.Info("Download Technology add-on app from Gcs") + taApp := []string{"Splunk_TA_ForIndexers"} + appFileListIdxc := testenv.GetAppFileList(taApp) + err = testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileListIdxc) + Expect(err).To(Succeed(), "Unable to download ES app file from Gcs") + + // Create directory for file upload to Gcs + gcsTestDirShc = "c3appfw-shc-" + testenv.RandomDNSName(4) + gcsTestDirIdxc = "c3appfw-idxc-" + testenv.RandomDNSName(4) + + // Upload ES app to Gcs + testcaseEnvInst.Log.Info("Upload ES app to Gcs") + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload ES app to Gcs test directory") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload Technology add-on apps to Gcs for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s Technology add-on app to Gcs for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileListIdxc, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s Technology add-on app to Gcs test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for SHC + appSourceNameShc = "appframework-shc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopePremiumApps, appSourceNameShc, gcsTestDirShc, 180) + appFrameworkSpecShc.AppSources[0].PremiumAppsProps = enterpriseApi.PremiumAppsProps{ + Type: enterpriseApi.PremiumAppsTypeEs, + EsDefaults: enterpriseApi.EsDefaults{ + SslEnablement: enterpriseApi.SslEnablementIgnore, + }, + } + + // Create App framework Spec for Indexer Cluster + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 180) + + // Deploy C3 SVA + // Deploy the Cluster Manager + testcaseEnvInst.Log.Info("Deploy Cluster Manager") + cmSpec := enterpriseApi.ClusterManagerSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecIdxc, + } + cm, err := deployment.DeployClusterManagerWithGivenSpec(ctx, deployment.GetName(), cmSpec) + Expect(err).To(Succeed(), "Unable to deploy Cluster Manager") + + // Deploy the Indexer Cluster + testcaseEnvInst.Log.Info("Deploy Single Site Indexer Cluster") + indexerReplicas := 3 + _, err = deployment.DeployIndexerCluster(ctx, deployment.GetName()+"-idxc", "", indexerReplicas, deployment.GetName(), "") + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster") + + // Deploy the Search Head Cluster + testcaseEnvInst.Log.Info("Deploy Search Head Cluster") + shSpec := enterpriseApi.SearchHeadClusterSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + ClusterManagerRef: corev1.ObjectReference{ + Name: deployment.GetName(), + }, + }, + Replicas: 3, + AppFrameworkConfig: appFrameworkSpecShc, + } + shc, err := deployment.DeploySearchHeadClusterWithGivenSpec(ctx, deployment.GetName()+"-shc", shSpec) + Expect(err).To(Succeed(), "Unable to deploy Search Head Cluster") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexers go to Ready phase + testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //######### INITIAL VERIFICATIONS ############# + shcPodNames := testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), int(shSpec.Replicas), false, 1) + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: esApp, CrAppFileList: appFileList, CrReplicas: int(shSpec.Replicas), CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + idxcPodNames := testenv.GeneratePodNameSlice(testenv.IndexerPod, deployment.GetName(), indexerReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: taApp, CrAppFileList: appFileListIdxc, CrReplicas: indexerReplicas, CrClusterPods: idxcPodNames} + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // //############### UPGRADE APPS ################ + // // Download ES App from Gcs + // appVersion = "V2" + // testcaseEnvInst.Log.Info("Download updated ES app from Gcs") + // err = testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV2, downloadDirV2, appFileList) + // Expect(err).To(Succeed(), "Unable to download ES app") + + // // Upload V2 ES app to Gcs for Search Head Cluster + // testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s ES app to Gcs for Search Head Cluster", appVersion)) + // uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV2) + // Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s ES app to Gcs test directory for Search Head Cluster", appVersion)) + // uploadedApps = append(uploadedApps, uploadedFiles...) + + // // Check for changes in App phase to determine if next poll has been triggered + // testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName()+"-shc", shc.Kind, appSourceNameShc, appFileList) + + // // Ensure that the Cluster Manager goes to Ready phase + // testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // // Ensure Indexers go to Ready phase + // testenv.SingleSiteIndexersReady(ctx, deployment, testcaseEnvInst) + + // // Ensure Search Head Cluster go to Ready phase + // testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // // Verify RF SF is met + // testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // // Get Pod age to check for pod resets later + // splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // //############ FINAL VERIFICATIONS ############ + + // shcAppSourceInfo.CrAppVersion = appVersion + // shcAppSourceInfo.CrAppList = esApp + // shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(esApp) + // allAppSourceInfo = []testenv.AppSourceInfo{shcAppSourceInfo} + // testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + }) + }) +}) diff --git a/test/appframework_gcp/m4/appframework_gcs_suite_test.go b/test/appframework_gcp/m4/appframework_gcs_suite_test.go new file mode 100644 index 000000000..8f4a28249 --- /dev/null +++ b/test/appframework_gcp/m4/appframework_gcs_suite_test.go @@ -0,0 +1,103 @@ +// Copyright (c) 2018-2022 Splunk Inc. All rights reserved. + +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package m4gcpappfw + +import ( + "os" + "path/filepath" + "testing" + "time" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + + "github.com/splunk/splunk-operator/test/testenv" +) + +const ( + // PollInterval specifies the polling interval + PollInterval = 5 * time.Second + + // ConsistentPollInterval is the interval to use to consistently check a state is stable + ConsistentPollInterval = 200 * time.Millisecond + ConsistentDuration = 2000 * time.Millisecond +) + +var ( + testenvInstance *testenv.TestEnv + testSuiteName = "m4appfw-" + testenv.RandomDNSName(3) + appListV1 []string + appListV2 []string + testDataGcsBucket = os.Getenv("TEST_BUCKET") + testGcsBucket = os.Getenv("TEST_INDEXES_S3_BUCKET") + gcsAppDirV1 = testenv.AppLocationV1 + gcsAppDirV2 = testenv.AppLocationV2 + gcsPVTestApps = testenv.PVTestAppsLocation + currDir, _ = os.Getwd() + downloadDirV1 = filepath.Join(currDir, "m4appfwV1-"+testenv.RandomDNSName(4)) + downloadDirV2 = filepath.Join(currDir, "m4appfwV2-"+testenv.RandomDNSName(4)) + downloadDirPVTestApps = filepath.Join(currDir, "m4appfwPVTestApps-"+testenv.RandomDNSName(4)) +) + +// TestBasic is the main entry point +func TestBasic(t *testing.T) { + + RegisterFailHandler(Fail) + + RunSpecs(t, "Running "+testSuiteName) +} + +var _ = BeforeSuite(func() { + var err error + testenvInstance, err = testenv.NewDefaultTestEnv(testSuiteName) + Expect(err).ToNot(HaveOccurred()) + + if testenv.ClusterProvider == "gcp" { + // Create a list of apps to upload to GCP + appListV1 = testenv.BasicApps + appFileList := testenv.GetAppFileList(appListV1) + + // Download V1 Apps from GCP + testenvInstance.Log.Info("logging download details", "bucket", testDataGcsBucket, "gcsAppDirV1", gcsAppDirV1, "downloadDirV1", downloadDirV1, "appFileList", appFileList) + err = testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download V1 app files") + + // Create a list of apps to upload to GCP after poll period + appListV2 = append(appListV1, testenv.NewAppsAddedBetweenPolls...) + appFileList = testenv.GetAppFileList(appListV2) + + // Download V2 Apps from GCP + err = testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV2, downloadDirV2, appFileList) + Expect(err).To(Succeed(), "Unable to download V2 app files") + } else { + testenvInstance.Log.Info("Skipping Before Suite Setup", "Cluster Provider", testenv.ClusterProvider) + } + +}) + +var _ = AfterSuite(func() { + if testenvInstance != nil { + Expect(testenvInstance.Teardown()).ToNot(HaveOccurred()) + } + + if testenvInstance != nil { + Expect(testenvInstance.Teardown()).ToNot(HaveOccurred()) + } + + // Delete locally downloaded app files + err := os.RemoveAll(downloadDirV1) + Expect(err).To(Succeed(), "Unable to delete locally downloaded V1 app files") + err = os.RemoveAll(downloadDirV2) + Expect(err).To(Succeed(), "Unable to delete locally downloaded V2 app files") +}) diff --git a/test/appframework_gcp/m4/appframework_gcs_test.go b/test/appframework_gcp/m4/appframework_gcs_test.go new file mode 100644 index 000000000..33edbe233 --- /dev/null +++ b/test/appframework_gcp/m4/appframework_gcs_test.go @@ -0,0 +1,2703 @@ +// Copyright (c) 2018-2022 Splunk Inc. All rights reserved. + +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License.s +package m4gcpappfw + +import ( + "context" + "encoding/json" + "fmt" + "path/filepath" + "strings" + "time" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + + enterpriseApiV3 "github.com/splunk/splunk-operator/api/v3" + enterpriseApi "github.com/splunk/splunk-operator/api/v4" + splcommon "github.com/splunk/splunk-operator/pkg/splunk/common" + "github.com/splunk/splunk-operator/pkg/splunk/enterprise" + testenv "github.com/splunk/splunk-operator/test/testenv" + corev1 "k8s.io/api/core/v1" +) + +var _ = Describe("m4appfw test", func() { + + var testcaseEnvInst *testenv.TestCaseEnv + var deployment *testenv.Deployment + var uploadedApps []string + var appSourceNameIdxc string + var appSourceNameShc string + var gcsTestDirShc string + var gcsTestDirIdxc string + var appSourceVolumeNameIdxc string + var appSourceVolumeNameShc string + var gcsTestDirShcLocal string + var gcsTestDirIdxcLocal string + var gcsTestDirShcCluster string + var gcsTestDirIdxcCluster string + var filePresentOnOperator bool + + ctx := context.TODO() + + BeforeEach(func() { + var err error + name := fmt.Sprintf("%s-%s", "master"+testenvInstance.GetName(), testenv.RandomDNSName(3)) + testcaseEnvInst, err = testenv.NewDefaultTestCaseEnv(testenvInstance.GetKubeClient(), name) + Expect(err).To(Succeed(), "Unable to create testcaseenv") + deployment, err = testcaseEnvInst.NewDeployment(testenv.RandomDNSName(3)) + Expect(err).To(Succeed(), "Unable to create deployment") + gcsTestDirIdxc = "m4appfw-idxc-" + testenv.RandomDNSName(4) + gcsTestDirShc = "m4appfw-shc-" + testenv.RandomDNSName(4) + appSourceVolumeNameIdxc = "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc = "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + }) + + AfterEach(func() { + // When a test spec failed, skip the teardown so we can troubleshoot. + if CurrentGinkgoTestDescription().Failed { + testcaseEnvInst.SkipTeardown = true + } + if deployment != nil { + deployment.Teardown() + } + // Delete files uploaded to GCP + if !testcaseEnvInst.SkipTeardown { + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + } + if testcaseEnvInst != nil { + Expect(testcaseEnvInst.Teardown()).ToNot(HaveOccurred()) + } + + if filePresentOnOperator { + //Delete files from app-directory + opPod := testenv.GetOperatorPodName(testcaseEnvInst) + podDownloadPath := filepath.Join(testenv.AppDownloadVolume, "test_file.img") + testenv.DeleteFilesOnOperatorPod(ctx, deployment, opPod, []string{podDownloadPath}) + } + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It(" m4gcp, masterappframeworkm4gcp, m4_gcp_sanity: can deploy a M4 SVA with App Framework enabled, install apps and upgrade them", func() { + + /* Test Steps + ################## SETUP ################## + * Upload V1 apps to GCP for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console CRD with app framework and wait for the pod to be ready + * Upload V1 apps to GCP for Indexer Cluster and Search Head Cluster + * Prepare and deploy M4 CRD with app framework and wait for the pods to be ready + ########## INITIAL VERIFICATIONS ########## + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied and installed on Monitoring Console and on Search Heads and Indexers pods + ############# UPGRADE APPS ################ + * Upgrade apps in app sources + * Wait for Monitoring Console and M4 pod to be ready + ########## UPGRADE VERIFICATIONS ########## + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied and upgraded on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP ################## + // Upload V1 apps to GCP for Monitoring Console + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Monitoring Console", appVersion)) + gcsTestDirMC := "m4appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for Monitoring Console + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + volumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, volumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, gcsTestDirMC, 60) + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Upload V1 apps to GCP for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // get revision number of the resource + resourceVersion := testenv.GetResourceVersion(ctx, deployment, testcaseEnvInst, mc) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterMasterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, mcName, "") + + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster and Search Head Cluster with App framework") + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer Cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // wait for custom resource resource version to change + testenv.VerifyCustomResourceVersionChanged(ctx, deployment, testcaseEnvInst, mc, resourceVersion) + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ############ Verify livenessProbe and readinessProbe config object and scripts############ + testcaseEnvInst.Log.Info("Get config map for livenessProbe and readinessProbe") + ConfigMapName := enterprise.GetProbeConfigMapName(testcaseEnvInst.GetName()) + _, err = testenv.GetConfigMap(ctx, deployment, testcaseEnvInst.GetName(), ConfigMapName) + Expect(err).To(Succeed(), "Unable to get config map for livenessProbe and readinessProbe", "ConfigMap name", ConfigMapName) + scriptsNames := []string{enterprise.GetLivenessScriptName(), enterprise.GetReadinessScriptName(), enterprise.GetStartupScriptName()} + allPods := testenv.DumpGetPods(testcaseEnvInst.GetName()) + testenv.VerifyFilesInDirectoryOnPod(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), allPods, scriptsNames, enterprise.GetProbeMountDirectory(), false, true) + + //########## INITIAL VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterMasterPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + mcPod := []string{fmt.Sprintf(testenv.MonitoringConsolePod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + mcAppSourceInfo := testenv.AppSourceInfo{CrKind: mc.Kind, CrName: mc.Name, CrAppSourceName: appSourceNameMC, CrAppSourceVolumeName: appSourceNameMC, CrPod: mcPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + ClusterMasterBundleHash := testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############# UPGRADE APPS ################ + // Delete apps on GCP + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on GCP", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // get revision number of the resource + _ = testenv.GetResourceVersion(ctx, deployment, testcaseEnvInst, mc) + + // Upload V2 apps to GCP for Indexer Cluster + appVersion = "V2" + appFileList = testenv.GetAppFileList(appListV2) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps for Monitoring Console + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Monitoring Console", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirMC, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Verify MC is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## UPGRADE VERIFICATIONS ########## + cmAppSourceInfo.CrAppVersion = appVersion + cmAppSourceInfo.CrAppList = appListV2 + cmAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + shcAppSourceInfo.CrAppVersion = appVersion + shcAppSourceInfo.CrAppList = appListV2 + shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + mcAppSourceInfo.CrAppVersion = appVersion + mcAppSourceInfo.CrAppList = appListV2 + mcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, ClusterMasterBundleHash) + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + }) + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("integration, m4, masterappframeworkm4, appframework: can deploy a M4 SVA with App Framework enabled, install apps and downgrade them", func() { + + /* Test Steps + ################## SETUP ################## + * Upload V2 apps to GCP for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console CRD with app framework and wait for the pod to be ready + * Upload V2 apps to GCP for Indexer Cluster and Search Head Cluster + * Prepare and deploy M4 CRD with app framework and wait for the pods to be ready + ########## INITIAL VERIFICATIONS ########## + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied and installed on Monitoring Console and on Search Heads and Indexers pods + ############ DOWNGRADE APPS ############### + * Downgrade apps in app sources + * Wait for Monitoring Console and M4 to be ready + ########## DOWNGRADE VERIFICATIONS ######## + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied and downgraded on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP ################## + // Upload V2 version of apps to GCP for Monitoring Console + appVersion := "V2" + appFileList := testenv.GetAppFileList(appListV2) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Monitoring Console", appVersion)) + gcsTestDirMC := "m4appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirMC, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for Monitoring Console + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + volumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, volumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, gcsTestDirMC, 60) + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console instance") + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Upload V2 apps to GCP for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterMasterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, mcName, "") + + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster and Search Head Cluster with App framework") + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## INITIAL VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterMasterPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + mcPod := []string{fmt.Sprintf(testenv.MonitoringConsolePod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV2, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV2, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + mcAppSourceInfo := testenv.AppSourceInfo{CrKind: mc.Kind, CrName: mc.Name, CrAppSourceName: appSourceNameMC, CrAppSourceVolumeName: appSourceNameMC, CrPod: mcPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV2, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + ClusterMasterBundleHash := testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############# DOWNGRADE APPS ################ + // Delete V2 apps on GCP + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on GCP", appVersion)) + + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // Upload V1 apps to GCP for Indexer Cluster + appVersion = "V1" + appFileList = testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Monitoring Console + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Monitoring Console", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## DOWNGRADE VERIFICATIONS ######## + cmAppSourceInfo.CrAppVersion = appVersion + cmAppSourceInfo.CrAppList = appListV1 + cmAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV1) + shcAppSourceInfo.CrAppVersion = appVersion + shcAppSourceInfo.CrAppList = appListV1 + shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV1) + mcAppSourceInfo.CrAppVersion = appVersion + mcAppSourceInfo.CrAppList = appListV1 + mcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV1) + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, ClusterMasterBundleHash) + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + }) + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("integration, m4, masterappframeworkm4, appframework: can deploy a M4 SVA with App Framework enabled, install apps, scale up clusters, install apps on new pods, scale down", func() { + + /* Test Steps + ################## SETUP ################## + * Upload V1 apps to GCP for M4 + * Create app source for M4 SVA (Cluster Master and Deployer) + * Prepare and deploy M4 CRD with app config and wait for pods to be ready + ########### INITIAL VERIFICATIONS ######### + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is sucessful + * Verify apps are copied and installed on Monitoring Console and also on Search Heads and Indexers pods + ############### SCALING UP ################ + * Scale up Indexers and Search Head Cluster + * Wait for Monitoring Console and M4 to be ready + ######### SCALING UP VERIFICATIONS ######## + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is sucessful + * Verify apps are copied and installed on new Search Heads and Indexers pods + ############### SCALING DOWN ############## + * Scale down Indexers and Search Head Cluster + * Wait for Monitoring Console and M4 to be ready + ######### SCALING DOWN VERIFICATIONS ###### + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is sucessful + * Verify apps are still copied and installed on all Search Heads and Indexers pods + */ + + //################## SETUP ################## + // Upload V1 apps to GCP for Indexer Cluster + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + indexersPerSite := 1 + shReplicas := 3 + cm, _, shc, err := deployment.DeployMultisiteClusterMasterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // Ingest data on Indexers + for i := 1; i <= siteCount; i++ { + podName := fmt.Sprintf(testenv.MultiSiteIndexerPod, deployment.GetName(), i, 0) + logFile := fmt.Sprintf("test-log-%s.log", testenv.RandomDNSName(3)) + testenv.CreateMockLogfile(logFile, 2000) + testenv.IngestFileViaMonitor(ctx, logFile, "main", podName, deployment) + } + + // ############ Verify livenessProbe and readinessProbe config object and scripts############ + testcaseEnvInst.Log.Info("Get config map for livenessProbe and readinessProbe") + ConfigMapName := enterprise.GetProbeConfigMapName(testcaseEnvInst.GetName()) + _, err = testenv.GetConfigMap(ctx, deployment, testcaseEnvInst.GetName(), ConfigMapName) + Expect(err).To(Succeed(), "Unable to get config map for livenessProbe and readinessProbe", "ConfigMap name", ConfigMapName) + + //########### INITIAL VERIFICATIONS ######### + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterMasterPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //Delete configMap Object + err = testenv.DeleteConfigMap(testcaseEnvInst.GetName(), ConfigMapName) + Expect(err).To(Succeed(), "Unable to delete ConfigMao", "ConfigMap name", ConfigMapName) + + //############### SCALING UP ################ + // Get instance of current Search Head Cluster CR with latest config + err = deployment.GetInstance(ctx, deployment.GetName()+"-shc", shc) + + Expect(err).To(Succeed(), "Failed to get instance of Search Head Cluster") + + // Scale up Search Head Cluster + defaultSHReplicas := shc.Spec.Replicas + scaledSHReplicas := defaultSHReplicas + 1 + testcaseEnvInst.Log.Info("Scale up Search Head Cluster", "Current Replicas", defaultSHReplicas, "New Replicas", scaledSHReplicas) + + // Update Replicas of Search Head Cluster + shc.Spec.Replicas = int32(scaledSHReplicas) + err = deployment.UpdateCR(ctx, shc) + Expect(err).To(Succeed(), "Failed to scale up Search Head Cluster") + + // Ensure Search Head Cluster scales up and go to ScalingUp phase + testenv.VerifySearchHeadClusterPhase(ctx, deployment, testcaseEnvInst, enterpriseApi.PhaseScalingUp) + + // Get instance of current Indexer CR with latest config + idxcName := deployment.GetName() + "-" + "site1" + idxc := &enterpriseApi.IndexerCluster{} + err = deployment.GetInstance(ctx, idxcName, idxc) + Expect(err).To(Succeed(), "Failed to get instance of Indexer Cluster") + defaultIndexerReplicas := idxc.Spec.Replicas + scaledIndexerReplicas := defaultIndexerReplicas + 1 + testcaseEnvInst.Log.Info("Scale up Indexer Cluster", "Current Replicas", defaultIndexerReplicas, "New Replicas", scaledIndexerReplicas) + + // Update Replicas of Indexer Cluster + idxc.Spec.Replicas = int32(scaledIndexerReplicas) + err = deployment.UpdateCR(ctx, idxc) + Expect(err).To(Succeed(), "Failed to Scale Up Indexer Cluster") + + // Ensure Indexer cluster scales up and go to ScalingUp phase + testenv.VerifyIndexerClusterPhase(ctx, deployment, testcaseEnvInst, enterpriseApi.PhaseScalingUp, idxcName) + + // Ensure Indexer cluster go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ingest data on new Indexers + podName := fmt.Sprintf(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, 1) + logFile := fmt.Sprintf("test-log-%s.log", testenv.RandomDNSName(3)) + testenv.CreateMockLogfile(logFile, 2000) + testenv.IngestFileViaMonitor(ctx, logFile, "main", podName, deployment) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Search for data on newly added indexer + searchPod := fmt.Sprintf(testenv.SearchHeadPod, deployment.GetName(), 0) + indexerName := fmt.Sprintf(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, 1) + searchString := fmt.Sprintf("index=%s host=%s | stats count by host", "main", indexerName) + searchResultsResp, err := testenv.PerformSearchSync(ctx, searchPod, searchString, deployment) + Expect(err).To(Succeed(), "Failed to execute search '%s' on pod %s", searchPod, searchString) + + // Verify result. + searchResponse := strings.Split(searchResultsResp, "\n")[0] + var searchResults map[string]interface{} + jsonErr := json.Unmarshal([]byte(searchResponse), &searchResults) + Expect(jsonErr).To(Succeed(), "Failed to unmarshal JSON Search Results from response '%s'", searchResultsResp) + + testcaseEnvInst.Log.Info("Search results :", "searchResults", searchResults["result"]) + Expect(searchResults["result"]).ShouldNot(BeNil(), "No results in search response '%s' on pod %s", searchResults, searchPod) + + resultLine := searchResults["result"].(map[string]interface{}) + testcaseEnvInst.Log.Info("Sync Search results host count:", "count", resultLine["count"].(string), "host", resultLine["host"].(string)) + testHostname := strings.Compare(resultLine["host"].(string), indexerName) + Expect(testHostname).To(Equal(0), "Incorrect search result hostname. Expect: %s Got: %s", indexerName, resultLine["host"].(string)) + + //######### SCALING UP VERIFICATIONS ######## + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // ############ Verify livenessProbe and readinessProbe config object and scripts############ + testcaseEnvInst.Log.Info("Get config map for livenessProbe and readinessProbe") + _, err = testenv.GetConfigMap(ctx, deployment, testcaseEnvInst.GetName(), ConfigMapName) + Expect(err).To(Succeed(), "Unable to get config map for livenessProbe and readinessProbe", "ConfigMap name", ConfigMapName) + scriptsNames := []string{enterprise.GetLivenessScriptName(), enterprise.GetReadinessScriptName(), enterprise.GetStartupScriptName()} + allPods := testenv.DumpGetPods(testcaseEnvInst.GetName()) + testenv.VerifyFilesInDirectoryOnPod(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), allPods, scriptsNames, enterprise.GetProbeMountDirectory(), false, true) + + // Listing the Search Head cluster pods to exclude them from the 'no pod reset' test as they are expected to be reset after scaling + shcPodNames = []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + shcPodNames = append(shcPodNames, testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1)...) + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, shcPodNames) + + //############### SCALING DOWN ############## + // Get instance of current Search Head Cluster CR with latest config + err = deployment.GetInstance(ctx, deployment.GetName()+"-shc", shc) + + Expect(err).To(Succeed(), "Failed to get instance of Search Head Cluster") + + // Scale down Search Head Cluster + defaultSHReplicas = shc.Spec.Replicas + scaledSHReplicas = defaultSHReplicas - 1 + testcaseEnvInst.Log.Info("Scaling down Search Head Cluster", "Current Replicas", defaultSHReplicas, "New Replicas", scaledSHReplicas) + + // Update Replicas of Search Head Cluster + shc.Spec.Replicas = int32(scaledSHReplicas) + err = deployment.UpdateCR(ctx, shc) + Expect(err).To(Succeed(), "Failed to scale down Search Head Cluster") + + // Ensure Search Head Cluster scales down and go to ScalingDown phase + testenv.VerifySearchHeadClusterPhase(ctx, deployment, testcaseEnvInst, enterpriseApi.PhaseScalingDown) + + // Get instance of current Indexer CR with latest config + err = deployment.GetInstance(ctx, idxcName, idxc) + Expect(err).To(Succeed(), "Failed to get instance of Indexer Cluster") + defaultIndexerReplicas = idxc.Spec.Replicas + scaledIndexerReplicas = defaultIndexerReplicas - 1 + testcaseEnvInst.Log.Info("Scaling down Indexer Cluster", "Current Replicas", defaultIndexerReplicas, "New Replicas", scaledIndexerReplicas) + + // Update Replicas of Indexer Cluster + idxc.Spec.Replicas = int32(scaledIndexerReplicas) + err = deployment.UpdateCR(ctx, idxc) + Expect(err).To(Succeed(), "Failed to Scale down Indexer Cluster") + + // Ensure Indexer cluster scales down and go to ScalingDown phase + testenv.VerifyIndexerClusterPhase(ctx, deployment, testcaseEnvInst, enterpriseApi.PhaseScalingDown, idxcName) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexer cluster go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Search for data from removed indexer + searchString = fmt.Sprintf("index=%s host=%s | stats count by host", "main", indexerName) + searchResultsResp, err = testenv.PerformSearchSync(ctx, searchPod, searchString, deployment) + Expect(err).To(Succeed(), "Failed to execute search '%s' on pod %s", searchPod, searchString) + + // Verify result. + searchResponse = strings.Split(searchResultsResp, "\n")[0] + jsonErr = json.Unmarshal([]byte(searchResponse), &searchResults) + Expect(jsonErr).To(Succeed(), "Failed to unmarshal JSON Search Results from response '%s'", searchResultsResp) + + testcaseEnvInst.Log.Info("Search results :", "searchResults", searchResults["result"]) + Expect(searchResults["result"]).ShouldNot(BeNil(), "No results in search response '%s' on pod %s", searchResults, searchPod) + + resultLine = searchResults["result"].(map[string]interface{}) + testcaseEnvInst.Log.Info("Sync Search results host count:", "count", resultLine["count"].(string), "host", resultLine["host"].(string)) + testHostname = strings.Compare(resultLine["host"].(string), indexerName) + Expect(testHostname).To(Equal(0), "Incorrect search result hostname. Expect: %s Got: %s", indexerName, resultLine["host"].(string)) + + //######### SCALING DOWN VERIFICATIONS ###### + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, shcPodNames) + }) + }) + + Context("Multi Site Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("integration, m4, masterappframeworkm4, appframework: can deploy a M4 SVA and have apps installed locally on Cluster Manager and Deployer", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to GCP + * Create app source with local scope for M4 SVA (Cluster Master and Deployer) + * Prepare and deploy M4 CRD with app framework and wait for pods to be ready + ########## INITIAL VERIFICATION ############# + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify apps are installed locally on Cluster Master and Deployer + ############### UPGRADE APPS ################ + * Upgrade apps in app sources + * Wait for pods to be ready + ########## UPGRADE VERIFICATIONS ############ + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify apps are copied, installed and upgraded on Cluster Master and Deployer + */ + + //################## SETUP #################### + // Upload V1 apps to GCP for Indexer Cluster + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeLocal, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeLocal, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy Multisite Cluster and Search Head Cluster, with App Framework enabled on Cluster Master and Deployer + siteCount := 3 + indexersPerSite := 1 + shReplicas := 3 + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + cm, _, shc, err := deployment.DeployMultisiteClusterMasterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## INITIAL VERIFICATION ############# + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterMasterPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############### UPGRADE APPS ################ + // Delete V1 apps on GCP + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on GCP", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // Upload V2 apps to GCP for Indexer Cluster + appVersion = "V2" + appFileList = testenv.GetAppFileList(appListV2) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## UPGRADE VERIFICATIONS ############ + cmAppSourceInfo.CrAppVersion = appVersion + cmAppSourceInfo.CrAppList = appListV2 + cmAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + shcAppSourceInfo.CrAppVersion = appVersion + shcAppSourceInfo.CrAppList = appListV2 + shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Multi Site Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("integration, m4, masterappframeworkm4, appframework: can deploy a M4 SVA with App Framework enabled for manual poll", func() { + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to GCP for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console with app framework and wait for the pod to be ready + * Upload V1 apps to GCP + * Create app source with manaul poll for M4 SVA (Cluster Master and Deployer) + * Prepare and deploy M4 CRD with app framework and wait for pods to be ready + ########## INITIAL VERIFICATION ############# + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify apps are installed locally on Cluster Master and Deployer + ############### UPGRADE APPS ################ + * Upgrade apps in app sources + * Wait for pods to be ready + ############ VERIFICATION APPS ARE NOT UPDATED BEFORE ENABLING MANUAL POLL ############ + * Verify Apps are not updated + ############ ENABLE MANUAL POLL ############ + * Verify Manual Poll disabled after the check + ############## UPGRADE VERIFICATIONS ############ + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify App Directory in under splunk path + * Verify apps are installed locally on Cluster Master and Deployer + */ + + // ################## SETUP #################### + // Upload V1 apps to GCP for Monitoring Console + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Monitoring Console", appVersion)) + gcsTestDirMC := "m4appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for Monitoring Console + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + volumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, volumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, gcsTestDirMC, 0) + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Upload V1 apps to GCP for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 0) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 0) + + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster") + cm, _, shc, err := deployment.DeployMultisiteClusterMasterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, mcName, "") + Expect(err).To(Succeed(), "Unable to deploy Multi Site Indexer Cluster with App framework") + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure cluster configured as multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## INITIAL VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterMasterPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + mcPod := []string{fmt.Sprintf(testenv.MonitoringConsolePod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + mcAppSourceInfo := testenv.AppSourceInfo{CrKind: mc.Kind, CrName: mc.Name, CrAppSourceName: appSourceNameMC, CrAppSourceVolumeName: appSourceNameMC, CrPod: mcPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + ClusterMasterBundleHash := testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + // ############### UPGRADE APPS ################ + + // Upload V2 apps to GCP for Indexer Cluster + appVersion = "V2" + appFileList = testenv.GetAppFileList(appListV2) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to GCP for Monitoring Console + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Monitoring Console", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirMC, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure cluster configured as multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // ############ VERIFICATION APPS ARE NOT UPDATED BEFORE ENABLING MANUAL POLL ############ + appVersion = "V1" + allPodNames := append(idxcPodNames, shcPodNames...) + testenv.VerifyAppInstalled(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), allPodNames, appListV1, true, "enabled", false, true) + + // ############ ENABLE MANUAL POLL ############ + testcaseEnvInst.Log.Info("Get config map for triggering manual update") + config, err := testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map for manual poll") + + testcaseEnvInst.Log.Info("Modify config map to trigger manual update") + config.Data["ClusterMaster"] = strings.Replace(config.Data["ClusterMaster"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map") + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer cluster configured as multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + testcaseEnvInst.Log.Info("Get config map for triggering manual update") + config, err = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map for manual poll") + + testcaseEnvInst.Log.Info("Modify config map to trigger manual update") + config.Data["SearchHeadCluster"] = strings.Replace(config.Data["SearchHeadCluster"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map") + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + testcaseEnvInst.Log.Info("Get config map for triggering manual update") + config, err = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map for manual poll") + + testcaseEnvInst.Log.Info("Modify config map to trigger manual update") + config.Data["MonitoringConsole"] = strings.Replace(config.Data["MonitoringConsole"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map") + + time.Sleep(2 * time.Minute) + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ########## Verify Manual Poll disabled after the check ################# + + // Verify config map set back to off after poll trigger + testcaseEnvInst.Log.Info(fmt.Sprintf("Verify config map set back to off after poll trigger for %s app", appVersion)) + config, _ = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + + Expect(strings.Contains(config.Data["ClusterMaster"], "status: off") && strings.Contains(config.Data["SearchHeadCluster"], "status: off") && strings.Contains(config.Data["MonitoringConsole"], "status: off")).To(Equal(true), "Config map update not complete") + + // ############ VERIFY APPS UPDATED TO V2 ############# + appVersion = "V2" + cmAppSourceInfo.CrAppVersion = appVersion + cmAppSourceInfo.CrAppList = appListV2 + cmAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + shcAppSourceInfo.CrAppVersion = appVersion + shcAppSourceInfo.CrAppList = appListV2 + shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + mcAppSourceInfo.CrAppVersion = appVersion + mcAppSourceInfo.CrAppList = appListV2 + mcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, ClusterMasterBundleHash) + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Multi Site Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("integration, m4, masterappframeworkm4, appframework: can deploy a M4 SVA and have apps installed and updated locally on Cluster Manager and Deployer via manual poll", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to GCP + * Create app source with local scope for M4 SVA (Cluster Master and Deployer) + * Prepare and deploy M4 CRD with app framework and wait for pods to be ready + ########## INITIAL VERIFICATION ############# + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify apps are installed locally on Cluster Master and Deployer + ############### UPGRADE APPS ################ + * Upgrade apps in app sources + * Wait for pods to be ready + ############ VERIFICATION APPS ARE NOT UPDATED BEFORE ENABLING MANUAL POLL ############ + * Verify Apps are not updated + ############ ENABLE MANUAL POLL ############ + * Verify Manual Poll disabled after the poll is triggered + ########## UPGRADE VERIFICATIONS ############ + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify apps are copied, installed and upgraded on Cluster Master and Deployer + */ + + //################## SETUP #################### + // Upload V1 apps to GCP for Indexer Cluster + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeLocal, appSourceNameIdxc, gcsTestDirIdxc, 0) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeLocal, appSourceNameShc, gcsTestDirShc, 0) + + // Deploy Multisite Cluster and Search Head Cluster, with App Framework enabled on Cluster Master and Deployer + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + cm, _, shc, err := deployment.DeployMultisiteClusterMasterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## INITIAL VERIFICATION ############# + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterMasterPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############### UPGRADE APPS ################ + // Delete V1 apps on GCP + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on GCP", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // Upload V2 apps to GCP for Indexer Cluster + appVersion = "V2" + appFileList = testenv.GetAppFileList(appListV2) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // ############ VERIFICATION APPS ARE NOT UPDATED BEFORE ENABLING MANUAL POLL ############ + appVersion = "V1" + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // ############ ENABLE MANUAL POLL ############ + appVersion = "V2" + testcaseEnvInst.Log.Info("Get config map for triggering manual update") + config, err := testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map for manual poll") + + testcaseEnvInst.Log.Info("Modify config map to trigger manual update") + config.Data["ClusterMaster"] = strings.Replace(config.Data["ClusterMaster"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map") + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer cluster configured as multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + testcaseEnvInst.Log.Info("Get config map for triggering manual update") + config, err = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map for manual poll") + + testcaseEnvInst.Log.Info("Modify config map to trigger manual update") + config.Data["SearchHeadCluster"] = strings.Replace(config.Data["SearchHeadCluster"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map") + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ########## Verify Manual Poll config map disabled after the poll is triggered ################# + + // Verify config map set back to off after poll trigger + testcaseEnvInst.Log.Info(fmt.Sprintf("Verify config map set back to off after poll trigger for %s app", appVersion)) + config, _ = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + + Expect(strings.Contains(config.Data["ClusterMaster"], "status: off") && strings.Contains(config.Data["SearchHeadCluster"], "status: off")).To(Equal(true), "Config map update not complete") + + //########## UPGRADE VERIFICATIONS ############ + cmAppSourceInfo.CrAppVersion = appVersion + cmAppSourceInfo.CrAppList = appListV2 + cmAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + shcAppSourceInfo.CrAppVersion = appVersion + shcAppSourceInfo.CrAppList = appListV2 + shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Multi Site Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("m4, integration, masterappframeworkm4, appframework: can deploy a m4 SVA with apps installed locally on Cluster Manager and Deployer, cluster-wide on Peers and Search Heads, then upgrade them via a manual poll", func() { + + /* Test Steps + ################## SETUP #################### + * Split Applist into clusterlist and local list + * Upload V1 apps to GCP for Indexer Cluster and Search Head Cluster for local and cluster scope + * Create app sources for Cluster Master and Deployer with local and cluster scope + * Prepare and deploy m4 CRD with app framework and wait for the pods to be ready + ######### INITIAL VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V1 apps are copied, installed on Monitoring Console and on Search Heads and Indexers pods + ############### UPGRADE APPS ################ + * Upload V2 apps on GCP + * Wait for all m4 pods to be ready + ############ FINAL VERIFICATIONS ############ + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V2 apps are copied and upgraded on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP #################### + // Split Applist into 2 lists for local and cluster install + appVersion := "V1" + appListLocal := appListV1[len(appListV1)/2:] + appListCluster := appListV1[:len(appListV1)/2] + + // Upload appListLocal list of apps to GCP (to be used for local install) for Idxc + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for local install (local scope)", appVersion)) + gcsTestDirIdxcLocal = "m4appfw-" + testenv.RandomDNSName(4) + localappFileList := testenv.GetAppFileList(appListLocal) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxcLocal, localappFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps (local scope) to GCP test directory", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload appListLocal list of apps to GCP (to be used for local install) for Shc + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for local install (local scope)", appVersion)) + gcsTestDirShcLocal = "m4appfw-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShcLocal, localappFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps (local scope) to GCP test directory", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload appListCluster list of apps to GCP (to be used for cluster-wide install) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for cluster-wide install (cluster scope)", appVersion)) + gcsTestDirIdxcCluster = "m4appfw-cluster-" + testenv.RandomDNSName(4) + clusterappFileList := testenv.GetAppFileList(appListCluster) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxcCluster, clusterappFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps (cluster scope) to GCP test directory", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload appListCluster list of apps to GCP (to be used for cluster-wide install) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for cluster-wide install (cluster scope)", appVersion)) + gcsTestDirShcCluster = "m4appfw-cluster-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShcCluster, clusterappFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps (cluster scope) to GCP test directory", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceNameLocalIdxc := "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceNameLocalShc := "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceNameClusterIdxc := "appframework-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameClusterShc := "appframework-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxcLocal := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShcLocal := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appSourceVolumeNameIdxcCluster := "appframework-test-volume-idxc-cluster-" + testenv.RandomDNSName(3) + appSourceVolumeNameShcCluster := "appframework-test-volume-shc-cluster-" + testenv.RandomDNSName(3) + + // Create App framework Spec for Cluster master with scope local and append cluster scope + + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxcLocal, enterpriseApi.ScopeLocal, appSourceNameLocalIdxc, gcsTestDirIdxcLocal, 0) + volumeSpecCluster := []enterpriseApi.VolumeSpec{testenv.GenerateIndexVolumeSpec(appSourceVolumeNameIdxcCluster, testenv.GetGCPEndpoint(), testcaseEnvInst.GetIndexSecretName(), "aws", "gcs", testenv.GetDefaultGCPRegion())} + appFrameworkSpecIdxc.VolList = append(appFrameworkSpecIdxc.VolList, volumeSpecCluster...) + appSourceClusterDefaultSpec := enterpriseApi.AppSourceDefaultSpec{ + VolName: appSourceVolumeNameIdxcCluster, + Scope: enterpriseApi.ScopeCluster, + } + appSourceSpecCluster := []enterpriseApi.AppSourceSpec{testenv.GenerateAppSourceSpec(appSourceNameClusterIdxc, gcsTestDirIdxcCluster, appSourceClusterDefaultSpec)} + appFrameworkSpecIdxc.AppSources = append(appFrameworkSpecIdxc.AppSources, appSourceSpecCluster...) + + // Create App framework Spec for Search head cluster with scope local and append cluster scope + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShcLocal, enterpriseApi.ScopeLocal, appSourceNameLocalShc, gcsTestDirShcLocal, 0) + volumeSpecCluster = []enterpriseApi.VolumeSpec{testenv.GenerateIndexVolumeSpec(appSourceVolumeNameShcCluster, testenv.GetGCPEndpoint(), testcaseEnvInst.GetIndexSecretName(), "aws", "gcs", testenv.GetDefaultGCPRegion())} + + appFrameworkSpecShc.VolList = append(appFrameworkSpecShc.VolList, volumeSpecCluster...) + appSourceClusterDefaultSpec = enterpriseApi.AppSourceDefaultSpec{ + VolName: appSourceVolumeNameShcCluster, + Scope: enterpriseApi.ScopeCluster, + } + appSourceSpecCluster = []enterpriseApi.AppSourceSpec{testenv.GenerateAppSourceSpec(appSourceNameClusterShc, gcsTestDirShcCluster, appSourceClusterDefaultSpec)} + appFrameworkSpecShc.AppSources = append(appFrameworkSpecShc.AppSources, appSourceSpecCluster...) + + // Create Single site Cluster and Search Head Cluster, with App Framework enabled on Cluster Master and Deployer + testcaseEnvInst.Log.Info("Deploy Single site Indexer Cluster with both Local and Cluster scope for apps installation") + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterMasterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer Cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############ INITIAL VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterMasterPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfoLocal := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameLocalIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxcLocal, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListLocal, CrAppFileList: localappFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + cmAppSourceInfoCluster := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameClusterIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxcCluster, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListCluster, CrAppFileList: clusterappFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + shcAppSourceInfoLocal := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameLocalShc, CrAppSourceVolumeName: appSourceVolumeNameShcLocal, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListLocal, CrAppFileList: localappFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + shcAppSourceInfoCluster := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameClusterShc, CrAppSourceVolumeName: appSourceVolumeNameShcCluster, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListCluster, CrAppFileList: clusterappFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfoLocal, cmAppSourceInfoCluster, shcAppSourceInfoLocal, shcAppSourceInfoCluster} + ClusterMasterBundleHash := testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############### UPGRADE APPS ################ + // Delete apps on GCP + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on GCP", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // Redefine app lists as LDAP app isn't in V1 apps + appListLocal = appListV1[len(appListV1)/2:] + appListCluster = appListV1[:len(appListV1)/2] + + // Upload appListLocal list of V2 apps to GCP (to be used for local install) + appVersion = "V2" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for local install (local scope)", appVersion)) + localappFileList = testenv.GetAppFileList(appListLocal) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxcLocal, localappFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for local install", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShcLocal, localappFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for local install", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload appListCluster list of V2 apps to GCP (to be used for cluster-wide install) + clusterappFileList = testenv.GetAppFileList(appListCluster) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for cluster install (cluster scope)", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxcCluster, clusterappFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for cluster-wide install", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShcCluster, clusterappFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for cluster-wide install", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // ############ ENABLE MANUAL POLL ############ + + testcaseEnvInst.Log.Info("Get config map for triggering manual update") + config, err := testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map for manual poll") + + testcaseEnvInst.Log.Info("Modify config map to trigger manual update") + config.Data["ClusterMaster"] = strings.Replace(config.Data["ClusterMaster"], "off", "on", 1) + config.Data["SearchHeadCluster"] = strings.Replace(config.Data["SearchHeadCluster"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map") + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameClusterIdxc, clusterappFileList) + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer Cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // ########## Verify Manual Poll config map disabled after the poll is triggered ################# + + // Verify config map set back to off after poll trigger + testcaseEnvInst.Log.Info("Verify config map set back to off after poll trigger for app", "version", appVersion) + config, _ = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(strings.Contains(config.Data["ClusterMaster"], "status: off") && strings.Contains(config.Data["SearchHeadCluster"], "status: off")).To(Equal(true), "Config map update not complete") + + //########## UPGRADE VERIFICATION ############# + cmAppSourceInfoLocal.CrAppVersion = appVersion + cmAppSourceInfoLocal.CrAppList = appListLocal + cmAppSourceInfoLocal.CrAppFileList = localappFileList + cmAppSourceInfoCluster.CrAppVersion = appVersion + cmAppSourceInfoCluster.CrAppList = appListCluster + cmAppSourceInfoCluster.CrAppFileList = clusterappFileList + shcAppSourceInfoLocal.CrAppVersion = appVersion + shcAppSourceInfoLocal.CrAppList = appListLocal + shcAppSourceInfoLocal.CrAppFileList = localappFileList + shcAppSourceInfoCluster.CrAppVersion = appVersion + shcAppSourceInfoCluster.CrAppList = appListCluster + shcAppSourceInfoCluster.CrAppFileList = clusterappFileList + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfoLocal, cmAppSourceInfoCluster, shcAppSourceInfoLocal, shcAppSourceInfoCluster} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, ClusterMasterBundleHash) + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (M4) and App Framework", func() { + It("integration, m4, masterappframeworkm4, appframework: can deploy a M4, add new apps to app source while install is in progress and have all apps installed locally on Cluster Manager and Deployer", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to GCP for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console CRD with app framework and wait for the pod to be ready + * Upload big-size app to GCP for Indexer Cluster and Search Head Cluster + * Create app sources for Cluster Master and Deployer + * Prepare and deploy M4 CRD with app framework + * Verify app installation is in progress on Cluster Master and Deployer + * Upload more apps from GCP during bigger app install + * Wait for polling interval to pass + * Verify all apps are installed on Cluster Master and Deployer + */ + + //################## SETUP #################### + // Upload V1 apps to GCP for Monitoring Console + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Monitoring Console", appVersion)) + gcsTestDirMC := "m4appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Prepare Monitoring Console spec with its own app source + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + appSourceVolumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, gcsTestDirMC, 60) + + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Download all test apps from GCP + appList := append(testenv.BigSingleApp, testenv.ExtraApps...) + appFileList = testenv.GetAppFileList(appList) + err = testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download apps") + + // Upload big-size app to GCP for Cluster Master + appList = testenv.BigSingleApp + appFileList = testenv.GetAppFileList(appList) + testcaseEnvInst.Log.Info("Upload big-size app to GCP for Cluster Manager") + gcsTestDirIdxc = "m4appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big-size app to GCP test directory for Cluster Manager") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload big-size app to GCP for Search Head Cluster + testcaseEnvInst.Log.Info("Upload big-size app to GCP for Search Head Cluster") + gcsTestDirShc = "m4appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big-size app to GCP test directory for Search Head Cluster") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeLocal, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeLocal, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterMasterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, mcName, "") + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster and Search Head Cluster with App framework") + + // Verify App installation is in progress on Cluster Master + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList, enterpriseApi.AppPkgInstallComplete, enterpriseApi.AppPkgPodCopyComplete) + + // Upload more apps to GCP for Cluster Master + appList = testenv.ExtraApps + appFileList = testenv.GetAppFileList(appList) + testcaseEnvInst.Log.Info("Upload more apps to GCP for Cluster Manager") + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload more apps to GCP test directory for Cluster Manager") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload more apps to GCP for Deployer + testcaseEnvInst.Log.Info("Upload more apps to GCP for Deployer") + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload more apps to GCP test directory for Deployer") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Ensure Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Wait for polling interval to pass + testenv.WaitForAppInstall(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Verify all apps are installed on Cluster Master + appList = append(testenv.BigSingleApp, testenv.ExtraApps...) + appFileList = testenv.GetAppFileList(appList) + cmPod := []string{fmt.Sprintf(testenv.ClusterMasterPod, deployment.GetName())} + testcaseEnvInst.Log.Info(fmt.Sprintf("Verify all apps %v are installed on Cluster Manager", appList)) + testenv.VerifyAppInstalled(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), cmPod, appList, true, "enabled", false, false) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + time.Sleep(60 * time.Second) + // Wait for polling interval to pass + testenv.WaitForAppInstall(ctx, deployment, testcaseEnvInst, deployment.GetName()+"-shc", shc.Kind, appSourceNameShc, appFileList) + + // Verify all apps are installed on Deployer + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + testcaseEnvInst.Log.Info(fmt.Sprintf("Verify all apps %v are installed on Deployer", appList)) + testenv.VerifyAppInstalled(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), deployerPod, appList, true, "enabled", false, false) + }) + }) + + Context("Single Site Indexer Cluster with Search Head Cluster (M4) and App Framework", func() { + It(" m4gcp, masterappframeworkm4gcp, m4_gcp_sanity: can deploy a M4, add new apps to app source while install is in progress and have all apps installed cluster-wide", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to GCP for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console CRD with app framework and wait for the pod to be ready + * Upload big-size app to GCP for Indexer Cluster and Search Head Cluster + * Create app sources for Cluster Master and Deployer + * Prepare and deploy M4 CRD with app framework and wait for the pods to be ready + ############## VERIFICATIONS ################ + * Verify App installation is in progress on Cluster Master and Deployer + * Upload more apps from GCP during bigger app install + * Wait for polling interval to pass + * Verify all apps are installed on Cluster Master and Deployer + */ + + //################## SETUP #################### + // Upload V1 apps to GCP for Monitoring Console + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Monitoring Console", appVersion)) + gcsTestDirMC := "m4appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Prepare Monitoring Console spec with its own app source + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + appSourceVolumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, gcsTestDirMC, 60) + + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Download all test apps from GCP + appList := append(testenv.BigSingleApp, testenv.ExtraApps...) + appFileList = testenv.GetAppFileList(appList) + err = testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download apps") + + // Upload big-size app to GCP for Cluster Master + appList = testenv.BigSingleApp + appFileList = testenv.GetAppFileList(appList) + testcaseEnvInst.Log.Info("Upload big-size app to GCP for Cluster Manager") + gcsTestDirIdxc = "m4appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big-size app to GCP test directory for Cluster Manager") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload big-size app to GCP for Search Head Cluster + testcaseEnvInst.Log.Info("Upload big-size app to GCP for Search Head Cluster") + gcsTestDirShc = "m4appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big-size app to GCP test directory for Search Head Cluster") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterMasterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, mcName, "") + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster and Search Head Cluster with App framework") + + // Verify App installation is in progress + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList, enterpriseApi.AppPkgInstallComplete, enterpriseApi.AppPkgPodCopyComplete) + + // Upload more apps to GCP for Cluster Master + appList = testenv.ExtraApps + appFileList = testenv.GetAppFileList(appList) + testcaseEnvInst.Log.Info("Upload more apps to GCP for Cluster Manager") + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload more apps to GCP test directory for Cluster Manager") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload more apps to GCP for Deployer + testcaseEnvInst.Log.Info("Upload more apps to GCP for Deployer") + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload more apps to GCP test directory for Deployer") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Ensure Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Wait for polling interval to pass + testenv.WaitForAppInstall(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Verify all apps are installed on indexers + appList = append(testenv.BigSingleApp, testenv.ExtraApps...) + appFileList = testenv.GetAppFileList(appList) + idxcPodNames := testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), indexersPerSite, true, siteCount) + testcaseEnvInst.Log.Info(fmt.Sprintf("Verify all apps %v are installed on indexers", appList)) + testenv.VerifyAppInstalled(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), idxcPodNames, appList, true, "enabled", false, true) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Wait for polling interval to pass + testenv.WaitForAppInstall(ctx, deployment, testcaseEnvInst, deployment.GetName()+"-shc", shc.Kind, appSourceNameShc, appFileList) + + // Verify all apps are installed on Search Heads + shcPodNames := testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Verify all apps %v are installed on Search Heads", appList)) + testenv.VerifyAppInstalled(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), shcPodNames, appList, true, "enabled", false, true) + + }) + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("integration, m4, masterappframeworkm4, appframework: can deploy a M4 SVA with App Framework enabled and reset operator pod while app install is in progress", func() { + + /* Test Steps + ################## SETUP ################## + * Upload V1 apps to GCP for Indexer Cluster and Search Head Cluster + * Prepare and deploy M4 CRD with app framework and wait for the pods to be ready + * While app install is in progress, restart the operator + ########## VERIFICATIONS ########## + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied and installed on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP ################## + // Download all apps from GCP + appList := append(testenv.BigSingleApp, testenv.ExtraApps...) + appFileList := testenv.GetAppFileList(appList) + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download big-size app") + + // Upload V1 apps to GCP for Indexer Cluster + appVersion := "V1" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterMasterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster and Search Head Cluster with App framework") + + // Verify App installation is in progress on Cluster Master + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList, enterpriseApi.AppPkgInstallComplete, enterpriseApi.AppPkgInstallPending) + + // Delete Operator pod while Install in progress + testenv.DeleteOperatorPod(testcaseEnvInst) + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer Cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterMasterPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("integration, m4, masterappframeworkm4, appframework: can deploy a M4 SVA with App Framework enabled and reset operator pod while app download is in progress", func() { + + /* Test Steps + ################## SETUP ################## + * Upload V1 apps to GCP for Indexer Cluster and Search Head Cluster + * Prepare and deploy M4 CRD with app framework and wait for the pods to be ready + * While app download is in progress, restart the operator + ########## VERIFICATIONS ########## + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied and installed on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP ################## + // Download all apps from GCP + appList := append(testenv.BigSingleApp, testenv.ExtraApps...) + appFileList := testenv.GetAppFileList(appList) + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download big-size app") + + // Upload V1 apps to GCP for Indexer Cluster + appVersion := "V1" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterMasterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster and Search Head Cluster with App framework") + + // Verify App Download is in progress on Cluster Master + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList, enterpriseApi.AppPkgDownloadComplete, enterpriseApi.AppPkgDownloadPending) + + // Delete Operator pod while Install in progress + testenv.DeleteOperatorPod(testcaseEnvInst) + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer Cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterMasterPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("integration, m4, masterappframeworkm4, appframework: can deploy a M4 SVA with App Framework enabled, install an app, then disable it by using a disabled version of the app and then remove it from app source", func() { + + /* Test Steps + ################## SETUP ################## + * Upload V1 apps to GCP for Indexer Cluster and Search Head Cluster + * Prepare and deploy M4 CRD with app framework and wait for the pods to be ready + ########## INITIAL VERIFICATIONS ########## + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied and installed on Monitoring Console and on Search Heads and Indexers pods + * Disable the app + * Delete the app from gcs + * Check for repo state in App Deployment Info + */ + + //################## SETUP ################## + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + + // Upload V1 apps to GCP for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterMasterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster and Search Head Cluster with App framework") + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer Cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## INITIAL VERIFICATIONS ########## + idxcPodNames := testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames := testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterMasterPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify repo state on App to be disabled to be 1 (i.e app present on GCP bucket) + appName := appListV1[0] + appFileName := testenv.GetAppFileList([]string{appName}) + testenv.VerifyAppRepoState(ctx, deployment, testcaseEnvInst, cm.Name, cm.Kind, appSourceNameIdxc, 1, appFileName[0]) + + // Disable the app + testenv.DisableAppsToGCP(downloadDirV1, appFileName, gcsTestDirIdxc) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileName) + + // Ensure Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer Cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Wait for App state to update after config file change + testenv.WaitforAppInstallState(ctx, deployment, testcaseEnvInst, idxcPodNames, testcaseEnvInst.GetName(), appName, "disabled", true) + + // Delete the file from GCP + gcsFilepath := filepath.Join(gcsTestDirIdxc, appFileName[0]) + err = testenv.DeleteFileOnGCP(testGcsBucket, gcsFilepath) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to delete %s app on GCP test directory", appFileName)) + + // Verify repo state is set to 2 (i.e app deleted from GCP bucket) + testenv.VerifyAppRepoState(ctx, deployment, testcaseEnvInst, cm.Name, cm.Kind, appSourceNameIdxc, 2, appFileName[0]) + }) + }) + + Context("Multi Site Indexer Cluster with Search Head Cluster (M4) with App Framework", func() { + It("integration, m4, masterappframeworkm4, appframework: can deploy a M4 SVA, install apps via manual polling, switch to periodic polling, verify apps are not updated before the end of AppsRepoPollInterval, then updated after", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to GCP + * Create app source with local scope for M4 SVA, AppsRepoPollInterval=0 to set apps polling as manual + * Prepare and deploy M4 CRD with app framework and wait for pods to be ready + ########## INITIAL VERIFICATION ############# + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify apps are installed locally on Cluster Master and Deployer + * Verify status is 'OFF' in config map for Cluster Master and Search Head Cluster + ######### SWITCH FROM MANUAL TO PERIODIC POLLING ############ + * Set AppsRepoPollInterval to 180 seconds for Cluster Master and Search Head Cluster + * Change status to 'ON' in config map for Cluster Master and Search Head Cluster + ############### UPGRADE APPS ################ + * Upgrade apps in app sources + * Wait for pods to be ready + ############ UPGRADE VERIFICATION ########## + * Verify apps are not updated before the end of AppsRepoPollInterval duration + * Verify apps are updated after the end of AppsRepoPollInterval duration + */ + + //################## SETUP #################### + // Upload V1 apps to GCP for Indexer Cluster + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeLocal, appSourceNameIdxc, gcsTestDirIdxc, 0) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeLocal, appSourceNameShc, gcsTestDirShc, 0) + + // Deploy Multisite Cluster and Search Head Cluster, with App Framework enabled on Cluster Master and Deployer + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + cm, _, shc, err := deployment.DeployMultisiteClusterMasterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## INITIAL VERIFICATION ############# + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterMasterPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + // Verify status is 'OFF' in config map for Cluster Master and Search Head Cluster + testcaseEnvInst.Log.Info("Verify status is 'OFF' in config map for Cluster Master and Search Head Cluster") + config, _ := testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(strings.Contains(config.Data["ClusterMaster"], "status: off") && strings.Contains(config.Data["SearchHeadCluster"], "status: off")).To(Equal(true), "Config map update not complete") + + //######### SWITCH FROM MANUAL TO PERIODIC POLLING ############ + // Get instance of current Cluster Master CR with latest config + cm = &enterpriseApiV3.ClusterMaster{} + err = deployment.GetInstance(ctx, deployment.GetName(), cm) + Expect(err).To(Succeed(), "Failed to edit Cluster Master") + + // Set AppsRepoPollInterval for Cluster Master to 180 seconds + testcaseEnvInst.Log.Info("Set AppsRepoPollInterval for Cluster Master to 180 seconds") + cm.Spec.AppFrameworkConfig.AppsRepoPollInterval = int64(180) + err = deployment.UpdateCR(ctx, cm) + Expect(err).To(Succeed(), "Failed to change AppsRepoPollInterval value for Cluster Master") + + // Get instance of current Search Head Cluster CR with latest config + shc = &enterpriseApi.SearchHeadCluster{} + err = deployment.GetInstance(ctx, deployment.GetName()+"-shc", shc) + Expect(err).To(Succeed(), "Failed to edit Search Head Cluster") + + // Set AppsRepoPollInterval for Search Head Cluster to 180 seconds + testcaseEnvInst.Log.Info("Set AppsRepoPollInterval for Search Head Cluster to 180 seconds") + shc.Spec.AppFrameworkConfig.AppsRepoPollInterval = int64(180) + err = deployment.UpdateCR(ctx, shc) + Expect(err).To(Succeed(), "Failed to change AppsRepoPollInterval value for Search Head Cluster") + + // Change status to 'ON' in config map for Cluster Master and Search Head Cluster + testcaseEnvInst.Log.Info("Change status to 'ON' in config map for Cluster Master") + config, err = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map") + + config.Data["ClusterMaster"] = strings.Replace(config.Data["ClusterMaster"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map for Cluster Master") + + testcaseEnvInst.Log.Info("Change status to 'ON' in config map for Search Head Cluster") + config.Data["SearchHeadCluster"] = strings.Replace(config.Data["SearchHeadCluster"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map for Search Head Cluster") + + // Wait 5 seconds to be sure reconcile caused by CR update and config map update are done + testcaseEnvInst.Log.Info("Wait 5 seconds to be sure reconcile caused by CR update and config map update are done") + time.Sleep(5 * time.Second) + + // Verify status is 'ON' in config map for Cluster Master and Search Head Cluster + testcaseEnvInst.Log.Info("Verify status is 'ON' in config map for Cluster Master and Search Head Cluster") + config, _ = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(strings.Contains(config.Data["ClusterMaster"], "status: on") && strings.Contains(config.Data["SearchHeadCluster"], "status: on")).To(Equal(true), "Config map update not complete") + + //############### UPGRADE APPS ################ + // Delete V1 apps on GCP + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on GCP", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // Upload V2 apps to GCP for Indexer Cluster + appVersion = "V2" + appFileList = testenv.GetAppFileList(appListV2) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## UPGRADE VERIFICATIONS ############ + testcaseEnvInst.Log.Info("Verify apps are not updated before the end of AppsRepoPollInterval duration") + appVersion = "V1" + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Wait for the end of AppsRepoPollInterval duration + testcaseEnvInst.Log.Info("Wait for the end of AppsRepoPollInterval duration") + time.Sleep(2 * time.Minute) + + testcaseEnvInst.Log.Info("Verify apps are updated after the end of AppsRepoPollInterval duration") + appVersion = "V2" + cmAppSourceInfo.CrAppVersion = appVersion + cmAppSourceInfo.CrAppList = appListV2 + cmAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + shcAppSourceInfo.CrAppVersion = appVersion + shcAppSourceInfo.CrAppList = appListV2 + shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("integration, m4, masterappframeworkm4, appframework: can deploy a M4 SVA with App Framework enabled and update apps after app download is completed", func() { + + /* Test Steps + ################## SETUP ################## + * Upload V1 apps to GCP for Indexer Cluster and Search Head Cluster + * Prepare and deploy M4 CRD with app framework and wait for the pods to be ready + * While app download is in progress, restart the operator + * While app download is completed, upload new versions of the apps + ######### VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V1 apps are copied, installed on Search Heads and Indexers pods + ######### UPGRADE VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V1 apps are copied, installed on Search Heads and Indexers pods + */ + + //################## SETUP ################## + // Download all apps from GCP + appVersion := "V1" + appListV1 := []string{appListV1[0]} + appFileList := testenv.GetAppFileList(appListV1) + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download apps") + + // Upload V1 apps to GCP for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeLocal, appSourceNameIdxc, gcsTestDirIdxc, 120) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeLocal, appSourceNameShc, gcsTestDirShc, 120) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterMasterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster and Search Head Cluster with App framework") + + // Verify App Download is in progress on Cluster Master + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList, enterpriseApi.AppPkgInstallComplete, enterpriseApi.AppPkgPodCopyPending) + + // Upload V2 apps to GCP for Indexer Cluster + appVersion = "V2" + appListV2 := []string{appListV2[0]} + appFileList = testenv.GetAppFileList(appListV2) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## VERIFICATIONS ########## + appVersion = "V1" + testenv.VerifyAppInstalled(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), []string{fmt.Sprintf(testenv.ClusterMasterPod, deployment.GetName())}, appListV1, false, "enabled", false, false) + + // Check for changes in App phase to determine if next poll has been triggered + appFileList = testenv.GetAppFileList(appListV2) + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer Cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + //############ UPGRADE VERIFICATIONS ############ + appVersion = "V2" + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterMasterPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV2, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV2, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + }) + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("m4, integration, masterappframeworkm4, appframework: can deploy a M4 SVA and install a bigger volume of apps than the operator PV disk space", func() { + + /* Test Steps + ################## SETUP #################### + * Upload 15 apps of 100MB size each to GCP for Indexer Cluster and Search Head Cluster for cluster scope + * Create app sources for Cluster Master and Deployer with cluster scope + * Prepare and deploy M4 CRD with app framework and wait for the pods to be ready + ######### INITIAL VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied, installed on Search Heads and Indexers pods + */ + + //################## SETUP #################### + // Create a large file on Operator pod + opPod := testenv.GetOperatorPodName(testcaseEnvInst) + err := testenv.CreateDummyFileOnOperator(ctx, deployment, opPod, testenv.AppDownloadVolume, "1G", "test_file.img") + Expect(err).To(Succeed(), "Unable to create file on operator") + filePresentOnOperator = true + + // Download apps for test + appVersion := "V1" + appList := testenv.PVTestApps + appFileList := testenv.GetAppFileList(appList) + err = testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsPVTestApps, downloadDirPVTestApps, appFileList) + Expect(err).To(Succeed(), "Unable to download app files") + + // Upload apps to GCP for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + gcsTestDirIdxc := "m4appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirPVTestApps) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search head Cluster", appVersion)) + gcsTestDirShc := "m4appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirPVTestApps) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Maximum apps to be downloaded in parallel + maxConcurrentAppDownloads := 30 + + // Create App framework Spec for C3 + appSourceNameIdxc := "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc := "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecIdxc.MaxConcurrentAppDownloads = uint64(maxConcurrentAppDownloads) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + appFrameworkSpecShc.MaxConcurrentAppDownloads = uint64(maxConcurrentAppDownloads) + + // Deploy Multisite Cluster and Search Head Cluster, with App Framework enabled on Cluster Master and Deployer + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + cm, _, shc, err := deployment.DeployMultisiteClusterMasterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############ INITIAL VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterMasterPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + }) + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("integration, m4, masterappframeworkm4, appframework: can deploy a M4 SVA with App Framework enabled and delete apps from app directory when download is complete", func() { + + /* Test Steps + ################## SETUP ################## + * Upload big-size app to GCP for Indexer Cluster and Search Head Cluster + * Prepare and deploy M4 CRD with app framework and wait for the pods to be ready + * When app download is complete, delete apps from app directory + ########## VERIFICATIONS ########## + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied and installed on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP ################## + // Download big size apps from GCP + appList := testenv.BigSingleApp + appFileList := testenv.GetAppFileList(appList) + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download big-size app") + + // Upload big size app to GCP for Indexer Cluster + appVersion := "V1" + testcaseEnvInst.Log.Info("Upload big size app to GCP for Indexer Cluster") + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big size to GCP test directory for Indexer Cluster") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload big size app to GCP for Search Head Cluster + testcaseEnvInst.Log.Info("Upload big size app to GCP for Search Head Cluster") + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big size to GCP test directory for Search Head Cluster") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterMasterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster and Search Head Cluster with App framework") + + // Verify App Download is completed on Cluster Master + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList, enterpriseApi.AppPkgPodCopyComplete, enterpriseApi.AppPkgPodCopyPending) + + //Delete apps from app directory when app download is complete + opPod := testenv.GetOperatorPodName(testcaseEnvInst) + podDownloadPath := filepath.Join(splcommon.AppDownloadVolume, "downloadedApps", testenvInstance.GetName(), cm.Kind, deployment.GetName(), enterpriseApi.ScopeCluster, appSourceNameIdxc, testenv.AppInfo[appList[0]]["filename"]) + err = testenv.DeleteFilesOnOperatorPod(ctx, deployment, opPod, []string{podDownloadPath}) + Expect(err).To(Succeed(), "Unable to delete file on pod") + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer Cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterMasterPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It(" m4gcp, masterappframeworkm4gcp, m4_gcp_sanity: can deploy a M4 SVA with App Framework enabled, install apps and check IsDeploymentInProgress for CM and SHC CR's", func() { + + /* Test Steps + ################## SETUP ################## + * Upload V1 apps to GCP for Indexer Cluster and Search Head Cluster + * Prepare and deploy M4 CRD with app framework + * Verify IsDeploymentInProgress is set + * Wait for the pods to be ready + */ + + //################## SETUP ################## + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + + // Upload V1 apps to GCP for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, gcsTestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, gcsTestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, gcsTestDirShc, 60) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterMasterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster and Search Head Cluster with App framework") + + // Verify IsDeploymentInProgress Flag is set to true for Cluster Master CR + testcaseEnvInst.Log.Info("Checking isDeploymentInProgress Flag for Cluster Manager") + testenv.VerifyIsDeploymentInProgressFlagIsSet(ctx, deployment, testcaseEnvInst, cm.Name, cm.Kind) + + // Ensure that the Cluster Master goes to Ready phase + testenv.ClusterMasterReady(ctx, deployment, testcaseEnvInst) + + // Verify IsDeploymentInProgress Flag is set to true for SHC CR + testcaseEnvInst.Log.Info("Checking isDeploymentInProgress Flag for SHC") + testenv.VerifyIsDeploymentInProgressFlagIsSet(ctx, deployment, testcaseEnvInst, shc.Name, shc.Kind) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer Cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + }) + }) +}) diff --git a/test/appframework_gcp/m4/manager_appframework_test.go b/test/appframework_gcp/m4/manager_appframework_test.go new file mode 100644 index 000000000..971c3f513 --- /dev/null +++ b/test/appframework_gcp/m4/manager_appframework_test.go @@ -0,0 +1,2702 @@ +// Copyright (c) 2018-2022 Splunk Inc. All rights reserved. + +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License.s +package m4gcpappfw + +import ( + "context" + "encoding/json" + "fmt" + "path/filepath" + "strings" + "time" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + + enterpriseApi "github.com/splunk/splunk-operator/api/v4" + splcommon "github.com/splunk/splunk-operator/pkg/splunk/common" + "github.com/splunk/splunk-operator/pkg/splunk/enterprise" + testenv "github.com/splunk/splunk-operator/test/testenv" + corev1 "k8s.io/api/core/v1" +) + +var _ = Describe("m4appfw test", func() { + + var testcaseEnvInst *testenv.TestCaseEnv + var deployment *testenv.Deployment + var uploadedApps []string + var appSourceNameIdxc string + var appSourceNameShc string + var s3TestDirShc string + var s3TestDirIdxc string + var appSourceVolumeNameIdxc string + var appSourceVolumeNameShc string + var s3TestDirShcLocal string + var s3TestDirIdxcLocal string + var s3TestDirShcCluster string + var s3TestDirIdxcCluster string + var filePresentOnOperator bool + + ctx := context.TODO() + + BeforeEach(func() { + var err error + name := fmt.Sprintf("%s-%s", testenvInstance.GetName(), testenv.RandomDNSName(3)) + testcaseEnvInst, err = testenv.NewDefaultTestCaseEnv(testenvInstance.GetKubeClient(), name) + Expect(err).To(Succeed(), "Unable to create testcaseenv") + deployment, err = testcaseEnvInst.NewDeployment(testenv.RandomDNSName(3)) + Expect(err).To(Succeed(), "Unable to create deployment") + s3TestDirIdxc = "m4appfw-idxc-" + testenv.RandomDNSName(4) + s3TestDirShc = "m4appfw-shc-" + testenv.RandomDNSName(4) + appSourceVolumeNameIdxc = "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc = "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + }) + + AfterEach(func() { + // When a test spec failed, skip the teardown so we can troubleshoot. + if CurrentGinkgoTestDescription().Failed { + testcaseEnvInst.SkipTeardown = true + } + if deployment != nil { + deployment.Teardown() + } + // Delete files uploaded to GCP + if !testcaseEnvInst.SkipTeardown { + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + } + if testcaseEnvInst != nil { + Expect(testcaseEnvInst.Teardown()).ToNot(HaveOccurred()) + } + + if filePresentOnOperator { + //Delete files from app-directory + opPod := testenv.GetOperatorPodName(testcaseEnvInst) + podDownloadPath := filepath.Join(testenv.AppDownloadVolume, "test_file.img") + testenv.DeleteFilesOnOperatorPod(ctx, deployment, opPod, []string{podDownloadPath}) + } + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It(" m4gcp, m4_mgr_gcp_sanity: can deploy a M4 SVA with App Framework enabled, install apps and upgrade them", func() { + + /* Test Steps + ################## SETUP ################## + * Upload V1 apps to GCP for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console CRD with app framework and wait for the pod to be ready + * Upload V1 apps to GCP for Indexer Cluster and Search Head Cluster + * Prepare and deploy M4 CRD with app framework and wait for the pods to be ready + ########## INITIAL VERIFICATIONS ########## + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied and installed on Monitoring Console and on Search Heads and Indexers pods + ############# UPGRADE APPS ################ + * Upgrade apps in app sources + * Wait for Monitoring Console and M4 pod to be ready + ########## UPGRADE VERIFICATIONS ########## + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied and upgraded on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP ################## + // Upload V1 apps to GCP for Monitoring Console + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Monitoring Console", appVersion)) + s3TestDirMC := "m4appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, s3TestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for Monitoring Console + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + volumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, volumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, s3TestDirMC, 60) + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Upload V1 apps to GCP for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, s3TestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, s3TestDirShc, 60) + + // get revision number of the resource + resourceVersion := testenv.GetResourceVersion(ctx, deployment, testcaseEnvInst, mc) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, mcName, "") + + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster and Search Head Cluster with App framework") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer Cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // wait for custom resource resource version to change + testenv.VerifyCustomResourceVersionChanged(ctx, deployment, testcaseEnvInst, mc, resourceVersion) + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ############ Verify livenessProbe and readinessProbe config object and scripts############ + testcaseEnvInst.Log.Info("Get config map for livenessProbe and readinessProbe") + ConfigMapName := enterprise.GetProbeConfigMapName(testcaseEnvInst.GetName()) + _, err = testenv.GetConfigMap(ctx, deployment, testcaseEnvInst.GetName(), ConfigMapName) + Expect(err).To(Succeed(), "Unable to get config map for livenessProbe and readinessProbe", "ConfigMap name", ConfigMapName) + scriptsNames := []string{enterprise.GetLivenessScriptName(), enterprise.GetReadinessScriptName(), enterprise.GetStartupScriptName()} + allPods := testenv.DumpGetPods(testcaseEnvInst.GetName()) + testenv.VerifyFilesInDirectoryOnPod(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), allPods, scriptsNames, enterprise.GetProbeMountDirectory(), false, true) + + //########## INITIAL VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + mcPod := []string{fmt.Sprintf(testenv.MonitoringConsolePod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + mcAppSourceInfo := testenv.AppSourceInfo{CrKind: mc.Kind, CrName: mc.Name, CrAppSourceName: appSourceNameMC, CrAppSourceVolumeName: appSourceNameMC, CrPod: mcPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + clusterManagerBundleHash := testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############# UPGRADE APPS ################ + // Delete apps on GCP + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on GCP", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // get revision number of the resource + _ = testenv.GetResourceVersion(ctx, deployment, testcaseEnvInst, mc) + + // Upload V2 apps to GCP for Indexer Cluster + appVersion = "V2" + appFileList = testenv.GetAppFileList(appListV2) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps for Monitoring Console + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Monitoring Console", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirMC, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Verify MC is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## UPGRADE VERIFICATIONS ########## + cmAppSourceInfo.CrAppVersion = appVersion + cmAppSourceInfo.CrAppList = appListV2 + cmAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + shcAppSourceInfo.CrAppVersion = appVersion + shcAppSourceInfo.CrAppList = appListV2 + shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + mcAppSourceInfo.CrAppVersion = appVersion + mcAppSourceInfo.CrAppList = appListV2 + mcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, clusterManagerBundleHash) + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + }) + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("integration, m4, appframework: can deploy a M4 SVA with App Framework enabled, install apps and downgrade them", func() { + + /* Test Steps + ################## SETUP ################## + * Upload V2 apps to GCP for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console CRD with app framework and wait for the pod to be ready + * Upload V2 apps to GCP for Indexer Cluster and Search Head Cluster + * Prepare and deploy M4 CRD with app framework and wait for the pods to be ready + ########## INITIAL VERIFICATIONS ########## + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied and installed on Monitoring Console and on Search Heads and Indexers pods + ############ DOWNGRADE APPS ############### + * Downgrade apps in app sources + * Wait for Monitoring Console and M4 to be ready + ########## DOWNGRADE VERIFICATIONS ######## + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied and downgraded on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP ################## + // Upload V2 version of apps to GCP for Monitoring Console + appVersion := "V2" + appFileList := testenv.GetAppFileList(appListV2) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Monitoring Console", appVersion)) + s3TestDirMC := "m4appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, s3TestDirMC, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for Monitoring Console + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + volumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, volumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, s3TestDirMC, 60) + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console instance") + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Upload V2 apps to GCP for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, s3TestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, s3TestDirShc, 60) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, mcName, "") + + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster and Search Head Cluster with App framework") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## INITIAL VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + mcPod := []string{fmt.Sprintf(testenv.MonitoringConsolePod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV2, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV2, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + mcAppSourceInfo := testenv.AppSourceInfo{CrKind: mc.Kind, CrName: mc.Name, CrAppSourceName: appSourceNameMC, CrAppSourceVolumeName: appSourceNameMC, CrPod: mcPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV2, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + clusterManagerBundleHash := testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############# DOWNGRADE APPS ################ + // Delete V2 apps on GCP + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on GCP", appVersion)) + + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // Upload V1 apps to GCP for Indexer Cluster + appVersion = "V1" + appFileList = testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Monitoring Console + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Monitoring Console", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## DOWNGRADE VERIFICATIONS ######## + cmAppSourceInfo.CrAppVersion = appVersion + cmAppSourceInfo.CrAppList = appListV1 + cmAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV1) + shcAppSourceInfo.CrAppVersion = appVersion + shcAppSourceInfo.CrAppList = appListV1 + shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV1) + mcAppSourceInfo.CrAppVersion = appVersion + mcAppSourceInfo.CrAppList = appListV1 + mcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV1) + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, clusterManagerBundleHash) + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + }) + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("integration, m4, appframework: can deploy a M4 SVA with App Framework enabled, install apps, scale up clusters, install apps on new pods, scale down", func() { + + /* Test Steps + ################## SETUP ################## + * Upload V1 apps to GCP for M4 + * Create app source for M4 SVA (Cluster Manager and Deployer) + * Prepare and deploy M4 CRD with app config and wait for pods to be ready + ########### INITIAL VERIFICATIONS ######### + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is sucessful + * Verify apps are copied and installed on Monitoring Console and also on Search Heads and Indexers pods + ############### SCALING UP ################ + * Scale up Indexers and Search Head Cluster + * Wait for Monitoring Console and M4 to be ready + ######### SCALING UP VERIFICATIONS ######## + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is sucessful + * Verify apps are copied and installed on new Search Heads and Indexers pods + ############### SCALING DOWN ############## + * Scale down Indexers and Search Head Cluster + * Wait for Monitoring Console and M4 to be ready + ######### SCALING DOWN VERIFICATIONS ###### + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is sucessful + * Verify apps are still copied and installed on all Search Heads and Indexers pods + */ + + //################## SETUP ################## + // Upload V1 apps to GCP for Indexer Cluster + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, s3TestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, s3TestDirShc, 60) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + indexersPerSite := 1 + shReplicas := 3 + cm, _, shc, err := deployment.DeployMultisiteClusterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // Ingest data on Indexers + for i := 1; i <= siteCount; i++ { + podName := fmt.Sprintf(testenv.MultiSiteIndexerPod, deployment.GetName(), i, 0) + logFile := fmt.Sprintf("test-log-%s.log", testenv.RandomDNSName(3)) + testenv.CreateMockLogfile(logFile, 2000) + testenv.IngestFileViaMonitor(ctx, logFile, "main", podName, deployment) + } + + // ############ Verify livenessProbe and readinessProbe config object and scripts############ + testcaseEnvInst.Log.Info("Get config map for livenessProbe and readinessProbe") + ConfigMapName := enterprise.GetProbeConfigMapName(testcaseEnvInst.GetName()) + _, err = testenv.GetConfigMap(ctx, deployment, testcaseEnvInst.GetName(), ConfigMapName) + Expect(err).To(Succeed(), "Unable to get config map for livenessProbe and readinessProbe", "ConfigMap name", ConfigMapName) + + //########### INITIAL VERIFICATIONS ######### + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //Delete configMap Object + err = testenv.DeleteConfigMap(testcaseEnvInst.GetName(), ConfigMapName) + Expect(err).To(Succeed(), "Unable to delete ConfigMao", "ConfigMap name", ConfigMapName) + + //############### SCALING UP ################ + // Get instance of current Search Head Cluster CR with latest config + err = deployment.GetInstance(ctx, deployment.GetName()+"-shc", shc) + + Expect(err).To(Succeed(), "Failed to get instance of Search Head Cluster") + + // Scale up Search Head Cluster + defaultSHReplicas := shc.Spec.Replicas + scaledSHReplicas := defaultSHReplicas + 1 + testcaseEnvInst.Log.Info("Scale up Search Head Cluster", "Current Replicas", defaultSHReplicas, "New Replicas", scaledSHReplicas) + + // Update Replicas of Search Head Cluster + shc.Spec.Replicas = int32(scaledSHReplicas) + err = deployment.UpdateCR(ctx, shc) + Expect(err).To(Succeed(), "Failed to scale up Search Head Cluster") + + // Ensure Search Head Cluster scales up and go to ScalingUp phase + testenv.VerifySearchHeadClusterPhase(ctx, deployment, testcaseEnvInst, enterpriseApi.PhaseScalingUp) + + // Get instance of current Indexer CR with latest config + idxcName := deployment.GetName() + "-" + "site1" + idxc := &enterpriseApi.IndexerCluster{} + err = deployment.GetInstance(ctx, idxcName, idxc) + Expect(err).To(Succeed(), "Failed to get instance of Indexer Cluster") + defaultIndexerReplicas := idxc.Spec.Replicas + scaledIndexerReplicas := defaultIndexerReplicas + 1 + testcaseEnvInst.Log.Info("Scale up Indexer Cluster", "Current Replicas", defaultIndexerReplicas, "New Replicas", scaledIndexerReplicas) + + // Update Replicas of Indexer Cluster + idxc.Spec.Replicas = int32(scaledIndexerReplicas) + err = deployment.UpdateCR(ctx, idxc) + Expect(err).To(Succeed(), "Failed to Scale Up Indexer Cluster") + + // Ensure Indexer cluster scales up and go to ScalingUp phase + testenv.VerifyIndexerClusterPhase(ctx, deployment, testcaseEnvInst, enterpriseApi.PhaseScalingUp, idxcName) + + // Ensure Indexer cluster go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ingest data on new Indexers + podName := fmt.Sprintf(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, 1) + logFile := fmt.Sprintf("test-log-%s.log", testenv.RandomDNSName(3)) + testenv.CreateMockLogfile(logFile, 2000) + testenv.IngestFileViaMonitor(ctx, logFile, "main", podName, deployment) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Search for data on newly added indexer + searchPod := fmt.Sprintf(testenv.SearchHeadPod, deployment.GetName(), 0) + indexerName := fmt.Sprintf(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, 1) + searchString := fmt.Sprintf("index=%s host=%s | stats count by host", "main", indexerName) + searchResultsResp, err := testenv.PerformSearchSync(ctx, searchPod, searchString, deployment) + Expect(err).To(Succeed(), "Failed to execute search '%s' on pod %s", searchPod, searchString) + + // Verify result. + searchResponse := strings.Split(searchResultsResp, "\n")[0] + var searchResults map[string]interface{} + jsonErr := json.Unmarshal([]byte(searchResponse), &searchResults) + Expect(jsonErr).To(Succeed(), "Failed to unmarshal JSON Search Results from response '%s'", searchResultsResp) + + testcaseEnvInst.Log.Info("Search results :", "searchResults", searchResults["result"]) + Expect(searchResults["result"]).ShouldNot(BeNil(), "No results in search response '%s' on pod %s", searchResults, searchPod) + + resultLine := searchResults["result"].(map[string]interface{}) + testcaseEnvInst.Log.Info("Sync Search results host count:", "count", resultLine["count"].(string), "host", resultLine["host"].(string)) + testHostname := strings.Compare(resultLine["host"].(string), indexerName) + Expect(testHostname).To(Equal(0), "Incorrect search result hostname. Expect: %s Got: %s", indexerName, resultLine["host"].(string)) + + //######### SCALING UP VERIFICATIONS ######## + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // ############ Verify livenessProbe and readinessProbe config object and scripts############ + testcaseEnvInst.Log.Info("Get config map for livenessProbe and readinessProbe") + _, err = testenv.GetConfigMap(ctx, deployment, testcaseEnvInst.GetName(), ConfigMapName) + Expect(err).To(Succeed(), "Unable to get config map for livenessProbe and readinessProbe", "ConfigMap name", ConfigMapName) + scriptsNames := []string{enterprise.GetLivenessScriptName(), enterprise.GetReadinessScriptName(), enterprise.GetStartupScriptName()} + allPods := testenv.DumpGetPods(testcaseEnvInst.GetName()) + testenv.VerifyFilesInDirectoryOnPod(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), allPods, scriptsNames, enterprise.GetProbeMountDirectory(), false, true) + + // Listing the Search Head cluster pods to exclude them from the 'no pod reset' test as they are expected to be reset after scaling + shcPodNames = []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + shcPodNames = append(shcPodNames, testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1)...) + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, shcPodNames) + + //############### SCALING DOWN ############## + // Get instance of current Search Head Cluster CR with latest config + err = deployment.GetInstance(ctx, deployment.GetName()+"-shc", shc) + + Expect(err).To(Succeed(), "Failed to get instance of Search Head Cluster") + + // Scale down Search Head Cluster + defaultSHReplicas = shc.Spec.Replicas + scaledSHReplicas = defaultSHReplicas - 1 + testcaseEnvInst.Log.Info("Scaling down Search Head Cluster", "Current Replicas", defaultSHReplicas, "New Replicas", scaledSHReplicas) + + // Update Replicas of Search Head Cluster + shc.Spec.Replicas = int32(scaledSHReplicas) + err = deployment.UpdateCR(ctx, shc) + Expect(err).To(Succeed(), "Failed to scale down Search Head Cluster") + + // Ensure Search Head Cluster scales down and go to ScalingDown phase + testenv.VerifySearchHeadClusterPhase(ctx, deployment, testcaseEnvInst, enterpriseApi.PhaseScalingDown) + + // Get instance of current Indexer CR with latest config + err = deployment.GetInstance(ctx, idxcName, idxc) + Expect(err).To(Succeed(), "Failed to get instance of Indexer Cluster") + defaultIndexerReplicas = idxc.Spec.Replicas + scaledIndexerReplicas = defaultIndexerReplicas - 1 + testcaseEnvInst.Log.Info("Scaling down Indexer Cluster", "Current Replicas", defaultIndexerReplicas, "New Replicas", scaledIndexerReplicas) + + // Update Replicas of Indexer Cluster + idxc.Spec.Replicas = int32(scaledIndexerReplicas) + err = deployment.UpdateCR(ctx, idxc) + Expect(err).To(Succeed(), "Failed to Scale down Indexer Cluster") + + // Ensure Indexer cluster scales down and go to ScalingDown phase + testenv.VerifyIndexerClusterPhase(ctx, deployment, testcaseEnvInst, enterpriseApi.PhaseScalingDown, idxcName) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure Indexer cluster go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Search for data from removed indexer + searchString = fmt.Sprintf("index=%s host=%s | stats count by host", "main", indexerName) + searchResultsResp, err = testenv.PerformSearchSync(ctx, searchPod, searchString, deployment) + Expect(err).To(Succeed(), "Failed to execute search '%s' on pod %s", searchPod, searchString) + + // Verify result. + searchResponse = strings.Split(searchResultsResp, "\n")[0] + jsonErr = json.Unmarshal([]byte(searchResponse), &searchResults) + Expect(jsonErr).To(Succeed(), "Failed to unmarshal JSON Search Results from response '%s'", searchResultsResp) + + testcaseEnvInst.Log.Info("Search results :", "searchResults", searchResults["result"]) + Expect(searchResults["result"]).ShouldNot(BeNil(), "No results in search response '%s' on pod %s", searchResults, searchPod) + + resultLine = searchResults["result"].(map[string]interface{}) + testcaseEnvInst.Log.Info("Sync Search results host count:", "count", resultLine["count"].(string), "host", resultLine["host"].(string)) + testHostname = strings.Compare(resultLine["host"].(string), indexerName) + Expect(testHostname).To(Equal(0), "Incorrect search result hostname. Expect: %s Got: %s", indexerName, resultLine["host"].(string)) + + //######### SCALING DOWN VERIFICATIONS ###### + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, shcPodNames) + }) + }) + + Context("Multi Site Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("integration, m4, appframework: can deploy a M4 SVA and have apps installed locally on Cluster Manager and Deployer", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to GCP + * Create app source with local scope for M4 SVA (Cluster Manager and Deployer) + * Prepare and deploy M4 CRD with app framework and wait for pods to be ready + ########## INITIAL VERIFICATION ############# + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify apps are installed locally on Cluster Manager and Deployer + ############### UPGRADE APPS ################ + * Upgrade apps in app sources + * Wait for pods to be ready + ########## UPGRADE VERIFICATIONS ############ + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify apps are copied, installed and upgraded on Cluster Manager and Deployer + */ + + //################## SETUP #################### + // Upload V1 apps to GCP for Indexer Cluster + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeLocal, appSourceNameIdxc, s3TestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeLocal, appSourceNameShc, s3TestDirShc, 60) + + // Deploy Multisite Cluster and Search Head Cluster, with App Framework enabled on Cluster Manager and Deployer + siteCount := 3 + indexersPerSite := 1 + shReplicas := 3 + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + cm, _, shc, err := deployment.DeployMultisiteClusterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## INITIAL VERIFICATION ############# + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############### UPGRADE APPS ################ + // Delete V1 apps on GCP + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on GCP", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // Upload V2 apps to GCP for Indexer Cluster + appVersion = "V2" + appFileList = testenv.GetAppFileList(appListV2) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## UPGRADE VERIFICATIONS ############ + cmAppSourceInfo.CrAppVersion = appVersion + cmAppSourceInfo.CrAppList = appListV2 + cmAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + shcAppSourceInfo.CrAppVersion = appVersion + shcAppSourceInfo.CrAppList = appListV2 + shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Multi Site Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("integration, m4, appframework: can deploy a M4 SVA with App Framework enabled for manual poll", func() { + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to GCP for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console with app framework and wait for the pod to be ready + * Upload V1 apps to GCP + * Create app source with manaul poll for M4 SVA (Cluster Manager and Deployer) + * Prepare and deploy M4 CRD with app framework and wait for pods to be ready + ########## INITIAL VERIFICATION ############# + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify apps are installed locally on Cluster Manager and Deployer + ############### UPGRADE APPS ################ + * Upgrade apps in app sources + * Wait for pods to be ready + ############ VERIFICATION APPS ARE NOT UPDATED BEFORE ENABLING MANUAL POLL ############ + * Verify Apps are not updated + ############ ENABLE MANUAL POLL ############ + * Verify Manual Poll disabled after the check + ############## UPGRADE VERIFICATIONS ############ + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify App Directory in under splunk path + * Verify apps are installed locally on Cluster Manager and Deployer + */ + + // ################## SETUP #################### + // Upload V1 apps to GCP for Monitoring Console + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Monitoring Console", appVersion)) + s3TestDirMC := "m4appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, s3TestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for Monitoring Console + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + volumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, volumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, s3TestDirMC, 0) + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Upload V1 apps to GCP for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, s3TestDirIdxc, 0) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, s3TestDirShc, 0) + + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster") + cm, _, shc, err := deployment.DeployMultisiteClusterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, mcName, "") + Expect(err).To(Succeed(), "Unable to deploy Multi Site Indexer Cluster with App framework") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure cluster configured as multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## INITIAL VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + mcPod := []string{fmt.Sprintf(testenv.MonitoringConsolePod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + mcAppSourceInfo := testenv.AppSourceInfo{CrKind: mc.Kind, CrName: mc.Name, CrAppSourceName: appSourceNameMC, CrAppSourceVolumeName: appSourceNameMC, CrPod: mcPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + clusterManagerBundleHash := testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + // ############### UPGRADE APPS ################ + + // Upload V2 apps to GCP for Indexer Cluster + appVersion = "V2" + appFileList = testenv.GetAppFileList(appListV2) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to GCP for Monitoring Console + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Monitoring Console", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirMC, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure cluster configured as multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // ############ VERIFICATION APPS ARE NOT UPDATED BEFORE ENABLING MANUAL POLL ############ + appVersion = "V1" + allPodNames := append(idxcPodNames, shcPodNames...) + testenv.VerifyAppInstalled(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), allPodNames, appListV1, true, "enabled", false, true) + + // ############ ENABLE MANUAL POLL ############ + testcaseEnvInst.Log.Info("Get config map for triggering manual update") + config, err := testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map for manual poll") + + testcaseEnvInst.Log.Info("Modify config map to trigger manual update") + config.Data["ClusterManager"] = strings.Replace(config.Data["ClusterManager"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer cluster configured as multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + testcaseEnvInst.Log.Info("Get config map for triggering manual update") + config, err = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map for manual poll") + + testcaseEnvInst.Log.Info("Modify config map to trigger manual update") + config.Data["SearchHeadCluster"] = strings.Replace(config.Data["SearchHeadCluster"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map") + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + testcaseEnvInst.Log.Info("Get config map for triggering manual update") + config, err = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map for manual poll") + + testcaseEnvInst.Log.Info("Modify config map to trigger manual update") + config.Data["MonitoringConsole"] = strings.Replace(config.Data["MonitoringConsole"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map") + + time.Sleep(2 * time.Minute) + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ########## Verify Manual Poll disabled after the check ################# + + // Verify config map set back to off after poll trigger + testcaseEnvInst.Log.Info(fmt.Sprintf("Verify config map set back to off after poll trigger for %s app", appVersion)) + config, _ = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + + Expect(strings.Contains(config.Data["ClusterManager"], "status: off") && strings.Contains(config.Data["SearchHeadCluster"], "status: off") && strings.Contains(config.Data["MonitoringConsole"], "status: off")).To(Equal(true), "Config map update not complete") + + // ############ VERIFY APPS UPDATED TO V2 ############# + appVersion = "V2" + cmAppSourceInfo.CrAppVersion = appVersion + cmAppSourceInfo.CrAppList = appListV2 + cmAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + shcAppSourceInfo.CrAppVersion = appVersion + shcAppSourceInfo.CrAppList = appListV2 + shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + mcAppSourceInfo.CrAppVersion = appVersion + mcAppSourceInfo.CrAppList = appListV2 + mcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo, mcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, clusterManagerBundleHash) + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Multi Site Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("integration, m4, appframework: can deploy a M4 SVA and have apps installed and updated locally on Cluster Manager and Deployer via manual poll", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to GCP + * Create app source with local scope for M4 SVA (Cluster Manager and Deployer) + * Prepare and deploy M4 CRD with app framework and wait for pods to be ready + ########## INITIAL VERIFICATION ############# + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify apps are installed locally on Cluster Manager and Deployer + ############### UPGRADE APPS ################ + * Upgrade apps in app sources + * Wait for pods to be ready + ############ VERIFICATION APPS ARE NOT UPDATED BEFORE ENABLING MANUAL POLL ############ + * Verify Apps are not updated + ############ ENABLE MANUAL POLL ############ + * Verify Manual Poll disabled after the poll is triggered + ########## UPGRADE VERIFICATIONS ############ + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify apps are copied, installed and upgraded on Cluster Manager and Deployer + */ + + //################## SETUP #################### + // Upload V1 apps to GCP for Indexer Cluster + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeLocal, appSourceNameIdxc, s3TestDirIdxc, 0) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeLocal, appSourceNameShc, s3TestDirShc, 0) + + // Deploy Multisite Cluster and Search Head Cluster, with App Framework enabled on Cluster Manager and Deployer + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + cm, _, shc, err := deployment.DeployMultisiteClusterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## INITIAL VERIFICATION ############# + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############### UPGRADE APPS ################ + // Delete V1 apps on GCP + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on GCP", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // Upload V2 apps to GCP for Indexer Cluster + appVersion = "V2" + appFileList = testenv.GetAppFileList(appListV2) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // ############ VERIFICATION APPS ARE NOT UPDATED BEFORE ENABLING MANUAL POLL ############ + appVersion = "V1" + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // ############ ENABLE MANUAL POLL ############ + appVersion = "V2" + testcaseEnvInst.Log.Info("Get config map for triggering manual update") + config, err := testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map for manual poll") + + testcaseEnvInst.Log.Info("Modify config map to trigger manual update") + config.Data["ClusterManager"] = strings.Replace(config.Data["ClusterManager"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer cluster configured as multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + testcaseEnvInst.Log.Info("Get config map for triggering manual update") + config, err = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map for manual poll") + + testcaseEnvInst.Log.Info("Modify config map to trigger manual update") + config.Data["SearchHeadCluster"] = strings.Replace(config.Data["SearchHeadCluster"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map") + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ########## Verify Manual Poll config map disabled after the poll is triggered ################# + + // Verify config map set back to off after poll trigger + testcaseEnvInst.Log.Info(fmt.Sprintf("Verify config map set back to off after poll trigger for %s app", appVersion)) + config, _ = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + + Expect(strings.Contains(config.Data["ClusterManager"], "status: off") && strings.Contains(config.Data["SearchHeadCluster"], "status: off")).To(Equal(true), "Config map update not complete") + + //########## UPGRADE VERIFICATIONS ############ + cmAppSourceInfo.CrAppVersion = appVersion + cmAppSourceInfo.CrAppList = appListV2 + cmAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + shcAppSourceInfo.CrAppVersion = appVersion + shcAppSourceInfo.CrAppList = appListV2 + shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Multi Site Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("m4, integration, appframework: can deploy a m4 SVA with apps installed locally on Cluster Manager and Deployer, cluster-wide on Peers and Search Heads, then upgrade them via a manual poll", func() { + + /* Test Steps + ################## SETUP #################### + * Split Applist into clusterlist and local list + * Upload V1 apps to GCP for Indexer Cluster and Search Head Cluster for local and cluster scope + * Create app sources for Cluster Manager and Deployer with local and cluster scope + * Prepare and deploy m4 CRD with app framework and wait for the pods to be ready + ######### INITIAL VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V1 apps are copied, installed on Monitoring Console and on Search Heads and Indexers pods + ############### UPGRADE APPS ################ + * Upload V2 apps on GCP + * Wait for all m4 pods to be ready + ############ FINAL VERIFICATIONS ############ + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V2 apps are copied and upgraded on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP #################### + // Split Applist into 2 lists for local and cluster install + appVersion := "V1" + appListLocal := appListV1[len(appListV1)/2:] + appListCluster := appListV1[:len(appListV1)/2] + + // Upload appListLocal list of apps to GCP (to be used for local install) for Idxc + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for local install (local scope)", appVersion)) + s3TestDirIdxcLocal = "m4appfw-" + testenv.RandomDNSName(4) + localappFileList := testenv.GetAppFileList(appListLocal) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxcLocal, localappFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps (local scope) to GCP test directory", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload appListLocal list of apps to GCP (to be used for local install) for Shc + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for local install (local scope)", appVersion)) + s3TestDirShcLocal = "m4appfw-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShcLocal, localappFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps (local scope) to GCP test directory", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload appListCluster list of apps to GCP (to be used for cluster-wide install) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for cluster-wide install (cluster scope)", appVersion)) + s3TestDirIdxcCluster = "m4appfw-cluster-" + testenv.RandomDNSName(4) + clusterappFileList := testenv.GetAppFileList(appListCluster) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxcCluster, clusterappFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps (cluster scope) to GCP test directory", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload appListCluster list of apps to GCP (to be used for cluster-wide install) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for cluster-wide install (cluster scope)", appVersion)) + s3TestDirShcCluster = "m4appfw-cluster-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShcCluster, clusterappFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps (cluster scope) to GCP test directory", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceNameLocalIdxc := "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceNameLocalShc := "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceNameClusterIdxc := "appframework-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameClusterShc := "appframework-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxcLocal := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShcLocal := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appSourceVolumeNameIdxcCluster := "appframework-test-volume-idxc-cluster-" + testenv.RandomDNSName(3) + appSourceVolumeNameShcCluster := "appframework-test-volume-shc-cluster-" + testenv.RandomDNSName(3) + + // Create App framework Spec for Cluster manager with scope local and append cluster scope + + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxcLocal, enterpriseApi.ScopeLocal, appSourceNameLocalIdxc, s3TestDirIdxcLocal, 0) + volumeSpecCluster := []enterpriseApi.VolumeSpec{testenv.GenerateIndexVolumeSpec(appSourceVolumeNameIdxcCluster, testenv.GetGCPEndpoint(), testcaseEnvInst.GetIndexSecretName(), "aws", "s3", testenv.GetDefaultGCPRegion())} + appFrameworkSpecIdxc.VolList = append(appFrameworkSpecIdxc.VolList, volumeSpecCluster...) + appSourceClusterDefaultSpec := enterpriseApi.AppSourceDefaultSpec{ + VolName: appSourceVolumeNameIdxcCluster, + Scope: enterpriseApi.ScopeCluster, + } + appSourceSpecCluster := []enterpriseApi.AppSourceSpec{testenv.GenerateAppSourceSpec(appSourceNameClusterIdxc, s3TestDirIdxcCluster, appSourceClusterDefaultSpec)} + appFrameworkSpecIdxc.AppSources = append(appFrameworkSpecIdxc.AppSources, appSourceSpecCluster...) + + // Create App framework Spec for Search head cluster with scope local and append cluster scope + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShcLocal, enterpriseApi.ScopeLocal, appSourceNameLocalShc, s3TestDirShcLocal, 0) + volumeSpecCluster = []enterpriseApi.VolumeSpec{testenv.GenerateIndexVolumeSpec(appSourceVolumeNameShcCluster, testenv.GetGCPEndpoint(), testcaseEnvInst.GetIndexSecretName(), "aws", "s3", testenv.GetDefaultGCPRegion())} + + appFrameworkSpecShc.VolList = append(appFrameworkSpecShc.VolList, volumeSpecCluster...) + appSourceClusterDefaultSpec = enterpriseApi.AppSourceDefaultSpec{ + VolName: appSourceVolumeNameShcCluster, + Scope: enterpriseApi.ScopeCluster, + } + appSourceSpecCluster = []enterpriseApi.AppSourceSpec{testenv.GenerateAppSourceSpec(appSourceNameClusterShc, s3TestDirShcCluster, appSourceClusterDefaultSpec)} + appFrameworkSpecShc.AppSources = append(appFrameworkSpecShc.AppSources, appSourceSpecCluster...) + + // Create Single site Cluster and Search Head Cluster, with App Framework enabled on Cluster Manager and Deployer + testcaseEnvInst.Log.Info("Deploy Single site Indexer Cluster with both Local and Cluster scope for apps installation") + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + Expect(err).To(Succeed(), "Unable to deploy Single Site Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer Cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############ INITIAL VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfoLocal := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameLocalIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxcLocal, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListLocal, CrAppFileList: localappFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + cmAppSourceInfoCluster := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameClusterIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxcCluster, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListCluster, CrAppFileList: clusterappFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + shcAppSourceInfoLocal := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameLocalShc, CrAppSourceVolumeName: appSourceVolumeNameShcLocal, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListLocal, CrAppFileList: localappFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + shcAppSourceInfoCluster := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameClusterShc, CrAppSourceVolumeName: appSourceVolumeNameShcCluster, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListCluster, CrAppFileList: clusterappFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfoLocal, cmAppSourceInfoCluster, shcAppSourceInfoLocal, shcAppSourceInfoCluster} + clusterManagerBundleHash := testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + //############### UPGRADE APPS ################ + // Delete apps on GCP + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on GCP", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // Redefine app lists as LDAP app isn't in V1 apps + appListLocal = appListV1[len(appListV1)/2:] + appListCluster = appListV1[:len(appListV1)/2] + + // Upload appListLocal list of V2 apps to GCP (to be used for local install) + appVersion = "V2" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for local install (local scope)", appVersion)) + localappFileList = testenv.GetAppFileList(appListLocal) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxcLocal, localappFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for local install", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShcLocal, localappFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for local install", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload appListCluster list of V2 apps to GCP (to be used for cluster-wide install) + clusterappFileList = testenv.GetAppFileList(appListCluster) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for cluster install (cluster scope)", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxcCluster, clusterappFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for cluster-wide install", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShcCluster, clusterappFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for cluster-wide install", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // ############ ENABLE MANUAL POLL ############ + + testcaseEnvInst.Log.Info("Get config map for triggering manual update") + config, err := testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map for manual poll") + + testcaseEnvInst.Log.Info("Modify config map to trigger manual update") + config.Data["ClusterManager"] = strings.Replace(config.Data["ClusterManager"], "off", "on", 1) + config.Data["SearchHeadCluster"] = strings.Replace(config.Data["SearchHeadCluster"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map") + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameClusterIdxc, clusterappFileList) + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer Cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // ########## Verify Manual Poll config map disabled after the poll is triggered ################# + + // Verify config map set back to off after poll trigger + testcaseEnvInst.Log.Info("Verify config map set back to off after poll trigger for app", "version", appVersion) + config, _ = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(strings.Contains(config.Data["ClusterManager"], "status: off") && strings.Contains(config.Data["SearchHeadCluster"], "status: off")).To(Equal(true), "Config map update not complete") + + //########## UPGRADE VERIFICATION ############# + cmAppSourceInfoLocal.CrAppVersion = appVersion + cmAppSourceInfoLocal.CrAppList = appListLocal + cmAppSourceInfoLocal.CrAppFileList = localappFileList + cmAppSourceInfoCluster.CrAppVersion = appVersion + cmAppSourceInfoCluster.CrAppList = appListCluster + cmAppSourceInfoCluster.CrAppFileList = clusterappFileList + shcAppSourceInfoLocal.CrAppVersion = appVersion + shcAppSourceInfoLocal.CrAppList = appListLocal + shcAppSourceInfoLocal.CrAppFileList = localappFileList + shcAppSourceInfoCluster.CrAppVersion = appVersion + shcAppSourceInfoCluster.CrAppList = appListCluster + shcAppSourceInfoCluster.CrAppFileList = clusterappFileList + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfoLocal, cmAppSourceInfoCluster, shcAppSourceInfoLocal, shcAppSourceInfoCluster} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, clusterManagerBundleHash) + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (M4) and App Framework", func() { + It("integration, m4, appframework: can deploy a M4, add new apps to app source while install is in progress and have all apps installed locally on Cluster Manager and Deployer", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to GCP for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console CRD with app framework and wait for the pod to be ready + * Upload big-size app to GCP for Indexer Cluster and Search Head Cluster + * Create app sources for Cluster Manager and Deployer + * Prepare and deploy M4 CRD with app framework + * Verify app installation is in progress on Cluster Manager and Deployer + * Upload more apps from GCP during bigger app install + * Wait for polling interval to pass + * Verify all apps are installed on Cluster Manager and Deployer + */ + + //################## SETUP #################### + // Upload V1 apps to GCP for Monitoring Console + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Monitoring Console", appVersion)) + s3TestDirMC := "m4appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, s3TestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Prepare Monitoring Console spec with its own app source + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + appSourceVolumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, s3TestDirMC, 60) + + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Download all test apps from GCP + appList := append(testenv.BigSingleApp, testenv.ExtraApps...) + appFileList = testenv.GetAppFileList(appList) + err = testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download apps") + + // Upload big-size app to GCP for Cluster Manager + appList = testenv.BigSingleApp + appFileList = testenv.GetAppFileList(appList) + testcaseEnvInst.Log.Info("Upload big-size app to GCP for Cluster Manager") + s3TestDirIdxc = "m4appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big-size app to GCP test directory for Cluster Manager") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload big-size app to GCP for Search Head Cluster + testcaseEnvInst.Log.Info("Upload big-size app to GCP for Search Head Cluster") + s3TestDirShc = "m4appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big-size app to GCP test directory for Search Head Cluster") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeLocal, appSourceNameIdxc, s3TestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeLocal, appSourceNameShc, s3TestDirShc, 60) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, mcName, "") + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster and Search Head Cluster with App framework") + + // Verify App installation is in progress on Cluster Manager + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList, enterpriseApi.AppPkgInstallComplete, enterpriseApi.AppPkgPodCopyComplete) + + // Upload more apps to GCP for Cluster Manager + appList = testenv.ExtraApps + appFileList = testenv.GetAppFileList(appList) + testcaseEnvInst.Log.Info("Upload more apps to GCP for Cluster Manager") + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload more apps to GCP test directory for Cluster Manager") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload more apps to GCP for Deployer + testcaseEnvInst.Log.Info("Upload more apps to GCP for Deployer") + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload more apps to GCP test directory for Deployer") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Ensure Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Wait for polling interval to pass + testenv.WaitForAppInstall(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Verify all apps are installed on Cluster Manager + appList = append(testenv.BigSingleApp, testenv.ExtraApps...) + appFileList = testenv.GetAppFileList(appList) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + testcaseEnvInst.Log.Info(fmt.Sprintf("Verify all apps %v are installed on Cluster Manager", appList)) + testenv.VerifyAppInstalled(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), cmPod, appList, true, "enabled", false, false) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + time.Sleep(60 * time.Second) + // Wait for polling interval to pass + testenv.WaitForAppInstall(ctx, deployment, testcaseEnvInst, deployment.GetName()+"-shc", shc.Kind, appSourceNameShc, appFileList) + + // Verify all apps are installed on Deployer + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + testcaseEnvInst.Log.Info(fmt.Sprintf("Verify all apps %v are installed on Deployer", appList)) + testenv.VerifyAppInstalled(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), deployerPod, appList, true, "enabled", false, false) + }) + }) + + Context("Single Site Indexer Cluster with Search Head Cluster (M4) and App Framework", func() { + It(" m4gcp, m4_mgr_gcp_sanity: can deploy a M4, add new apps to app source while install is in progress and have all apps installed cluster-wide", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to GCP for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console CRD with app framework and wait for the pod to be ready + * Upload big-size app to GCP for Indexer Cluster and Search Head Cluster + * Create app sources for Cluster Manager and Deployer + * Prepare and deploy M4 CRD with app framework and wait for the pods to be ready + ############## VERIFICATIONS ################ + * Verify App installation is in progress on Cluster Manager and Deployer + * Upload more apps from GCP during bigger app install + * Wait for polling interval to pass + * Verify all apps are installed on Cluster Manager and Deployer + */ + + //################## SETUP #################### + // Upload V1 apps to GCP for Monitoring Console + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Monitoring Console", appVersion)) + s3TestDirMC := "m4appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, s3TestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Monitoring Console %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Prepare Monitoring Console spec with its own app source + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + appSourceVolumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, s3TestDirMC, 60) + + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify Monitoring Console is ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Download all test apps from GCP + appList := append(testenv.BigSingleApp, testenv.ExtraApps...) + appFileList = testenv.GetAppFileList(appList) + err = testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download apps") + + // Upload big-size app to GCP for Cluster Manager + appList = testenv.BigSingleApp + appFileList = testenv.GetAppFileList(appList) + testcaseEnvInst.Log.Info("Upload big-size app to GCP for Cluster Manager") + s3TestDirIdxc = "m4appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big-size app to GCP test directory for Cluster Manager") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload big-size app to GCP for Search Head Cluster + testcaseEnvInst.Log.Info("Upload big-size app to GCP for Search Head Cluster") + s3TestDirShc = "m4appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big-size app to GCP test directory for Search Head Cluster") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, s3TestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, s3TestDirShc, 60) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, mcName, "") + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster and Search Head Cluster with App framework") + + // Verify App installation is in progress + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList, enterpriseApi.AppPkgInstallComplete, enterpriseApi.AppPkgPodCopyComplete) + + // Upload more apps to GCP for Cluster Manager + appList = testenv.ExtraApps + appFileList = testenv.GetAppFileList(appList) + testcaseEnvInst.Log.Info("Upload more apps to GCP for Cluster Manager") + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload more apps to GCP test directory for Cluster Manager") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload more apps to GCP for Deployer + testcaseEnvInst.Log.Info("Upload more apps to GCP for Deployer") + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload more apps to GCP test directory for Deployer") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Ensure Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Wait for polling interval to pass + testenv.WaitForAppInstall(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Verify all apps are installed on indexers + appList = append(testenv.BigSingleApp, testenv.ExtraApps...) + appFileList = testenv.GetAppFileList(appList) + idxcPodNames := testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), indexersPerSite, true, siteCount) + testcaseEnvInst.Log.Info(fmt.Sprintf("Verify all apps %v are installed on indexers", appList)) + testenv.VerifyAppInstalled(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), idxcPodNames, appList, true, "enabled", false, true) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Wait for polling interval to pass + testenv.WaitForAppInstall(ctx, deployment, testcaseEnvInst, deployment.GetName()+"-shc", shc.Kind, appSourceNameShc, appFileList) + + // Verify all apps are installed on Search Heads + shcPodNames := testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Verify all apps %v are installed on Search Heads", appList)) + testenv.VerifyAppInstalled(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), shcPodNames, appList, true, "enabled", false, true) + + }) + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("integration, m4, appframework: can deploy a M4 SVA with App Framework enabled and reset operator pod while app install is in progress", func() { + + /* Test Steps + ################## SETUP ################## + * Upload V1 apps to GCP for Indexer Cluster and Search Head Cluster + * Prepare and deploy M4 CRD with app framework and wait for the pods to be ready + * While app install is in progress, restart the operator + ########## VERIFICATIONS ########## + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied and installed on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP ################## + // Download all apps from GCP + appList := append(testenv.BigSingleApp, testenv.ExtraApps...) + appFileList := testenv.GetAppFileList(appList) + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download big-size app") + + // Upload V1 apps to GCP for Indexer Cluster + appVersion := "V1" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, s3TestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, s3TestDirShc, 60) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster and Search Head Cluster with App framework") + + // Verify App installation is in progress on Cluster Manager + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList, enterpriseApi.AppPkgInstallComplete, enterpriseApi.AppPkgInstallPending) + + // Delete Operator pod while Install in progress + testenv.DeleteOperatorPod(testcaseEnvInst) + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer Cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("integration, m4, appframework: can deploy a M4 SVA with App Framework enabled and reset operator pod while app download is in progress", func() { + + /* Test Steps + ################## SETUP ################## + * Upload V1 apps to GCP for Indexer Cluster and Search Head Cluster + * Prepare and deploy M4 CRD with app framework and wait for the pods to be ready + * While app download is in progress, restart the operator + ########## VERIFICATIONS ########## + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied and installed on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP ################## + // Download all apps from GCP + appList := append(testenv.BigSingleApp, testenv.ExtraApps...) + appFileList := testenv.GetAppFileList(appList) + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download big-size app") + + // Upload V1 apps to GCP for Indexer Cluster + appVersion := "V1" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, s3TestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, s3TestDirShc, 60) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster and Search Head Cluster with App framework") + + // Verify App Download is in progress on Cluster Manager + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList, enterpriseApi.AppPkgDownloadComplete, enterpriseApi.AppPkgDownloadPending) + + // Delete Operator pod while Install in progress + testenv.DeleteOperatorPod(testcaseEnvInst) + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer Cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("integration, m4, appframework: can deploy a M4 SVA with App Framework enabled, install an app, then disable it by using a disabled version of the app and then remove it from app source", func() { + + /* Test Steps + ################## SETUP ################## + * Upload V1 apps to GCP for Indexer Cluster and Search Head Cluster + * Prepare and deploy M4 CRD with app framework and wait for the pods to be ready + ########## INITIAL VERIFICATIONS ########## + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied and installed on Monitoring Console and on Search Heads and Indexers pods + * Disable the app + * Delete the app from s3 + * Check for repo state in App Deployment Info + */ + + //################## SETUP ################## + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + + // Upload V1 apps to GCP for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, s3TestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, s3TestDirShc, 60) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster and Search Head Cluster with App framework") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer Cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## INITIAL VERIFICATIONS ########## + idxcPodNames := testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames := testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify repo state on App to be disabled to be 1 (i.e app present on GCP bucket) + appName := appListV1[0] + appFileName := testenv.GetAppFileList([]string{appName}) + testenv.VerifyAppRepoState(ctx, deployment, testcaseEnvInst, cm.Name, cm.Kind, appSourceNameIdxc, 1, appFileName[0]) + + // Disable the app + testenv.DisableAppsToGCP(downloadDirV1, appFileName, s3TestDirIdxc) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileName) + + // Ensure Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer Cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Wait for App state to update after config file change + testenv.WaitforAppInstallState(ctx, deployment, testcaseEnvInst, idxcPodNames, testcaseEnvInst.GetName(), appName, "disabled", true) + + // Delete the file from GCP + s3Filepath := filepath.Join(s3TestDirIdxc, appFileName[0]) + err = testenv.DeleteFileOnGCP(testGcsBucket, s3Filepath) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to delete %s app on GCP test directory", appFileName)) + + // Verify repo state is set to 2 (i.e app deleted from GCP bucket) + testenv.VerifyAppRepoState(ctx, deployment, testcaseEnvInst, cm.Name, cm.Kind, appSourceNameIdxc, 2, appFileName[0]) + }) + }) + + Context("Multi Site Indexer Cluster with Search Head Cluster (M4) with App Framework", func() { + It("integration, m4, appframework: can deploy a M4 SVA, install apps via manual polling, switch to periodic polling, verify apps are not updated before the end of AppsRepoPollInterval, then updated after", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to GCP + * Create app source with local scope for M4 SVA, AppsRepoPollInterval=0 to set apps polling as manual + * Prepare and deploy M4 CRD with app framework and wait for pods to be ready + ########## INITIAL VERIFICATION ############# + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify apps are installed locally on Cluster Manager and Deployer + * Verify status is 'OFF' in config map for Cluster Manager and Search Head Cluster + ######### SWITCH FROM MANUAL TO PERIODIC POLLING ############ + * Set AppsRepoPollInterval to 180 seconds for Cluster Manager and Search Head Cluster + * Change status to 'ON' in config map for Cluster Manager and Search Head Cluster + ############### UPGRADE APPS ################ + * Upgrade apps in app sources + * Wait for pods to be ready + ############ UPGRADE VERIFICATION ########## + * Verify apps are not updated before the end of AppsRepoPollInterval duration + * Verify apps are updated after the end of AppsRepoPollInterval duration + */ + + //################## SETUP #################### + // Upload V1 apps to GCP for Indexer Cluster + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeLocal, appSourceNameIdxc, s3TestDirIdxc, 0) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeLocal, appSourceNameShc, s3TestDirShc, 0) + + // Deploy Multisite Cluster and Search Head Cluster, with App Framework enabled on Cluster Manager and Deployer + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + cm, _, shc, err := deployment.DeployMultisiteClusterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## INITIAL VERIFICATION ############# + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + + // Verify status is 'OFF' in config map for Cluster Manager and Search Head Cluster + testcaseEnvInst.Log.Info("Verify status is 'OFF' in config map for Cluster Manager and Search Head Cluster") + config, _ := testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(strings.Contains(config.Data["ClusterManager"], "status: off") && strings.Contains(config.Data["SearchHeadCluster"], "status: off")).To(Equal(true), "Config map update not complete") + + //######### SWITCH FROM MANUAL TO PERIODIC POLLING ############ + // Get instance of current Cluster Manager CR with latest config + cm = &enterpriseApi.ClusterManager{} + err = deployment.GetInstance(ctx, deployment.GetName(), cm) + Expect(err).To(Succeed(), "Failed to edit Cluster Manager") + + // Set AppsRepoPollInterval for Cluster Manager to 180 seconds + testcaseEnvInst.Log.Info("Set AppsRepoPollInterval for Cluster Manager to 180 seconds") + cm.Spec.AppFrameworkConfig.AppsRepoPollInterval = int64(180) + err = deployment.UpdateCR(ctx, cm) + Expect(err).To(Succeed(), "Failed to change AppsRepoPollInterval value for Cluster Manager") + + // Get instance of current Search Head Cluster CR with latest config + shc = &enterpriseApi.SearchHeadCluster{} + err = deployment.GetInstance(ctx, deployment.GetName()+"-shc", shc) + Expect(err).To(Succeed(), "Failed to edit Search Head Cluster") + + // Set AppsRepoPollInterval for Search Head Cluster to 180 seconds + testcaseEnvInst.Log.Info("Set AppsRepoPollInterval for Search Head Cluster to 180 seconds") + shc.Spec.AppFrameworkConfig.AppsRepoPollInterval = int64(180) + err = deployment.UpdateCR(ctx, shc) + Expect(err).To(Succeed(), "Failed to change AppsRepoPollInterval value for Search Head Cluster") + + // Change status to 'ON' in config map for Cluster Manager and Search Head Cluster + testcaseEnvInst.Log.Info("Change status to 'ON' in config map for Cluster Manager") + config, err = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map") + + config.Data["ClusterManager"] = strings.Replace(config.Data["ClusterManager"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map for Cluster Manager") + + testcaseEnvInst.Log.Info("Change status to 'ON' in config map for Search Head Cluster") + config.Data["SearchHeadCluster"] = strings.Replace(config.Data["SearchHeadCluster"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map for Search Head Cluster") + + // Wait 5 seconds to be sure reconcile caused by CR update and config map update are done + testcaseEnvInst.Log.Info("Wait 5 seconds to be sure reconcile caused by CR update and config map update are done") + time.Sleep(5 * time.Second) + + // Verify status is 'ON' in config map for Cluster Manager and Search Head Cluster + testcaseEnvInst.Log.Info("Verify status is 'ON' in config map for Cluster Manager and Search Head Cluster") + config, _ = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(strings.Contains(config.Data["ClusterManager"], "status: on") && strings.Contains(config.Data["SearchHeadCluster"], "status: on")).To(Equal(true), "Config map update not complete") + + //############### UPGRADE APPS ################ + // Delete V1 apps on GCP + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on GCP", appVersion)) + testenv.DeleteFilesOnGCP(testGcsBucket, uploadedApps) + uploadedApps = nil + + // Upload V2 apps to GCP for Indexer Cluster + appVersion = "V2" + appFileList = testenv.GetAppFileList(appListV2) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## UPGRADE VERIFICATIONS ############ + testcaseEnvInst.Log.Info("Verify apps are not updated before the end of AppsRepoPollInterval duration") + appVersion = "V1" + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Wait for the end of AppsRepoPollInterval duration + testcaseEnvInst.Log.Info("Wait for the end of AppsRepoPollInterval duration") + time.Sleep(2 * time.Minute) + + testcaseEnvInst.Log.Info("Verify apps are updated after the end of AppsRepoPollInterval duration") + appVersion = "V2" + cmAppSourceInfo.CrAppVersion = appVersion + cmAppSourceInfo.CrAppList = appListV2 + cmAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + shcAppSourceInfo.CrAppVersion = appVersion + shcAppSourceInfo.CrAppList = appListV2 + shcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + allAppSourceInfo = []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("integration, m4, appframework: can deploy a M4 SVA with App Framework enabled and update apps after app download is completed", func() { + + /* Test Steps + ################## SETUP ################## + * Upload V1 apps to GCP for Indexer Cluster and Search Head Cluster + * Prepare and deploy M4 CRD with app framework and wait for the pods to be ready + * While app download is in progress, restart the operator + * While app download is completed, upload new versions of the apps + ######### VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V1 apps are copied, installed on Search Heads and Indexers pods + ######### UPGRADE VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify V1 apps are copied, installed on Search Heads and Indexers pods + */ + + //################## SETUP ################## + // Download all apps from GCP + appVersion := "V1" + appListV1 := []string{appListV1[0]} + appFileList := testenv.GetAppFileList(appListV1) + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download apps") + + // Upload V1 apps to GCP for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeLocal, appSourceNameIdxc, s3TestDirIdxc, 120) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeLocal, appSourceNameShc, s3TestDirShc, 120) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster and Search Head Cluster with App framework") + + // Verify App Download is in progress on Cluster Manager + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList, enterpriseApi.AppPkgInstallComplete, enterpriseApi.AppPkgPodCopyPending) + + // Upload V2 apps to GCP for Indexer Cluster + appVersion = "V2" + appListV2 := []string{appListV2[0]} + appFileList = testenv.GetAppFileList(appListV2) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V2 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## VERIFICATIONS ########## + appVersion = "V1" + testenv.VerifyAppInstalled(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())}, appListV1, false, "enabled", false, false) + + // Check for changes in App phase to determine if next poll has been triggered + appFileList = testenv.GetAppFileList(appListV2) + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList) + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer Cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + //############ UPGRADE VERIFICATIONS ############ + appVersion = "V2" + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV2, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV2, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + }) + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("m4, integration, appframework: can deploy a M4 SVA and install a bigger volume of apps than the operator PV disk space", func() { + + /* Test Steps + ################## SETUP #################### + * Upload 15 apps of 100MB size each to GCP for Indexer Cluster and Search Head Cluster for cluster scope + * Create app sources for Cluster Master and Deployer with cluster scope + * Prepare and deploy M4 CRD with app framework and wait for the pods to be ready + ######### INITIAL VERIFICATIONS ############# + * Verify Apps are Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied, installed on Search Heads and Indexers pods + */ + + //################## SETUP #################### + // Create a large file on Operator pod + opPod := testenv.GetOperatorPodName(testcaseEnvInst) + err := testenv.CreateDummyFileOnOperator(ctx, deployment, opPod, testenv.AppDownloadVolume, "1G", "test_file.img") + Expect(err).To(Succeed(), "Unable to create file on operator") + filePresentOnOperator = true + + // Download apps for test + appVersion := "V1" + appList := testenv.PVTestApps + appFileList := testenv.GetAppFileList(appList) + err = testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsPVTestApps, downloadDirPVTestApps, appFileList) + Expect(err).To(Succeed(), "Unable to download app files") + + // Upload apps to GCP for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + s3TestDirIdxc := "m4appfw-idxc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirPVTestApps) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search head Cluster", appVersion)) + s3TestDirShc := "m4appfw-shc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirPVTestApps) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Maximum apps to be downloaded in parallel + maxConcurrentAppDownloads := 30 + + // Create App framework Spec for C3 + appSourceNameIdxc := "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc := "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceVolumeNameIdxc := "appframework-test-volume-idxc-" + testenv.RandomDNSName(3) + appSourceVolumeNameShc := "appframework-test-volume-shc-" + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, s3TestDirIdxc, 60) + appFrameworkSpecIdxc.MaxConcurrentAppDownloads = uint64(maxConcurrentAppDownloads) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, s3TestDirShc, 60) + appFrameworkSpecShc.MaxConcurrentAppDownloads = uint64(maxConcurrentAppDownloads) + + // Deploy Multisite Cluster and Search Head Cluster, with App Framework enabled on Cluster Manager and Deployer + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + cm, _, shc, err := deployment.DeployMultisiteClusterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster with Search Head Cluster") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############ INITIAL VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + }) + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It("integration, m4, appframework: can deploy a M4 SVA with App Framework enabled and delete apps from app directory when download is complete", func() { + + /* Test Steps + ################## SETUP ################## + * Upload big-size app to GCP for Indexer Cluster and Search Head Cluster + * Prepare and deploy M4 CRD with app framework and wait for the pods to be ready + * When app download is complete, delete apps from app directory + ########## VERIFICATIONS ########## + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify bundle push is successful + * Verify apps are copied and installed on Monitoring Console and on Search Heads and Indexers pods + */ + + //################## SETUP ################## + // Download big size apps from GCP + appList := testenv.BigSingleApp + appFileList := testenv.GetAppFileList(appList) + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download big-size app") + + // Upload big size app to GCP for Indexer Cluster + appVersion := "V1" + testcaseEnvInst.Log.Info("Upload big size app to GCP for Indexer Cluster") + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big size to GCP test directory for Indexer Cluster") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload big size app to GCP for Search Head Cluster + testcaseEnvInst.Log.Info("Upload big size app to GCP for Search Head Cluster") + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big size to GCP test directory for Search Head Cluster") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, s3TestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, s3TestDirShc, 60) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + shReplicas := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster and Search Head Cluster with App framework") + + // Verify App Download is completed on Cluster Manager + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), cm.Kind, appSourceNameIdxc, appFileList, enterpriseApi.AppPkgPodCopyComplete, enterpriseApi.AppPkgPodCopyPending) + + //Delete apps from app directory when app download is complete + opPod := testenv.GetOperatorPodName(testcaseEnvInst) + podDownloadPath := filepath.Join(splcommon.AppDownloadVolume, "downloadedApps", testenvInstance.GetName(), cm.Kind, deployment.GetName(), enterpriseApi.ScopeCluster, appSourceNameIdxc, testenv.AppInfo[appList[0]]["filename"]) + err = testenv.DeleteFilesOnOperatorPod(ctx, deployment, opPod, []string{podDownloadPath}) + Expect(err).To(Succeed(), "Unable to delete file on pod") + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer Cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## VERIFICATIONS ########## + var idxcPodNames, shcPodNames []string + idxcPodNames = testenv.GeneratePodNameSlice(testenv.MultiSiteIndexerPod, deployment.GetName(), 1, true, siteCount) + shcPodNames = testenv.GeneratePodNameSlice(testenv.SearchHeadPod, deployment.GetName(), shReplicas, false, 1) + cmPod := []string{fmt.Sprintf(testenv.ClusterManagerPod, deployment.GetName())} + deployerPod := []string{fmt.Sprintf(testenv.DeployerPod, deployment.GetName())} + cmAppSourceInfo := testenv.AppSourceInfo{CrKind: cm.Kind, CrName: cm.Name, CrAppSourceName: appSourceNameIdxc, CrAppSourceVolumeName: appSourceVolumeNameIdxc, CrPod: cmPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: indexersPerSite, CrMultisite: true, CrClusterPods: idxcPodNames} + shcAppSourceInfo := testenv.AppSourceInfo{CrKind: shc.Kind, CrName: shc.Name, CrAppSourceName: appSourceNameShc, CrAppSourceVolumeName: appSourceVolumeNameShc, CrPod: deployerPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeCluster, CrAppList: appList, CrAppFileList: appFileList, CrReplicas: shReplicas, CrClusterPods: shcPodNames} + allAppSourceInfo := []testenv.AppSourceInfo{cmAppSourceInfo, shcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify no pods reset by checking the pod age + testenv.VerifyNoPodReset(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), splunkPodAge, nil) + }) + }) + + Context("Multisite Indexer Cluster with Search Head Cluster (m4) with App Framework", func() { + It(" m4gcp, m4_mgr_gcp_sanity: can deploy a M4 SVA with App Framework enabled, install apps and check IsDeploymentInProgress for CM and SHC CR's", func() { + + /* Test Steps + ################## SETUP ################## + * Upload V1 apps to GCP for Indexer Cluster and Search Head Cluster + * Prepare and deploy M4 CRD with app framework + * Verify IsDeploymentInProgress is set + * Wait for the pods to be ready + */ + + //################## SETUP ################## + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + + // Upload V1 apps to GCP for Indexer Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Indexer Cluster", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGcsBucket, s3TestDirIdxc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Indexer Cluster %s", appVersion, testGcsBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload V1 apps to GCP for Search Head Cluster + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP for Search Head Cluster", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGcsBucket, s3TestDirShc, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP test directory for Search Head Cluster", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for M4 + appSourceNameIdxc = "appframework-idxc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appSourceNameShc = "appframework-shc-" + enterpriseApi.ScopeCluster + testenv.RandomDNSName(3) + appFrameworkSpecIdxc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameIdxc, enterpriseApi.ScopeCluster, appSourceNameIdxc, s3TestDirIdxc, 60) + appFrameworkSpecShc := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameShc, enterpriseApi.ScopeCluster, appSourceNameShc, s3TestDirShc, 60) + + // Deploy M4 CRD + testcaseEnvInst.Log.Info("Deploy Multisite Indexer Cluster with Search Head Cluster") + siteCount := 3 + indexersPerSite := 1 + cm, _, shc, err := deployment.DeployMultisiteClusterWithSearchHeadAndAppFramework(ctx, deployment.GetName(), indexersPerSite, siteCount, appFrameworkSpecIdxc, appFrameworkSpecShc, true, "", "") + + Expect(err).To(Succeed(), "Unable to deploy Multisite Indexer Cluster and Search Head Cluster with App framework") + + // Verify IsDeploymentInProgress Flag is set to true for Cluster Master CR + testcaseEnvInst.Log.Info("Checking isDeploymentInProgress Flag for Cluster Manager") + testenv.VerifyIsDeploymentInProgressFlagIsSet(ctx, deployment, testcaseEnvInst, cm.Name, cm.Kind) + + // Ensure that the Cluster Manager goes to Ready phase + testenv.ClusterManagerReady(ctx, deployment, testcaseEnvInst) + + // Verify IsDeploymentInProgress Flag is set to true for SHC CR + testcaseEnvInst.Log.Info("Checking isDeploymentInProgress Flag for SHC") + testenv.VerifyIsDeploymentInProgressFlagIsSet(ctx, deployment, testcaseEnvInst, shc.Name, shc.Kind) + + // Ensure the Indexers of all sites go to Ready phase + testenv.IndexersReady(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Indexer Cluster configured as Multisite + testenv.IndexerClusterMultisiteStatus(ctx, deployment, testcaseEnvInst, siteCount) + + // Ensure Search Head Cluster go to Ready phase + testenv.SearchHeadClusterReady(ctx, deployment, testcaseEnvInst) + + // Verify RF SF is met + testenv.VerifyRFSFMet(ctx, deployment, testcaseEnvInst) + }) + }) +}) diff --git a/test/appframework_gcp/s1/appframework_gcs_suite_test.go b/test/appframework_gcp/s1/appframework_gcs_suite_test.go new file mode 100644 index 000000000..af2fab4c2 --- /dev/null +++ b/test/appframework_gcp/s1/appframework_gcs_suite_test.go @@ -0,0 +1,98 @@ +// Copyright (c) 2018-2022 Splunk Inc. All rights reserved. + +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package gcps1appfw + +import ( + "os" + "path/filepath" + "testing" + "time" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + + "github.com/splunk/splunk-operator/test/testenv" +) + +const ( + // PollInterval specifies the polling interval + PollInterval = 5 * time.Second + + // ConsistentPollInterval is the interval to use to consistently check a state is stable + ConsistentPollInterval = 200 * time.Millisecond + ConsistentDuration = 2000 * time.Millisecond +) + +var ( + testenvInstance *testenv.TestEnv + testSuiteName = "s1appfw-" + testenv.RandomDNSName(3) + appListV1 []string + appListV2 []string + testDataGcsBucket = os.Getenv("TEST_BUCKET") + testGCSBucket = os.Getenv("TEST_INDEXES_S3_BUCKET") + gcsAppDirV1 = testenv.AppLocationV1 + gcsAppDirV2 = testenv.AppLocationV2 + gcsPVTestApps = testenv.PVTestAppsLocation + currDir, _ = os.Getwd() + downloadDirV1 = filepath.Join(currDir, "s1appfwV1-"+testenv.RandomDNSName(4)) + downloadDirV2 = filepath.Join(currDir, "s1appfwV2-"+testenv.RandomDNSName(4)) + downloadDirPVTestApps = filepath.Join(currDir, "s1appfwPVTestApps-"+testenv.RandomDNSName(4)) +) + +// TestBasic is the main entry point +func TestBasic(t *testing.T) { + + RegisterFailHandler(Fail) + + RunSpecs(t, "Running "+testSuiteName) +} + +var _ = BeforeSuite(func() { + var err error + testenvInstance, err = testenv.NewDefaultTestEnv(testSuiteName) + Expect(err).ToNot(HaveOccurred()) + + if testenv.ClusterProvider == "gcp" { + // Create a list of apps to upload to GCP + appListV1 = testenv.BasicApps + appFileList := testenv.GetAppFileList(appListV1) + + // Download V1 Apps from GCP + err = testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download V1 app files") + + // Create a list of apps to upload to GCP after poll period + appListV2 = append(appListV1, testenv.NewAppsAddedBetweenPolls...) + appFileList = testenv.GetAppFileList(appListV2) + + // Download V2 Apps from GCP + err = testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV2, downloadDirV2, appFileList) + Expect(err).To(Succeed(), "Unable to download V2 app files") + } else { + testenvInstance.Log.Info("Skipping Before Suite Setup", "Cluster Provider", testenv.ClusterProvider) + } + +}) + +var _ = AfterSuite(func() { + if testenvInstance != nil { + Expect(testenvInstance.Teardown()).ToNot(HaveOccurred()) + } + + // Delete locally downloaded app files + err := os.RemoveAll(downloadDirV1) + Expect(err).To(Succeed(), "Unable to delete locally downloaded V1 app files") + err = os.RemoveAll(downloadDirV2) + Expect(err).To(Succeed(), "Unable to delete locally downloaded V2 app files") +}) diff --git a/test/appframework_gcp/s1/appframework_gcs_test.go b/test/appframework_gcp/s1/appframework_gcs_test.go new file mode 100644 index 000000000..a36559db9 --- /dev/null +++ b/test/appframework_gcp/s1/appframework_gcs_test.go @@ -0,0 +1,2030 @@ +// Copyright (c) 2018-2022 Splunk Inc. All rights reserved. + +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License.s +package gcps1appfw + +import ( + "context" + "fmt" + "path/filepath" + "strings" + "time" + + enterpriseApi "github.com/splunk/splunk-operator/api/v4" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + + splcommon "github.com/splunk/splunk-operator/pkg/splunk/common" + "github.com/splunk/splunk-operator/pkg/splunk/enterprise" + testenv "github.com/splunk/splunk-operator/test/testenv" + corev1 "k8s.io/api/core/v1" +) + +var _ = Describe("s1appfw test", func() { + + var testcaseEnvInst *testenv.TestCaseEnv + var deployment *testenv.Deployment + var gcsTestDir string + var uploadedApps []string + var appSourceName string + var appSourceVolumeName string + var filePresentOnOperator bool + + ctx := context.TODO() + + BeforeEach(func() { + var err error + name := fmt.Sprintf("%s-%s", testenvInstance.GetName(), testenv.RandomDNSName(3)) + testcaseEnvInst, err = testenv.NewDefaultTestCaseEnv(testenvInstance.GetKubeClient(), name) + Expect(err).To(Succeed(), "Unable to create testcaseenv") + deployment, err = testcaseEnvInst.NewDeployment(testenv.RandomDNSName(3)) + Expect(err).To(Succeed(), "Unable to create deployment") + gcsTestDir = "s1appfw-" + testenv.RandomDNSName(4) + appSourceVolumeName = "appframework-test-volume-" + testenv.RandomDNSName(3) + }) + + AfterEach(func() { + // When a test spec failed, skip the teardown so we can troubleshoot. + if CurrentGinkgoTestDescription().Failed { + testcaseEnvInst.SkipTeardown = true + } + if deployment != nil { + deployment.Teardown() + } + // Delete files uploaded to GCS + if !testcaseEnvInst.SkipTeardown { + testenv.DeleteFilesOnGCP(testGCSBucket, uploadedApps) + } + if testcaseEnvInst != nil { + Expect(testcaseEnvInst.Teardown()).ToNot(HaveOccurred()) + } + + if filePresentOnOperator { + //Delete files from app-directory + opPod := testenv.GetOperatorPodName(testcaseEnvInst) + podDownloadPath := filepath.Join(testenv.AppDownloadVolume, "test_file.img") + testenv.DeleteFilesOnOperatorPod(ctx, deployment, opPod, []string{podDownloadPath}) + } + }) + + Context("Standalone deployment (S1) with App Framework", func() { + It("smokegcp, s1gcp, s1_gcp_sanity: can deploy a Standalone instance with App Framework enabled, install apps then upgrade them", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to gcs for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console with app framework and wait for the pod to be ready + * Upload V1 apps to gcs for Standalone + * Create app source for Standalone + * Prepare and deploy Standalone with app framework and wait for the pod to be ready + ############ V1 APP VERIFICATION FOR STANDALONE AND MONITORING CONSOLE ########### + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify App Directory in under splunk path + * Verify no pod resets triggered due to app install + * Verify App enabled and version by running splunk cmd + ############ UPGRADE V2 APPS ########### + * Upload V2 apps to gcs App Source + ############ V2 APP VERIFICATION FOR STANDALONE AND MONITORING CONSOLE ########### + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify App Directory in under splunk path + * Verify no pod resets triggered due to app install + * Verify App enabled and version by running splunk cmd + */ + + // ################## SETUP FOR MONITORING CONSOLE #################### + + // Upload V1 apps to gcs for Monitoring Console + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to gcs for Monitoring Console", appVersion)) + + gcsTestDirMC := "s1appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGCSBucket, gcsTestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to gcs test directory for Monitoring Console %s", appVersion, testGCSBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework spec for Monitoring Console + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + appSourceVolumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, gcsTestDirMC, 60) + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // ################## SETUP FOR STANDALONE #################### + // Upload V1 apps to gcs for Standalone + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to gcs for Standalone", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to gcs test directory for Standalone", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Maximum apps to be downloaded in parallel + maxConcurrentAppDownloads := 5 + + // Create App framework spec for Standalone + appSourceName = "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpec := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeName, enterpriseApi.ScopeLocal, appSourceName, gcsTestDir, 60) + appFrameworkSpec.MaxConcurrentAppDownloads = uint64(maxConcurrentAppDownloads) + spec := enterpriseApi.StandaloneSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + MonitoringConsoleRef: corev1.ObjectReference{ + Name: mcName, + }, + }, + AppFrameworkConfig: appFrameworkSpec, + } + + // Deploy Standalone + testcaseEnvInst.Log.Info("Deploy Standalone") + standalone, err := deployment.DeployStandaloneWithGivenSpec(ctx, deployment.GetName(), spec) + Expect(err).To(Succeed(), "Unable to deploy Standalone instance with App framework") + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ############ Verify livenessProbe and readinessProbe config object and scripts############ + testcaseEnvInst.Log.Info("Get config map for livenessProbe and readinessProbe") + ConfigMapName := enterprise.GetProbeConfigMapName(testcaseEnvInst.GetName()) + _, err = testenv.GetConfigMap(ctx, deployment, testcaseEnvInst.GetName(), ConfigMapName) + Expect(err).To(Succeed(), "Unable to get config map for livenessProbe and readinessProbe", "ConfigMap name", ConfigMapName) + scriptsNames := []string{enterprise.GetLivenessScriptName(), enterprise.GetReadinessScriptName(), enterprise.GetStartupScriptName()} + allPods := testenv.DumpGetPods(testcaseEnvInst.GetName()) + testenv.VerifyFilesInDirectoryOnPod(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), allPods, scriptsNames, enterprise.GetProbeMountDirectory(), false, true) + + // ############ INITIAL VERIFICATION ########### + standalonePod := []string{fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 0)} + mcPod := []string{fmt.Sprintf(testenv.MonitoringConsolePod, deployment.GetName())} + standaloneAppSourceInfo := testenv.AppSourceInfo{CrKind: standalone.Kind, CrName: standalone.Name, CrAppSourceName: appSourceName, CrPod: standalonePod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList} + mcAppSourceInfo := testenv.AppSourceInfo{CrKind: mc.Kind, CrName: mc.Name, CrAppSourceName: appSourceNameMC, CrAppSourceVolumeName: appSourceNameMC, CrPod: mcPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{standaloneAppSourceInfo, mcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // ############## UPGRADE APPS ################# + + // Delete apps on gcs + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on gcs", appVersion)) + testenv.DeleteFilesOnGCP(testGCSBucket, uploadedApps) + uploadedApps = nil + + // Upload V2 apps to gcs for Standalone and Monitoring Console + appVersion = "V2" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to gcs for Standalone and Monitoring Console", appVersion)) + appFileList = testenv.GetAppFileList(appListV2) + + uploadedFiles, err = testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to gcs test directory for Standalone", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + uploadedFiles, err = testenv.UploadFilesToGCP(testGCSBucket, gcsTestDirMC, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to gcs test directory for Monitoring Console %s", appVersion, testGCSBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), standalone.Kind, appSourceName, appFileList) + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############ UPGRADE VERIFICATION ########### + standaloneAppSourceInfo.CrAppVersion = appVersion + standaloneAppSourceInfo.CrAppList = appListV2 + standaloneAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + mcAppSourceInfo.CrAppVersion = appVersion + mcAppSourceInfo.CrAppList = appListV2 + mcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + allAppSourceInfo = []testenv.AppSourceInfo{standaloneAppSourceInfo, mcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + }) + }) + + Context("Standalone deployment (S1) with App Framework", func() { + It("smokegcp, s1gcp, s1_gcp_sanity: can deploy a Standalone instance with App Framework enabled, install apps then downgrade them", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V2 apps to gcs for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console with app framework and wait for the pod to be ready + * Upload V2 apps to gcs for Standalone + * Create app source for Standalone + * Prepare and deploy Standalone with app framework and wait for the pod to be ready + ############ INITIAL VERIFICATION FOR STANDALONE AND MONITORING CONSOLE ########### + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify App Directory in under splunk path + * Verify no pod resets triggered due to app install + * Verify App enabled and version by running splunk cmd + ############# DOWNGRADE APPS ################ + * Upload V1 apps on gcs + * Wait for Monitoring Console and Standalone pods to be ready + ########## DOWNGRADE VERIFICATION FOR STANDALONE AND MONITORING CONSOLE ########### + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify App Directory in under splunk path + * Verify no pod resets triggered due to app install + * Verify App enabled and version by running splunk cmd + */ + + //################## SETUP #################### + // Upload V2 apps to gcs + appVersion := "V2" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to gcs for Standalone and Monitoring Console", appVersion)) + appFileList := testenv.GetAppFileList(appListV2) + gcsTestDir = "s1appfw-" + testenv.RandomDNSName(4) + + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to gcs for Standalone", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to gcs test directory for Standalone", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to gcs for Monitoring Console", appVersion)) + gcsTestDirMC := "s1appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGCSBucket, gcsTestDirMC, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to gcs test directory for Monitoring Console %s", appVersion, testGCSBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for Monitoring Console + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + appSourceVolumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, gcsTestDirMC, 60) + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Create App framework Spec for Standalone + appSourceName = "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpec := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeName, enterpriseApi.ScopeLocal, appSourceName, gcsTestDir, 60) + spec := enterpriseApi.StandaloneSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + MonitoringConsoleRef: corev1.ObjectReference{ + Name: mcName, + }, + }, + AppFrameworkConfig: appFrameworkSpec, + } + + // Deploy Standalone + testcaseEnvInst.Log.Info("Deploy Standalone") + standalone, err := deployment.DeployStandaloneWithGivenSpec(ctx, deployment.GetName(), spec) + Expect(err).To(Succeed(), "Unable to deploy Standalone instance with App framework") + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############ INITIAL VERIFICATION ########### + standalonePod := []string{fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 0)} + mcPod := []string{fmt.Sprintf(testenv.MonitoringConsolePod, deployment.GetName())} + standaloneAppSourceInfo := testenv.AppSourceInfo{CrKind: standalone.Kind, CrName: standalone.Name, CrAppSourceName: appSourceName, CrPod: standalonePod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV2, CrAppFileList: appFileList} + mcAppSourceInfo := testenv.AppSourceInfo{CrKind: mc.Kind, CrName: mc.Name, CrAppSourceName: appSourceNameMC, CrAppSourceVolumeName: appSourceNameMC, CrPod: mcPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV2, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{standaloneAppSourceInfo, mcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // ############# DOWNGRADE APPS ################ + // Delete apps on gcs + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on gcs", appVersion)) + testenv.DeleteFilesOnGCP(testGCSBucket, uploadedApps) + uploadedApps = nil + + // get revision number of the resource + resourceVersion := testenv.GetResourceVersion(ctx, deployment, testcaseEnvInst, mc) + + // Upload V1 apps to gcs for Standalone and Monitoring Console + appVersion = "V1" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to gcs for Standalone and Monitoring Console", appVersion)) + appFileList = testenv.GetAppFileList(appListV1) + + uploadedFiles, err = testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to gcs test directory for Standalone", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + uploadedFiles, err = testenv.UploadFilesToGCP(testGCSBucket, gcsTestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to gcs test directory for Monitoring Console %s", appVersion, testGCSBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), standalone.Kind, appSourceName, appFileList) + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // wait for custom resource resource version to change + testenv.VerifyCustomResourceVersionChanged(ctx, deployment, testcaseEnvInst, mc, resourceVersion) + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## DOWNGRADE VERIFICATION ########### + standaloneAppSourceInfo.CrAppVersion = appVersion + standaloneAppSourceInfo.CrAppList = appListV1 + standaloneAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV1) + mcAppSourceInfo.CrAppVersion = appVersion + mcAppSourceInfo.CrAppList = appListV1 + mcAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV1) + allAppSourceInfo = []testenv.AppSourceInfo{standaloneAppSourceInfo, mcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + }) + }) + + Context("Standalone deployment (S1) with App Framework", func() { + It("s1gcp, smokegcp, appframeworkgcp: can deploy a Standalone instance with App Framework enabled, install apps, scale up, install apps on new pod, scale down", func() { + + /* Test Steps + ################## SETUP #################### + * Upload apps on gcs + * Create 2 app sources for Monitoring Console and Standalone + * Prepare and deploy Monitoring Console CRD with app framework and wait for the pod to be ready + * Prepare and deploy Standalone CRD with app framework and wait for the pod to be ready + ########## INITIAL VERIFICATION ############# + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify App Directory in under splunk path + * Verify no pod resets triggered due to app install + * Verify App enabled and version by running splunk cmd + ############### SCALING UP ################## + * Scale up Standalone + * Wait for Monitoring Console and Standalone to be ready + ########### SCALING UP VERIFICATION ######### + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify App Directory in under splunk path + * Verify no pod resets triggered due to app install + * Verify App enabled and version by running splunk cmd + ############## SCALING DOWN ################# + * Scale down Standalone + * Wait for Monitoring Console and Standalone to be ready + ########### SCALING DOWN VERIFICATION ####### + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify App Directory in under splunk path + * Verify no pod resets triggered due to app install + * Verify App enabled and version by running splunk cmd + */ + + //################## SETUP #################### + // Upload V1 apps to gcs for Standalone and Monitoring Console + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to gcs for Standalone and Monitoring Console", appVersion)) + + gcsTestDirMC := "s1appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGCSBucket, gcsTestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to gcs test directory for Monitoring Console %s", appVersion, testGCSBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + uploadedFiles, err = testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to gcs test directory for Standalone", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for Monitoring Console + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + appSourceVolumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, gcsTestDirMC, 60) + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify Monitoring Console is Ready and stays in ready state + // testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Upload apps to gcs for Standalone + gcsTestDir := "s1appfw-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload apps to gcs test directory") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for Standalone + appSourceName = "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpec := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeName, enterpriseApi.ScopeLocal, appSourceName, gcsTestDir, 60) + spec := enterpriseApi.StandaloneSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + MonitoringConsoleRef: corev1.ObjectReference{ + Name: mcName, + }, + }, + AppFrameworkConfig: appFrameworkSpec, + } + + // Deploy Standalone + testcaseEnvInst.Log.Info("Deploy Standalone") + standalone, err := deployment.DeployStandaloneWithGivenSpec(ctx, deployment.GetName(), spec) + Expect(err).To(Succeed(), "Unable to deploy Standalone instance with App framework") + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ############ Verify livenessProbe and readinessProbe config object and scripts############ + testcaseEnvInst.Log.Info("Get config map for livenessProbe and readinessProbe") + ConfigMapName := enterprise.GetProbeConfigMapName(testcaseEnvInst.GetName()) + _, err = testenv.GetConfigMap(ctx, deployment, testcaseEnvInst.GetName(), ConfigMapName) + Expect(err).To(Succeed(), "Unable to get config map for livenessProbe and readinessProbe", "ConfigMap name", ConfigMapName) + + //########## INITIAL VERIFICATION ############# + scaledReplicaCount := 2 + standalonePod := []string{fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 0)} + mcPod := []string{fmt.Sprintf(testenv.MonitoringConsolePod, deployment.GetName())} + standaloneAppSourceInfo := testenv.AppSourceInfo{CrKind: standalone.Kind, CrName: standalone.Name, CrAppSourceName: appSourceName, CrPod: standalonePod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: scaledReplicaCount} + mcAppSourceInfo := testenv.AppSourceInfo{CrKind: mc.Kind, CrName: mc.Name, CrAppSourceName: appSourceNameMC, CrAppSourceVolumeName: appSourceNameMC, CrPod: mcPod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{standaloneAppSourceInfo, mcAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + //Delete configMap Object + err = testenv.DeleteConfigMap(testcaseEnvInst.GetName(), ConfigMapName) + Expect(err).To(Succeed(), "Unable to delete ConfigMao", "ConfigMap name", ConfigMapName) + + //############### SCALING UP ################## + // Scale up Standalone instance + testcaseEnvInst.Log.Info("Scale up Standalone") + + standalone = &enterpriseApi.Standalone{} + err = deployment.GetInstance(ctx, deployment.GetName(), standalone) + Expect(err).To(Succeed(), "Failed to get instance of Standalone") + + standalone.Spec.Replicas = int32(scaledReplicaCount) + + err = deployment.UpdateCR(ctx, standalone) + Expect(err).To(Succeed(), "Failed to scale up Standalone") + + // Ensure Standalone is scaling up + testenv.VerifyStandalonePhase(ctx, deployment, testcaseEnvInst, deployment.GetName(), enterpriseApi.PhaseScalingUp) + + // Wait for Standalone to be in READY status + testenv.VerifyStandalonePhase(ctx, deployment, testcaseEnvInst, deployment.GetName(), enterpriseApi.PhaseReady) + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + //########### SCALING UP VERIFICATION ######### + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // ############ Verify livenessProbe and readinessProbe config object and scripts############ + testcaseEnvInst.Log.Info("Get config map for livenessProbe and readinessProbe") + _, err = testenv.GetConfigMap(ctx, deployment, testcaseEnvInst.GetName(), ConfigMapName) + Expect(err).To(Succeed(), "Unable to get config map for livenessProbe and readinessProbe", "ConfigMap name", ConfigMapName) + scriptsNames := []string{enterprise.GetLivenessScriptName(), enterprise.GetReadinessScriptName(), enterprise.GetStartupScriptName()} + allPods := testenv.DumpGetPods(testcaseEnvInst.GetName()) + testenv.VerifyFilesInDirectoryOnPod(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), allPods, scriptsNames, enterprise.GetProbeMountDirectory(), false, true) + + //############## SCALING DOWN ################# + // Scale down Standalone instance + testcaseEnvInst.Log.Info("Scale down Standalone") + scaledReplicaCount = 1 + standalone = &enterpriseApi.Standalone{} + err = deployment.GetInstance(ctx, deployment.GetName(), standalone) + Expect(err).To(Succeed(), "Failed to get instance of Standalone after scaling down") + + standalone.Spec.Replicas = int32(scaledReplicaCount) + err = deployment.UpdateCR(ctx, standalone) + Expect(err).To(Succeed(), "Failed to scale down Standalone") + + // Ensure Standalone is scaling down + testenv.VerifyStandalonePhase(ctx, deployment, testcaseEnvInst, deployment.GetName(), enterpriseApi.PhaseScalingDown) + + // Wait for Standalone to be in READY status + testenv.VerifyStandalonePhase(ctx, deployment, testcaseEnvInst, deployment.GetName(), enterpriseApi.PhaseReady) + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + //########### SCALING DOWN VERIFICATION ####### + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + }) + }) + + Context("Standalone deployment (S1) with App Framework", func() { + It("s1gcp, integrationgcp, appframeworkgcp: can deploy a Standalone instance with App Framework enabled, install apps, scale up, upgrade apps", func() { + + /* Test Steps + ################## SETUP #################### + * Upload apps on gcs + * Create app source for Standalone + * Prepare and deploy Standalone CRD with app framework and wait for the pod to be ready + ########## INITIAL VERIFICATION ############# + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify App Directory in under splunk path + * Verify no pod resets triggered due to app install + * Verify App enabled and version by running splunk cmd + ############### SCALING UP ################## + * Scale up Standalone + * Wait for Standalone to be ready + ############### UPGRADE APPS ################ + * Upload V2 apps to gcs App Source + ###### SCALING UP/UPGRADE VERIFICATIONS ##### + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify App Directory in under splunk path + * Verify no pod resets triggered due to app install + * Verify App enabled and version by running splunk cmd + */ + + //################## SETUP #################### + // Upload V1 apps to gcs for Standalone + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to gcs for Standalone", appVersion)) + + uploadedFiles, err := testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to gcs test directory for Standalone", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload apps to gcs for Standalone + gcsTestDir := "s1appfw-" + testenv.RandomDNSName(4) + uploadedFiles, err = testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload apps to gcs test directory") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec for Standalone + appSourceName = "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpec := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeName, enterpriseApi.ScopeLocal, appSourceName, gcsTestDir, 60) + spec := enterpriseApi.StandaloneSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpec, + } + + // Deploy Standalone + testcaseEnvInst.Log.Info("Deploy Standalone") + standalone, err := deployment.DeployStandaloneWithGivenSpec(ctx, deployment.GetName(), spec) + Expect(err).To(Succeed(), "Unable to deploy Standalone instance with App framework") + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //########## INITIAL VERIFICATION ############# + scaledReplicaCount := 2 + standalonePod := []string{fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 0)} + standaloneAppSourceInfo := testenv.AppSourceInfo{CrKind: standalone.Kind, CrName: standalone.Name, CrAppSourceName: appSourceName, CrPod: standalonePod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList, CrReplicas: scaledReplicaCount} + allAppSourceInfo := []testenv.AppSourceInfo{standaloneAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + //############### SCALING UP ################## + // Scale up Standalone instance + testcaseEnvInst.Log.Info("Scale up Standalone") + + standalone = &enterpriseApi.Standalone{} + err = deployment.GetInstance(ctx, deployment.GetName(), standalone) + Expect(err).To(Succeed(), "Failed to get instance of Standalone") + + standalone.Spec.Replicas = int32(scaledReplicaCount) + + err = deployment.UpdateCR(ctx, standalone) + Expect(err).To(Succeed(), "Failed to scale up Standalone") + + // Ensure Standalone is scaling up + testenv.VerifyStandalonePhase(ctx, deployment, testcaseEnvInst, deployment.GetName(), enterpriseApi.PhaseScalingUp) + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // ############## UPGRADE APPS ################# + // Delete apps on gcs + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on gcs", appVersion)) + testenv.DeleteFilesOnGCP(testGCSBucket, uploadedApps) + uploadedApps = nil + + // Upload V2 apps to gcs for Standalone and Monitoring Console + appVersion = "V2" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to gcs for Standalone and Monitoring Console", appVersion)) + appFileList = testenv.GetAppFileList(appListV2) + + uploadedFiles, err = testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to gcs test directory for Standalone", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), standalone.Kind, appSourceName, appFileList) + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############ SCALING UP/UPGRADE VERIFICATIONS ########### + standaloneAppSourceInfo.CrAppVersion = appVersion + standaloneAppSourceInfo.CrAppList = appListV2 + standaloneAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + standaloneAppSourceInfo.CrPod = []string{fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 0), fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 1)} + allAppSourceInfo = []testenv.AppSourceInfo{standaloneAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + }) + }) + + // ES App Installation not supported at the time. Will be added back at a later time. + Context("Standalone deployment (S1) with App Framework", func() { + It("s1gcp, integrationgcp, appframeworkgcp: can deploy a Standalone and have ES app installed", func() { + + /* Test Steps + ################## SETUP #################### + * Upload ES app to gcs + * Create App Source for Standalone + * Prepare and deploy Standalone and wait for the pod to be ready + ################## VERIFICATION ############# + * Verify ES app is installed on Standalone + */ + + //################## SETUP #################### + + // Download ES App from gcs + testcaseEnvInst.Log.Info("Download ES app from gcs") + esApp := []string{"SplunkEnterpriseSecuritySuite"} + appFileList := testenv.GetAppFileList(esApp) + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download ES app") + + // Upload ES app to gcs + testcaseEnvInst.Log.Info("Upload ES app on gcs") + uploadedFiles, err := testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload ES app to gcs test directory") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceName = "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpec := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeName, enterpriseApi.ScopePremiumApps, appSourceName, gcsTestDir, 60) + appFrameworkSpec.AppSources[0].PremiumAppsProps = enterpriseApi.PremiumAppsProps{ + Type: enterpriseApi.PremiumAppsTypeEs, + EsDefaults: enterpriseApi.EsDefaults{ + SslEnablement: enterpriseApi.SslEnablementIgnore, + }, + } + spec := enterpriseApi.StandaloneSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpec, + } + + // Deploy Standalone + testcaseEnvInst.Log.Info("Deploy Standalone") + standalone, err := deployment.DeployStandaloneWithGivenSpec(ctx, deployment.GetName(), spec) + Expect(err).To(Succeed(), "Unable to deploy Standalone with App framework") + + // Ensure Standalone goes to Ready phase + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ############ INITIAL VERIFICATION ########### + appVersion := "V1" + standalonePod := []string{fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 0)} + standaloneAppSourceInfo := testenv.AppSourceInfo{CrKind: standalone.Kind, CrName: standalone.Name, CrAppSourceName: appSourceName, CrPod: standalonePod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: esApp, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{standaloneAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // ############## UPGRADE APPS ################# + + // Delete apps on gcs + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on gcs", appVersion)) + testenv.DeleteFilesOnGCP(testGCSBucket, uploadedApps) + uploadedApps = nil + + // Download ES App from gcs + testcaseEnvInst.Log.Info("Download updated ES app from gcs") + err = testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV2, downloadDirV2, appFileList) + Expect(err).To(Succeed(), "Unable to download ES app") + + // Upload V2 apps to gcs for Standalone + appVersion = "V2" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s Es app to gcs for Standalone and Monitoring Console", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s Es app to gcs test directory for Standalone", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), standalone.Kind, appSourceName, appFileList) + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############ UPGRADE VERIFICATION ########### + standaloneAppSourceInfo.CrAppVersion = appVersion + standaloneAppSourceInfo.CrAppList = esApp + standaloneAppSourceInfo.CrAppFileList = testenv.GetAppFileList(esApp) + allAppSourceInfo = []testenv.AppSourceInfo{standaloneAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + }) + }) + + Context("Standalone deployment (S1) with App Framework", func() { + It("integrationgcp, s1gcp, appframeworkgcp: can deploy a Standalone instance with App Framework enabled and install around 350MB of apps at once", func() { + + /* Test Steps + ################## SETUP #################### + * Create app source for Standalone + * Add more apps than usual on gcs for this test + * Prepare and deploy Standalone with app framework and wait for the pod to be ready + ############### VERIFICATION ################ + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify App Directory in under splunk path + * Verify App enabled and version by running splunk cmd + */ + + //################## SETUP #################### + + // Creating a bigger list of apps to be installed than the default one + appList := append(appListV1, testenv.RestartNeededApps...) + appFileList := testenv.GetAppFileList(appList) + appVersion := "V1" + + // Download apps from gcs + testcaseEnvInst.Log.Info("Download bigger amount of apps from gcs for this test") + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + + Expect(err).To(Succeed(), "Unable to download apps files") + + // Upload apps to GCS + testcaseEnvInst.Log.Info("Upload bigger amount of apps to GCS for this test") + uploadedFiles, err := testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload apps to GCS test directory") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceName = "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpec := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeName, enterpriseApi.ScopeLocal, appSourceName, gcsTestDir, 60) + spec := enterpriseApi.StandaloneSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpec, + } + + // Deploy Standalone + testcaseEnvInst.Log.Info("Deploy Standalone") + standalone, err := deployment.DeployStandaloneWithGivenSpec(ctx, deployment.GetName(), spec) + Expect(err).To(Succeed(), "Unable to deploy Standalone instance") + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############### VERIFICATION ################ + standalonePod := []string{fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 0)} + standaloneAppSourceInfo := testenv.AppSourceInfo{CrKind: standalone.Kind, CrName: standalone.Name, CrAppSourceName: appSourceName, CrPod: standalonePod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{standaloneAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + }) + }) + + Context("Standalone deployment (S1) with App Framework", func() { + It("s1gcp, smokegcp, appframeworkgcp: can deploy a standalone instance with App Framework enabled for manual poll", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to GCS for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console with app framework and wait for the pod to be ready + * Create app source for Standalone + * Prepare and deploy Standalone with app framework(MANUAL POLL) and wait for the pod to be ready + ############### VERIFICATION ################ + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify App Directory in under splunk path + * Verify no pod resets triggered due to app install + * Verify App enabled and version by running splunk cmd + ############ UPGRADE V2 APPS ########### + * Upload V2 apps to GCS App Source + ############ VERIFICATION APPS ARE NOT UPDATED BEFORE ENABLING MANUAL POLL ############ + * Verify Apps are not updated + ############ ENABLE MANUAL POLL ############ + * Verify Manual Poll disabled after the check + ############ V2 APP VERIFICATION FOR STANDALONE AND MONITORING CONSOLE ########### + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify App Directory in under splunk path + * Verify no pod resets triggered due to app install + * Verify App enabled and version by running splunk cmd + */ + + //################## SETUP #################### + + // Upload V1 apps to GCS for Monitoring Console + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Monitoring Console", appVersion)) + gcsTestDirMC := "s1appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGCSBucket, gcsTestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Monitoring Console %s", appVersion, testGCSBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework spec for Monitoring Console + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + appSourceVolumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, gcsTestDirMC, 0) + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Upload V1 apps to GCS + uploadedFiles, err = testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceName = "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpec := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeName, enterpriseApi.ScopeLocal, appSourceName, gcsTestDir, 0) + + spec := enterpriseApi.StandaloneSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + MonitoringConsoleRef: corev1.ObjectReference{ + Name: mcName, + }, + }, + AppFrameworkConfig: appFrameworkSpec, + } + + // Create Standalone Deployment with App Framework + standalone, err := deployment.DeployStandaloneWithGivenSpec(ctx, deployment.GetName(), spec) + Expect(err).To(Succeed(), "Unable to deploy standalone instance with App framework") + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############### VERIFICATION ################ + standalonePod := []string{fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 0)} + standaloneAppSourceInfo := testenv.AppSourceInfo{CrKind: standalone.Kind, CrName: standalone.Name, CrAppSourceName: appSourceName, CrPod: standalonePod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{standaloneAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + //############### UPGRADE APPS ################ + + //Delete apps on GCS for new Apps + testenv.DeleteFilesOnGCP(testGCSBucket, uploadedApps) + uploadedApps = nil + + //Upload new Versioned Apps to GCS + appVersion = "V2" + appFileList = testenv.GetAppFileList(appListV2) + + uploadedFiles, err = testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + uploadedFiles, err = testenv.UploadFilesToGCP(testGCSBucket, gcsTestDirMC, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Monitoring Console %s", appVersion, testGCSBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), standalone.Kind, appSourceName, appFileList) + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // ############ VERIFICATION APPS ARE NOT UPDATED BEFORE ENABLING MANUAL POLL ############ + appVersion = "V1" + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // ############ ENABLE MANUAL POLL ############ + appVersion = "V2" + testcaseEnvInst.Log.Info("Get config map for triggering manual update") + config, err := testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(err).To(Succeed(), "Unable to get config map for manual poll") + testcaseEnvInst.Log.Info("Config map data for", "Standalone", config.Data["Standalone"]) + + testcaseEnvInst.Log.Info("Modify config map to trigger manual update") + config.Data["Standalone"] = strings.Replace(config.Data["Standalone"], "off", "on", 1) + config.Data["MonitoringConsole"] = strings.Replace(config.Data["Standalone"], "off", "on", 1) + err = deployment.UpdateCR(ctx, config) + Expect(err).To(Succeed(), "Unable to update config map") + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //Verify config map set back to off after poll trigger + testcaseEnvInst.Log.Info(fmt.Sprintf("Verify config map set back to off after poll trigger for %s app", appVersion)) + config, _ = testenv.GetAppframeworkManualUpdateConfigMap(ctx, deployment, testcaseEnvInst.GetName()) + Expect(strings.Contains(config.Data["Standalone"], "status: off") && strings.Contains(config.Data["MonitoringConsole"], "status: off")).To(Equal(true), "Config map update not complete") + + //############### VERIFICATION FOR UPGRADE ################ + standaloneAppSourceInfo.CrAppVersion = appVersion + standaloneAppSourceInfo.CrAppList = appListV2 + standaloneAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + allAppSourceInfo = []testenv.AppSourceInfo{standaloneAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + }) + }) + + Context("Standalone deployment (S1) with App Framework", func() { + It("integrationgcp, s1gcp, appframeworkgcp: can deploy Several standalone CRs in the same namespace with App Framework enabled", func() { + + /* Test Steps + ################## SETUP #################### + * Add more apps than usual on GCS for this test + * Split the App list into 2 segments with a common apps and uncommon apps for each Standalone + * Create app source for 2 Standalones + * Prepare and deploy Standalones with app framework and wait for the pod to be ready + ############### VERIFICATION ################ + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify App Directory in under splunk path + * Verify App enabled and version by running splunk cmd + */ + + //################## SETUP #################### + + // Creating a list of apps to be installed on both standalone + appList1 := append(appListV1, testenv.RestartNeededApps[len(testenv.RestartNeededApps)/2:]...) + appList2 := append(appListV1, testenv.RestartNeededApps[:len(testenv.RestartNeededApps)/2]...) + appVersion := "V1" + + // Download apps from GCS + testcaseEnvInst.Log.Info("Download the extra apps from GCS for this test") + appFileList := testenv.GetAppFileList(testenv.RestartNeededApps) + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download apps files") + + // Upload apps to GCS for first Standalone + testcaseEnvInst.Log.Info("Upload apps to GCS for 1st Standalone") + appFileListStandalone1 := testenv.GetAppFileList(appList1) + uploadedFiles, err := testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileListStandalone1, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload apps to GCS test directory") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Upload apps to GCS for second Standalone + testcaseEnvInst.Log.Info("Upload apps to GCS for 2nd Standalone") + gcsTestDirStandalone2 := "s1appfw-2-" + testenv.RandomDNSName(4) + appFileListStandalone2 := testenv.GetAppFileList(appList2) + uploadedFiles, err = testenv.UploadFilesToGCP(testGCSBucket, gcsTestDirStandalone2, appFileListStandalone2, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload apps to GCS test directory") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework Spec + appSourceName = "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpec := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeName, enterpriseApi.ScopeLocal, appSourceName, gcsTestDir, 60) + spec := enterpriseApi.StandaloneSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpec, + } + + // Create App framework Spec + appSourceNameStandalone2 := "appframework-2-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appSourceVolumeNameStandalone2 := "appframework-test-volume-2-" + testenv.RandomDNSName(3) + appFrameworkSpecStandalone2 := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameStandalone2, enterpriseApi.ScopeLocal, appSourceNameStandalone2, gcsTestDirStandalone2, 60) + specStandalone2 := enterpriseApi.StandaloneSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecStandalone2, + } + + // Deploy Standalone + testcaseEnvInst.Log.Info("Deploy 1st Standalone") + standalone, err := deployment.DeployStandaloneWithGivenSpec(ctx, deployment.GetName(), spec) + Expect(err).To(Succeed(), "Unable to deploy 1st Standalone instance") + testcaseEnvInst.Log.Info("Deploy 2nd Standalone") + standalone2Name := deployment.GetName() + testenv.RandomDNSName(3) + standalone2, err := deployment.DeployStandaloneWithGivenSpec(ctx, standalone2Name, specStandalone2) + Expect(err).To(Succeed(), "Unable to deploy 2nd Standalone instance") + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone2, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############### VERIFICATION ################ + + standalonePod := []string{fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 0)} + standaloneAppSourceInfo := testenv.AppSourceInfo{CrKind: standalone.Kind, CrName: standalone.Name, CrAppSourceName: appSourceName, CrPod: standalonePod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appList1, CrAppFileList: appFileListStandalone1} + standalone2Pod := []string{fmt.Sprintf(testenv.StandalonePod, standalone2Name, 0)} + standalone2AppSourceInfo := testenv.AppSourceInfo{CrKind: standalone2.Kind, CrName: standalone2Name, CrAppSourceName: appSourceNameStandalone2, CrPod: standalone2Pod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appList2, CrAppFileList: appFileListStandalone2} + allAppSourceInfo := []testenv.AppSourceInfo{standaloneAppSourceInfo, standalone2AppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + }) + }) + + Context("Standalone deployment (S1) with App Framework", func() { + It("integrationgcp, s1gcp, appframeworkgcp: can add new apps to app source while install is in progress and have all apps installed", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to GCS for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console with app framework and wait for the pod to be ready + * Upload big-size app to GCS for Standalone + * Create app source for Standalone + * Prepare and deploy Standalone + ############## VERIFICATIONS ################ + * Verify App installation is in progress on Standalone + * Upload more apps from GCS during bigger app install + * Wait for polling interval to pass + * Verify all apps are installed on Standalone + */ + + // ################## SETUP FOR MONITORING CONSOLE #################### + // Upload V1 apps to GCS for Monitoring Console + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Monitoring Console", appVersion)) + gcsTestDirMC := "s1appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGCSBucket, gcsTestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Monitoring Console %s", appVersion, testGCSBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework spec for Monitoring Console + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + appSourceVolumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, gcsTestDirMC, 60) + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // ################## SETUP FOR STANDALONE #################### + // Download all test apps from GCS + appList := append(testenv.BigSingleApp, testenv.ExtraApps...) + appFileList = testenv.GetAppFileList(appList) + err = testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download apps") + + // Upload big-size app to GCS for Standalone + appList = testenv.BigSingleApp + appFileList = testenv.GetAppFileList(appList) + testcaseEnvInst.Log.Info("Upload big-size app to GCS for Standalone") + uploadedFiles, err = testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big-size app to GCS test directory for Standalone") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework spec for Standalone + appSourceName = "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpec := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeName, enterpriseApi.ScopeLocal, appSourceName, gcsTestDir, 60) + spec := enterpriseApi.StandaloneSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + MonitoringConsoleRef: corev1.ObjectReference{ + Name: mcName, + }, + }, + AppFrameworkConfig: appFrameworkSpec, + } + + // Deploy Standalone + testcaseEnvInst.Log.Info("Deploy Standalone") + standalone, err := deployment.DeployStandaloneWithGivenSpec(ctx, deployment.GetName(), spec) + Expect(err).To(Succeed(), "Unable to deploy Standalone instance with App framework") + + // Verify App installation is in progress on Standalone + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), standalone.Kind, appSourceName, appFileList, enterpriseApi.AppPkgInstallComplete, enterpriseApi.AppPkgPodCopyComplete) + + // Upload more apps to GCS for Standalone + appList = testenv.ExtraApps + appFileList = testenv.GetAppFileList(appList) + testcaseEnvInst.Log.Info("Upload more apps to GCS for Standalone") + uploadedFiles, err = testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload more apps to GCS test directory for Standalone") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Wait for polling interval to pass + testenv.WaitForAppInstall(ctx, deployment, testcaseEnvInst, deployment.GetName(), standalone.Kind, appSourceName, appFileList) + + // Verify all apps are installed on Standalone + appList = append(testenv.BigSingleApp, testenv.ExtraApps...) + standalonePodName := fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 0) + testcaseEnvInst.Log.Info(fmt.Sprintf("Verify all apps %v are installed on Standalone", appList)) + testenv.VerifyAppInstalled(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), []string{standalonePodName}, appList, true, "enabled", false, false) + }) + }) + + Context("Standalone deployment (S1) with App Framework", func() { + It("integrationgcp, s1gcp, appframeworkgcp: Deploy a Standalone instance with App Framework enabled and reset operator pod while app install is in progress", func() { + + /* Test Steps + ################## SETUP #################### + * Upload big-size app to GCS for Standalone + * Create app source for Standalone + * Prepare and deploy Standalone + * While app install is in progress, restart the operator + ############## VERIFICATIONS ################ + * Verify App installation is in progress on Standalone + * Upload more apps from GCS during bigger app install + * Wait for polling interval to pass + * Verify all apps are installed on Standalone + */ + + // ################## SETUP FOR STANDALONE #################### + // Download all test apps from GCS + appVersion := "V1" + appList := append(testenv.BigSingleApp, testenv.ExtraApps...) + appFileList := testenv.GetAppFileList(appList) + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download apps") + + // Upload big-size app to GCS for Standalone + testcaseEnvInst.Log.Info("Upload big-size app to GCS for Standalone") + uploadedFiles, err := testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big-size app to GCS test directory for Standalone") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework spec for Standalone + appSourceName = "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpec := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeName, enterpriseApi.ScopeLocal, appSourceName, gcsTestDir, 60) + spec := enterpriseApi.StandaloneSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpec, + } + + // Deploy Standalone + testcaseEnvInst.Log.Info("Deploy Standalone") + standalone, err := deployment.DeployStandaloneWithGivenSpec(ctx, deployment.GetName(), spec) + Expect(err).To(Succeed(), "Unable to deploy Standalone instance with App framework") + + // ############ Verify livenessProbe and readinessProbe config object and scripts############ + testcaseEnvInst.Log.Info("Get config map for livenessProbe and readinessProbe") + ConfigMapName := enterprise.GetProbeConfigMapName(testcaseEnvInst.GetName()) + _, err = testenv.GetConfigMap(ctx, deployment, testcaseEnvInst.GetName(), ConfigMapName) + if err != nil { + for i := 1; i < 10; i++ { + _, err = testenv.GetConfigMap(ctx, deployment, testcaseEnvInst.GetName(), ConfigMapName) + if err == nil { + continue + } else { + time.Sleep(1 * time.Second) + } + } + } + Expect(err).To(Succeed(), "Unable to get config map for livenessProbe and readinessProbe", "ConfigMap name", ConfigMapName) + + // Verify App installation is in progress on Standalone + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), standalone.Kind, appSourceName, appFileList, enterpriseApi.AppPkgInstallComplete, enterpriseApi.AppPkgInstallPending) + + //Delete configMap Object + err = testenv.DeleteConfigMap(testcaseEnvInst.GetName(), ConfigMapName) + Expect(err).To(Succeed(), "Unable to delete ConfigMao", "ConfigMap name", ConfigMapName) + + // Delete Operator pod while Install in progress + testenv.DeleteOperatorPod(testcaseEnvInst) + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ############ VERIFICATION ########### + standalonePod := []string{fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 0)} + standaloneAppSourceInfo := testenv.AppSourceInfo{CrKind: standalone.Kind, CrName: standalone.Name, CrAppSourceName: appSourceName, CrPod: standalonePod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appList, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{standaloneAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // ############ Verify livenessProbe and readinessProbe config object and scripts############ + testcaseEnvInst.Log.Info("Get config map for livenessProbe and readinessProbe") + _, err = testenv.GetConfigMap(ctx, deployment, testcaseEnvInst.GetName(), ConfigMapName) + Expect(err).To(Succeed(), "Unable to get config map for livenessProbe and readinessProbe", "ConfigMap name", ConfigMapName) + scriptsNames := []string{enterprise.GetLivenessScriptName(), enterprise.GetReadinessScriptName(), enterprise.GetStartupScriptName()} + allPods := testenv.DumpGetPods(testcaseEnvInst.GetName()) + testenv.VerifyFilesInDirectoryOnPod(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), allPods, scriptsNames, enterprise.GetProbeMountDirectory(), false, true) + }) + }) + + Context("Standalone deployment (S1) with App Framework", func() { + It("integrationgcp, s1gcp, appframeworkgcp: Deploy a Standalone instance with App Framework enabled and reset operator pod while app download is in progress", func() { + + /* Test Steps + ################## SETUP #################### + * Upload big-size app to GCS for Standalone + * Create app source for Standalone + * Prepare and deploy Standalone + * While app download is in progress, restart the operator + ############## VERIFICATIONS ################ + * Verify App download is in progress on Standalone + * Upload more apps from GCS during bigger app install + * Wait for polling interval to pass + * Verify all apps are installed on Standalone + */ + + // ################## SETUP FOR STANDALONE #################### + // Download all test apps from GCS + appVersion := "V1" + appList := append(testenv.BigSingleApp, testenv.ExtraApps...) + appFileList := testenv.GetAppFileList(appList) + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download apps") + + // Upload big-size app to GCS for Standalone + testcaseEnvInst.Log.Info("Upload big-size app to GCS for Standalone") + uploadedFiles, err := testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big-size app to GCS test directory for Standalone") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework spec for Standalone + appSourceName = "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpec := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeName, enterpriseApi.ScopeLocal, appSourceName, gcsTestDir, 60) + spec := enterpriseApi.StandaloneSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpec, + } + + // Deploy Standalone + testcaseEnvInst.Log.Info("Deploy Standalone") + standalone, err := deployment.DeployStandaloneWithGivenSpec(ctx, deployment.GetName(), spec) + Expect(err).To(Succeed(), "Unable to deploy Standalone instance with App framework") + + // Verify App download is in progress on Standalone + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), standalone.Kind, appSourceName, appFileList, enterpriseApi.AppPkgDownloadComplete, enterpriseApi.AppPkgDownloadPending) + + // Delete Operator pod while Install in progress + testenv.DeleteOperatorPod(testcaseEnvInst) + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ############ VERIFICATION ########### + standalonePod := []string{fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 0)} + standaloneAppSourceInfo := testenv.AppSourceInfo{CrKind: standalone.Kind, CrName: standalone.Name, CrAppSourceName: appSourceName, CrPod: standalonePod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appList, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{standaloneAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + }) + }) + + Context("Standalone deployment (S1) with App Framework", func() { + It("integrationgcp, s1gcp, appframeworkgcp: can deploy a Standalone instance with App Framework enabled, install an app then disable it and remove it from app source", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to GCS for Standalone + * Create app source for Standalone + * Prepare and deploy Standalone with app framework and wait for the pod to be ready + ############ VERIFICATION########### + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify App Directory in under splunk path + * Verify no pod resets triggered due to app install + * Verify App enabled and version by running splunk cmd + * Disable the app + * Delete the app from GCS + * Check for repo state in App Deployment Info + */ + + // ################## SETUP FOR STANDALONE #################### + // Upload V1 apps to GCS for Standalone + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Standalone", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Standalone", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Maximum apps to be downloaded in parallel + maxConcurrentAppDownloads := 5 + + // Create App framework spec for Standalone + appSourceName = "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpec := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeName, enterpriseApi.ScopeLocal, appSourceName, gcsTestDir, 60) + appFrameworkSpec.MaxConcurrentAppDownloads = uint64(maxConcurrentAppDownloads) + spec := enterpriseApi.StandaloneSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpec, + } + + // Deploy Standalone + testcaseEnvInst.Log.Info("Deploy Standalone") + standalone, err := deployment.DeployStandaloneWithGivenSpec(ctx, deployment.GetName(), spec) + Expect(err).To(Succeed(), "Unable to deploy Standalone instance with App framework") + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ############ VERIFICATION ########### + standalonePod := []string{fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 0)} + standaloneAppSourceInfo := testenv.AppSourceInfo{CrKind: standalone.Kind, CrName: standalone.Name, CrAppSourceName: appSourceName, CrPod: standalonePod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{standaloneAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // Verify repo state on App to be disabled to be 1 (i.e app present on GCS bucket) + appName := appListV1[0] + appFileName := testenv.GetAppFileList([]string{appName}) + testenv.VerifyAppRepoState(ctx, deployment, testcaseEnvInst, standalone.Name, standalone.Kind, appSourceName, 1, appFileName[0]) + + // Disable the app + testenv.DisableAppsToGCP(downloadDirV1, appFileName, gcsTestDir) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), standalone.Kind, appSourceName, appFileName) + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Wait for App state to update after config file change + standalonePodName := fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 0) + testenv.WaitforAppInstallState(ctx, deployment, testcaseEnvInst, []string{standalonePodName}, testcaseEnvInst.GetName(), appName, "disabled", false) + + // Delete the file from GCS + gcsFilepath := filepath.Join(gcsTestDir, appFileName[0]) + err = testenv.DeleteFileOnGCP(testGCSBucket, gcsFilepath) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to delete %s app on GCS test directory", appFileName[0])) + + // Verify repo state is set to 2 (i.e app deleted from GCS bucket) + testenv.VerifyAppRepoState(ctx, deployment, testcaseEnvInst, standalone.Name, standalone.Kind, appSourceName, 2, appFileName[0]) + + }) + }) + + Context("Standalone deployment (S1) with App Framework", func() { + It("integrationgcp, s1gcp, appframeworkgcp: can deploy a Standalone instance with App Framework enabled, attempt to update using incorrect GCS credentials", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to GCS for Standalone + * Create app source for Standalone + * Prepare and deploy Standalone with app framework and wait for the pod to be ready + ############ V1 APP VERIFICATION FOR STANDALONE########### + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify App Directory in under splunk path + * Verify no pod resets triggered due to app install + * Verify App enabled and version by running splunk cmd + // ############ Modify secret key ########### + * Create App framework volume with random credentials and apply to Spec + * Check for changes in App phase to determine if next poll has been triggered + ############ UPGRADE V2 APPS ########### + * Upload V2 apps to GCS App Source + * Check no apps are updated as auth key is incorrect + ############ Modify secret key to correct one########### + * Apply spec with correct credentails + * Wait for the pod to be ready + ############ V2 APP VERIFICATION########### + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify App Directory in under splunk path + * Verify no pod resets triggered due to app install + * Verify App enabled and version by running splunk cmd + */ + + // ################## SETUP FOR STANDALONE #################### + // Upload V1 apps to GCS for Standalone + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Standalone", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Standalone", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Maximum apps to be downloaded in parallel + maxConcurrentAppDownloads := 5 + + // Create App framework spec for Standalone + appSourceName = "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpec := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeName, enterpriseApi.ScopeLocal, appSourceName, gcsTestDir, 60) + appFrameworkSpec.MaxConcurrentAppDownloads = uint64(maxConcurrentAppDownloads) + spec := enterpriseApi.StandaloneSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpec, + } + + // Deploy Standalone + testcaseEnvInst.Log.Info("Deploy Standalone") + standalone, err := deployment.DeployStandaloneWithGivenSpec(ctx, deployment.GetName(), spec) + secretref := standalone.Spec.AppFrameworkConfig.VolList[0].SecretRef + Expect(err).To(Succeed(), "Unable to deploy Standalone instance with App framework") + + secretStruct, err := testenv.GetSecretStruct(ctx, deployment, testcaseEnvInst.GetName(), secretref) + Expect(err).To(Succeed(), "Unable to obtain secret object") + secretData := secretStruct.Data + modifiedSecretData := map[string][]byte{"gcs_access_key": []byte(testenv.RandomDNSName(5)), "gcs_secret_key": []byte(testenv.RandomDNSName(5))} + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ############ INITIAL VERIFICATION ########### + standalonePod := []string{fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 0)} + standaloneAppSourceInfo := testenv.AppSourceInfo{CrKind: standalone.Kind, CrName: standalone.Name, CrAppSourceName: appSourceName, CrPod: standalonePod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appListV1, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{standaloneAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // ############ Modify secret key ########### + // Create App framework volume with invalid credentials and apply to Spec + testcaseEnvInst.Log.Info("Update Standalone spec with invalid credentials") + err = testenv.ModifySecretObject(ctx, deployment, testcaseEnvInst.GetName(), secretref, modifiedSecretData) + Expect(err).To(Succeed(), "Unable to update secret Object") + + // ############## UPGRADE APPS ################# + // Delete apps on + testcaseEnvInst.Log.Info(fmt.Sprintf("Delete %s apps on GCS", appVersion)) + testenv.DeleteFilesOnGCP(testGCSBucket, uploadedApps) + uploadedApps = nil + + // Upload V2 apps to GCS for Standalone + appVersion = "V2" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Standalone", appVersion)) + appFileList = testenv.GetAppFileList(appListV2) + + uploadedFiles, err = testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Standalone", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), standalone.Kind, appSourceName, appFileList) + + // Check no apps are updated as auth key is incorrect + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + // ############ Modify secret key to correct one########### + // Apply spec with correct credentials + err = testenv.ModifySecretObject(ctx, deployment, testcaseEnvInst.GetName(), secretref, secretData) + Expect(err).To(Succeed(), "Unable to update secret Object") + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), standalone.Kind, appSourceName, appFileList) + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge = testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############ UPGRADE VERIFICATION ########### + standaloneAppSourceInfo.CrAppVersion = appVersion + standaloneAppSourceInfo.CrAppList = appListV2 + standaloneAppSourceInfo.CrAppFileList = testenv.GetAppFileList(appListV2) + allAppSourceInfo = []testenv.AppSourceInfo{standaloneAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + + }) + }) + + Context("Standalone deployment (S1) with App Framework", func() { + It("integrationgcp, s1gcp, appframeworkgcp: Deploy a Standalone instance with App Framework enabled and update apps after app download is completed", func() { + + /* Test Steps + ################## SETUP #################### + * Upload app to GCS for Standalone + * Create app source for Standalone + * Prepare and deploy Standalone + * While app download is completed, upload new versions of the apps + ############## VERIFICATIONS ################ + * Verify App download is in completed on Standalone + * Upload updated app to GCS as pervious app download is complete + * Verify app is installed on Standalone + ############## UPGRADE VERIFICATIONS ################ + * Wait for next poll to trigger on Standalone + * Verify all apps are installed on Standalone + */ + + // ################## SETUP FOR STANDALONE #################### + // Download test app from GCS + appVersion := "V1" + appListV1 := []string{appListV1[0]} + appFileList := testenv.GetAppFileList(appListV1) + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download apps") + + // Upload apps to GCS for Standalone + testcaseEnvInst.Log.Info("Upload apps to GCS for Standalone") + uploadedFiles, err := testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload app to GCS test directory for Standalone") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework spec for Standalone + appSourceName = "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpec := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeName, enterpriseApi.ScopeLocal, appSourceName, gcsTestDir, 120) + spec := enterpriseApi.StandaloneSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpec, + } + + // Deploy Standalone + testcaseEnvInst.Log.Info("Deploy Standalone") + standalone, err := deployment.DeployStandaloneWithGivenSpec(ctx, deployment.GetName(), spec) + Expect(err).To(Succeed(), "Unable to deploy Standalone instance with App framework") + + // Verify App download is in progress on Standalone + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), standalone.Kind, appSourceName, appFileList, enterpriseApi.AppPkgInstallComplete, enterpriseApi.AppPkgPodCopyPending) + + // Upload V2 apps to GCS for Standalone + appVersion = "V2" + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s app to GCS for Standalone", appVersion)) + appFileList = testenv.GetAppFileList([]string{appListV2[0]}) + + uploadedFiles, err = testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s app to GCS test directory for Standalone", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + //######### VERIFICATIONS ############# + appVersion = "V1" + testenv.VerifyAppInstalled(ctx, deployment, testcaseEnvInst, testcaseEnvInst.GetName(), []string{fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 0)}, appListV1, false, "enabled", false, false) + + // Check for changes in App phase to determine if next poll has been triggered + testenv.WaitforPhaseChange(ctx, deployment, testcaseEnvInst, deployment.GetName(), standalone.Kind, appSourceName, appFileList) + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############ UPGRADE VERIFICATION ########### + appVersion = "V2" + standalonePod := []string{fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 0)} + standaloneAppSourceInfo := testenv.AppSourceInfo{CrKind: standalone.Kind, CrName: standalone.Name, CrAppSourceName: appSourceName, CrPod: standalonePod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: []string{appListV2[0]}, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{standaloneAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + }) + }) + + Context("Standalone deployment (S1) with App Framework", func() { + It("integrationgcp, s1gcp, appframeworkgcp: can deploy a Standalone instance and install a bigger volume of apps than the operator PV disk space", func() { + + /* Test Steps + ################## SETUP #################### + * Create a file on operator to utilize over 1G of space + * Upload file to gcs for standalone + * Create app source for Standalone with parallelDownload=15 + * Prepare and deploy Standalone with app framework and wait for the pod to be ready + ############### VERIFICATION ################ + * Verify Apps Downloaded in App Deployment Info + * Verify Apps Copied in App Deployment Info + * Verify App Package is deleted from Operator Pod + * Verify Apps Installed in App Deployment Info + * Verify App Package is deleted from Splunk Pod + * Verify App Directory in under splunk path + * Verify App enabled and version by running splunk cmd + */ + + //################## SETUP #################### + // Create a large file on Operator pod + opPod := testenv.GetOperatorPodName(testcaseEnvInst) + err := testenv.CreateDummyFileOnOperator(ctx, deployment, opPod, testenv.AppDownloadVolume, "1G", "test_file.img") + Expect(err).To(Succeed(), "Unable to create file on operator") + filePresentOnOperator = true + + // Download apps for test + appVersion := "V1" + appList := testenv.PVTestApps + appFileList := testenv.GetAppFileList(appList) + err = testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsPVTestApps, downloadDirPVTestApps, appFileList) + Expect(err).To(Succeed(), "Unable to download app files") + + // Upload apps to GCS + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Standalone", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirPVTestApps) + Expect(err).To(Succeed(), "Unable to upload apps to GCS test directory") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Maximum apps to be downloaded in parallel + maxConcurrentAppDownloads := 15 + + // Create App framework Spec + appSourceName := "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpec := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeName, enterpriseApi.ScopeLocal, appSourceName, gcsTestDir, 60) + appFrameworkSpec.MaxConcurrentAppDownloads = uint64(maxConcurrentAppDownloads) + spec := enterpriseApi.StandaloneSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpec, + } + + // Deploy Standalone + testcaseEnvInst.Log.Info("Deploy Standalone") + standalone, err := deployment.DeployStandaloneWithGivenSpec(ctx, deployment.GetName(), spec) + Expect(err).To(Succeed(), "Unable to deploy Standalone instance") + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + //############### VERIFICATION ################ + standalonePod := []string{fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 0)} + standaloneAppSourceInfo := testenv.AppSourceInfo{CrKind: standalone.Kind, CrName: standalone.Name, CrAppSourceName: appSourceName, CrPod: standalonePod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appList, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{standaloneAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + }) + }) + + Context("Standalone deployment (S1) with App Framework", func() { + It("integrationgcp, s1gcp, appframeworkgcp: Deploy a Standalone instance with App Framework enabled and delete apps from app directory when app download is complete", func() { + + /* Test Steps + ################## SETUP #################### + * Upload big-size app to GCS for Standalone + * Create app source for Standalone + * Prepare and deploy Standalone + * When app download is complete, delete apps from app directory + ############## VERIFICATIONS ################ + * Verify App installation is in progress on Standalone + * Upload more apps from GCS during bigger app install + * Wait for polling interval to pass + * Verify all apps are installed on Standalone + */ + + // ################## SETUP FOR STANDALONE #################### + // Download big size apps from GCS + appVersion := "V1" + appList := testenv.BigSingleApp + appFileList := testenv.GetAppFileList(appList) + err := testenv.DownloadFilesFromGCP(testDataGcsBucket, gcsAppDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download big app") + + // Upload big-size app to GCS for Standalone + testcaseEnvInst.Log.Info("Upload big-size app to GCS for Standalone") + uploadedFiles, err := testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV1) + Expect(err).To(Succeed(), "Unable to upload big-size app to GCS test directory for Standalone") + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework spec for Standalone + appSourceName = "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpec := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeName, enterpriseApi.ScopeLocal, appSourceName, gcsTestDir, 60) + spec := enterpriseApi.StandaloneSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpec, + } + + // Deploy Standalone + testcaseEnvInst.Log.Info("Deploy Standalone") + standalone, err := deployment.DeployStandaloneWithGivenSpec(ctx, deployment.GetName(), spec) + Expect(err).To(Succeed(), "Unable to deploy Standalone instance with App framework") + + // Verify App Download is completed on Standalone + testenv.VerifyAppState(ctx, deployment, testcaseEnvInst, deployment.GetName(), standalone.Kind, appSourceName, appFileList, enterpriseApi.AppPkgPodCopyComplete, enterpriseApi.AppPkgPodCopyPending) + + //Delete apps from app-directory when app download is complete + opPod := testenv.GetOperatorPodName(testcaseEnvInst) + podDownloadPath := filepath.Join(splcommon.AppDownloadVolume, "downloadedApps", testenvInstance.GetName(), standalone.Kind, deployment.GetName(), enterpriseApi.ScopeLocal, appSourceName, testenv.AppInfo[appList[0]]["filename"]) + err = testenv.DeleteFilesOnOperatorPod(ctx, deployment, opPod, []string{podDownloadPath}) + Expect(err).To(Succeed(), "Unable to delete file on pod") + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Get Pod age to check for pod resets later + splunkPodAge := testenv.GetPodsStartTime(testcaseEnvInst.GetName()) + + // ############ VERIFICATION ########### + standalonePod := []string{fmt.Sprintf(testenv.StandalonePod, deployment.GetName(), 0)} + standaloneAppSourceInfo := testenv.AppSourceInfo{CrKind: standalone.Kind, CrName: standalone.Name, CrAppSourceName: appSourceName, CrPod: standalonePod, CrAppVersion: appVersion, CrAppScope: enterpriseApi.ScopeLocal, CrAppList: appList, CrAppFileList: appFileList} + allAppSourceInfo := []testenv.AppSourceInfo{standaloneAppSourceInfo} + testenv.AppFrameWorkVerifications(ctx, deployment, testcaseEnvInst, allAppSourceInfo, splunkPodAge, "") + }) + }) + + Context("Standalone deployment (S1) with App Framework", func() { + It("smokegcp, s1gcp, s1_gcp_sanity: can deploy a Standalone instance with App Framework enabled, install apps and check isDeploymentInProgress is set for Standaloen and MC CR's", func() { + + /* Test Steps + ################## SETUP #################### + * Upload V1 apps to GCS for Monitoring Console + * Create app source for Monitoring Console + * Prepare and deploy Monitoring Console with app framework + * Check isDeploymentInProgress is set for Monitoring Console CR + * Wait for the pod to be ready + * Upload V1 apps to GCS for Standalone + * Create app source for Standalone + * Prepare and deploy Standalone with app framework + * Check isDeploymentInProgress is set for Monitoring Console CR + * Wait for the pod to be ready + */ + + // ################## SETUP FOR MONITORING CONSOLE #################### + + // Upload V1 apps to GCS for Monitoring Console + appVersion := "V1" + appFileList := testenv.GetAppFileList(appListV1) + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Monitoring Console", appVersion)) + + gcsTestDirMC := "s1appfw-mc-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testGCSBucket, gcsTestDirMC, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Monitoring Console %s", appVersion, testGCSBucket)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Create App framework spec for Monitoring Console + appSourceNameMC := "appframework-" + enterpriseApi.ScopeLocal + "mc-" + testenv.RandomDNSName(3) + appSourceVolumeNameMC := "appframework-test-volume-mc-" + testenv.RandomDNSName(3) + appFrameworkSpecMC := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeNameMC, enterpriseApi.ScopeLocal, appSourceNameMC, gcsTestDirMC, 60) + mcSpec := enterpriseApi.MonitoringConsoleSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "IfNotPresent", + }, + Volumes: []corev1.Volume{}, + }, + AppFrameworkConfig: appFrameworkSpecMC, + } + + // Deploy Monitoring Console + testcaseEnvInst.Log.Info("Deploy Monitoring Console") + mcName := deployment.GetName() + mc, err := deployment.DeployMonitoringConsoleWithGivenSpec(ctx, testcaseEnvInst.GetName(), mcName, mcSpec) + Expect(err).To(Succeed(), "Unable to deploy Monitoring Console") + + // Verify IsDeploymentInProgress Flag is set to true for Monitroing Console CR + testcaseEnvInst.Log.Info("Checking isDeploymentInProgressFlag") + testenv.VerifyIsDeploymentInProgressFlagIsSet(ctx, deployment, testcaseEnvInst, mcName, mc.Kind) + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + // ################## SETUP FOR STANDALONE #################### + // Upload V1 apps to GCS for Standalone + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCS for Standalone", appVersion)) + uploadedFiles, err = testenv.UploadFilesToGCP(testGCSBucket, gcsTestDir, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCS test directory for Standalone", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) + + // Maximum apps to be downloaded in parallel + maxConcurrentAppDownloads := 5 + + // Create App framework spec for Standalone + appSourceName = "appframework-" + enterpriseApi.ScopeLocal + testenv.RandomDNSName(3) + appFrameworkSpec := testenv.GenerateAppFrameworkSpec(ctx, testcaseEnvInst, appSourceVolumeName, enterpriseApi.ScopeLocal, appSourceName, gcsTestDir, 60) + appFrameworkSpec.MaxConcurrentAppDownloads = uint64(maxConcurrentAppDownloads) + spec := enterpriseApi.StandaloneSpec{ + CommonSplunkSpec: enterpriseApi.CommonSplunkSpec{ + Spec: enterpriseApi.Spec{ + ImagePullPolicy: "Always", + }, + Volumes: []corev1.Volume{}, + MonitoringConsoleRef: corev1.ObjectReference{ + Name: mcName, + }, + }, + AppFrameworkConfig: appFrameworkSpec, + } + + // Deploy Standalone + testcaseEnvInst.Log.Info("Deploy Standalone") + standalone, err := deployment.DeployStandaloneWithGivenSpec(ctx, deployment.GetName(), spec) + Expect(err).To(Succeed(), "Unable to deploy Standalone instance with App framework") + + // Verify IsDeploymentInProgress Flag is set to true for Standalone CR + testenv.VerifyIsDeploymentInProgressFlagIsSet(ctx, deployment, testcaseEnvInst, deployment.GetName(), standalone.Kind) + + // Wait for Standalone to be in READY status + testenv.StandaloneReady(ctx, deployment, deployment.GetName(), standalone, testcaseEnvInst) + + // Verify Monitoring Console is Ready and stays in ready state + testenv.VerifyMonitoringConsoleReady(ctx, deployment, deployment.GetName(), mc, testcaseEnvInst) + + }) + }) + +}) diff --git a/test/deploy-eks-cluster.sh b/test/deploy-eks-cluster.sh index c5c405a22..0d0c96976 100755 --- a/test/deploy-eks-cluster.sh +++ b/test/deploy-eks-cluster.sh @@ -21,32 +21,64 @@ if [[ -z "${EKS_CLUSTER_K8_VERSION}" ]]; then fi function deleteCluster() { + echo "Cleanup role, security-group, open-id ${TEST_CLUSTER_NAME}" + account_id=$(aws sts get-caller-identity --query "Account" --output text) + rolename=$(echo ${TEST_CLUSTER_NAME} | awk -F- '{print "EBS_" $(NF-1) "_" $(NF)}') + + # Detach role policies + role_attached_policies=$(aws iam list-attached-role-policies --role-name $rolename --query 'AttachedPolicies[*].PolicyArn' --output text) + for policy_arn in ${role_attached_policies}; do + aws iam detach-role-policy --role-name ${rolename} --policy-arn ${policy_arn} + done + + # Delete IAM role + aws iam delete-role --role-name ${rolename} + + # Delete OIDC provider + oidc_id=$(aws eks describe-cluster --name ${TEST_CLUSTER_NAME} --query "cluster.identity.oidc.issuer" --output text | cut -d '/' -f 5) + aws iam delete-open-id-connect-provider --open-id-connect-provider-arn arn:aws:iam::${account_id}:oidc-provider/oidc.eks.us-west-2.amazonaws.com/id/${oidc_id} + + # Get security group ID + security_group_id=$(aws eks describe-cluster --name ${TEST_CLUSTER_NAME} --query "cluster.resourcesVpcConfig.securityGroupIds[0]" --output text) + + # Cleanup remaining PVCs on the EKS Cluster echo "Cleanup remaining PVC on the EKS Cluster ${TEST_CLUSTER_NAME}" tools/cleanup.sh + + # Get node group NODE_GROUP=$(eksctl get nodegroup --cluster=${TEST_CLUSTER_NAME} | sed -n 4p | awk '{ print $2 }') - if [[ ! -z "${NODE_GROUP}" ]]; then - eksctl delete nodegroup --cluster=${TEST_CLUSTER_NAME} --name=${NODE_GROUP} - if [ $? -ne 0 ]; then - echo "Unable to delete Nodegroup ${NODE_GROUP}. For Cluster - ${TEST_CLUSTER_NAME}" - fi - fi - eksctl delete cluster --name=${TEST_CLUSTER_NAME} + + # Delete the node group to ensure no EC2 instances are using the security group + echo "Deleting node group - ${NODE_GROUP}" + eksctl delete nodegroup --cluster=${TEST_CLUSTER_NAME} --name=${NODE_GROUP} + + # Delete cluster + echo "Deleting cluster - ${TEST_CLUSTER_NAME}" + eksctl delete cluster --name ${TEST_CLUSTER_NAME} + if [ $? -ne 0 ]; then echo "Unable to delete cluster - ${TEST_CLUSTER_NAME}" return 1 fi - rolename=$(echo ${TEST_CLUSTER_NAME} | awk -F- '{print "EBS_" $(NF-1) "_" $(NF)}') - role_attached_policies=$(aws iam list-attached-role-policies --role-name $rolename --query 'AttachedPolicies[*].PolicyArn' --output text) - for policy_arn in ${role_attached_policies}; - do - aws iam detach-role-policy --role-name ${rolename} --policy-arn ${policy_arn} + + # Wait for the cluster resources to be fully released before deleting security group + echo "Waiting for resources to be detached from security group - ${security_group_id}" + while true; do + ENIs=$(aws ec2 describe-network-interfaces --filters "Name=group-id,Values=${security_group_id}" --query "NetworkInterfaces[*].NetworkInterfaceId" --output text) + if [ -z "${ENIs}" ]; then + break + fi + echo "ENIs still attached to security group: ${ENIs}. Waiting for cleanup..." + sleep 10 done - aws iam delete-role --role-name ${rolename} + # Delete security group + aws ec2 delete-security-group --group-id ${security_group_id} return 0 } + function createCluster() { # Deploy eksctl cluster if not deploy rc=$(which eksctl) @@ -57,7 +89,7 @@ function createCluster() { found=$(eksctl get cluster --name "${TEST_CLUSTER_NAME}" -v 0) if [ -z "${found}" ]; then - eksctl create cluster --name=${TEST_CLUSTER_NAME} --nodes=${CLUSTER_WORKERS} --vpc-public-subnets=${EKS_VPC_PUBLIC_SUBNET_STRING} --vpc-private-subnets=${EKS_VPC_PRIVATE_SUBNET_STRING} --instance-types=m5.2xlarge --version=${EKS_CLUSTER_K8_VERSION} + eksctl create cluster --name=${TEST_CLUSTER_NAME} --nodes=${CLUSTER_WORKERS} --vpc-public-subnets=${EKS_VPC_PUBLIC_SUBNET_STRING} --vpc-private-subnets=${EKS_VPC_PRIVATE_SUBNET_STRING} --instance-types=${EKS_INSTANCE_TYPE} --version=${EKS_CLUSTER_K8_VERSION} if [ $? -ne 0 ]; then echo "Unable to create cluster - ${TEST_CLUSTER_NAME}" return 1 @@ -93,6 +125,8 @@ function createCluster() { kubectl annotate serviceaccount -n $namespace $service_account eks.amazonaws.com/role-arn=arn:aws:iam::$account_id:role/${rolename} eksctl create addon --name aws-ebs-csi-driver --cluster ${TEST_CLUSTER_NAME} --service-account-role-arn arn:aws:iam::$account_id:role/${rolename} --force eksctl utils update-cluster-logging --cluster ${TEST_CLUSTER_NAME} + # CSPL-2887 - Patch the default storage class to gp2 + kubectl patch storageclass gp2 -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}' else echo "Retrieving kubeconfig for ${TEST_CLUSTER_NAME}" # Cluster exists but kubeconfig may not diff --git a/test/deploy-gcp-cluster.sh b/test/deploy-gcp-cluster.sh new file mode 100755 index 000000000..ceb7ba515 --- /dev/null +++ b/test/deploy-gcp-cluster.sh @@ -0,0 +1,73 @@ +#!/bin/bash + +if [[ -z "${GCP_VPC_PUBLIC_SUBNET_STRING}" ]]; then + echo "GCP PUBLIC SUBNET STRING not set. Changing to env.sh value" + export GCP_VPC_PUBLIC_SUBNET_STRING="${VPC_PUBLIC_SUBNET_STRING}" +fi + +if [[ -z "${GCP_VPC_PRIVATE_SUBNET_STRING}" ]]; then + echo "GCP PRIVATE SUBNET STRING not set. Changing to env.sh value" + export GCP_VPC_PRIVATE_SUBNET_STRING="${VPC_PRIVATE_SUBNET_STRING}" +fi + +if [[ -z "${GCR_REPOSITORY}" ]]; then + echo "GCR_REPOSITORY not set. Changing to env.sh value" + export GCR_REPOSITORY="${PRIVATE_REGISTRY}" +fi + +if [[ -z "${GKE_CLUSTER_K8_VERSION}" ]]; then + echo "GKE_CLUSTER_K8_VERSION not set. Changing to 1.29" + export GKE_CLUSTER_K8_VERSION="1.29" +fi + +function deleteCluster() { + echo "Cleanup remaining PVC on the GKE Cluster ${TEST_CLUSTER_NAME}" + tools/cleanup.sh + gcloud container clusters delete ${TEST_CLUSTER_NAME} --zone ${GCP_ZONE} --project ${GCP_PROJECT_ID} --quiet + if [ $? -ne 0 ]; then + echo "Unable to delete cluster - ${TEST_CLUSTER_NAME}" + return 1 + fi + return 0 +} + +function createCluster() { + # Deploy gcloud cluster if not deployed + rc=$(which gcloud) + if [ -z "$rc" ]; then + echo "gcloud is not installed or in the PATH. Please install gcloud from https://cloud.google.com/sdk/docs/install." + return 1 + fi + + found=$(gcloud container clusters list --filter="name=${TEST_CLUSTER_NAME}" --format="value(name)") + if [ -z "${found}" ]; then + gcloud container clusters create ${TEST_CLUSTER_NAME} \ + --num-nodes=${CLUSTER_WORKERS} \ + --zone=${GCP_ZONE} \ + --disk-size 50 \ + --network ${GCP_NETWORK} \ + --subnetwork ${GCP_SUBNETWORK} \ + --machine-type n2-standard-8 \ + --scopes "https://www.googleapis.com/auth/cloud-platform" \ + --enable-ip-alias + if [ $? -ne 0 ]; then + echo "Unable to create cluster - ${TEST_CLUSTER_NAME}" + return 1 + fi + else + echo "Retrieving kubeconfig for ${TEST_CLUSTER_NAME}" + # Cluster exists but kubeconfig may not + gcloud container clusters get-credentials ${TEST_CLUSTER_NAME} --zone ${GCP_ZONE} + fi + + echo "Logging in to GCR" + gcloud auth configure-docker + if [ $? -ne 0 ]; then + echo "Unable to configure Docker for GCR" + return 1 + fi + + # Output + echo "GKE cluster nodes:" + kubectl get nodes +} diff --git a/test/env.sh b/test/env.sh index ae48d9cfe..93052de05 100644 --- a/test/env.sh +++ b/test/env.sh @@ -2,22 +2,24 @@ : "${SPLUNK_OPERATOR_IMAGE:=splunk/splunk-operator:latest}" : "${SPLUNK_ENTERPRISE_IMAGE:=splunk/splunk:latest}" -: "${CLUSTER_PROVIDER:=kind}" +: "${CLUSTER_PROVIDER:=eks}" : "${CLUSTER_NAME:=integration-test-cluster-eks}" : "${NUM_WORKERS:=3}" : "${NUM_NODES:=2}" : "${COMMIT_HASH:=}" # AWS specific variables : "${ECR_REGISTRY:=}" +# CSPL-2920 - default instance type, use .env to set specific types to use in workflows +: "${EKS_INSTANCE_TYPE:=m5.2xlarge}" : "${VPC_PUBLIC_SUBNET_STRING:=}" : "${VPC_PRIVATE_SUBNET_STRING:=}" -: "${EKS_CLUSTER_K8_VERSION:=1.26}" +: "${EKS_CLUSTER_K8_VERSION:=1.31}" # Below env variables required to run license master test cases -: "${ENTERPRISE_LICENSE_S3_PATH:=}" -: "${TEST_S3_BUCKET:=}" +: "${ENTERPRISE_LICENSE_S3_PATH:=/test_licenses}" +: "${TEST_S3_BUCKET:=splk-test-data-bucket}" # Below env variables required to run remote indexes test cases -: "${INDEXES_S3_BUCKET:=}" -: "${AWS_S3_REGION:=}" +: "${INDEXES_S3_BUCKET:=splk-integration-test-bucket}" +: "${AWS_S3_REGION:=us-west-2}" # Azure specific variables : "${AZURE_REGION:=}" : "${AZURE_TEST_CONTAINER:=}" @@ -31,6 +33,19 @@ : "${AZURE_STORAGE_ACCOUNT:=}" : "${AZURE_STORAGE_ACCOUNT_KEY:=}" : "${AZURE_MANAGED_ID_ENABLED:=}" +# GCP specific variables +: "${GCP_REGION:=us-west2}" +: "${GCP_TEST_CONTAINER:=}" +: "${GCP_INDEXES_CONTAINER:=}" +: "${GCP_ENTERPRISE_LICENSE_PATH:=}" +: "${GCP_RESOURCE_GROUP:=}" +: "${GCP_CONTAINER_REGISTRY:=}" +: "${GCP_CONTAINER_REGISTRY_LOGIN_SERVER:=}" +: "${GCP_CLUSTER_AGENTPOOL:=}" +: "${GCP_CLUSTER_AGENTPOOL_RG:=}" +: "${GCP_STORAGE_ACCOUNT:=}" +: "${GCP_STORAGE_ACCOUNT_KEY:=}" +: "${GCP_MANAGED_ID_ENABLED:=}" # set when operator need to be installed clusterwide : "${CLUSTER_WIDE:=false}" # Below env variable can be used to set the test cases to be run. Defaults to smoke test @@ -42,6 +57,7 @@ : "${DEBUG_RUN:=False}" # Type of deplyoment, manifest files or helm chart, possible values "manifest" or "helm" : "${DEPLOYMENT_TYPE:=manifest}" +: "${TEST_CLUSTER_PLATFORM:=eks}" # Docker registry to use to push the test images to and pull from in the cluster if [ -z "${PRIVATE_REGISTRY}" ]; then @@ -64,5 +80,13 @@ if [ -z "${PRIVATE_REGISTRY}" ]; then PRIVATE_REGISTRY="${AZURE_CONTAINER_REGISTRY_LOGIN_SERVER}" echo "${PRIVATE_REGISTRY}" ;; + gcp) + if [ -z "${GCP_CONTAINER_REGISTRY_LOGIN_SERVER}" ]; then + echo "Please define GCP_CONTAINER_REGISTRY_LOGIN_SERVER that specified where images are pushed and pulled from." + exit 1 + fi + PRIVATE_REGISTRY="${GCP_CONTAINER_REGISTRY_LOGIN_SERVER}" + echo "${PRIVATE_REGISTRY}" + ;; esac fi diff --git a/test/gcp-storageclass.yaml b/test/gcp-storageclass.yaml new file mode 100644 index 000000000..15e243c22 --- /dev/null +++ b/test/gcp-storageclass.yaml @@ -0,0 +1,9 @@ +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: default + annotations: + storageclass.kubernetes.io/is-default-class: "true" +provisioner: kubernetes.io/gce-pd +reclaimPolicy: Delete +volumeBindingMode: Immediate \ No newline at end of file diff --git a/test/licensemanager/lm_s1_test.go b/test/licensemanager/lm_s1_test.go index 6e2f3d6ee..32227aa47 100644 --- a/test/licensemanager/lm_s1_test.go +++ b/test/licensemanager/lm_s1_test.go @@ -68,6 +68,11 @@ var _ = Describe("Licensemanager test", func() { Expect(err).To(Succeed(), "Unable to download license file from Azure") // Create License Config Map testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) + case "gcp": + licenseFilePath, err := testenv.DownloadLicenseFromGCPBucket() + Expect(err).To(Succeed(), "Unable to download license file from GCP") + // Create License Config Map + testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) default: fmt.Printf("Unable to download license file") testcaseEnvInst.Log.Info(fmt.Sprintf("Unable to download license file with Cluster Provider set as %v", testenv.ClusterProvider)) diff --git a/test/licensemanager/manager_lm_c3_test.go b/test/licensemanager/manager_lm_c3_test.go index af80f1fd2..d6cf4de92 100644 --- a/test/licensemanager/manager_lm_c3_test.go +++ b/test/licensemanager/manager_lm_c3_test.go @@ -73,6 +73,11 @@ var _ = Describe("Licensemanager test", func() { Expect(err).To(Succeed(), "Unable to download license file from Azure") // Create License Config Map testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) + case "gcp": + licenseFilePath, err := testenv.DownloadLicenseFromGCPBucket() + Expect(err).To(Succeed(), "Unable to download license file from GCP") + // Create License Config Map + testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) default: fmt.Printf("Unable to download license file") testcaseEnvInst.Log.Info(fmt.Sprintf("Unable to download license file with Cluster Provider set as %v", testenv.ClusterProvider)) @@ -155,6 +160,9 @@ var _ = Describe("Licensemanager test", func() { containerName := "/" + AzureDataContainer + "/" + appDirV1 err := testenv.DownloadFilesFromAzure(ctx, testenv.GetAzureEndpoint(ctx), testenv.StorageAccountKey, testenv.StorageAccount, downloadDirV1, containerName, appFileList) Expect(err).To(Succeed(), "Unable to download V1 app files") + case "gcp": + err := testenv.DownloadFilesFromGCP(testDataS3Bucket, appDirV1, downloadDirV1, appFileList) + Expect(err).To(Succeed(), "Unable to download V1 app files") } // Upload V1 apps @@ -171,6 +179,12 @@ var _ = Describe("Licensemanager test", func() { uploadedFiles, err := testenv.UploadFilesToAzure(ctx, testenv.StorageAccount, testenv.StorageAccountKey, downloadDirV1, testDir, appFileList) Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Azure", appVersion)) uploadedApps = append(uploadedApps, uploadedFiles...) + case "gcp": + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3", appVersion)) + testDir = "lm-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testS3Bucket, testDir, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to gcp", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) } // Download License File @@ -186,6 +200,11 @@ var _ = Describe("Licensemanager test", func() { Expect(err).To(Succeed(), "Unable to download license file from Azure") // Create License Config Map testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) + case "gcp": + licenseFilePath, err := testenv.DownloadLicenseFromGCPBucket() + Expect(err).To(Succeed(), "Unable to download license file from GCP") + // Create License Config Map + testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) default: fmt.Printf("Unable to download license file") testcaseEnvInst.Log.Info(fmt.Sprintf("Unable to download license file with Cluster Provider set as %v", testenv.ClusterProvider)) @@ -199,6 +218,8 @@ var _ = Describe("Licensemanager test", func() { volumeSpec = []enterpriseApi.VolumeSpec{testenv.GenerateIndexVolumeSpec(volumeName, testenv.GetS3Endpoint(), testcaseEnvInst.GetIndexSecretName(), "aws", "s3", testenv.GetDefaultS3Region())} case "azure": volumeSpec = []enterpriseApi.VolumeSpec{testenv.GenerateIndexVolumeSpecAzure(volumeName, testenv.GetAzureEndpoint(ctx), testcaseEnvInst.GetIndexSecretName(), "azure", "blob")} + case "gcp": + volumeSpec = []enterpriseApi.VolumeSpec{testenv.GenerateIndexVolumeSpec(volumeName, testenv.GetS3Endpoint(), testcaseEnvInst.GetIndexSecretName(), "gcp", "blob", testenv.GetDefaultS3Region())} } // AppSourceDefaultSpec: Remote Storage volume name and Scope of App deployment @@ -262,6 +283,8 @@ var _ = Describe("Licensemanager test", func() { case "azure": azureBlobClient := &testenv.AzureBlobClient{} azureBlobClient.DeleteFilesOnAzure(ctx, testenv.GetAzureEndpoint(ctx), testenv.StorageAccountKey, testenv.StorageAccount, uploadedApps) + case "gcp": + testenv.DeleteFilesOnGCP(testS3Bucket, uploadedApps) } uploadedApps = nil @@ -278,6 +301,9 @@ var _ = Describe("Licensemanager test", func() { containerName := "/" + AzureDataContainer + "/" + appDirV2 err := testenv.DownloadFilesFromAzure(ctx, testenv.GetAzureEndpoint(ctx), testenv.StorageAccountKey, testenv.StorageAccount, downloadDirV2, containerName, appFileList) Expect(err).To(Succeed(), "Unable to download V2 app files") + case "gcp": + err := testenv.DownloadFilesFromGCP(testDataS3Bucket, appDirV2, downloadDirV2, appFileList) + Expect(err).To(Succeed(), "Unable to download V2 app files") } // Upload V2 apps @@ -292,6 +318,11 @@ var _ = Describe("Licensemanager test", func() { uploadedFiles, err := testenv.UploadFilesToAzure(ctx, testenv.StorageAccount, testenv.StorageAccountKey, downloadDirV2, testDir, appFileList) Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Azure", appVersion)) uploadedApps = append(uploadedApps, uploadedFiles...) + case "gcp": + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testS3Bucket, testDir, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Gcp", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) } // Wait for the poll period for the apps to be downloaded @@ -313,6 +344,8 @@ var _ = Describe("Licensemanager test", func() { case "azure": azureBlobClient := &testenv.AzureBlobClient{} azureBlobClient.DeleteFilesOnAzure(ctx, testenv.GetAzureEndpoint(ctx), testenv.StorageAccountKey, testenv.StorageAccount, uploadedApps) + case "gcp": + testenv.DeleteFilesOnGCP(testS3Bucket, uploadedApps) } // Delete locally downloaded app files diff --git a/test/licensemanager/manager_lm_m4_test.go b/test/licensemanager/manager_lm_m4_test.go index db282dca6..7531147aa 100644 --- a/test/licensemanager/manager_lm_m4_test.go +++ b/test/licensemanager/manager_lm_m4_test.go @@ -67,6 +67,11 @@ var _ = Describe("Licensemanager test", func() { Expect(err).To(Succeed(), "Unable to download license file from Azure") // Create License Config Map testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) + case "gcp": + licenseFilePath, err := testenv.DownloadLicenseFromGCPBucket() + Expect(err).To(Succeed(), "Unable to download license file from GCP") + // Create License Config Map + testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) default: fmt.Printf("Unable to download license file") testcaseEnvInst.Log.Info(fmt.Sprintf("Unable to download license file with Cluster Provider set as %v", testenv.ClusterProvider)) diff --git a/test/licensemaster/lm_c3_test.go b/test/licensemaster/lm_c3_test.go index 986bb2d1f..54dcb5a54 100644 --- a/test/licensemaster/lm_c3_test.go +++ b/test/licensemaster/lm_c3_test.go @@ -74,6 +74,11 @@ var _ = Describe("licensemaster test", func() { Expect(err).To(Succeed(), "Unable to download license file from Azure") // Create License Config Map testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) + case "gcp": + licenseFilePath, err := testenv.DownloadLicenseFromGCPBucket() + Expect(err).To(Succeed(), "Unable to download license file from GCP") + // Create License Config Map + testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) default: fmt.Printf("Unable to download license file") testcaseEnvInst.Log.Info(fmt.Sprintf("Unable to download license file with Cluster Provider set as %v", testenv.ClusterProvider)) @@ -172,6 +177,12 @@ var _ = Describe("licensemaster test", func() { uploadedFiles, err := testenv.UploadFilesToAzure(ctx, testenv.StorageAccount, testenv.StorageAccountKey, downloadDirV1, testDir, appFileList) Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Azure", appVersion)) uploadedApps = append(uploadedApps, uploadedFiles...) + case "gcp": + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to GCP", appVersion)) + testDir = "lm-" + testenv.RandomDNSName(4) + uploadedFiles, err := testenv.UploadFilesToGCP(testS3Bucket, testDir, appFileList, downloadDirV1) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to S3", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) } // Download License File @@ -187,6 +198,11 @@ var _ = Describe("licensemaster test", func() { Expect(err).To(Succeed(), "Unable to download license file from Azure") // Create License Config Map testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) + case "gcp": + licenseFilePath, err := testenv.DownloadLicenseFromGCPBucket() + Expect(err).To(Succeed(), "Unable to download license file from GCP") + // Create License Config Map + testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) default: fmt.Printf("Unable to download license file") testcaseEnvInst.Log.Info(fmt.Sprintf("Unable to download license file with Cluster Provider set as %v", testenv.ClusterProvider)) @@ -200,6 +216,8 @@ var _ = Describe("licensemaster test", func() { volumeSpec = []enterpriseApi.VolumeSpec{testenv.GenerateIndexVolumeSpec(volumeName, testenv.GetS3Endpoint(), testcaseEnvInst.GetIndexSecretName(), "aws", "s3", testenv.GetDefaultS3Region())} case "azure": volumeSpec = []enterpriseApi.VolumeSpec{testenv.GenerateIndexVolumeSpecAzure(volumeName, testenv.GetAzureEndpoint(ctx), testcaseEnvInst.GetIndexSecretName(), "azure", "blob")} + case "gcp": + volumeSpec = []enterpriseApi.VolumeSpec{testenv.GenerateIndexVolumeSpec(volumeName, testenv.GetS3Endpoint(), testcaseEnvInst.GetIndexSecretName(), "gcp", "blob", testenv.GetDefaultS3Region())} } // AppSourceDefaultSpec: Remote Storage volume name and Scope of App deployment @@ -280,6 +298,9 @@ var _ = Describe("licensemaster test", func() { containerName := "/" + AzureDataContainer + "/" + appDirV2 err := testenv.DownloadFilesFromAzure(ctx, testenv.GetAzureEndpoint(ctx), testenv.StorageAccountKey, testenv.StorageAccount, downloadDirV2, containerName, appFileList) Expect(err).To(Succeed(), "Unable to download V2 app files") + case "gcp": + err := testenv.DownloadFilesFromGCP(testDataS3Bucket, appDirV2, downloadDirV2, appFileList) + Expect(err).To(Succeed(), "Unable to download V2 app files") } // Upload V2 apps @@ -294,6 +315,11 @@ var _ = Describe("licensemaster test", func() { uploadedFiles, err := testenv.UploadFilesToAzure(ctx, testenv.StorageAccount, testenv.StorageAccountKey, downloadDirV2, testDir, appFileList) Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to Azure", appVersion)) uploadedApps = append(uploadedApps, uploadedFiles...) + case "gcp": + testcaseEnvInst.Log.Info(fmt.Sprintf("Upload %s apps to S3", appVersion)) + uploadedFiles, err := testenv.UploadFilesToGCP(testS3Bucket, testDir, appFileList, downloadDirV2) + Expect(err).To(Succeed(), fmt.Sprintf("Unable to upload %s apps to GCP", appVersion)) + uploadedApps = append(uploadedApps, uploadedFiles...) } // Wait for the poll period for the apps to be downloaded @@ -315,6 +341,8 @@ var _ = Describe("licensemaster test", func() { case "azure": azureBlobClient := &testenv.AzureBlobClient{} azureBlobClient.DeleteFilesOnAzure(ctx, testenv.GetAzureEndpoint(ctx), testenv.StorageAccountKey, testenv.StorageAccount, uploadedApps) + case "gcp": + testenv.DeleteFilesOnGCP(testS3Bucket, uploadedApps) } // Delete locally downloaded app files diff --git a/test/licensemaster/lm_m4_test.go b/test/licensemaster/lm_m4_test.go index 46d72126f..bba8dc3f7 100644 --- a/test/licensemaster/lm_m4_test.go +++ b/test/licensemaster/lm_m4_test.go @@ -67,6 +67,11 @@ var _ = Describe("Licensemaster test", func() { Expect(err).To(Succeed(), "Unable to download license file from Azure") // Create License Config Map testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) + case "gcp": + licenseFilePath, err := testenv.DownloadLicenseFromGCPBucket() + Expect(err).To(Succeed(), "Unable to download license file from GCP") + // Create License Config Map + testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) default: fmt.Printf("Unable to download license file") testcaseEnvInst.Log.Info(fmt.Sprintf("Unable to download license file with Cluster Provider set as %v", testenv.ClusterProvider)) diff --git a/test/licensemaster/lm_s1_test.go b/test/licensemaster/lm_s1_test.go index ff8531342..dbb7dd226 100644 --- a/test/licensemaster/lm_s1_test.go +++ b/test/licensemaster/lm_s1_test.go @@ -68,6 +68,11 @@ var _ = Describe("Licensemanager test", func() { Expect(err).To(Succeed(), "Unable to download license file from Azure") // Create License Config Map testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) + case "gcp": + licenseFilePath, err := testenv.DownloadLicenseFromGCPBucket() + Expect(err).To(Succeed(), "Unable to download license file from GCP") + // Create License Config Map + testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) default: fmt.Printf("Unable to download license file") testcaseEnvInst.Log.Info(fmt.Sprintf("Unable to download license file with Cluster Provider set as %v", testenv.ClusterProvider)) diff --git a/test/monitoring_console/manager_monitoring_console_test.go b/test/monitoring_console/manager_monitoring_console_test.go index a783996d5..743ce0a00 100644 --- a/test/monitoring_console/manager_monitoring_console_test.go +++ b/test/monitoring_console/manager_monitoring_console_test.go @@ -164,7 +164,7 @@ var _ = Describe("Monitoring Console test", func() { }) Context("Standalone deployment (S1)", func() { - It("managermc, integration: can deploy a MC with standalone instance and update MC with new standalone deployment", func() { + It("managermc1, integration: can deploy a MC with standalone instance and update MC with new standalone deployment", func() { /* Test Steps 1. Deploy Standalone @@ -319,7 +319,7 @@ var _ = Describe("Monitoring Console test", func() { }) Context("Standalone deployment with Scale up", func() { - It("managermc, integration: can deploy a MC with standalone instance and update MC when standalone is scaled up", func() { + It("managermc1, integration: can deploy a MC with standalone instance and update MC when standalone is scaled up", func() { /* Test Steps 1. Deploy Standalone @@ -584,7 +584,7 @@ var _ = Describe("Monitoring Console test", func() { }) Context("Clustered deployment (C3 - clustered indexer, search head cluster)", func() { - It("managermc, integration: MC can configure SHC, indexer instances and reconfigure to new MC", func() { + It("managermc1, integration: MC can configure SHC, indexer instances and reconfigure to new MC", func() { /* Test Steps 1. Deploy Single Site Indexer Cluster @@ -760,7 +760,7 @@ var _ = Describe("Monitoring Console test", func() { // Verify MC is Ready and stays in ready state // testenv.VerifyMonitoringConsoleReady(ctx, deployment, mcTwoName, mcTwo, testcaseEnvInst) - // ############################ VERIFICATOIN FOR MONITORING CONSOLE TWO POST SHC RECONFIG ############################### + // ############################ VERIFICATION FOR MONITORING CONSOLE TWO POST SHC RECONFIG ############################### // Check Cluster Manager in Monitoring Console Two Config Map testcaseEnvInst.Log.Info("Verify Cluster Manager on Monitoring Console Two Config Map after SHC Reconfig") @@ -781,7 +781,7 @@ var _ = Describe("Monitoring Console test", func() { testcaseEnvInst.Log.Info("Checking for Indexer Pod on MC TWO after SHC Reconfig") testenv.VerifyPodsInMCConfigString(ctx, deployment, testcaseEnvInst, indexerPods, mcTwoName, true, true) - // ############################ VERIFICATOIN FOR MONITORING CONSOLE ONE POST SHC RECONFIG ############################### + // ############################ VERIFICATION FOR MONITORING CONSOLE ONE POST SHC RECONFIG ############################### // Verify MC ONE is Ready and stays in ready state before running verfications testenv.VerifyMonitoringConsoleReady(ctx, deployment, mcName, mc, testcaseEnvInst) @@ -809,7 +809,7 @@ var _ = Describe("Monitoring Console test", func() { }) Context("Multisite Clustered deployment (M4 - 3 Site clustered indexer, search head cluster)", func() { - It("managermc, integration: MC can configure SHC, indexer instances and reconfigure Cluster Manager to new Monitoring Console", func() { + It("managermc2, integration: MC can configure SHC, indexer instances and reconfigure Cluster Manager to new Monitoring Console", func() { /* Test Steps 1. Deploy Multisite Indexer Cluster @@ -946,7 +946,7 @@ var _ = Describe("Monitoring Console test", func() { }) Context("Standalone deployment (S1)", func() { - It("managermc, integration: can deploy a MC with standalone instance and update MC with new standalone deployment of similar names", func() { + It("managermc2, integration: can deploy a MC with standalone instance and update MC with new standalone deployment of similar names", func() { /* Test Steps 1. Deploy Standalone with name "search-head-adhoc" diff --git a/test/monitoring_console/monitoring_console_suite_test.go b/test/monitoring_console/monitoring_console_suite_test.go index c7a571f63..83bf2060d 100644 --- a/test/monitoring_console/monitoring_console_suite_test.go +++ b/test/monitoring_console/monitoring_console_suite_test.go @@ -44,7 +44,10 @@ func TestBasic(t *testing.T) { RegisterFailHandler(Fail) - RunSpecs(t, "Running "+testSuiteName) + sc, _ := GinkgoConfiguration() + sc.Timeout = 240 * time.Minute + + RunSpecs(t, "Running "+testSuiteName, sc) } var _ = BeforeSuite(func() { diff --git a/test/run-tests.sh b/test/run-tests.sh index a5069cf83..13a96dc4a 100755 --- a/test/run-tests.sh +++ b/test/run-tests.sh @@ -19,35 +19,43 @@ if [ -n "${PRIVATE_REGISTRY}" ]; then echo "Using private registry at ${PRIVATE_REGISTRY}" PRIVATE_SPLUNK_OPERATOR_IMAGE=${PRIVATE_REGISTRY}/${SPLUNK_OPERATOR_IMAGE} - PRIVATE_SPLUNK_ENTERPRISE_IMAGE=${PRIVATE_REGISTRY}/${SPLUNK_ENTERPRISE_IMAGE} - echo "docker images -q ${SPLUNK_OPERATOR_IMAGE}" + # CSPL-2920: ARM64 support + if [ "$ARM64" != "true" ]; then + PRIVATE_SPLUNK_ENTERPRISE_IMAGE=${PRIVATE_REGISTRY}/${SPLUNK_ENTERPRISE_IMAGE} + fi + echo "Checking to see if image exists, docker images -q ${PRIVATE_SPLUNK_OPERATOR_IMAGE}" # Don't pull splunk operator if exists locally since we maybe building it locally - if [ -z $(docker images -q ${SPLUNK_OPERATOR_IMAGE}) ]; then - docker pull ${SPLUNK_OPERATOR_IMAGE} + if [ -z $(docker images -q ${PRIVATE_SPLUNK_OPERATOR_IMAGE}) ]; then + echo "Doesn't exist, pulling ${PRIVATE_SPLUNK_OPERATOR_IMAGE}..." + docker pull ${PRIVATE_SPLUNK_OPERATOR_IMAGE} if [ $? -ne 0 ]; then echo "Unable to pull ${SPLUNK_OPERATOR_IMAGE}. Exiting..." exit 1 fi fi - docker tag ${SPLUNK_OPERATOR_IMAGE} ${PRIVATE_SPLUNK_OPERATOR_IMAGE} - docker push ${PRIVATE_SPLUNK_OPERATOR_IMAGE} - if [ $? -ne 0 ]; then - echo "Unable to push ${PRIVATE_SPLUNK_OPERATOR_IMAGE}. Exiting..." - exit 1 - fi - # Always attempt to pull splunk enterprise image - docker pull ${SPLUNK_ENTERPRISE_IMAGE} - if [ $? -ne 0 ]; then - echo "Unable to pull ${SPLUNK_ENTERPRISE_IMAGE}. Exiting..." - exit 1 - fi - docker tag ${SPLUNK_ENTERPRISE_IMAGE} ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} - docker push ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} - if [ $? -ne 0 ]; then - echo "Unable to push ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}. Exiting..." - exit 1 + echo "check if image exists, docker manifest inspect $PRIVATE_SPLUNK_ENTERPRISE_IMAGE" + if docker manifest inspect "$PRIVATE_SPLUNK_ENTERPRISE_IMAGE" > /dev/null 2>&1; then + echo "Image $PRIVATE_SPLUNK_ENTERPRISE_IMAGE exists on the remote repository." + docker pull ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} + if [ $? -ne 0 ]; then + echo "Unable to pull ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}. Exiting..." + exit 1 + fi + else + echo "Image $PRIVATE_SPLUNK_ENTERPRISE_IMAGE does not exist on the remote repository." + docker pull ${SPLUNK_ENTERPRISE_IMAGE} + if [ $? -ne 0 ]; then + echo "Unable to pull ${SPLUNK_ENTERPRISE_IMAGE}. Exiting..." + exit 1 + fi + docker tag ${SPLUNK_ENTERPRISE_IMAGE} ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} + docker push ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} + if [ $? -ne 0 ]; then + echo "Unable to push ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}. Exiting..." + exit 1 + fi fi # Output @@ -70,7 +78,7 @@ elif [ "${CLUSTER_WIDE}" != "true" ]; then make uninstall bin/kustomize build config/crd | kubectl create -f - else - echo "Installing enterprise operator from ${PRIVATE_SPLUNK_OPERATOR_IMAGE}..." + echo "Installing enterprise operator from ${PRIVATE_SPLUNK_OPERATOR_IMAGE} using enterprise image from ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}..." make deploy IMG=${PRIVATE_SPLUNK_OPERATOR_IMAGE} SPLUNK_ENTERPRISE_IMAGE=${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} WATCH_NAMESPACE="" fi @@ -80,6 +88,10 @@ if [ $? -ne 0 ]; then exit 1 fi +echo "Dumping operator config here..." +kubectl describe deployment splunk-operator-controller-manager -n splunk-operator + + if [ "${CLUSTER_WIDE}" == "true" ]; then echo "wait for operator pod to be ready..." # sleep before checking for deployment, in slow clusters deployment call may not even started @@ -180,6 +192,31 @@ case ${CLUSTER_PROVIDER} in export STORAGE_ACCOUNT_KEY="${AZURE_STORAGE_ACCOUNT_KEY}" fi ;; + "gcp") + if [[ -z "${GCP_ENTERPRISE_LICENSE_LOCATION}" ]]; then + echo "License path not set. Changing to default" + export ENTERPRISE_LICENSE_LOCATION="${GCP_ENTERPRISE_LICENSE_LOCATION}" + fi + if [[ -z "${ENTERPRISE_LICENSE_LOCATION}" ]]; then + echo "License path not set. Changing to default" + export ENTERPRISE_LICENSE_LOCATION="${ENTERPRISE_LICENSE_S3_PATH}" + fi + + if [[ -z "${TEST_BUCKET}" ]]; then + echo "Data bucket not set. Changing to default" + export TEST_BUCKET="${TEST_S3_BUCKET}" + fi + + if [[ -z "${TEST_INDEXES_S3_BUCKET}" ]]; then + echo "Test bucket not set. Changing to default" + export TEST_INDEXES_S3_BUCKET="${INDEXES_S3_BUCKET}" + fi + + if [[ -z "${S3_REGION}" ]]; then + echo "S3 Region not set. Changing to default" + export S3_REGION="${AWS_S3_REGION}" + fi + ;; esac diff --git a/test/secret/manager_secret_c3_test.go b/test/secret/manager_secret_c3_test.go index 1c4740472..ef349f179 100644 --- a/test/secret/manager_secret_c3_test.go +++ b/test/secret/manager_secret_c3_test.go @@ -76,6 +76,11 @@ var _ = Describe("Secret Test for SVA C3", func() { Expect(err).To(Succeed(), "Unable to download license file from Azure") // Create License Config Map testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) + case "gcp": + licenseFilePath, err := testenv.DownloadLicenseFromGCPBucket() + Expect(err).To(Succeed(), "Unable to download license file from GCP") + // Create License Config Map + testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) default: fmt.Printf("Unable to download license file") testcaseEnvInst.Log.Info(fmt.Sprintf("Unable to download license file with Cluster Provider set as %v", testenv.ClusterProvider)) diff --git a/test/secret/manager_secret_m4_test.go b/test/secret/manager_secret_m4_test.go index 7e19b60d4..134b688ef 100644 --- a/test/secret/manager_secret_m4_test.go +++ b/test/secret/manager_secret_m4_test.go @@ -37,7 +37,7 @@ var _ = Describe("Secret Test for M4 SVA", func() { // it takes more than 3000 seconds for one of the test case testcaseEnvInst, err = testenv.NewDefaultTestCaseEnv(testenvInstance.GetKubeClient(), name) Expect(err).To(Succeed(), "Unable to create testcaseenv") - testenv.SpecifiedTestTimeout = 4000 + testenv.SpecifiedTestTimeout = 40000 deployment, err = testcaseEnvInst.NewDeployment(testenv.RandomDNSName(3)) Expect(err).To(Succeed(), "Unable to create deployment") }) @@ -78,6 +78,11 @@ var _ = Describe("Secret Test for M4 SVA", func() { Expect(err).To(Succeed(), "Unable to download license file from Azure") // Create License Config Map testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) + case "gcp": + licenseFilePath, err := testenv.DownloadLicenseFromGCPBucket() + Expect(err).To(Succeed(), "Unable to download license file from GCP") + // Create License Config Map + testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) default: fmt.Printf("Unable to download license file") testcaseEnvInst.Log.Info(fmt.Sprintf("Unable to download license file with Cluster Provider set as %v", testenv.ClusterProvider)) diff --git a/test/secret/manager_secret_s1_test.go b/test/secret/manager_secret_s1_test.go index b26afbdb4..bbe7d5e9d 100644 --- a/test/secret/manager_secret_s1_test.go +++ b/test/secret/manager_secret_s1_test.go @@ -78,6 +78,11 @@ var _ = Describe("Secret Test for SVA S1", func() { Expect(err).To(Succeed(), "Unable to download license file from Azure") // Create License Config Map testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) + case "gcp": + licenseFilePath, err := testenv.DownloadLicenseFromGCPBucket() + Expect(err).To(Succeed(), "Unable to download license file from GCP") + // Create License Config Map + testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) default: fmt.Printf("Unable to download license file") testcaseEnvInst.Log.Info(fmt.Sprintf("Unable to download license file with Cluster Provider set as %v", testenv.ClusterProvider)) @@ -180,6 +185,11 @@ var _ = Describe("Secret Test for SVA S1", func() { Expect(err).To(Succeed(), "Unable to download license file from Azure") // Create License Config Map testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) + case "gcp": + licenseFilePath, err := testenv.DownloadLicenseFromGCPBucket() + Expect(err).To(Succeed(), "Unable to download license file from GCP") + // Create License Config Map + testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) default: fmt.Printf("Unable to download license file") testcaseEnvInst.Log.Info(fmt.Sprintf("Unable to download license file with Cluster Provider set as %v", testenv.ClusterProvider)) diff --git a/test/secret/secret_c3_test.go b/test/secret/secret_c3_test.go index 2375deb5a..162312fa5 100644 --- a/test/secret/secret_c3_test.go +++ b/test/secret/secret_c3_test.go @@ -76,6 +76,11 @@ var _ = Describe("Secret Test for SVA C3", func() { Expect(err).To(Succeed(), "Unable to download license file from Azure") // Create License Config Map testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) + case "gcp": + licenseFilePath, err := testenv.DownloadLicenseFromGCPBucket() + Expect(err).To(Succeed(), "Unable to download license file from GCP") + // Create License Config Map + testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) default: fmt.Printf("Unable to download license file") testcaseEnvInst.Log.Info(fmt.Sprintf("Unable to download license file with Cluster Provider set as %v", testenv.ClusterProvider)) diff --git a/test/secret/secret_m4_test.go b/test/secret/secret_m4_test.go index a56bc7ced..8b63e012b 100644 --- a/test/secret/secret_m4_test.go +++ b/test/secret/secret_m4_test.go @@ -38,7 +38,7 @@ var _ = Describe("Secret Test for M4 SVA", func() { // it takes more than 3000 seconds for one of the test case testcaseEnvInst, err = testenv.NewDefaultTestCaseEnv(testenvInstance.GetKubeClient(), name) Expect(err).To(Succeed(), "Unable to create testcaseenv") - testenv.SpecifiedTestTimeout = 4000 + testenv.SpecifiedTestTimeout = 40000 deployment, err = testcaseEnvInst.NewDeployment(testenv.RandomDNSName(3)) Expect(err).To(Succeed(), "Unable to create deployment") }) @@ -79,6 +79,11 @@ var _ = Describe("Secret Test for M4 SVA", func() { Expect(err).To(Succeed(), "Unable to download license file from Azure") // Create License Config Map testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) + case "gcp": + licenseFilePath, err := testenv.DownloadLicenseFromGCPBucket() + Expect(err).To(Succeed(), "Unable to download license file from GCP") + // Create License Config Map + testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) default: fmt.Printf("Unable to download license file") testcaseEnvInst.Log.Info(fmt.Sprintf("Unable to download license file with Cluster Provider set as %v", testenv.ClusterProvider)) diff --git a/test/secret/secret_s1_test.go b/test/secret/secret_s1_test.go index 4e2dd919f..88277f787 100644 --- a/test/secret/secret_s1_test.go +++ b/test/secret/secret_s1_test.go @@ -78,6 +78,11 @@ var _ = Describe("Secret Test for SVA S1", func() { Expect(err).To(Succeed(), "Unable to download license file from Azure") // Create License Config Map testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) + case "gcp": + licenseFilePath, err := testenv.DownloadLicenseFromGCPBucket() + Expect(err).To(Succeed(), "Unable to download license file from GCP") + // Create License Config Map + testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) default: fmt.Printf("Unable to download license file") testcaseEnvInst.Log.Info(fmt.Sprintf("Unable to download license file with Cluster Provider set as %v", testenv.ClusterProvider)) @@ -180,6 +185,11 @@ var _ = Describe("Secret Test for SVA S1", func() { Expect(err).To(Succeed(), "Unable to download license file from Azure") // Create License Config Map testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) + case "gcp": + licenseFilePath, err := testenv.DownloadLicenseFromGCPBucket() + Expect(err).To(Succeed(), "Unable to download license file from GCP") + // Create License Config Map + testcaseEnvInst.CreateLicenseConfigMap(licenseFilePath) default: fmt.Printf("Unable to download license file") testcaseEnvInst.Log.Info(fmt.Sprintf("Unable to download license file with Cluster Provider set as %v", testenv.ClusterProvider)) diff --git a/test/testenv/appframework_utils.go b/test/testenv/appframework_utils.go index 44a3f2845..9413f5302 100644 --- a/test/testenv/appframework_utils.go +++ b/test/testenv/appframework_utils.go @@ -376,8 +376,11 @@ func GenerateAppFrameworkSpec(ctx context.Context, testenvInstance *TestCaseEnv, } else { volumeSpec = []enterpriseApi.VolumeSpec{GenerateIndexVolumeSpecAzureManagedID(volumeName, GetAzureEndpoint(ctx), "azure", "blob")} } + case "gcp": + volumeSpec = []enterpriseApi.VolumeSpec{GenerateIndexVolumeSpec(volumeName, GetGCPEndpoint(), testenvInstance.GetIndexSecretName(), "gcp", "gcs", GetDefaultS3Region())} + default: - testenvInstance.Log.Info("Failed to identify cluster provider name: Should be 'eks' or 'azure' ") + testenvInstance.Log.Info("Failed to identify cluster provider name: Should be 'eks' or 'azure' or 'gcp' ") } // AppSourceDefaultSpec: Remote Storage volume name and Scope of App deployment diff --git a/test/testenv/gcputils.go b/test/testenv/gcputils.go new file mode 100644 index 000000000..e999f4116 --- /dev/null +++ b/test/testenv/gcputils.go @@ -0,0 +1,628 @@ +package testenv + +import ( + "archive/tar" + "compress/gzip" + "context" + "encoding/base64" + //"encoding/json" + "errors" + "fmt" + "io" + "os" + "path/filepath" + "strings" + "time" + + "cloud.google.com/go/storage" + "github.com/google/uuid" + //"golang.org/x/oauth2/google" + "google.golang.org/api/iterator" + "google.golang.org/api/option" + + logf "sigs.k8s.io/controller-runtime/pkg/log" +) + +// Set GCP Variables +var ( + gcpProjectID = os.Getenv("GCP_PROJECT_ID") + gcpRegion = os.Getenv("GCP_REGION") + testGCPBucket = os.Getenv("TEST_BUCKET") + testIndexesGCPBucket = os.Getenv("TEST_INDEXES_GCP_BUCKET") + enterpriseLicenseLocationGCP = os.Getenv("ENTERPRISE_LICENSE_LOCATION") +) + +// GetSmartStoreIndexesBucket returns the SmartStore test bucket name +func GetSmartStoreIndexesBucket() string { + return testIndexesGCPBucket +} + +// GetDefaultGCPRegion returns the default GCP Region +func GetDefaultGCPRegion() string { + return gcpRegion +} + +// GetGCPEndpoint returns GCP Storage endpoint +func GetGCPEndpoint() string { + return "https://storage.googleapis.com" +} + +// GCPClient wraps the GCP Storage client +type GCPClient struct { + Client *storage.Client + Ctx context.Context +} + +// NewGCPClient initializes and returns a GCPClient +func NewGCPClient() (*GCPClient, error) { + var err error + ctx := context.Background() + var client *storage.Client + encodedString := os.Getenv("GCP_SERVICE_ACCOUNT_KEY") + gcpCredentials, err := base64.StdEncoding.DecodeString(encodedString) + if err != nil { + logf.Log.Error(err, "Error decoding GCP service account key") + return nil, err + } + + if len(gcpCredentials) == 0 { + client, err = storage.NewClient(ctx) + if err != nil { + logf.Log.Error(err, "Failed to create GCP Storage client") + return nil, err + } + + } else { + //var creds google.Credentials + + //err = json.Unmarshal([]byte(gcpCredentials), &creds) + //if err != nil { + // logf.Log.Error(err, "Secret key.json value is not parsable") + // return nil, err + //} + //client, err = storage.NewClient(ctx, option.WithCredentials(&creds)) + //client, err = storage.NewClient(ctx, option.WithCredentialsFile("/Users/vivekr/Projects/splunk-operator/auth.json")) + client, err = storage.NewClient(ctx, option.WithCredentialsJSON([]byte(gcpCredentials))) + if err != nil { + logf.Log.Error(err, "Failed to create GCP Storage client") + return nil, err + } + } + + return &GCPClient{ + Client: client, + Ctx: ctx, + }, nil +} + +// CheckPrefixExistsOnGCP checks if a prefix exists in a GCP bucket +func CheckPrefixExistsOnGCP(prefix string) bool { + dataBucket := testIndexesGCPBucket + client, err := NewGCPClient() + if err != nil { + return false + } + defer client.Client.Close() + + it := client.Client.Bucket(dataBucket).Objects(client.Ctx, &storage.Query{ + Prefix: prefix, + // You can set other query parameters if needed + }) + + for { + objAttrs, err := it.Next() + if err == iterator.Done { + break + } + if err != nil { + logf.Log.Error(err, "Error listing objects in GCP bucket") + return false + } + logf.Log.Info("CHECKING OBJECT", "OBJECT", objAttrs.Name) + if strings.Contains(objAttrs.Name, prefix) { + logf.Log.Info("Prefix found in bucket", "Prefix", prefix, "Object", objAttrs.Name) + return true + } + } + return false +} + +// CreateBucketAndPathIfNotExist creates a bucket and path if they do not exist +func CreateBucketAndPathIfNotExist(bucketName, path string) error { + client, err := NewGCPClient() + if err != nil { + return err + } + defer client.Client.Close() + + ctx, cancel := context.WithTimeout(client.Ctx, time.Minute*5) + defer cancel() + + // Check if the bucket exists + _, err = client.Client.Bucket(bucketName).Attrs(ctx) + if err == storage.ErrBucketNotExist { + // Create the bucket + err = client.Client.Bucket(bucketName).Create(ctx, gcpProjectID, nil) + if err != nil { + logf.Log.Error(err, "Failed to create bucket", "Bucket Name", bucketName) + return err + } + logf.Log.Info("Bucket created", "Bucket Name", bucketName) + } else if err != nil { + logf.Log.Error(err, "Error checking bucket attributes", "Bucket Name", bucketName) + return err + } + + // Check if the path exists by trying to get its attributes + _, err = client.Client.Bucket(bucketName).Object(path).Attrs(ctx) + if err == storage.ErrObjectNotExist { + // Create a zero-length object to represent the path + wc := client.Client.Bucket(bucketName).Object(path).NewWriter(ctx) + if _, err := wc.Write([]byte{}); err != nil { + logf.Log.Error(err, "Failed to create path", "Path", path) + return err + } + if err := wc.Close(); err != nil { + logf.Log.Error(err, "Failed to finalize path creation", "Path", path) + return err + } + logf.Log.Info("Path created", "Path", path) + } else if err != nil { + logf.Log.Error(err, "Error checking path attributes", "Path", path) + return err + } + + return nil +} + +// DownloadLicenseFromGCPBucket downloads the license file from GCP +func DownloadLicenseFromGCPBucket() (string, error) { + location := enterpriseLicenseLocationGCP + item := "enterprise.lic" + dataBucket := testGCPBucket + filename, err := DownloadFileFromGCP(dataBucket, item, location, ".") + return filename, err +} + +// DownloadFileFromGCP downloads a file from a GCP bucket to a local directory +func DownloadFileFromGCP(bucketName, objectName, gcpFilePath, downloadDir string) (string, error) { + // Ensure the download directory exists + if _, err := os.Stat(downloadDir); errors.Is(err, os.ErrNotExist) { + err := os.MkdirAll(downloadDir, os.ModePerm) + if err != nil { + logf.Log.Error(err, "Unable to create download directory") + return "", err + } + } + + client, err := NewGCPClient() + if err != nil { + return "", err + } + defer client.Client.Close() + + ctx, cancel := context.WithTimeout(client.Ctx, time.Minute*10) + defer cancel() + + objectPath := filepath.Join(gcpFilePath, objectName) + rc, err := client.Client.Bucket(bucketName).Object(objectPath).NewReader(ctx) + if err != nil { + logf.Log.Error(err, "Failed to create reader for object", "Object", objectName) + return "", err + } + defer rc.Close() + + localPath := filepath.Join(downloadDir, objectName) + file, err := os.Create(localPath) + if err != nil { + logf.Log.Error(err, "Failed to create local file", "Filename", localPath) + return "", err + } + defer file.Close() + + written, err := io.Copy(file, rc) + if err != nil { + logf.Log.Error(err, "Failed to download object", "Object", objectName) + return "", err + } + + logf.Log.Info("Downloaded", "filename", localPath, "bytes", written) + return localPath, nil +} + +// UploadFileToGCP uploads a file to a GCP bucket +func UploadFileToGCP(bucketName, objectName, path string, file *os.File) (string, error) { + client, err := NewGCPClient() + if err != nil { + return "", err + } + defer client.Client.Close() + + ctx, cancel := context.WithTimeout(client.Ctx, time.Minute*10) + defer cancel() + + objectPath := filepath.Join(path, objectName) + wc := client.Client.Bucket(bucketName).Object(objectPath).NewWriter(ctx) + defer wc.Close() + + written, err := io.Copy(wc, file) + if err != nil { + logf.Log.Error(err, "Failed to upload file to GCP", "Filename", objectName) + return "", err + } + + if err := wc.Close(); err != nil { + logf.Log.Error(err, "Failed to finalize upload to GCP", "Filename", objectName) + return "", err + } + + logf.Log.Info("Uploaded", "filename", file.Name(), "bytes", written) + return objectPath, nil +} + +// GetFileListOnGCP lists objects in a GCP bucket with the given prefix +func GetFileListOnGCP(bucketName, prefix string) []*storage.ObjectAttrs { + client, err := NewGCPClient() + if err != nil { + return nil + } + defer client.Client.Close() + + it := client.Client.Bucket(bucketName).Objects(client.Ctx, &storage.Query{ + Prefix: prefix, + }) + + var objects []*storage.ObjectAttrs + for { + objAttrs, err := it.Next() + if err == iterator.Done { + break + } + if err != nil { + logf.Log.Error(err, "Error listing objects in GCP bucket") + return nil + } + objects = append(objects, objAttrs) + } + return objects +} + +// DeleteFilesOnGCP deletes a list of files from a GCP bucket +func DeleteFilesOnGCP(bucketName string, filenames []string) error { + client, err := NewGCPClient() + if err != nil { + return err + } + defer client.Client.Close() + + for _, file := range filenames { + err := DeleteFileOnGCP(bucketName, file) + if err != nil { + return err + } + } + return nil +} + +// DeleteFileOnGCP deletes a single file from a GCP bucket +func DeleteFileOnGCP(bucketName, objectName string) error { + client, err := NewGCPClient() + if err != nil { + return err + } + defer client.Client.Close() + + ctx, cancel := context.WithTimeout(client.Ctx, time.Minute*5) + defer cancel() + + err = client.Client.Bucket(bucketName).Object(objectName).Delete(ctx) + if err != nil && err != storage.ErrObjectNotExist { + logf.Log.Error(err, "Unable to delete object from bucket", "Object Name", objectName, "Bucket Name", bucketName) + return err + } + + // Optionally, verify deletion + _, err = client.Client.Bucket(bucketName).Object(objectName).Attrs(ctx) + if err == storage.ErrObjectNotExist { + logf.Log.Info("Deleted file on GCP", "File Name", objectName, "Bucket", bucketName) + return nil + } + if err != nil { + logf.Log.Error(err, "Error verifying deletion of object", "Object Name", objectName, "Bucket Name", bucketName) + return err + } + + return errors.New("object still exists after deletion") +} + +// GetFilesInPathOnGCP retrieves a list of file names under a given path in a GCP bucket +func GetFilesInPathOnGCP(bucketName, path string) []string { + resp := GetFileListOnGCP(bucketName, path) + var files []string + for _, obj := range resp { + logf.Log.Info("CHECKING OBJECT", "OBJECT", obj.Name) + if strings.HasPrefix(obj.Name, path) { + filename := strings.TrimPrefix(obj.Name, path) + // This condition filters out directories as GCP returns objects with their full paths + if len(filename) > 1 && !strings.HasSuffix(filename, "/") { + logf.Log.Info("File found in bucket", "Path", path, "Object", obj.Name) + files = append(files, filename) + } + } + } + return files +} + +// DownloadFilesFromGCP downloads a list of files from a GCP bucket to a local directory +func DownloadFilesFromGCP(bucketName, gcpAppDir, downloadDir string, appList []string) error { + for _, key := range appList { + logf.Log.Info("Downloading file from GCP", "File name", key) + _, err := DownloadFileFromGCP(bucketName, key, gcpAppDir, downloadDir) + if err != nil { + logf.Log.Error(err, "Unable to download file", "File Name", key) + return err + } + } + return nil +} + +// UploadFilesToGCP uploads a list of files to a specified path in a GCP bucket +func UploadFilesToGCP(bucketName, gcpTestDir string, appList []string, uploadDir string) ([]string, error) { + var uploadedFiles []string + for _, key := range appList { + logf.Log.Info("Uploading file to GCP", "File name", key) + logf.Log.Info("Using bucket", "Bucket", bucketName, "Path", gcpTestDir, "Upload Dir", uploadDir) + fileLocation := filepath.Join(uploadDir, key) + fileBody, err := os.Open(fileLocation) + if err != nil { + logf.Log.Error(err, "Unable to open file", "File name", key) + return nil, err + } + defer fileBody.Close() + + objectPath, err := UploadFileToGCP(bucketName, key, gcpTestDir, fileBody) + if err != nil { + logf.Log.Error(err, "Unable to upload file", "File name", key) + return nil, err + } + logf.Log.Info("File uploaded to GCP", "File name", objectPath) + uploadedFiles = append(uploadedFiles, objectPath) + } + return uploadedFiles, nil +} + +// DisableAppsToGCP untars apps, modifies their config files to disable them, re-tars, and uploads the disabled versions to GCP +func DisableAppsToGCP(downloadDir string, appFileList []string, gcpTestDir string) ([]string, error) { + // Create directories for untarred and disabled apps + untarredAppsMainFolder := filepath.Join(downloadDir, "untarred_apps") + disabledAppsFolder := filepath.Join(downloadDir, "disabled_apps") + + err := os.MkdirAll(untarredAppsMainFolder, os.ModePerm) + if err != nil { + logf.Log.Error(err, "Unable to create directory for untarred apps") + return nil, err + } + + err = os.MkdirAll(disabledAppsFolder, os.ModePerm) + if err != nil { + logf.Log.Error(err, "Unable to create directory for disabled apps") + return nil, err + } + + for _, key := range appFileList { + // Create a unique folder for each app to avoid conflicts + appUniqueID := uuid.New().String() + untarredCurrentAppFolder := filepath.Join(untarredAppsMainFolder, key+"_"+appUniqueID) + err := os.MkdirAll(untarredCurrentAppFolder, os.ModePerm) + if err != nil { + logf.Log.Error(err, "Unable to create folder for current app", "App", key) + return nil, err + } + + // Untar the app + tarfile := filepath.Join(downloadDir, key) + err = untarFile(tarfile, untarredCurrentAppFolder) + if err != nil { + logf.Log.Error(err, "Failed to untar app", "App", key) + return nil, err + } + + // Disable the app by modifying its config file + appConfFile := filepath.Join(untarredCurrentAppFolder, "default", "app.conf") + err = disableAppConfig(appConfFile) + if err != nil { + logf.Log.Error(err, "Failed to disable app config", "File", appConfFile) + return nil, err + } + + // Tar the disabled app + tarDestination := filepath.Join(disabledAppsFolder, key) + err = tarGzFolder(untarredCurrentAppFolder, tarDestination) + if err != nil { + logf.Log.Error(err, "Failed to tar disabled app", "App", key) + return nil, err + } + } + + // Upload disabled apps to GCP + uploadedFiles, err := UploadFilesToGCP(testIndexesGCPBucket, gcpTestDir, appFileList, disabledAppsFolder) + if err != nil { + logf.Log.Error(err, "Failed to upload disabled apps to GCP") + return nil, err + } + + return uploadedFiles, nil +} + +// untarFile extracts a tar.gz file to the specified destination +func untarFile(src, dest string) error { + file, err := os.Open(src) + if err != nil { + return err + } + defer file.Close() + + gzr, err := gzip.NewReader(file) + if err != nil { + return err + } + defer gzr.Close() + + tarReader := tar.NewReader(gzr) + + for { + header, err := tarReader.Next() + if err != nil { + return err + } + + // Sanitize the file path to prevent Zip Slip + targetPath := filepath.Join(dest, header.Name) + if !strings.HasPrefix(targetPath, filepath.Clean(dest)+string(os.PathSeparator)) { + return fmt.Errorf("invalid file path: %s", targetPath) + } + + if err == io.EOF { + break // End of archive + } + if err != nil { + return err + } + + targetPath = filepath.Join(dest, header.Name) + + switch header.Typeflag { + case tar.TypeDir: + // Create Directory + if err := os.MkdirAll(targetPath, os.FileMode(header.Mode)); err != nil { + return err + } + case tar.TypeReg: + // Create File + err := os.MkdirAll(filepath.Dir(targetPath), os.ModePerm) + if err != nil { + return err + } + outFile, err := os.Create(targetPath) + if err != nil { + return err + } + if _, err := io.Copy(outFile, tarReader); err != nil { + outFile.Close() + return err + } + outFile.Close() + // Set file permissions + if err := os.Chmod(targetPath, os.FileMode(header.Mode)); err != nil { + return err + } + default: + logf.Log.Info("Unknown type in tar archive", "Type", header.Typeflag, "Name", header.Name) + } + } + return nil +} + +// tarGzFolder creates a tar.gz archive from the specified folder +func tarGzFolder(sourceDir, tarGzPath string) error { + file, err := os.Create(tarGzPath) + if err != nil { + return err + } + defer file.Close() + + gzw := gzip.NewWriter(file) + defer gzw.Close() + + tw := tar.NewWriter(gzw) + defer tw.Close() + + err = filepath.Walk(sourceDir, func(filePath string, info os.FileInfo, err error) error { + if err != nil { + return err + } + + // Create header + header, err := tar.FileInfoHeader(info, info.Name()) + if err != nil { + return err + } + + // Update the name to maintain the folder structure + relPath, err := filepath.Rel(sourceDir, filePath) + if err != nil { + return err + } + header.Name = relPath + + // Write header + if err := tw.WriteHeader(header); err != nil { + return err + } + + // If not a regular file, skip + if !info.Mode().IsRegular() { + return nil + } + + // Open file for reading + f, err := os.Open(filePath) + if err != nil { + return err + } + defer f.Close() + + // Copy file data to tar writer + if _, err := io.Copy(tw, f); err != nil { + return err + } + + return nil + }) + + if err != nil { + return err + } + + return nil +} + +// disableAppConfig modifies the app.conf file to disable the app +func disableAppConfig(appConfFile string) error { + input, err := os.ReadFile(appConfFile) + if err != nil { + return err + } + lines := strings.Split(string(input), "\n") + var outputLines []string + inInstallSection := false + + for _, line := range lines { + trimmedLine := strings.TrimSpace(line) + if strings.HasPrefix(trimmedLine, "[install]") { + inInstallSection = true + outputLines = append(outputLines, "[install]") + outputLines = append(outputLines, "state = disabled") + continue + } + if inInstallSection { + if strings.HasPrefix(trimmedLine, "state = enabled") { + // Skip this line + continue + } + // Exit install section on encountering another section + if strings.HasPrefix(trimmedLine, "[") && strings.HasSuffix(trimmedLine, "]") { + inInstallSection = false + } + } + outputLines = append(outputLines, line) + } + + output := strings.Join(outputLines, "\n") + err = os.WriteFile(appConfFile, []byte(output), 0644) + if err != nil { + return err + } + + return nil +} diff --git a/test/testenv/testcaseenv.go b/test/testenv/testcaseenv.go index 29a81e39f..b09e1c731 100644 --- a/test/testenv/testcaseenv.go +++ b/test/testenv/testcaseenv.go @@ -17,6 +17,7 @@ package testenv import ( "context" + "encoding/base64" "fmt" "os" "time" @@ -148,6 +149,8 @@ func (testenv *TestCaseEnv) setup() error { testenv.createIndexSecret() case "azure": testenv.createIndexSecretAzure() + case "gcp": + testenv.createIndexSecretGCP() default: testenv.Log.Info("Failed to create secret object") } @@ -525,6 +528,34 @@ func (testenv *TestCaseEnv) createIndexSecret() error { return nil } +// CreateIndexSecret create secret object +func (testenv *TestCaseEnv) createIndexSecretGCP() error { + secretName := testenv.s3IndexSecret + ns := testenv.namespace + encodedString := os.Getenv("GCP_SERVICE_ACCOUNT_KEY") + gcpCredentials, err := base64.StdEncoding.DecodeString(encodedString) + if err != nil { + testenv.Log.Error(err, "Unable to decode GCP service account key") + return err + } + data := map[string][]byte{"key.json": []byte(gcpCredentials)} + secret := newSecretSpec(ns, secretName, data) + if err := testenv.GetKubeClient().Create(context.TODO(), secret); err != nil { + testenv.Log.Error(err, "Unable to create GCP index secret object") + return err + } + + testenv.pushCleanupFunc(func() error { + err := testenv.GetKubeClient().Delete(context.TODO(), secret) + if err != nil { + testenv.Log.Error(err, "Unable to delete GCP index secret object") + return err + } + return nil + }) + return nil +} + // createIndexSecretAzure create secret object for Azure func (testenv *TestCaseEnv) createIndexSecretAzure() error { secretName := testenv.s3IndexSecret diff --git a/test/testenv/testenv.go b/test/testenv/testenv.go index 1099314e1..a7556c1b7 100644 --- a/test/testenv/testenv.go +++ b/test/testenv/testenv.go @@ -58,7 +58,7 @@ const ( ConsistentDuration = 2000 * time.Millisecond // DefaultTimeout is the max timeout before we failed. - DefaultTimeout = 200 * time.Minute + DefaultTimeout = 2000 * time.Minute // SearchHeadPod Template String for search head pod SearchHeadPod = "splunk-%s-shc-search-head-%d" diff --git a/test/testenv/util.go b/test/testenv/util.go index a12dbd174..57eb7ffce 100644 --- a/test/testenv/util.go +++ b/test/testenv/util.go @@ -736,6 +736,24 @@ func DumpGetPods(ns string) []string { return splunkPods } +// DumpDescribePods prints and returns list of pods in the namespace +func DumpDescribePods(ns string) []string { + output, err := exec.Command("kubectl", "describe", "pods", "-n", ns).Output() + var splunkPods []string + if err != nil { + //cmd := fmt.Sprintf("kubectl get pods -n %s", ns) + //logf.Log.Error(err, "Failed to execute command", "command", cmd) + return nil + } + for _, line := range strings.Split(string(output), "\n") { + logf.Log.Info(line) + if strings.HasPrefix(line, "splunk") && !strings.HasPrefix(line, "splunk-op") { + splunkPods = append(splunkPods, strings.Fields(line)[0]) + } + } + return splunkPods +} + // DumpGetTopNodes prints and returns Node load information func DumpGetTopNodes() []string { output, err := exec.Command("kubectl", "top", "nodes").Output() @@ -801,6 +819,7 @@ func GetOperatorPodName(testcaseEnvInst *TestCaseEnv) string { return splunkPods } } + logf.Log.Info("Operator pod is set to ", "operatorPod", splunkPods) return splunkPods } @@ -879,7 +898,7 @@ func ExecuteCommandOnOperatorPod(ctx context.Context, deployment *Deployment, po command := []string{"/bin/sh"} stdout, stderr, err := deployment.OperatorPodExecCommand(ctx, podName, command, stdin, false) if err != nil { - logf.Log.Error(err, "Failed to execute command on pod", "pod", podName, "command", command) + logf.Log.Error(err, "Failed to execute command on pod", "pod", podName, "shell", command, "command", stdin, "error", err.Error()) return "", err } logf.Log.Info("Command executed", "on pod", podName, "command", command, "stdin", stdin, "stdout", stdout, "stderr", stderr) diff --git a/test/testenv/verificationutils.go b/test/testenv/verificationutils.go index e62d6e5b9..ee1b375e6 100644 --- a/test/testenv/verificationutils.go +++ b/test/testenv/verificationutils.go @@ -72,8 +72,7 @@ func VerifyMonitoringConsoleReady(ctx context.Context, deployment *Deployment, m } testenvInstance.Log.Info("Waiting for Monitoring Console phase to be ready", "instance", monitoringConsole.ObjectMeta.Name, "Phase", monitoringConsole.Status.Phase) DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() + return monitoringConsole.Status.Phase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) @@ -88,20 +87,19 @@ func VerifyMonitoringConsoleReady(ctx context.Context, deployment *Deployment, m // StandaloneReady verify Standalone is in ReadyStatus and does not flip-flop func StandaloneReady(ctx context.Context, deployment *Deployment, deploymentName string, standalone *enterpriseApi.Standalone, testenvInstance *TestCaseEnv) { gomega.Eventually(func() enterpriseApi.Phase { - err := deployment.GetInstance(ctx, deploymentName, standalone) + err := deployment.GetInstance(ctx, standalone.Name, standalone) if err != nil { return enterpriseApi.PhaseError } testenvInstance.Log.Info("Waiting for Standalone phase to be ready", "instance", standalone.ObjectMeta.Name, "Phase", standalone.Status.Phase) DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() + return standalone.Status.Phase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) // In a steady state, we should stay in Ready and not flip-flop around gomega.Consistently(func() enterpriseApi.Phase { - _ = deployment.GetInstance(ctx, deployment.GetName(), standalone) + _ = deployment.GetInstance(ctx, standalone.Name, standalone) DumpGetSplunkVersion(ctx, testenvInstance.GetName(), deployment, "standalone") return standalone.Status.Phase }, ConsistentDuration, ConsistentPollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) @@ -118,8 +116,7 @@ func SearchHeadClusterReady(ctx context.Context, deployment *Deployment, testenv } testenvInstance.Log.Info("Waiting for Search head cluster phase to be ready", "instance", shc.ObjectMeta.Name, "Phase", shc.Status.Phase) DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() + return shc.Status.Phase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) @@ -130,8 +127,7 @@ func SearchHeadClusterReady(ctx context.Context, deployment *Deployment, testenv } testenvInstance.Log.Info("Waiting for Deployer phase to be ready", "instance", shc.ObjectMeta.Name, "Phase", shc.Status.DeployerPhase) DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() + return shc.Status.DeployerPhase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) @@ -142,9 +138,7 @@ func SearchHeadClusterReady(ctx context.Context, deployment *Deployment, testenv } testenvInstance.Log.Info("Waiting for Search Head Cluster phase to be ready", "instance", shc.ObjectMeta.Name, "Phase", shc.Status.Phase) DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() - DumpGetSplunkVersion(ctx, testenvInstance.GetName(), deployment, "-shc-") + return shc.Status.Phase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) @@ -152,6 +146,7 @@ func SearchHeadClusterReady(ctx context.Context, deployment *Deployment, testenv gomega.Consistently(func() enterpriseApi.Phase { _ = deployment.GetInstance(ctx, deployment.GetName(), shc) testenvInstance.Log.Info("Check for Consistency Search Head Cluster phase to be ready", "instance", shc.ObjectMeta.Name, "Phase", shc.Status.Phase) + DumpGetSplunkVersion(ctx, testenvInstance.GetName(), deployment, "-shc-") return shc.Status.Phase }, ConsistentDuration, ConsistentPollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) } @@ -167,8 +162,7 @@ func SingleSiteIndexersReady(ctx context.Context, deployment *Deployment, testen } testenvInstance.Log.Info("Waiting for indexer instance's phase to be ready", "instance", instanceName, "Phase", idc.Status.Phase) DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() + return idc.Status.Phase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) @@ -192,8 +186,7 @@ func ClusterManagerReady(ctx context.Context, deployment *Deployment, testenvIns } testenvInstance.Log.Info("Waiting for cluster-manager phase to be ready", "instance", cm.ObjectMeta.Name, "Phase", cm.Status.Phase) DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() + // Test ClusterManager Phase to see if its ready return cm.Status.Phase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) @@ -219,8 +212,7 @@ func ClusterMasterReady(ctx context.Context, deployment *Deployment, testenvInst } testenvInstance.Log.Info("Waiting for cluster-master phase to be ready", "instance", cm.ObjectMeta.Name, "Phase", cm.Status.Phase) DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() + // Test ClusterMaster Phase to see if its ready return cm.Status.Phase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) @@ -249,8 +241,7 @@ func IndexersReady(ctx context.Context, deployment *Deployment, testenvInstance } testenvInstance.Log.Info("Waiting for indexer site instance phase to be ready", "instance", instanceName, "Phase", idc.Status.Phase) DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() + return idc.Status.Phase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) @@ -340,8 +331,6 @@ func LicenseManagerReady(ctx context.Context, deployment *Deployment, testenvIns testenvInstance.Log.Info("Waiting for License Manager instance status to be ready", "instance", LicenseManager.ObjectMeta.Name, "Phase", LicenseManager.Status.Phase) DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() return LicenseManager.Status.Phase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) @@ -366,8 +355,6 @@ func LicenseMasterReady(ctx context.Context, deployment *Deployment, testenvInst testenvInstance.Log.Info("Waiting for License Master instance status to be ready", "instance", LicenseMaster.ObjectMeta.Name, "Phase", LicenseMaster.Status.Phase) DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() return LicenseMaster.Status.Phase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(enterpriseApi.PhaseReady)) @@ -482,8 +469,7 @@ func VerifySearchHeadClusterPhase(ctx context.Context, deployment *Deployment, t } testenvInstance.Log.Info("Waiting for Search Head Cluster Phase", "instance", shc.ObjectMeta.Name, "Expected", phase, "Phase", shc.Status.Phase) DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() + return shc.Status.Phase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(enterpriseApi.PhaseScalingUp)) } @@ -498,8 +484,7 @@ func VerifyIndexerClusterPhase(ctx context.Context, deployment *Deployment, test } testenvInstance.Log.Info("Waiting for Indexer Cluster Phase", "instance", idxc.ObjectMeta.Name, "Expected", phase, "Phase", idxc.Status.Phase) DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() + return idxc.Status.Phase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(phase)) } @@ -514,8 +499,7 @@ func VerifyStandalonePhase(ctx context.Context, deployment *Deployment, testenvI } testenvInstance.Log.Info("Waiting for Standalone status", "instance", standalone.ObjectMeta.Name, "Expected", phase, " Actual Phase", standalone.Status.Phase) DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() + return standalone.Status.Phase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(phase)) } @@ -530,8 +514,7 @@ func VerifyMonitoringConsolePhase(ctx context.Context, deployment *Deployment, t } testenvInstance.Log.Info("Waiting for Monitoring Console CR status", "instance", mc.ObjectMeta.Name, "Expected", phase, " Actual Phase", mc.Status.Phase) DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() + return mc.Status.Phase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(phase)) } @@ -626,8 +609,7 @@ func VerifyCustomResourceVersionChanged(ctx context.Context, deployment *Deploym } testenvInstance.Log.Info("Waiting for ", kind, " CR status", "instance", name, "Not Expected", resourceVersion, " Actual Resource Version", newResourceVersion) DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() + return newResourceVersion }, deployment.GetTimeout(), PollInterval).ShouldNot(gomega.Equal(resourceVersion)) } @@ -669,8 +651,7 @@ func VerifyClusterManagerPhase(ctx context.Context, deployment *Deployment, test } testenvInstance.Log.Info("Waiting for cluster-manager Phase", "instance", cm.ObjectMeta.Name, "Phase", cm.Status.Phase, "Expected", phase) DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() + // Test ClusterManager Phase to see if its ready return cm.Status.Phase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(phase)) @@ -686,8 +667,7 @@ func VerifyClusterMasterPhase(ctx context.Context, deployment *Deployment, teste } testenvInstance.Log.Info("Waiting for cluster-manager Phase", "instance", cm.ObjectMeta.Name, "Phase", cm.Status.Phase, "Expected", phase) DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() + // Test ClusterManager Phase to see if its ready return cm.Status.Phase }, deployment.GetTimeout(), PollInterval).Should(gomega.Equal(phase)) @@ -1051,8 +1031,7 @@ func VerifyClusterManagerBundlePush(ctx context.Context, deployment *Deployment, return false } clusterPodNames := DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() + for _, podName := range clusterPodNames { if strings.Contains(podName, "-indexer-") { if _, present := clusterManagerBundleStatus[podName]; present { @@ -1077,16 +1056,14 @@ func VerifyDeployerBundlePush(ctx context.Context, deployment *Deployment, teste if len(deployerAppPushStatus) == 0 { testenvInstance.Log.Info("Bundle push not complete on all pods") DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() + return false } for appName, val := range deployerAppPushStatus { if val < replicas { testenvInstance.Log.Info("Bundle push not complete on all pods for", "AppName", appName) DumpGetPods(testenvInstance.GetName()) - DumpGetTopPods(testenvInstance.GetName()) - DumpGetTopNodes() + return false } } @@ -1102,6 +1079,9 @@ func VerifyNoPodReset(ctx context.Context, deployment *Deployment, testenvInstan // Get current Age on all splunk pods and compare with previous currentSplunkPodAge := GetPodsStartTime(ns) for podName, currentpodAge := range currentSplunkPodAge { + if strings.Contains(podName, "monitoring-console") { + continue + } // Only compare if the pod was present in previous pod iteration testenvInstance.Log.Info("Checking Pod reset for Pod Name", "PodName", podName, "Current Pod Age", currentpodAge) if _, ok := podStartTimeMap[podName]; ok {