Draft:Multi version support

.env

@@ -6,4 +6,9 @@ KUBECTL_VERSION=v1.28.0
 AZ_CLI_VERSION=2.30.0
 EKSCTL_VERSION=v0.143.0
 EKS_CLUSTER_K8_VERSION=1.26
-SPLUNK_ENTERPRISE_RELEASE_IMAGE=splunk/splunk:9.1.1
+SPLUNK_ENTERPRISE_RELEASE_IMAGE=docker.io/splunk/splunk:9.1.2
+SPLUNK_CURRENT_IMAGE=splunk/splunk:9.1.2
+SPLUNK_PREVIOUS_IMAGE=splunk/splunk:9.0.6
+ECR_REPOSITORY=docker.io
+AWS_DEFAULT_REGION=us-west-2
+SPLUNK_OPERATOR_IMAGE_NAME=splunk/splunk-operator

.github/workflows/build-test-push-workflow.yml

@@ -49,10 +49,10 @@ jobs:
     runs-on: ubuntu-latest
     needs: unit-tests
     env:
-      SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }}
-      SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
       ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }}
-      S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
+    #  SPLUNK_ENTERPRISE_IMAGE: ${{ env.SPLUNK_ENTERPRISE_IMAGE }}
+    #  SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
+    #  S3_REGION: ${{ env.AWS_DEFAULT_REGION }}
     steps:
     - uses: actions/checkout@v2
     - name: Dotenv Action
@@ -80,25 +80,25 @@ jobs:
       with:
         aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
         aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-        aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
+        aws-region: ${{ steps.dotenv.outputs.AWS_DEFAULT_REGION }}
     - name: Login to Amazon ECR
       id: login-ecr
       uses: aws-actions/amazon-ecr-login@v1
     - name: Make Splunk Operator Image
       run: |
-        make docker-build IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA
+        make docker-build IMG=${{ secrets.ECR_REPOSITORY }}/${{ steps.dotenv.outputs.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA
     - name: Push Splunk Operator Image to ECR
       run: |
-        echo "Uploading Image to ECR:: ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA"
-        make docker-push IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA
+        echo "Uploading Image to ECR:: ${{ steps.dotenv.outputs.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA"
+        make docker-push IMG=${{ secrets.ECR_REPOSITORY }}/${{ steps.dotenv.outputs.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA
   vulnerability-scan:
     runs-on: ubuntu-latest
     needs: build-operator-image
-    env:
-      SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }}
-      SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
-      ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }}
-      S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
+    #env:
+    #  SPLUNK_ENTERPRISE_IMAGE: ${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_IMAGE }}
+    #  SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
+    #  ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }}
+    #  S3_REGION: ${{ steps.dotenv.outputs.AWS_DEFAULT_REGION }}
     steps:
     - uses: actions/checkout@v2
     - name: Dotenv Action
@@ -111,16 +111,16 @@ jobs:
       with:
         aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
         aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-        aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
+        aws-region: ${{ steps.dotenv.outputs.AWS_DEFAULT_REGION }}
     - name: Login to Amazon ECR
       uses: aws-actions/amazon-ecr-login@v1
     - name: Pull Splunk Operator Image Locally
       run: |
-        docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA
+        docker pull ${{ secrets.ECR_REPOSITORY }}/${{ steps.dotenv.outputs.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA
     - name: Setup clair scanner
       run: make setup_clair_scanner
     - name: Scan container image
-      run: make run_clair_scan IMG=${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA
+      run: make run_clair_scan IMG=${{ secrets.ECR_REPOSITORY }}/${{ steps.dotenv.outputs.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA
     - name: Stop clair scanner
       run: make stop_clair_scanner
     - name: Save scan results as artifacts
@@ -133,6 +133,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
+        splunk_version: [ "splunk/splunk:9.0.6", "splunk/splunk:9.1.2" ]
         test: [
                 basic,
                 appframeworks1,
@@ -141,12 +142,17 @@ jobs:
                 managersecret,
                 managermc,
                ]
+        include:
+          - splunk_version: "splunk/splunk:9.0.6"
+            row: "9-0-6"
+          - splunk_version: "splunk/splunk:9.1.2"
+            row: "9-1-2"
     runs-on: ubuntu-latest
     env:
       CLUSTER_NODES: 1
       CLUSTER_WORKERS: 3
-      SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }}
-      SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}
+      SPLUNK_ENTERPRISE_IMAGE: ${{ matrix.splunk_version }}
+      #SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}
       SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
       SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator
       TEST_FOCUS: "${{ matrix.test }}"
@@ -159,24 +165,24 @@ jobs:
       TEST_INDEXES_S3_BUCKET: ${{ secrets.TEST_INDEXES_S3_BUCKET }}
       ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }}
       PRIVATE_REGISTRY: ${{ secrets.ECR_REPOSITORY }}
-      S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
+      #S3_REGION: ${{ steps.dotenv.outputs.AWS_DEFAULT_REGION }}
       ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }}
       EKS_SSH_PUBLIC_KEY: ${{ secrets.EKS_SSH_PUBLIC_KEY }}
       CLUSTER_WIDE: "true"
       DEPLOYMENT_TYPE: ""
     steps:
       - name: Set Test Cluster Name
         run: |
-          echo "TEST_CLUSTER_NAME=eks-integration-test-cluster-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV
+          echo "TEST_CLUSTER_NAME=eks-integration-test-${{ matrix.row }}-${{ matrix.test }}-$GITHUB_RUN_ID" >> $GITHUB_ENV
       - name: Chekcout code
         uses: actions/checkout@v2
       - name: Dotenv Action
         id: dotenv
         uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359
-      - name: Change splunk enterprise to release image on main branches
-        if: github.ref == 'refs/heads/main'
-        run: |
-          echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV
+      #- name: Change splunk enterprise to release image on main branches
+      #  if: github.ref == 'refs/heads/main'
+      #  run: |
+      #    echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV
       - name: Install Kubectl
         uses: Azure/setup-kubectl@v3
         with:
@@ -219,7 +225,7 @@ jobs:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN}}
       - name: Pull Splunk Enterprise Image
-        run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }}
+        run: docker pull ${{ matrix.splunk_version }}
       - name: Configure AWS credentials
         uses: aws-actions/configure-aws-credentials@v1
         with:
@@ -231,14 +237,14 @@ jobs:
         uses: aws-actions/amazon-ecr-login@v1
       - name: Tag and Push Splunk Enterprise Image to ECR
         run: |
-          docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }}
-          docker push ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }}
+          docker tag ${{ matrix.splunk_version }} ${{ secrets.ECR_REPOSITORY }}/${{ matrix.splunk_version }}
+          docker push ${{ secrets.ECR_REPOSITORY }}/${{ matrix.splunk_version }}
       - name: Pull Splunk Operator Image Locally
         run: |
-          docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA
+          docker pull ${{ secrets.ECR_REPOSITORY }}/${{ steps.dotenv.outputs.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA
       - name: Change Operator Image Tag to latest
         run: |
-          docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:latest
+          docker tag ${{ secrets.ECR_REPOSITORY }}/${{ steps.dotenv.outputs.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ steps.dotenv.outputs.SPLUNK_OPERATOR_IMAGE_NAME }}:latest
       - name: Create EKS cluster
         run: |
            export EKS_CLUSTER_K8_VERSION=${{ steps.dotenv.outputs.EKS_CLUSTER_K8_VERSION }}
@@ -315,9 +321,9 @@ jobs:
       uses: aws-actions/amazon-ecr-login@v1
     - name: Pull Splunk Operator Image Locally
       run: |
-        docker pull ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA
+        docker pull ${{ secrets.ECR_REPOSITORY }}/${{ steps.dotenv.outputs.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA
     - name: Change Operator Image Tag to latest
       run: |
-        docker tag ${{ secrets.ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }}
+        docker tag ${{ secrets.ECR_REPOSITORY }}/${{ steps.dotenv.outputs.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ steps.dotenv.outputs.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ steps.dotenv.outputs.TAG }}
     - name: Push Splunk Operator Image to Docker Hub
-      run: docker push ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ env.TAG }}
+      run: docker push ${{ steps.dotenv.outputs.SPLUNK_OPERATOR_IMAGE_NAME }}:${{ steps.dotenv.outputs.TAG }}

.github/workflows/int-test-workflow.yml

@@ -5,6 +5,7 @@ on:
       - develop
       - main
       - feature**
+      - multi-version-support
 jobs:
   build-operator-image:
     runs-on: ubuntu-latest

test/deploy-eks-cluster.sh

@@ -35,7 +35,7 @@ function deleteCluster() {
     echo "Unable to delete cluster - ${TEST_CLUSTER_NAME}"
     return 1
   fi
-  rolename=$(echo ${TEST_CLUSTER_NAME} | awk -F- '{print "EBS_" $(NF-1) "_" $(NF)}')
+  rolename=$(echo ${TEST_CLUSTER_NAME} |  awk -F- '{print "EBS_" $(NF-1) "_" $(NF-4) "_" $(NF-3) "_" $(NF-2) "_" $(NF)}')
   role_attached_policies=$(aws iam list-attached-role-policies --role-name $rolename --query 'AttachedPolicies[*].PolicyArn' --output text)
   for policy_arn in ${role_attached_policies};
   do
@@ -87,7 +87,7 @@ function createCluster() {
         }
       ]
     }"  >aws-ebs-csi-driver-trust-policy.json
-    rolename=$(echo ${TEST_CLUSTER_NAME} | awk -F- '{print "EBS_" $(NF-1) "_" $(NF)}')
+    rolename=$(echo ${TEST_CLUSTER_NAME} | awk -F- '{print "EBS_" $(NF-1) "_" $(NF-4) "_" $(NF-3) "_" $(NF-2) "_" $(NF)}')
     aws iam create-role --role-name ${rolename} --assume-role-policy-document file://aws-ebs-csi-driver-trust-policy.json --description "irsa role for ${TEST_CLUSTER_NAME}"
     aws iam attach-role-policy  --policy-arn arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy  --role-name ${rolename}
     kubectl annotate serviceaccount -n $namespace $service_account eks.amazonaws.com/role-arn=arn:aws:iam::$account_id:role/${rolename}

test/run-tests.sh

@@ -22,7 +22,7 @@ if [ -n "${PRIVATE_REGISTRY}" ]; then
   PRIVATE_SPLUNK_ENTERPRISE_IMAGE=${PRIVATE_REGISTRY}/${SPLUNK_ENTERPRISE_IMAGE}
   echo "docker images -q ${SPLUNK_OPERATOR_IMAGE}"
   # Don't pull splunk operator if exists locally since we maybe building it locally
-  if [ -z $(docker images -q ${SPLUNK_OPERATOR_IMAGE}) ]; then 
+  if [ -z $(docker images -q ${SPLUNK_OPERATOR_IMAGE}) ]; then
     docker pull ${SPLUNK_OPERATOR_IMAGE}
     if [ $? -ne 0 ]; then
      echo "Unable to pull ${SPLUNK_OPERATOR_IMAGE}. Exiting..."
@@ -55,22 +55,23 @@ if [ -n "${PRIVATE_REGISTRY}" ]; then
   docker images
 fi
 
-if [  "${DEPLOYMENT_TYPE}" == "helm" ]; then 
+if [  "${DEPLOYMENT_TYPE}" == "helm" ]; then
   echo "Installing Splunk Operator using Helm charts"
   helm uninstall splunk-operator -n splunk-operator
   if [ "${CLUSTER_WIDE}" != "true" ]; then
     helm install splunk-operator --create-namespace --namespace splunk-operator --set splunkOperator.clusterWideAccess=false --set splunkOperator.image.repository=${PRIVATE_SPLUNK_OPERATOR_IMAGE} --set image.repository=${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} helm-chart/splunk-operator
   else
     helm install splunk-operator --create-namespace --namespace splunk-operator --set splunkOperator.image.repository=${PRIVATE_SPLUNK_OPERATOR_IMAGE} --set image.repository=${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} helm-chart/splunk-operator
   fi
-elif [  "${CLUSTER_WIDE}" != "true" ]; then 
+elif [  "${CLUSTER_WIDE}" != "true" ]; then
   # Install the CRDs
   echo "Installing enterprise CRDs..."
-  make kustomize 
+  make kustomize
   make uninstall
   bin/kustomize build config/crd | kubectl create -f -
 else
   echo "Installing enterprise operator from ${PRIVATE_SPLUNK_OPERATOR_IMAGE}..."
+  echo 'make deploy IMG=${PRIVATE_SPLUNK_OPERATOR_IMAGE} SPLUNK_ENTERPRISE_IMAGE=${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} WATCH_NAMESPACE=""'
   make deploy IMG=${PRIVATE_SPLUNK_OPERATOR_IMAGE} SPLUNK_ENTERPRISE_IMAGE=${PRIVATE_SPLUNK_ENTERPRISE_IMAGE} WATCH_NAMESPACE=""
 fi
 
@@ -79,13 +80,15 @@ if [ $? -ne 0 ]; then
   exit 1
 fi
 
-if [  "${CLUSTER_WIDE}" == "true" ]; then 
+if [  "${CLUSTER_WIDE}" == "true" ]; then
   echo "wait for operator pod to be ready..."
   # sleep before checking for deployment, in slow clusters deployment call may not even started
   # in those cases, kubectl will fail with error:  no matching resources found
   sleep 2
   kubectl wait --for=condition=ready pod -l control-plane=controller-manager --timeout=600s -n splunk-operator
   if [ $? -ne 0 ]; then
+    kubectl get pods -n splunk-operator
+    kubectl describe pvc -n splunk-operator
     echo "Operator installation not ready..."
     exit 1
   fi
@@ -98,14 +101,14 @@ if [ -z "$rc" ]; then
   go get github.com/onsi/gomega/...
 
   go install -mod=mod github.com/onsi/ginkgo/v2/ginkgo@latest
-fi 
+fi
 
 
 echo "Running test using number of nodes: ${NUM_NODES}"
 echo "Running test using these images: ${PRIVATE_SPLUNK_OPERATOR_IMAGE} and ${PRIVATE_SPLUNK_ENTERPRISE_IMAGE}..."
 
 
-# Check if test focus is set 
+# Check if test focus is set
 if [[ -z "${TEST_FOCUS}" ]]; then
   TEST_TO_RUN="${TEST_REGEX}"
   echo "Test focus not set running smoke test by default :: ${TEST_TO_RUN}"