remove mid checks #752

Workflow file for this run

.github/workflows/int-test-azure-workflow.yml at cb92728

	name: Integration Test on Azure WorkFlow
	permissions:
	contents: read
	packages: write
	checks: write
	pull-requests: write
	on:
	push:
	branches:
	- develop
	- main
	- CSPL-4601-rebased
	paths-ignore:
	- 'docs/**'
	- '*.md'
	jobs:
	build-operator-image:
	runs-on: ubuntu-latest
	env:
	SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }}
	SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
	CONTAINER_REGISTRY: ${{ secrets.AZURE_CONTAINER_REGISTRY }}
	steps:
	- uses: actions/checkout@v2
	- name: Dotenv Action
	id: dotenv
	uses: falti/dotenv-action@v1
	- name: Setup Go
	uses: actions/setup-go@v2
	with:
	go-version: ${{ steps.dotenv.outputs.GO_VERSION }}
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v2.5.0
	- name: Install Operator SDK
	run: \|
	export ARCH=$(case $(uname -m) in x86_64) echo -n amd64 ;; aarch64) echo -n arm64 ;; *) echo -n $(uname -m) ;; esac)
	export OS=$(uname \| awk '{print tolower($0)}')
	export OPERATOR_SDK_DL_URL=https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}
	sudo curl -LO ${OPERATOR_SDK_DL_URL}/operator-sdk_${OS}_${ARCH}
	sudo chmod +x operator-sdk_${OS}_${ARCH}
	sudo mv operator-sdk_${OS}_${ARCH} /usr/local/bin/operator-sdk
	- name: 'Login to ACR'
	uses: azure/docker-login@v1
	with:
	login-server: ${{ secrets.AZURE_ACR_LOGIN_SERVER }}
	username: ${{ secrets.AZURE_ACR_DOCKER_USERNAME }}
	password: ${{ secrets.AZURE_ACR_DOCKER_PASSWORD }}
	- name: Make Splunk Operator Image
	run: \|
	make docker-buildx IMG=${{ secrets.AZURE_ACR_LOGIN_SERVER }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA
	setup-aks-cluster:
	runs-on: ubuntu-latest
	needs: build-operator-image
	env:
	CLUSTER_WORKERS: 5
	TEST_CLUSTER_PLATFORM: azure
	CLUSTER_PROVIDER: azure
	AZURE_CONTAINER_REGISTRY: ${{secrets.AZURE_CONTAINER_REGISTRY}}
	CLUSTER_NAME: ${{secrets.CLUSTER_NAME}}
	AZURE_RESOURCE_GROUP: ${{ secrets.AZURE_RESOURCE_GROUP_NAME }}
	AZURE_STORAGE_ACCOUNT: ${{ secrets.AZURE_STORAGE_ACCOUNT }}
	AZURE_STORAGE_ACCOUNT_KEY: ${{ secrets.AZURE_STORAGE_ACCOUNT_KEY }}
	AZURE_TEST_CONTAINER: ${{ secrets.AZURE_TEST_CONTAINER}}
	AZURE_INDEXES_CONTAINER: ${{ secrets.AZURE_INDEXES_CONTAINER}}
	ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }}
	ECR_REPOSITORY: ${{ secrets.AZURE_ACR_LOGIN_SERVER }}
	AZURE_CONTAINER_REGISTRY_LOGIN_SERVER: ${{ secrets.AZURE_ACR_LOGIN_SERVER }}
	AZURE_REGION: ${{ secrets.AZURE_REGION }}
	steps:
	- name: Checkout code
	uses: actions/checkout@v2
	- name: Dotenv Action
	id: dotenv
	uses: falti/dotenv-action@v1
	- name: Set Cluster Name
	run: \|
	echo "TEST_CLUSTER_NAME=az${{ github.run_id }}" >> $GITHUB_ENV
	- name: 'Login via Azure CLI'
	uses: azure/login@v1
	with:
	creds: ${{ secrets.AZURE_CREDENTIALS }}
	- name: AZ AKS Create
	uses: azure/CLI@v1
	with:
	azcliversion: ${{ steps.dotenv.outputs.AZ_CLI_VERSION }}
	inlineScript: \|
	# Use Microsoft Graph-compatible SP lookup
	SP_OBJECT_ID=$(az ad sp list --filter "appId eq '${{ secrets.AZURE_CREDENTIALS_CLIENT_ID }}'" --query "[].id" --output tsv)
	if [ -z "$SP_OBJECT_ID" ]; then
	echo "Service Principal Object ID not found. Check AZURE_CREDENTIALS_CLIENT_ID permission/scopes."
	exit 1
	fi

	# Assign AcrPull role
	az role assignment create --assignee-object-id $SP_OBJECT_ID --assignee-principal-type ServicePrincipal --role AcrPull --scope $(az acr show --name ${{ secrets.AZURE_CONTAINER_REGISTRY }} --query id --output tsv)

	# Create AKS
	az aks create -n ${{ env.TEST_CLUSTER_NAME }} -g ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} --no-ssh-key -l westus --service-principal ${{ secrets.AZURE_CREDENTIALS_CLIENT_ID }} --client-secret ${{ secrets.AZURE_CREDENTIALS_CLIENT_SECRET }} --node-count ${{ env.CLUSTER_WORKERS }} --node-vm-size standard_d8_v3
	- name: Wait for Cluster to be Ready
	uses: azure/CLI@v1
	with:
	azcliversion: ${{ steps.dotenv.outputs.AZ_CLI_VERSION }}
	inlineScript: \|
	az aks wait -g ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} -n ${{ env.TEST_CLUSTER_NAME }} --created --interval 60 --timeout 1800
	- name: Az ACR attach to AKS
	uses: azure/CLI@v1
	with:
	azcliversion: ${{ steps.dotenv.outputs.AZ_CLI_VERSION }}
	inlineScript: \|
	az aks update -n ${{ env.TEST_CLUSTER_NAME }} -g ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} --attach-acr ${{ secrets.AZURE_CONTAINER_REGISTRY }}
	int-tests-appframeworkazure:
	strategy:
	fail-fast: false
	max-parallel: 1
	matrix:
	test:
	[
	masterappframeworkc3,
	managerappframeworkc3,
	masterappframeworkm4,
	managerappframeworkm4,
	appframeworksS1,
	]
	runs-on: ubuntu-latest
	needs: setup-aks-cluster
	env:
	CLUSTER_NODES: 2
	CLUSTER_WORKERS: 5
	SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }}
	SPLUNK_ENTERPRISE_RELEASE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}
	SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
	SPLUNK_OPERATOR_IMAGE_FILENAME: splunk-operator
	TEST_FOCUS: "${{ matrix.test }}"
	# This regex matches any string not containing integration keyword
	TEST_TO_SKIP: "^(?:[^i]+\|i(?:$\|[^n]\|n(?:$\|[^t]\|t(?:$\|[^e]\|e(?:$\|[^g]\|g(?:$\|[^r]\|r(?:$\|[^a]\|a(?:$\|[^t]\|t(?:$\|[^i]\|i(?:$\|[^o]\|o(?:$\|[^n])))))))))))*$"
	TEST_CLUSTER_PLATFORM: azure
	CLUSTER_PROVIDER: azure
	AZURE_CONTAINER_REGISTRY: ${{secrets.AZURE_CONTAINER_REGISTRY}}
	CLUSTER_NAME: ${{secrets.CLUSTER_NAME}}
	AZURE_RESOURCE_GROUP: ${{ secrets.AZURE_RESOURCE_GROUP_NAME }}
	AZURE_STORAGE_ACCOUNT: ${{ secrets.AZURE_STORAGE_ACCOUNT }}
	AZURE_STORAGE_ACCOUNT_KEY: ${{ secrets.AZURE_STORAGE_ACCOUNT_KEY }}
	AZURE_TEST_CONTAINER: ${{ secrets.AZURE_TEST_CONTAINER}}
	AZURE_INDEXES_CONTAINER: ${{ secrets.AZURE_INDEXES_CONTAINER}}
	ENTERPRISE_LICENSE_LOCATION: ${{ secrets.ENTERPRISE_LICENSE_LOCATION }}
	ECR_REPOSITORY: ${{ secrets.AZURE_ACR_LOGIN_SERVER }}
	AZURE_CONTAINER_REGISTRY_LOGIN_SERVER: ${{ secrets.AZURE_ACR_LOGIN_SERVER }}
	AZURE_REGION: ${{ secrets.AZURE_REGION }}
	CLUSTER_WIDE: "true"
	AZURE_MANAGED_ID_ENABLED: "false"
	steps:
	# Need this because apps are downloaded from S3.
	- name: Set Test Cluster Name
	run: \|
	echo "TEST_CLUSTER_NAME=az${{ github.run_id }}" >> $GITHUB_ENV
	- name: Checkout code
	uses: actions/checkout@v2
	- name: Dotenv Action
	id: dotenv
	uses: falti/dotenv-action@v1
	- name: Change splunk enterprise to release image on main branches
	if: github.ref == 'refs/heads/main'
	run: \|
	echo "SPLUNK_ENTERPRISE_IMAGE=${{ steps.dotenv.outputs.SPLUNK_ENTERPRISE_RELEASE_IMAGE }}" >> $GITHUB_ENV
	- name: 'Login via Azure CLI'
	uses: azure/login@v1
	with:
	creds: ${{ secrets.AZURE_CREDENTIALS }}
	- name: Install Kubectl
	uses: Azure/setup-kubectl@v3
	with:
	version: ${{ steps.dotenv.outputs.KUBECTL_VERSION }}
	- name: Install Python
	uses: actions/setup-python@v2
	- name: Setup Go
	uses: actions/setup-go@v2
	with:
	go-version: ${{ steps.dotenv.outputs.GO_VERSION }}
	- name: Install Go Lint
	run: \|
	go version
	go get -u golang.org/x/lint/golint
	- name: Install Ginkgo
	run: \|
	make setup/ginkgo
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v2.5.0
	- name: Configure Docker Hub credentials
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN}}
	- name: Pull Splunk Enterprise Image
	run: docker pull ${{ env.SPLUNK_ENTERPRISE_IMAGE }}
	- name: 'Login to ACR'
	uses: azure/docker-login@v1
	with:
	login-server: ${{ secrets.AZURE_ACR_LOGIN_SERVER }}
	username: ${{ secrets.AZURE_ACR_DOCKER_USERNAME }}
	password: ${{ secrets.AZURE_ACR_DOCKER_PASSWORD }}
	- name: Pull Splunk Operator Image Locally
	run: \|
	docker pull ${{ secrets.AZURE_ACR_LOGIN_SERVER }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA
	docker tag ${{ secrets.AZURE_ACR_LOGIN_SERVER }}/${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA ${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA
	echo "SPLUNK_OPERATOR_IMAGE=${{ env.SPLUNK_OPERATOR_IMAGE_NAME }}:$GITHUB_SHA" >> $GITHUB_ENV
	- name: Tag and Push Splunk Enterprise Image to the Container Registry
	run: \|
	docker tag ${{ env.SPLUNK_ENTERPRISE_IMAGE }} ${{ secrets.AZURE_ACR_LOGIN_SERVER }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }}
	docker push ${{ secrets.AZURE_ACR_LOGIN_SERVER }}/${{ env.SPLUNK_ENTERPRISE_IMAGE }}
	- name: Get AKS credentials
	run: \|
	az aks get-credentials --resource-group ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} --name ${{ env.TEST_CLUSTER_NAME }} --admin --overwrite-existing
	- name: Setup long-lived service account auth
	run: \|
	kubectl create serviceaccount ci-test-runner -n kube-system 2>/dev/null \|\| true
	kubectl create clusterrolebinding ci-test-runner-admin \
	--clusterrole=cluster-admin \
	--serviceaccount=kube-system:ci-test-runner 2>/dev/null \|\| true

	cat <<'EOF' \| kubectl apply -f -
	apiVersion: v1
	kind: Secret
	metadata:
	name: ci-test-runner-token
	namespace: kube-system
	annotations:
	kubernetes.io/service-account.name: ci-test-runner
	type: kubernetes.io/service-account-token
	EOF

	echo "Waiting for service account token..."
	TOKEN=""
	for i in $(seq 1 30); do
	TOKEN=$(kubectl get secret ci-test-runner-token -n kube-system -o jsonpath='{.data.token}' 2>/dev/null \| base64 -d 2>/dev/null)
	if [ -n "${TOKEN}" ]; then break; fi
	sleep 2
	done

	if [ -n "${TOKEN}" ]; then
	kubectl config set-credentials ci-test-runner --token="${TOKEN}"
	kubectl config set-context --current --user=ci-test-runner
	echo "Switched kubeconfig to long-lived service account token"
	else
	echo "WARNING: Could not create SA token, keeping admin cert auth"
	fi
	kubectl cluster-info
	- name: install metric server
	continue-on-error: true
	run: \|
	curl -LO https://github.com/kubernetes-sigs/metrics-server/releases/download/v0.7.2/components.yaml
	kubectl replace --force -f components.yaml \|\| kubectl apply -f components.yaml
	- name: install k8s dashboard
	run: \|
	kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml
	- name: Run Integration test
	timeout-minutes: 300
	env:
	TEST_TIMEOUT: 280m
	run: \|
	make int-test
	- name: Collect Test Logs
	if: ${{ always() }}
	run: \|
	mkdir -p /tmp/pod_logs
	find ./test -name "*.log" -exec cp {} /tmp/pod_logs \;
	- name: Archive Pod Logs
	if: ${{ always() }}
	uses: actions/upload-artifact@v6
	with:
	name: "splunk-pods-logs--artifacts-${{ matrix.test }}"
	path: "/tmp/pod_logs/**"
	- name: Upload Integration Test Results
	if: always()
	uses: actions/upload-artifact@v6
	with:
	name: "test-report-integration-azure-${{ matrix.test }}"
	path: report-junit*.xml
	- name: Publish Integration Test Report
	uses: mikepenz/action-junit-report@v6
	if: always()
	with:
	report_paths: 'report-junit*.xml'
	check_name: 'Integration Test Results (Azure) - ${{ matrix.test }}'
	detailed_summary: true
	- name: Cleanup Test Case artifacts
	if: ${{ always() }}
	run: \|
	make clean
	cleanup-aks-cluster:
	runs-on: ubuntu-latest
	if: ${{ always() }}
	needs: [setup-aks-cluster, int-tests-appframeworkazure]
	steps:
	- name: Checkout code
	uses: actions/checkout@v2
	- name: Dotenv Action
	id: dotenv
	uses: falti/dotenv-action@v1
	- name: 'Login via Azure CLI'
	uses: azure/login@v1
	with:
	creds: ${{ secrets.AZURE_CREDENTIALS }}
	- name: Delete AKS Cluster
	uses: azure/CLI@v1
	with:
	azcliversion: ${{ steps.dotenv.outputs.AZ_CLI_VERSION }}
	inlineScript: \|
	az aks delete --name az${{ github.run_id }} --resource-group ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} -y

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

remove mid checks #752

Workflow file

remove mid checks #752

Uh oh!

Workflow file for this run