CSPL-3905: Security and dependency updates #1551
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rlieberman-splunk
requested review from
vivekr-splunk,
patrykw-splunk,
Igor-splunk and
kasiakoziol
Pull Request Test Coverage Report for Build 16597615361Details
💛 - Coveralls |
kasiakoziol
approved these changes
Jul 29, 2025
rlieberman-splunk
added a commit
that referenced
this pull request
Sep 15, 2025
* CSPL-3704 SmartStore ownerReferences removed * CSPL-3704 Integration tests enabled to check the PR * CSPL-3704 Fix failing tests * CSPL-3704 Remove branch from int tests * test * CSPL-3705 Ignoring an error if decommisioning already enabled * CSPL-3705 Removing branch from integ tests * CSPL-3705 Addressing a comment * clean-up deprecated dirs - .circleci & .devcontainer (#1499) Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> * set imagePullPolicy default in helm chart (#1513) * CSPL-3186: Upgrade Enterprise Security Version 8.0.2 (#1425) * Updates for integration tests and documentation with latest ES version * Update enterprise security versions and app files * remove branch from inte test workflow * CSPL-3688: Update Prerelease Workflow (#1502) * add more automation to pre-release workflow * update version and replaced version in bundle files * update dockerfile sok version, not enterprise version * fix typo * CSPL-3584: Split run-tests.sh into multiple files (#1507) * split run-tests.sh into multiple files * trigger integration tests on branch * use scriptdir to run sh files * remove trigger int test workflow * test azure, gcp, and namespace scoped workflows * cleanup workflows * feature: add support for pre-created PVs - admin-managed-pv annotation (#1509) * add support for admin-managed-pv annotation --------- Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> * Removing App Framework tests for C3 and M4 on ARM builds * CSPL-3702 Replacing () with {} in script variables * Ginkgo upgrade * CSPL-3768 Adding inputs to Graviton pipelines and tests * CSPL-3768 Not disclosing ECR secret value * CSPL-3678 Introducing pipeline for Graviton and some fixes * CSPL-3768 Fixes * CSPL-3768 Fixes * CSPL-3768 Addressing Copilot suggestions * CSPL-3768 Addressing comments * CSPL-3759 Addressing soon to be deprecated * CSPL-3784: Update base image to latest ubi8-minimal version (#1525) * update base image to latest ubi8-minimal version * trigger integration test cases for branch * trigger tests * cleanup * update Dockerfile comment * CSPL-3675 Update Operator-SDK to v1.39 (#1488) * v.1.39.0 migration --------- Co-authored-by: igor.grzankowski <@splunk.com> Co-authored-by: Vivek Reddy <vivekrsplunk@github.com> Co-authored-by: rlieberman-splunk <rlieberman@splunk.com> Co-authored-by: kasiakoziol <kkoziol@splunk.com> Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> * CSPL_3759 Ginkgo types to v2 * Add DeepWiki badge (#1529) Co-authored-by: igor.grzankowski <@splunk.com> * Upgrade golang.org/x/net version to v0.38.0 (#1530) * upgrade golang.org/x/net version to v0.38.0 * trigger integration test cases on branch * remove integration test trigger * CSPL-3783: Update AppFramework docs with troubleshooting information (#1527) * Add more logs around invalid phase and downloadPending (#1528) * Remove kube rbac proxy from helm charts (#1531) Co-authored-by: igor.grzankowski <@splunk.com> * CSPL-3851 Adding info to docs about session stickiness for ingress * Remove in progress phase * Revert "Remove in progress phase" This reverts commit 3c919d6. * update SmartStore documentation for gcp and azure (#1541) * Backport main to develop for Splunk Operator Release 2.8.1 (#1542) (#1543) * release 2.8.1 chnages - backported --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> Co-authored-by: patrykw-splunk <patrykw-splunk@users.noreply.github.com> * CSPL-3898 Fixing int-helm tests failing after SDK upgrade (#1544) * CSPL-3867: SHC and CM Error Message Visibility (#1548) * print error for update status failed * add deployerPhase initial value * set correct Kind in ClusterManager events * cleanup * use v4 in test * CSPL-3905: Security and dependency updates (#1551) * initial changes for aws-sdk-go-v2 * code compiles and unit tests pass * trigger smoke and integration tests, update context * set correct path for downloading from s3 bucket for tests * update ENTERPRISE_LICENSE_LOCATION * security updates, uncomment test suites * cleanup * [CSPL-3912] Allow Custom Probe Scripts (#1549) * Promote Develop to main for Splunk Operator Release 2.8.1 (#1542) * release preparation - release 2.8.1 --------- Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: patrykw-splunk <patrykw-splunk@users.noreply.github.com> * check for existing configmap before creating a new one * update error handling * fix unit tests * cleanup and documentation updates --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> Co-authored-by: patrykw-splunk <patrykw-splunk@users.noreply.github.com> * CSPL-3913: Pass dynamic environment variables in Splunk StatefulSet for Ansible-based config generation (#1555) * add new environment variables for config generation * unit test updates * add api version to env var * Promote Develop to main for Splunk Operator Release 2.8.1 (#1542) (#1553) * release 2.8.1 --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> Co-authored-by: patrykw-splunk <patrykw-splunk@users.noreply.github.com> * Document skipping apply cluster-bundle on cluster managers (#1556) * Update of shc upgrade process (#1547) Update of shc upgrade process --------- Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> * Update Helm.md (#1563) Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> * Merge Splunk10 feature changes into develop (#1559) * CSPL-3707: Update documentation around minimum number of indexer cluster peers (#1558) * document minimum number of CR replicas * update examples documentation * Default Build to multi-platform amd64 and arm64 (#1557) * add linux/arm64 as a platform to build the operator by default * set platforms in dockerfile * use tag instead of sha * update tag version * update base image to latest * Remove kube-rbac-proxy references and implement upgrade-sdk 1.38 changes (#1565) * remove kube-rbac-proxy references and implement upgrade-sdk 1.38 changes * fix kustomize references * fix container number for debug * cleanup * fix service for metrics --------- Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> * helm changes for 3.0.0 release (#1566) Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> * Fix kustomization templates after removing kube-rbac-proxy (#1570) * fix kustomization templates --------- Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> * Splunk Operator 3.0.0 release (#1572) * Update changelog --------- Co-authored-by: Igor-splunk <Igor-splunk@users.noreply.github.com> Co-authored-by: igor.grzankowski <@splunk.com> * remove old helm charts from splunk-enterprise/charts folder --------- Co-authored-by: kasiakoziol <kkoziol@splunk.com> Co-authored-by: patrykw-splunk <patrykw@splunk.com> Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> Co-authored-by: rlieberman-splunk <rlieberman@splunk.com> Co-authored-by: Igor Grzankowski <igorg@splunk.com> Co-authored-by: Vivek Reddy <vivekrsplunk@github.com> Co-authored-by: igor.grzankowski <@splunk.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: patrykw-splunk <patrykw-splunk@users.noreply.github.com> Co-authored-by: Igor-splunk <Igor-splunk@users.noreply.github.com>
rlieberman-splunk
added a commit
that referenced
this pull request
Sep 26, 2025
* Promote Develop to main for Splunk Operator Release 3.0.0 (#1573) * CSPL-3704 SmartStore ownerReferences removed * CSPL-3704 Integration tests enabled to check the PR * CSPL-3704 Fix failing tests * CSPL-3704 Remove branch from int tests * test * CSPL-3705 Ignoring an error if decommisioning already enabled * CSPL-3705 Removing branch from integ tests * CSPL-3705 Addressing a comment * clean-up deprecated dirs - .circleci & .devcontainer (#1499) Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> * set imagePullPolicy default in helm chart (#1513) * CSPL-3186: Upgrade Enterprise Security Version 8.0.2 (#1425) * Updates for integration tests and documentation with latest ES version * Update enterprise security versions and app files * remove branch from inte test workflow * CSPL-3688: Update Prerelease Workflow (#1502) * add more automation to pre-release workflow * update version and replaced version in bundle files * update dockerfile sok version, not enterprise version * fix typo * CSPL-3584: Split run-tests.sh into multiple files (#1507) * split run-tests.sh into multiple files * trigger integration tests on branch * use scriptdir to run sh files * remove trigger int test workflow * test azure, gcp, and namespace scoped workflows * cleanup workflows * feature: add support for pre-created PVs - admin-managed-pv annotation (#1509) * add support for admin-managed-pv annotation --------- Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> * Removing App Framework tests for C3 and M4 on ARM builds * CSPL-3702 Replacing () with {} in script variables * Ginkgo upgrade * CSPL-3768 Adding inputs to Graviton pipelines and tests * CSPL-3768 Not disclosing ECR secret value * CSPL-3678 Introducing pipeline for Graviton and some fixes * CSPL-3768 Fixes * CSPL-3768 Fixes * CSPL-3768 Addressing Copilot suggestions * CSPL-3768 Addressing comments * CSPL-3759 Addressing soon to be deprecated * CSPL-3784: Update base image to latest ubi8-minimal version (#1525) * update base image to latest ubi8-minimal version * trigger integration test cases for branch * trigger tests * cleanup * update Dockerfile comment * CSPL-3675 Update Operator-SDK to v1.39 (#1488) * v.1.39.0 migration --------- Co-authored-by: igor.grzankowski <@splunk.com> Co-authored-by: Vivek Reddy <vivekrsplunk@github.com> Co-authored-by: rlieberman-splunk <rlieberman@splunk.com> Co-authored-by: kasiakoziol <kkoziol@splunk.com> Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> * CSPL_3759 Ginkgo types to v2 * Add DeepWiki badge (#1529) Co-authored-by: igor.grzankowski <@splunk.com> * Upgrade golang.org/x/net version to v0.38.0 (#1530) * upgrade golang.org/x/net version to v0.38.0 * trigger integration test cases on branch * remove integration test trigger * CSPL-3783: Update AppFramework docs with troubleshooting information (#1527) * Add more logs around invalid phase and downloadPending (#1528) * Remove kube rbac proxy from helm charts (#1531) Co-authored-by: igor.grzankowski <@splunk.com> * CSPL-3851 Adding info to docs about session stickiness for ingress * Remove in progress phase * Revert "Remove in progress phase" This reverts commit 3c919d6. * update SmartStore documentation for gcp and azure (#1541) * Backport main to develop for Splunk Operator Release 2.8.1 (#1542) (#1543) * release 2.8.1 chnages - backported --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> Co-authored-by: patrykw-splunk <patrykw-splunk@users.noreply.github.com> * CSPL-3898 Fixing int-helm tests failing after SDK upgrade (#1544) * CSPL-3867: SHC and CM Error Message Visibility (#1548) * print error for update status failed * add deployerPhase initial value * set correct Kind in ClusterManager events * cleanup * use v4 in test * CSPL-3905: Security and dependency updates (#1551) * initial changes for aws-sdk-go-v2 * code compiles and unit tests pass * trigger smoke and integration tests, update context * set correct path for downloading from s3 bucket for tests * update ENTERPRISE_LICENSE_LOCATION * security updates, uncomment test suites * cleanup * [CSPL-3912] Allow Custom Probe Scripts (#1549) * Promote Develop to main for Splunk Operator Release 2.8.1 (#1542) * release preparation - release 2.8.1 --------- Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: patrykw-splunk <patrykw-splunk@users.noreply.github.com> * check for existing configmap before creating a new one * update error handling * fix unit tests * cleanup and documentation updates --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> Co-authored-by: patrykw-splunk <patrykw-splunk@users.noreply.github.com> * CSPL-3913: Pass dynamic environment variables in Splunk StatefulSet for Ansible-based config generation (#1555) * add new environment variables for config generation * unit test updates * add api version to env var * Promote Develop to main for Splunk Operator Release 2.8.1 (#1542) (#1553) * release 2.8.1 --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> Co-authored-by: patrykw-splunk <patrykw-splunk@users.noreply.github.com> * Document skipping apply cluster-bundle on cluster managers (#1556) * Update of shc upgrade process (#1547) Update of shc upgrade process --------- Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> * Update Helm.md (#1563) Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> * Merge Splunk10 feature changes into develop (#1559) * CSPL-3707: Update documentation around minimum number of indexer cluster peers (#1558) * document minimum number of CR replicas * update examples documentation * Default Build to multi-platform amd64 and arm64 (#1557) * add linux/arm64 as a platform to build the operator by default * set platforms in dockerfile * use tag instead of sha * update tag version * update base image to latest * Remove kube-rbac-proxy references and implement upgrade-sdk 1.38 changes (#1565) * remove kube-rbac-proxy references and implement upgrade-sdk 1.38 changes * fix kustomize references * fix container number for debug * cleanup * fix service for metrics --------- Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> * helm changes for 3.0.0 release (#1566) Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> * Fix kustomization templates after removing kube-rbac-proxy (#1570) * fix kustomization templates --------- Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> * Splunk Operator 3.0.0 release (#1572) * Update changelog --------- Co-authored-by: Igor-splunk <Igor-splunk@users.noreply.github.com> Co-authored-by: igor.grzankowski <@splunk.com> * remove old helm charts from splunk-enterprise/charts folder --------- Co-authored-by: kasiakoziol <kkoziol@splunk.com> Co-authored-by: patrykw-splunk <patrykw@splunk.com> Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> Co-authored-by: rlieberman-splunk <rlieberman@splunk.com> Co-authored-by: Igor Grzankowski <igorg@splunk.com> Co-authored-by: Vivek Reddy <vivekrsplunk@github.com> Co-authored-by: igor.grzankowski <@splunk.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: patrykw-splunk <patrykw-splunk@users.noreply.github.com> Co-authored-by: Igor-splunk <Igor-splunk@users.noreply.github.com> * CSPL-4005: Remove CRDs from splunk/splunk-operator helm chart (#1579) * remove crds from helm chart, needs documentation * add documentation about adding CRDs before helm chart installation * repackage helm charts * cleanup helm test workflow * Helm package: helm package changes 3.0.0 (#1582) * helm test case * .env changes with spulnk 10.0.0 * updated splunk default version to 10 * removed helm test from branch --------- Co-authored-by: Vivek Reddy <vivekrsplunk@github.com> * Vendor only Splunk Operator 3.0.0 in Splunk Enterprise chart to prevent fallback to older operator (#1583) * removing old splunk operator helm chart * generate helm packages --------- Co-authored-by: Vivek Reddy <vivekrsplunk@github.com> * resolve merge conflict --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: kasiakoziol <kkoziol@splunk.com> Co-authored-by: patrykw-splunk <patrykw@splunk.com> Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com> Co-authored-by: Igor Grzankowski <igorg@splunk.com> Co-authored-by: Vivek Reddy <vivekrsplunk@github.com> Co-authored-by: patrykw-splunk <patrykw-splunk@users.noreply.github.com> Co-authored-by: Igor-splunk <Igor-splunk@users.noreply.github.com> Co-authored-by: vivekr-splunk <94569031+vivekr-splunk@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR updates the aws-sdk-go package to aws-sdk-go-v2, and updates dependencies for the base image and package versions to remove vulnerabilities.
Key Changes
Testing and Verification
Related Issues
PR Checklist