CSPL-4153: Update dependencies and restore helm chart 3.0.0#1830
Closed
gabrielm-splunk wants to merge 14 commits into
Closed
CSPL-4153: Update dependencies and restore helm chart 3.0.0#1830gabrielm-splunk wants to merge 14 commits into
gabrielm-splunk wants to merge 14 commits into
Conversation
This reverts commit 45ca3a8.
CSPL-4186: Support splunk secret and make it available to Ansible via mount
Add a GitHub Actions workflow and supporting scripts for flaky test analysis. Users can trigger the workflow manually with configurable date ranges, branch filters, and reporting parameters. - GitHub Actions workflow with workflow_dispatch trigger for on-demand flaky test analysis - Bash script to download JUnit XML artifacts and run flaky test detection - Python script to generate Markdown test failure statistics from JUnit reports - Custom Matplotlib configuration for readable heatmap generation - Dynamic artifact naming based on analysis date range - .gitignore entry for generated JUnit report directories
…ws for ARM and Distroless builds to ensure failures are properly reported. (#1742)
…itattributes (#1767) - Introduced .gitattributes to mark generated files for better handling in version control. - Enhanced the build-test-push workflow by adding a new job to check for uncommitted changes after code generation, ensuring generated files are up to date before proceeding with the build.
* Add validation webhook for appRepo fields - Add appsRepoPollInterval validation: - Default: 0 (disabled) - Minimum: 0, Maximum: 86400 (1 day) - Values between 1-59 are rejected (must be 0 or >= 60) - Add appSources uniqueness validation: - Location + Scope combination must be unique across appSources - Uses defaults.scope when scope is not specified in appSource - volumeName is NOT part of uniqueness check - Add unit tests for all new validations * Add premiumAppsProps validation for appSources - Validate that premiumAppsProps.type is required when scope is 'premiumApps' - Check both source-level and defaults-level premiumAppsProps.type - Add unit tests for premiumAppsProps validation scenarios * Add extraEnv uniqueness validation - Validate that environment variable names in spec.extraEnv are unique - Report duplicate names with reference to the first occurrence - Add unit tests for extraEnv uniqueness validation * Add imagePullSecrets uniqueness validation - Validate that secret names in spec.imagePullSecrets are unique - Report duplicate names with reference to the first occurrence - Add unit tests for imagePullSecrets uniqueness validation * Add probe fields validation - Validate livenessProbe, readinessProbe, and startupProbe configurations - initialDelaySeconds: minimum 0 - timeoutSeconds: minimum 1 - periodSeconds: minimum 1 - failureThreshold: minimum 1 - Add unit tests for probe validation scenarios * Add resource requirements validation - Validate that memory request does not exceed memory limit - Validate that cpu request does not exceed cpu limit - Add unit tests for resource requirements validation * Add SmartStore validation for volumes and indexes - Validate that indexes require at least one volume to be configured - Validate that index volumeName references an existing volume in volumes list - Validate that index has volumeName or defaults.volumeName provided - Update and add unit tests for SmartStore validation * Add StorageClassSpec ephemeralStorage mutual exclusivity validation - Validate that ephemeralStorage is mutually exclusive with storageClassName - Validate that ephemeralStorage is mutually exclusive with storageCapacity - Add unit tests for ephemeralStorage mutual exclusivity scenarios * feat(validation): add imagePullSecrets existence validation - Add ValidationContext to carry Kubernetes client for resource lookups - Extend Validator interface with context-aware validation methods - Implement ValidateImagePullSecretsExistence to verify secrets exist - Update all CRD validators with context-aware validation functions - Pass manager client to webhook server for API access - Update ValidationWebhook.md documentation with new validation rules - Add unit tests for imagePullSecrets existence validation This enables the webhook to reject CRs that reference non-existent secrets in spec.imagePullSecrets, providing early feedback to users. --------- Co-authored-by: Patryk Wasielewski <pwasiele@splunk.com>
* Update Splunk Enterprise version from 10.0.0 to 10.2.0 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * add id-token: write to permissions * add COSIGN_DOCKER_MEDIA_TYPES to signing steps * use --recursive for signing distroless image * remove --recursive from cosign verify * cleanup * add --recursive for standard image --------- Co-authored-by: Gabriel J Mendoza <gabrielm@splunk.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
- Update google.golang.org/grpc from v1.78.0 to v1.79.3 (VULN-67797) - Update github.com/buger/jsonparser from v1.1.1 to v1.1.2 (VULN-67794) - Update Go stdlib from 1.25.7 to 1.25.8 (VULN-65734) - Update gnutls via explicit microdnf update (VULN-69140) - Update other dependencies to latest compatible versions Fixes: VULN-67797, VULN-67794, VULN-65734, VULN-69140 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Gabriel Mendoza <gabrielm@splunk.com>
- Update GO_VERSION in .env: 1.25.7 → 1.25.8 - Update Dockerfile.distroless FROM golang:1.25.7 → 1.25.8 Addresses review comment to update all Go version occurrences. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Gabriel Mendoza <gabrielm@splunk.com>
- Updated Dockerfile: ARG BASE_IMAGE_VERSION - Updated Makefile: comment and BASE_IMAGE_VERSION variable - Latest version pulled from registry.access.redhat.com/ubi8/ubi-minimal:8.10 Addresses review comment on PR #1809 Signed-off-by: Gabriel Mendoza <gabmendo@splunk.com>
Version 3.0.0 was inadvertently removed by automated PR (commit 1139fcf) when 3.1.0 was added. Customers reported the version missing from `helm search repo` results. Changes: - Restored 3.0.0 packaged chart from git tag - Added 3.0.0 entries to docs/index.yaml for both splunk-enterprise and splunk-operator charts - Chart digest: db5890e3bcc95f9ca7298873cc08b4a5d1ee86ccb4ad4e5334a0ab5d7a5fdb5e Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
gabrielm-splunk
changed the base branch from
main
to
cspl-4153-dependencies-helm-only
gabrielm-splunk
changed the base branch from
cspl-4153-dependencies-helm-only
to
main
Collaborator
Author
|
Closing to recreate with correct branch |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Security Updates
gRPC vulnerability fix:
google.golang.org/grpcand related dependencies to address security vulnerabilitiesBase image update:
Helm Chart 3.0.0 Restoration
Version 3.0.0 was inadvertently removed by automated PR (commit 1139fcf) when 3.1.0 was added. Customers reported the version missing from
helm search repo splunk/splunk-operator --versionsresults.Changes:
Test plan
🤖 Generated with Claude Code