Merge branch 'main' into parser-vendorProductBySource

splunk · Sep 19, 2024 · 74e0236 · 74e0236
2 parents 8524395 + 90337ff
commit 74e0236
Show file tree

Hide file tree

Showing 117 changed files with 2,852 additions and 1,742 deletions.
diff --git a/.github/workflows/ci-lite.yaml b/.github/workflows/ci-lite.yaml
@@ -136,7 +136,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
       - name: Build and push action
         id: docker_action_build
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           provenance: false
@@ -167,7 +167,7 @@ jobs:
           image-ref: ${{ needs.meta.outputs.container_base }}
           format: 'table'
           exit-code: '1'
-          severity: 'CRITICAL,HIGH'
+          severity: 'CRITICAL,HIGH,MEDIUM,LOW'
 
   test-container:
     runs-on: ubuntu-latest
@@ -253,7 +253,7 @@ jobs:
       image: python:3.9-buster
     services:
       splunk:
-        image: splunk/splunk:9.2.0
+        image: splunk/splunk:${{ fromJson(needs.meta.outputs.matrix_supportedSplunk)[0].version }}
         ports:
           - 8088:8088
           - 8089:8089
@@ -305,7 +305,7 @@ jobs:
       image: python:3.9-buster
     services:
       splunk:
-        image: splunk/splunk:9.2.0
+        image: splunk/splunk:${{ fromJson(needs.meta.outputs.matrix_supportedSplunk)[0].version }}
         ports:
           - 8088:8088
           - 8089:8089

diff --git a/.github/workflows/ci-main.yaml b/.github/workflows/ci-main.yaml
@@ -136,7 +136,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
       - name: Build and push action
         id: docker_action_build
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           provenance: false
@@ -167,7 +167,7 @@ jobs:
           image-ref: ${{ needs.meta.outputs.container_base }}
           format: 'table'
           exit-code: '1'
-          severity: 'CRITICAL,HIGH'
+          severity: 'CRITICAL,HIGH,MEDIUM,LOW'
 
   test-container:
     runs-on: ubuntu-latest
@@ -255,7 +255,7 @@ jobs:
       image: python:3.9-buster
     services:
       splunk:
-        image: splunk/splunk:9.2.0
+        image: splunk/splunk:${{ fromJson(needs.meta.outputs.matrix_supportedSplunk)[0].version }}
         ports:
           - 8088:8088
           - 8089:8089
@@ -307,7 +307,7 @@ jobs:
       image: python:3.9-buster
     services:
       splunk:
-        image: splunk/splunk:9.2.0
+        image: splunk/splunk:${{ fromJson(needs.meta.outputs.matrix_supportedSplunk)[0].version }}
         ports:
           - 8088:8088
           - 8089:8089

diff --git a/ansible/playbooks/microk8s.yml b/ansible/playbooks/microk8s.yml
@@ -12,5 +12,6 @@
       openebs: true
   tasks:
     - include_tasks: ../tasks/mk8s/install_mk8s.yml
+    - include_tasks: ../tasks/mk8s/deploy_secrets.yml
     - include_tasks: ../tasks/mk8s/install_helm_repo.yml
     - include_tasks: ../tasks/mk8s/deploy_app.yml
diff --git a/ansible/playbooks/microk8s_ha.yml b/ansible/playbooks/microk8s_ha.yml
@@ -12,6 +12,7 @@
       openebs: true
   tasks:
     - include_tasks: ../tasks/mk8s/install_mk8s.yml
+    - include_tasks: ../tasks/mk8s/deploy_secrets.yml
     - include_tasks: ../tasks/mk8s/install_helm_repo.yml
     - include_tasks: ../tasks/mk8s/deploy_app.yml
     - include_tasks: ../tasks/mk8s/get_registration_token.yml

diff --git a/ansible/resources/docker_sc4s.service b/ansible/resources/docker_sc4s.service
@@ -30,6 +30,8 @@ ExecStartPre=/usr/bin/docker pull $SC4S_IMAGE
 # when startup fails on running bash check if the path is correct
 ExecStartPre=/usr/bin/bash -c "/usr/bin/systemctl set-environment SC4SHOST=$(hostname -s)"
 
+# Note: Prevent the error 'The container name "/SC4S" is already in use by container <container_id>. You have to remove (or rename) that container to be able to reuse that name.'
+ExecStartPre=/usr/bin/bash -c "/usr/bin/docker rm SC4S > /dev/null 2>&1 || true"
 ExecStart=/usr/bin/docker run \
         -e "SC4S_CONTAINER_HOST=${SC4SHOST}" \
         -v "$SC4S_PERSIST_MOUNT" \
@@ -41,4 +43,4 @@ ExecStart=/usr/bin/docker run \
         --name SC4S \
         --rm $SC4S_IMAGE
 
-Restart=on-abnormal
+Restart=on-failure
diff --git a/ansible/resources/podman_sc4s.service b/ansible/resources/podman_sc4s.service
@@ -29,6 +29,8 @@ ExecStartPre=/usr/bin/podman pull $SC4S_IMAGE
 # when startup fails on running bash check if the path is correct
 ExecStartPre=/usr/bin/bash -c "/usr/bin/systemctl set-environment SC4SHOST=$(hostname -s)"
 
+# Note: Prevent the error 'The container name "/SC4S" is already in use by container <container_id>. You have to remove (or rename) that container to be able to reuse that name.'
+ExecStartPre=/usr/bin/bash -c "/usr/bin/podman rm SC4S > /dev/null 2>&1 || true"
 ExecStart=/usr/bin/podman run \
         -e "SC4S_CONTAINER_HOST=${SC4SHOST}" \
         -v "$SC4S_PERSIST_MOUNT" \
@@ -42,4 +44,4 @@ ExecStart=/usr/bin/podman run \
         --name SC4S \
         --rm $SC4S_IMAGE
 
-Restart=on-abnormal
+Restart=on-failure
diff --git a/ansible/tasks/mk8s/deploy_secrets.yml b/ansible/tasks/mk8s/deploy_secrets.yml
@@ -0,0 +1,25 @@
+---
+- name: Load k8s secrets
+  include_vars:
+    file: "{{ item }}"
+  with_first_found:
+    - files:
+      - /opt/ansible/resources/k8s_secrets.yaml
+      - /opt/charts/splunk-connect-for-syslog/secrets.yaml
+
+- name: Create mTLS secret
+  ansible.builtin.shell: |
+    microk8s kubectl apply -f - <<EOF
+    apiVersion: v1
+    kind: Secret
+    metadata:
+      name: {{ hec_tls.secret }}
+    type: Opaque
+    data:
+      key.pem: {{ hec_tls.value.key | b64encode }}
+      cert.pem: {{ hec_tls.value.cert | b64encode }}
+      ca_cert.pem: {{ hec_tls.value.ca | b64encode }}
+    EOF
+  when:
+    - hec_tls is defined
+    - ('secret' in hec_tls) and ('value' in hec_tls)
diff --git a/charts/splunk-connect-for-syslog/Chart.yaml b/charts/splunk-connect-for-syslog/Chart.yaml
@@ -2,5 +2,5 @@ apiVersion: v2
 name: splunk-connect-for-syslog
 description: Deploy Splunk Connect for Syslog
 type: application
-version: 3.23.2
-appVersion: "3.23.2"
+version: 3.30.1
+appVersion: "3.30.1"
diff --git a/charts/splunk-connect-for-syslog/secrets.yaml b/charts/splunk-connect-for-syslog/secrets.yaml
diff --git a/charts/splunk-connect-for-syslog/templates/statefulset.yaml b/charts/splunk-connect-for-syslog/templates/statefulset.yaml
@@ -65,6 +65,10 @@ spec:
           - name: SC4S_DEST_SPLUNK_HEC_DEFAULT_DISKBUFF_ENABLE
             value: "no"
           {{- end }}
+          {{- if .Values.splunk.hec_tls }}
+          - name: SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_MOUNT
+            value: "/etc/syslog-ng/tls/hec"
+          {{- end }}
           {{- if .Values.sc4s.existingCert }}
           - name: SC4S_SOURCE_TLS_ENABLE
             value: "yes"
@@ -186,6 +190,11 @@ spec:
           - name: data
             mountPath: /var/lib/syslog-ng/
           {{- end }}
+          {{- if .Values.splunk.hec_tls }}
+          - name: hec-tls
+            mountPath: /etc/syslog-ng/tls/hec/
+            readOnly: true
+          {{- end }}
           {{- if .Values.sc4s.existingCert }}
           - name: tls
             mountPath: /etc/syslog-ng/tls/
@@ -224,6 +233,11 @@ spec:
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
       volumes:
+        {{- if .Values.splunk.hec_tls }}
+        - name: hec-tls
+          secret:
+            secretName: {{ .Values.splunk.hec_tls }}
+        {{- end }}
         {{- if .Values.sc4s.existingCert }}
         - name: tls
           secret: