From 109755a3584b86649c217b54ed387cb65708ca2f Mon Sep 17 00:00:00 2001
From: rlieberman-splunk <rlieberman@splunk.com>
Date: Tue, 3 Dec 2024 14:02:35 -0600
Subject: [PATCH 1/3] Updates for integration tests and documentation with
 latest ES version

---
 docs/PremiumApps.md                | 4 ++--
 test/testenv/appframework_utils.go | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/docs/PremiumApps.md b/docs/PremiumApps.md
index 16263bb38..21300c4e9 100644
--- a/docs/PremiumApps.md
+++ b/docs/PremiumApps.md
@@ -8,7 +8,7 @@ The Splunk Operator automates the installation of Enterprise Security (ES) with
 
 * You need the ability to utilize the Splunk Operator [app framework](https://splunk.github.io/splunk-operator/AppFramework.html) method of installation.
 * You need the access to the [Splunk ES](https://splunkbase.splunk.com/app/263/) app package.
-* ES support in Splunk Operator is starting from Splunk Operator Release `2.2.0` which requires Splunk Enterprise `9.0.3-a2` or later. Per the [Splunk Enterprise and Enterprise Security version compatibility matrix](https://docs.splunk.com/Documentation/VersionCompatibility/current/Matrix/CompatMatrix), Splunk ES versions `7.1.0, 7.0.2, 7.0.1, 7.0.0 or 6.6.2` are supported currently.
+* ES support in Splunk Operator is starting from Splunk Operator Release `2.2.0` which requires Splunk Enterprise `9.0.3-a2` or later. Per the [Splunk Enterprise and Enterprise Security version compatibility matrix](https://docs.splunk.com/Documentation/VersionCompatibility/current/Matrix/CompatMatrix), Splunk ES versions `8.0.0. 7.3.2, 7.1.0, 7.0.2, 7.0.1, 7.0.0 or 6.6.2` are supported currently.
 * You need to make sure pod resource specs meet the [ES hardware requirements](https://docs.splunk.com/Documentation/ES/latest/Install/DeploymentPlanning#Hardware_requirements).
 * In the following sections, AWS S3 remote bucket is used for placing the splunk apps, but as given in the [app framework doc](https://splunk.github.io/splunk-operator/AppFramework.html), you can use Azure Blob remote buckets also.
 * You need to deploy add-ons to forwarders manually (or through your own methods).
@@ -164,7 +164,7 @@ Use the following steps to install ES on a Splunk deployment with an SHC integra
 2. Use kubectl to apply the following YAML file
 2. Wait for the SHC, CM, and Indexers pods are in ready state.
 3. Login to an SH and verify that ES App is installed.
-3. Extract the Splunk_TA_ForIndexers using the steps given here: [https://docs.splunk.com/Documentation/ES/7.0.2/Install/InstallTechnologyAdd-ons]
+3. Extract the Splunk_TA_ForIndexers using the steps given here: [https://docs.splunk.com/Documentation/ES/7.3.2/Install/InstallTechnologyAdd-ons]
 4. Upload the extracted Splunk_TA_ForIndexers package to the S3 bucket folder named "es_app_indexer_ta"
 
 The operator will poll this bucket after configured appsRepoPollIntervalSeconds and install the Splunk_TA_ForIndexers.
diff --git a/test/testenv/appframework_utils.go b/test/testenv/appframework_utils.go
index 9413f5302..8a2a8a6d1 100644
--- a/test/testenv/appframework_utils.go
+++ b/test/testenv/appframework_utils.go
@@ -34,7 +34,7 @@ var AppInfo = map[string]map[string]string{
 	"Splunk_TA_stream":                  {"V1": "7.3.0", "V2": "7.4.0", "filename": "splunk-add-on-for-stream-forwarders.tgz"},
 	"splunk_app_db_connect":             {"V1": "3.5.0", "V2": "3.5.1", "filename": "splunk-db-connect.tgz"},
 	"Splunk_Security_Essentials":        {"V1": "3.3.2", "V2": "3.3.3", "filename": "splunk-security-essentials.tgz"},
-	"SplunkEnterpriseSecuritySuite":     {"V1": "6.4.0", "V2": "6.4.1", "filename": "splunk-enterprise-security.spl"},
+	"SplunkEnterpriseSecuritySuite":     {"V1": "7.3.2", "V2": "8.0.0", "filename": "splunk-enterprise-security.spl"},
 	"Splunk_TA_ForIndexers":             {"V1": "1.0.0", "V2": "1.0.0", "filename": "TA_ForIndexers.spl"},
 	"test_app":                          {"V1": "1.0.0", "V2": "1.0.0", "filename": "test_app.tgz"},
 	"test_app2":                         {"V1": "1.0.0", "V2": "1.0.0", "filename": "test_app2.tgz"},

From b7a6057859cc556d210332dcaba68445ecae2873 Mon Sep 17 00:00:00 2001
From: rlieberman-splunk <rlieberman@splunk.com>
Date: Tue, 28 Jan 2025 09:53:54 -0600
Subject: [PATCH 2/3] Update enterprise security versions and app files

---
 .github/workflows/int-test-workflow.yml | 1 +
 docs/PremiumApps.md                     | 4 ++--
 test/testenv/appframework_utils.go      | 2 +-
 3 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/int-test-workflow.yml b/.github/workflows/int-test-workflow.yml
index e1079b464..831fa5df1 100644
--- a/.github/workflows/int-test-workflow.yml
+++ b/.github/workflows/int-test-workflow.yml
@@ -5,6 +5,7 @@ on:
       - develop
       - main
       - feature**
+      - CSPL_3186_es8
 jobs:
   build-operator-image:
     runs-on: ubuntu-latest
diff --git a/docs/PremiumApps.md b/docs/PremiumApps.md
index 21300c4e9..f14a718ce 100644
--- a/docs/PremiumApps.md
+++ b/docs/PremiumApps.md
@@ -8,7 +8,7 @@ The Splunk Operator automates the installation of Enterprise Security (ES) with
 
 * You need the ability to utilize the Splunk Operator [app framework](https://splunk.github.io/splunk-operator/AppFramework.html) method of installation.
 * You need the access to the [Splunk ES](https://splunkbase.splunk.com/app/263/) app package.
-* ES support in Splunk Operator is starting from Splunk Operator Release `2.2.0` which requires Splunk Enterprise `9.0.3-a2` or later. Per the [Splunk Enterprise and Enterprise Security version compatibility matrix](https://docs.splunk.com/Documentation/VersionCompatibility/current/Matrix/CompatMatrix), Splunk ES versions `8.0.0. 7.3.2, 7.1.0, 7.0.2, 7.0.1, 7.0.0 or 6.6.2` are supported currently.
+* ES support in Splunk Operator is starting from Splunk Operator Release `2.2.0` which requires Splunk Enterprise `9.0.3-a2` or later. Per the [Splunk Enterprise and Enterprise Security version compatibility matrix](https://docs.splunk.com/Documentation/VersionCompatibility/current/Matrix/CompatMatrix), Splunk ES versions `8.0.2. 7.3.2, 7.1.0, 7.0.2, 7.0.1, 7.0.0 or 6.6.2` are supported currently.
 * You need to make sure pod resource specs meet the [ES hardware requirements](https://docs.splunk.com/Documentation/ES/latest/Install/DeploymentPlanning#Hardware_requirements).
 * In the following sections, AWS S3 remote bucket is used for placing the splunk apps, but as given in the [app framework doc](https://splunk.github.io/splunk-operator/AppFramework.html), you can use Azure Blob remote buckets also.
 * You need to deploy add-ons to forwarders manually (or through your own methods).
@@ -164,7 +164,7 @@ Use the following steps to install ES on a Splunk deployment with an SHC integra
 2. Use kubectl to apply the following YAML file
 2. Wait for the SHC, CM, and Indexers pods are in ready state.
 3. Login to an SH and verify that ES App is installed.
-3. Extract the Splunk_TA_ForIndexers using the steps given here: [https://docs.splunk.com/Documentation/ES/7.3.2/Install/InstallTechnologyAdd-ons]
+3. Extract the Splunk_TA_ForIndexers using the steps given here: [https://docs.splunk.com/Documentation/ES/8.0.2/Install/InstallTechAdd-ons]
 4. Upload the extracted Splunk_TA_ForIndexers package to the S3 bucket folder named "es_app_indexer_ta"
 
 The operator will poll this bucket after configured appsRepoPollIntervalSeconds and install the Splunk_TA_ForIndexers.
diff --git a/test/testenv/appframework_utils.go b/test/testenv/appframework_utils.go
index 8a2a8a6d1..d1f2f938c 100644
--- a/test/testenv/appframework_utils.go
+++ b/test/testenv/appframework_utils.go
@@ -34,7 +34,7 @@ var AppInfo = map[string]map[string]string{
 	"Splunk_TA_stream":                  {"V1": "7.3.0", "V2": "7.4.0", "filename": "splunk-add-on-for-stream-forwarders.tgz"},
 	"splunk_app_db_connect":             {"V1": "3.5.0", "V2": "3.5.1", "filename": "splunk-db-connect.tgz"},
 	"Splunk_Security_Essentials":        {"V1": "3.3.2", "V2": "3.3.3", "filename": "splunk-security-essentials.tgz"},
-	"SplunkEnterpriseSecuritySuite":     {"V1": "7.3.2", "V2": "8.0.0", "filename": "splunk-enterprise-security.spl"},
+	"SplunkEnterpriseSecuritySuite":     {"V1": "7.3.2", "V2": "8.0.2", "filename": "splunk-enterprise-security-8.spl"},
 	"Splunk_TA_ForIndexers":             {"V1": "1.0.0", "V2": "1.0.0", "filename": "TA_ForIndexers.spl"},
 	"test_app":                          {"V1": "1.0.0", "V2": "1.0.0", "filename": "test_app.tgz"},
 	"test_app2":                         {"V1": "1.0.0", "V2": "1.0.0", "filename": "test_app2.tgz"},

From 3f2450b1492a2027dac3a04dc1c0356bcb1ff62b Mon Sep 17 00:00:00 2001
From: rlieberman-splunk <rlieberman@splunk.com>
Date: Tue, 6 May 2025 13:44:13 -0500
Subject: [PATCH 3/3] remove branch from inte test workflow

---
 .github/workflows/int-test-workflow.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/int-test-workflow.yml b/.github/workflows/int-test-workflow.yml
index 831fa5df1..e1079b464 100644
--- a/.github/workflows/int-test-workflow.yml
+++ b/.github/workflows/int-test-workflow.yml
@@ -5,7 +5,6 @@ on:
       - develop
       - main
       - feature**
-      - CSPL_3186_es8
 jobs:
   build-operator-image:
     runs-on: ubuntu-latest