├── docs
    ├── images
    │   ├── add-rule.png
    │   ├── trust_fez.png
    │   ├── name-pattern.png
    │   ├── branch-protection.png
    │   └── git-good-with-splunk.png
    ├── branch-protection.md
    └── how-it-was-setup.md
├── utilities
    └── make-qr-code.py
├── LICENSE
└── README.md


/docs/images/add-rule.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MattUebel/git-good-with-splunk/HEAD/docs/images/add-rule.png


--------------------------------------------------------------------------------
/docs/images/trust_fez.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MattUebel/git-good-with-splunk/HEAD/docs/images/trust_fez.png


--------------------------------------------------------------------------------
/docs/images/name-pattern.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MattUebel/git-good-with-splunk/HEAD/docs/images/name-pattern.png


--------------------------------------------------------------------------------
/docs/images/branch-protection.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MattUebel/git-good-with-splunk/HEAD/docs/images/branch-protection.png


--------------------------------------------------------------------------------
/docs/images/git-good-with-splunk.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MattUebel/git-good-with-splunk/HEAD/docs/images/git-good-with-splunk.png


--------------------------------------------------------------------------------
/utilities/make-qr-code.py:
--------------------------------------------------------------------------------
 1 | # generates qr code for a given url
 2 | 
 3 | import qrcode
 4 | from qrcode.image.styledpil import StyledPilImage
 5 | 
 6 | url = "https://github.com/MattUebel/git-good-with-splunk"
 7 | image = "../docs/images/trust_fez.png"
 8 | 
 9 | # generate qr code
10 | qr = qrcode.QRCode(
11 |     version=None,
12 |     error_correction=qrcode.constants.ERROR_CORRECT_H,
13 |     box_size=10,
14 |     border=4,
15 | )
16 | qr.add_data(url)
17 | 
18 | qr.make(fit=True)
19 | qrcode_image = qr.make_image(image_factory=StyledPilImage, embeded_image_path=image)
20 | 
21 | # write image to disk
22 | qrcode_image.save("git-good-with-splunk.png")
23 | 


--------------------------------------------------------------------------------
/docs/branch-protection.md:
--------------------------------------------------------------------------------
 1 | ## Setup Branch Protection for a Repository
 2 | 
 3 | To take advantage of status checks, you'll need to set up branch protection rules for your default branch (usually `main`).
 4 | 
 5 | ---
 6 | 
 7 | ### Navigate to `Settings` -> `Branches` and then click `Add rule`
 8 | 
 9 | ![add-rule](images/add-rule.png)  
10 | 
11 | ---
12 | 
13 | ### Now in the Branch Protection Rule settings, add a name pattern (again, usually `main`)
14 | 
15 | ![name-pattern](images/name-pattern.png)  
16 | 
17 | ---
18 | 
19 | ### One section down, update `Protect matching branches` to require a PR before merging, approvals, and that status checks pass before merging. It's also helpful to require branches to be up to date before merging (that they have any new commits added to main). Select the `build` status check as the check that must pass.
20 | 
21 | ![branch-protection](images/branch-protection.png)
22 | 
23 | ---
24 | 
25 | ### Click `Save changes` to put the rule in place.


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2022 Matt Uebel
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Git Good With Splunk
 2 | 
 3 | ### 👋 Introduction
 4 | 
 5 | This repo is the starting point for content related to the Splunk .conf 2022 presentation on using Git, GitHub, and GitHub actions to validate and deploy Splunk configuration.
 6 | 
 7 | Please file any questions, concerns, or enhancement requessts in this repo. PRs welcome!
 8 | 
 9 | ### 🤖 The controlling repos
10 | 
11 | https://github.com/MattUebel/git-good-splunk-shcdeployer  
12 | https://github.com/MattUebel/git-good-splunk-deploymentserver  
13 | https://github.com/MattUebel/git-good-splunk-indexmanager  
14 | 
15 | ### 🙇‍♂️ Appreciation
16 | 
17 | Thanks to [Marco Stadler](https://github.com/splunkenizer) and their work with https://github.com/splunkenizer/Splunkenizer with was used to setup the demo environment.  
18 | Also kudos to [Peter Evans](https://github.com/peter-evans) for their incredibly useful comment manipulating [actions](https://github.com/marketplace/actions/create-or-update-comment).  
19 | Shoutout to [Zac Case](https://github.com/zacharycase) for both his cameo in the demo, and also bringing ideas that helped shape the demo's recording.  
20 | Finally, thank you [Splunk Community](https://community.splunk.com/t5/Community/ct-p/en-us)!
21 | 
22 | ### 💬 Splunk answers posts
23 | 
24 | These helped shape the talk:  
25 | [How do you maintain your splunk config?](https://community.splunk.com/t5/Splunk-Enterprise/How-do-you-maintain-your-splunk-config/m-p/590893)  
26 | [Script to lint and validate?](https://community.splunk.com/t5/Splunk-Enterprise/Is-there-any-script-to-lint-and-validate-splunk-config/m-p/594155)  
27 | [What is bad config](https://community.splunk.com/t5/Splunk-Enterprise/What-kind-of-things-do-you-view-as-quot-bad-config-quot/m-p/594914)  


--------------------------------------------------------------------------------
/docs/how-it-was-setup.md:
--------------------------------------------------------------------------------
 1 | # Infrastructure
 2 | 
 3 | The component pieces of the infrastructure are private VMs in azure.
 4 | 
 5 | The demo environment was bootstrapped with ansible and Splunkenizer. This resulted in a few [issues](https://github.com/splunkenizer/Splunkenizer/issues?q=is%3Aissue+author%3Amattuebel) but worked quite well overall.
 6 | 
 7 | The config that was fed into the primary deploying playbook:
 8 | 
 9 | ```yaml
10 | ---
11 | # splunk_config.yml
12 | plugin: splunkenizer
13 | 
14 | general:
15 |   url_locale: en-US
16 | 
17 | os:
18 |   packages:
19 |     - acl
20 | 
21 | custom:
22 |   ansible_user: azureuser
23 | 
24 | splunk_defaults:
25 |   splunk_license_file: Splunk_Enterprise.lic
26 |   splunk_env_name: muebel_splunk
27 |   splunk_version: latest
28 |   splunk_download:
29 |     splunk: true
30 | 
31 |   splunk_admin_password: changedit
32 |   
33 |   splunk_ssl:
34 |     web:
35 |       enable: true
36 |       own_certs: false
37 | 
38 | splunk_idxclusters:
39 |   - idxc_name: idxc1
40 |     idxc_password: splunkidxc
41 |     idxc_replication_port: 9887
42 |     idxc_rf: 2
43 |     idxc_sf: 2
44 | 
45 | splunk_shclusters:
46 |   - shc_name: shc1
47 |     shc_site: site0
48 |     shc_password: splunkshc
49 |     shc_replication_port: 9887
50 | 
51 | splunk_hosts:
52 |   - name: cm.mattuebel.splunk.net
53 |     roles:
54 |       - cluster_master
55 |       - license_master
56 |     idxcluster: idxc1
57 |     shcluster: shc1
58 | 
59 |   - list:
60 |       - idx1.mattuebel.splunk.net
61 |       - idx2.mattuebel.splunk.net
62 |       - idx3.mattuebel.splunk.net
63 |     roles:
64 |       - indexer
65 |     idxcluster: idxc1
66 |   
67 |   - list:
68 |       - sh1.mattuebel.splunk.net
69 |       - sh2.mattuebel.splunk.net
70 |       - sh3.mattuebel.splunk.net
71 |     roles:
72 |       - search_head
73 |     shcluster: shc1
74 |   
75 |   - name: shcdeployer.mattuebel.splunk.net
76 |     roles:
77 |       - deployer
78 |     shcluster: shc1
79 | 
80 |   - name: ds.mattuebel.splunk.net
81 |     roles:
82 |       - deployment_server
83 |   
84 |   - name: hf.mattuebel.splunk.net
85 |     roles:
86 |       - heavy_forwarder
87 | ```
88 | 
89 | # Repos
90 | 
91 | The repos all have associated self-hosted runners installed on each of the controlling pieces (cm, ds, and shcdeployer).


--------------------------------------------------------------------------------