test(managed_folder): optimize managed_folders e2e-test by skipping unnecessary IAM propagation waits

tools/integration_tests/managed_folders/admin_permissions_test.go

@@ -54,34 +54,26 @@ type managedFoldersAdminPermission struct {
 func (s *managedFoldersAdminPermission) SetupSuite() {
 	setup.MountGCSFuseWithGivenMountWithConfigFunc(testEnv.cfg, s.flags, testEnv.mountFunc)
 	setup.SetMntDir(testEnv.mountDir)
+	testEnv.testDirPath = setup.SetupTestDirectory(TestDirForManagedFolderTest)
 }
 
 func (s *managedFoldersAdminPermission) TearDownSuite() {
 	setup.UnmountGCSFuseWithConfig(testEnv.cfg)
 }
 
 func (s *managedFoldersAdminPermission) SetupTest() {
-	testEnv.testDirPath = setup.SetupTestDirectory(TestDirForManagedFolderTest)
-	createDirectoryStructureForNonEmptyManagedFolders(testEnv.ctx, testEnv.storageClient, testEnv.controlClient, s.T())
-	if s.managedFoldersPermission != "nil" {
+	managedFolderRecreated := createDirectoryStructureForNonEmptyManagedFolders(testEnv.ctx, testEnv.storageClient, testEnv.controlClient, s.T())
+
+	if s.managedFoldersPermission != "nil" && managedFolderRecreated {
 		providePermissionToManagedFolder(testEnv.bucket, path.Join(testEnv.testDir, ManagedFolder1), testEnv.serviceAccount, s.managedFoldersPermission, s.T())
 		providePermissionToManagedFolder(testEnv.bucket, path.Join(testEnv.testDir, ManagedFolder2), testEnv.serviceAccount, s.managedFoldersPermission, s.T())
-		// Waiting for 60 seconds for policy changes to propagate. This values we kept based on our experiments.
+		// Wait for policy propagation only when folders were recreated and IAM was reapplied.
 		time.Sleep(60 * time.Second)
 	}
 }
 
 func (s *managedFoldersAdminPermission) TearDownTest() {
 	setup.SaveGCSFuseLogFileInCaseOfFailure(s.T())
-	// Due to bucket view permissions, it prevents cleaning resources outside managed folders. So we are cleaning managed folders resources only.
-	if s.bucketPermission == ViewPermission {
-		revokePermissionToManagedFolder(testEnv.bucket, path.Join(testEnv.testDir, ManagedFolder1), testEnv.serviceAccount, s.managedFoldersPermission, s.T())
-		setup.CleanUpDir(path.Join(setup.MntDir(), TestDirForManagedFolderTest, ManagedFolder1))
-		revokePermissionToManagedFolder(testEnv.bucket, path.Join(testEnv.testDir, ManagedFolder2), testEnv.serviceAccount, s.managedFoldersPermission, s.T())
-		setup.CleanUpDir(path.Join(setup.MntDir(), TestDirForManagedFolderTest, ManagedFolder2))
-		return
-	}
-	setup.CleanUpDir(path.Join(setup.MntDir(), TestDirForManagedFolderTest))
 }
 
 ////////////////////////////////////////////////////////////////////////
@@ -128,6 +120,11 @@ func (s *managedFoldersAdminPermission) TestCopyObjectWithInManagedFolder() {
 	testDirPath := path.Join(testEnv.testDirPath, ManagedFolder1)
 	srcCopyFile := path.Join(testDirPath, FileInNonEmptyManagedFoldersTest)
 	destCopyFile := path.Join(testDirPath, DestFile)
+	defer func() {
+		if err := os.RemoveAll(destCopyFile); err != nil {
+			log.Printf("failed to remove scratch copy file: %v", err)
+		}
+	}()
 
 	err := operations.CopyFile(srcCopyFile, destCopyFile)
 	if err != nil {
@@ -143,6 +140,11 @@ func (s *managedFoldersAdminPermission) TestCopyObjectWithInManagedFolder() {
 func (s *managedFoldersAdminPermission) TestCopyManagedFolder() {
 	srcDirPath := path.Join(testEnv.testDirPath, ManagedFolder1)
 	destDirPath := path.Join(testEnv.testDirPath, DestFolder)
+	defer func() {
+		if err := os.RemoveAll(destDirPath); err != nil {
+			log.Printf("failed to remove scratch copy folder: %v", err)
+		}
+	}()
 
 	err := operations.CopyDir(srcDirPath, destDirPath)
 
@@ -160,6 +162,11 @@ func (s *managedFoldersAdminPermission) TestMoveObjectWithInManagedFolder() {
 	testDirPath := path.Join(testEnv.testDirPath, ManagedFolder1)
 	srcMoveFile := path.Join(testDirPath, FileInNonEmptyManagedFoldersTest)
 	destMoveFile := path.Join(testDirPath, DestFile)
+	defer func() {
+		if err := os.RemoveAll(destMoveFile); err != nil {
+			log.Printf("failed to remove scratch move file: %v", err)
+		}
+	}()
 
 	err := operations.Move(srcMoveFile, destMoveFile)
 	if err != nil {
@@ -179,6 +186,11 @@ func (s *managedFoldersAdminPermission) TestMoveObjectWithInManagedFolder() {
 func (s *managedFoldersAdminPermission) TestMoveManagedFolder() {
 	srcDirPath := path.Join(testEnv.testDirPath, ManagedFolder1)
 	destDirPath := path.Join(testEnv.testDirPath, DestFolder)
+	defer func() {
+		if err := os.RemoveAll(destDirPath); err != nil {
+			log.Printf("failed to remove scratch move folder: %v", err)
+		}
+	}()
 
 	err := operations.Move(srcDirPath, destDirPath)
 
@@ -223,7 +235,21 @@ func TestManagedFolders_FolderAdminPermission(t *testing.T) {
 				creds_tests.ApplyPermissionToServiceAccount(testEnv.ctx, testEnv.storageClient, testEnv.serviceAccount, ViewPermission, setup.TestBucket())
 			}
 			ts.managedFoldersPermission = permissions[i][1]
+
+			if ts.managedFoldersPermission != "nil" {
+				providePermissionToManagedFolder(testEnv.bucket, path.Join(testEnv.testDir, ManagedFolder1), testEnv.serviceAccount, ts.managedFoldersPermission, t)
+				providePermissionToManagedFolder(testEnv.bucket, path.Join(testEnv.testDir, ManagedFolder2), testEnv.serviceAccount, ts.managedFoldersPermission, t)
+				// Wait once per permission scenario for initial policy propagation.
+				time.Sleep(60 * time.Second)
+			}
+
 			suite.Run(t, ts)
+
+			if ts.managedFoldersPermission != "nil" {
+				revokePermissionToManagedFolder(testEnv.bucket, path.Join(testEnv.testDir, ManagedFolder1), testEnv.serviceAccount, ts.managedFoldersPermission, t)
+				revokePermissionToManagedFolder(testEnv.bucket, path.Join(testEnv.testDir, ManagedFolder2), testEnv.serviceAccount, ts.managedFoldersPermission, t)
+			}
+
 			if ts.bucketPermission == ViewPermission {
 				creds_tests.RevokePermission(testEnv.ctx, testEnv.storageClient, testEnv.serviceAccount, ViewPermission, setup.TestBucket())
 			}

tools/integration_tests/managed_folders/test_helper.go

@@ -103,7 +103,7 @@ func revokePermissionToManagedFolder(bucket, managedFolderPath, serviceAccount,
 	}
 }
 
-func createDirectoryStructureForNonEmptyManagedFolders(ctx context.Context, storageClient *storage.Client, controlClient *control.StorageControlClient, t *testing.T) {
+func createDirectoryStructureForNonEmptyManagedFolders(ctx context.Context, storageClient *storage.Client, controlClient *control.StorageControlClient, t *testing.T) bool {
 	// testBucket/NonEmptyManagedFoldersTest/managedFolder1
 	// testBucket/NonEmptyManagedFoldersTest/managedFolder1/testFile
 	// testBucket/NonEmptyManagedFoldersTest/managedFolder2
@@ -122,12 +122,14 @@ func createDirectoryStructureForNonEmptyManagedFolders(ctx context.Context, stor
 	managedFolder2 := path.Join(testDir, ManagedFolder2)
 	simulatedFolderNonEmptyManagedFoldersTest := path.Join(testDir, SimulatedFolderNonEmptyManagedFoldersTest)
 
-	client.CreateManagedFoldersInBucket(ctx, controlClient, path.Join(testDir, ManagedFolder1), bucket)
+	managedFolder1Recreated := client.CreateManagedFoldersInBucket(ctx, controlClient, path.Join(testDir, ManagedFolder1), bucket)
 	client.CopyFileInBucket(ctx, storageClient, path.Join("/tmp", FileInNonEmptyManagedFoldersTest), path.Join(managedFolder1, FileInNonEmptyManagedFoldersTest), bucket)
-	client.CreateManagedFoldersInBucket(ctx, controlClient, path.Join(testDir, ManagedFolder2), bucket)
+	managedFolder2Recreated := client.CreateManagedFoldersInBucket(ctx, controlClient, path.Join(testDir, ManagedFolder2), bucket)
 	client.CopyFileInBucket(ctx, storageClient, path.Join("/tmp", FileInNonEmptyManagedFoldersTest), path.Join(managedFolder2, FileInNonEmptyManagedFoldersTest), bucket)
 	client.CopyFileInBucket(ctx, storageClient, path.Join("/tmp", FileInNonEmptyManagedFoldersTest), path.Join(simulatedFolderNonEmptyManagedFoldersTest, FileInNonEmptyManagedFoldersTest), bucket)
 	client.CopyFileInBucket(ctx, storageClient, path.Join("/tmp", FileInNonEmptyManagedFoldersTest), path.Join(testDir, FileInNonEmptyManagedFoldersTest), bucket)
+
+	return managedFolder1Recreated || managedFolder2Recreated
 }
 
 func cleanup(ctx context.Context, storageClient *storage.Client, controlClient *control.StorageControlClient, bucket, testDir, serviceAccount, iam_role string, t *testing.T) {

tools/integration_tests/util/client/control_client.go

@@ -32,6 +32,7 @@ import (
 	"github.com/googlecloudplatform/gcsfuse/v3/internal/storage"
 	"github.com/googlecloudplatform/gcsfuse/v3/tools/integration_tests/util/setup"
 	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/status"
 )
 
 func storageControlClientRetryOptions() []gax.CallOption {
@@ -96,16 +97,20 @@ func DeleteManagedFoldersInBucket(ctx context.Context, client *control.StorageCo
 	}
 }
 
-func CreateManagedFoldersInBucket(ctx context.Context, client *control.StorageControlClient, managedFolderPath, bucket string) {
+func CreateManagedFoldersInBucket(ctx context.Context, client *control.StorageControlClient, managedFolderPath, bucket string) bool {
 	mf := &controlpb.ManagedFolder{}
 	req := &controlpb.CreateManagedFolderRequest{
 		Parent:          fmt.Sprintf("projects/_/buckets/%v", bucket),
 		ManagedFolder:   mf,
 		ManagedFolderId: managedFolderPath,
 	}
-	if _, err := client.CreateManagedFolder(ctx, req); err != nil && !strings.Contains(err.Error(), "The specified managed folder already exists") {
+	if _, err := client.CreateManagedFolder(ctx, req); err != nil {
+		if status.Code(err) == codes.AlreadyExists || strings.Contains(err.Error(), "The specified managed folder already exists") {
+			return false
+		}
 		log.Fatalf("Error while creating managed folder: %v", err)
 	}
+	return true
 }
 
 func CreateFolderInBucket(ctx context.Context, client *control.StorageControlClient, folderPath string) (*controlpb.Folder, error) {