kubetest2-kops: drop gsutil for GCS bucket lifecycle

Use GCS Go SDK to operate the state and discovery buckets

Signed-off-by: Arnaud Meukam <[email protected]>

Author: ameukam

tests/e2e/kubetest2-kops/gce/gcs.go

@@ -17,16 +17,24 @@ limitations under the License.
 package gce
 
 import (
+	"context"
 	"crypto/rand"
 	"encoding/hex"
+	"errors"
+	"fmt"
 	"os"
 	"strings"
-	"time"
 
+	"cloud.google.com/go/iam"
+	"cloud.google.com/go/storage"
 	"k8s.io/klog/v2"
 	"sigs.k8s.io/kubetest2/pkg/exec"
 )
 
+const (
+	defaultRegion = "us-central1"
+)
+
 func GCSBucketName(projectID, prefix string) string {
 	var s string
 	if jobID := os.Getenv("PROW_JOB_ID"); len(jobID) >= 4 {
@@ -41,57 +49,69 @@ func GCSBucketName(projectID, prefix string) string {
 }
 
 func EnsureGCSBucket(bucketPath, projectID string, public bool) error {
-	lsArgs := []string{
-		"gsutil", "ls", "-b",
-	}
-	if projectID != "" {
-		lsArgs = append(lsArgs, "-p", projectID)
+	// TODO: Detect the GCP region used
+	return EnsureGCSBucketWithRegion(bucketPath, projectID, defaultRegion, public)
+}
+
+func EnsureGCSBucketWithRegion(bucketPath, projectID string, region string, public bool) error {
+	ctx := context.Background()
+	client, err := storage.NewClient(ctx)
+	if err != nil {
+		return fmt.Errorf("failed to create storage client: %w", err)
 	}
-	lsArgs = append(lsArgs, bucketPath)
+	defer client.Close()
+
+	// Extract bucket name from gs:// path if the bucket's URI is provided
+	bucketName := strings.TrimPrefix(bucketPath, "gs://")
+	bucketName = strings.TrimSuffix(bucketName, "/")
 
-	klog.Info(strings.Join(lsArgs, " "))
-	cmd := exec.Command(lsArgs[0], lsArgs[1:]...)
+	bucket := client.Bucket(bucketName)
 
-	output, err := exec.CombinedOutputLines(cmd)
+	// Check if bucket exists
+	klog.Infof("Checking if bucket %s exists", bucketName)
+	_, err = bucket.Attrs(ctx)
 	if err == nil {
+		klog.Infof("Bucket %s already exists", bucketName)
 		return nil
-	} else if len(output) != 1 || !strings.Contains(output[0], "BucketNotFound") {
-		klog.Info(output)
-		return err
 	}
 
-	mbArgs := []string{
-		"gsutil", "mb",
-	}
-	if projectID != "" {
-		mbArgs = append(mbArgs, "-p", projectID)
+	// If error is not "bucket doesn't exist", return error
+	if errors.Is(err, storage.ErrBucketNotExist) {
+		return fmt.Errorf("error checking bucket: %w", err)
 	}
-	mbArgs = append(mbArgs, bucketPath)
 
-	klog.Info(strings.Join(mbArgs, " "))
-	cmd = exec.Command(mbArgs[0], mbArgs[1:]...)
+	// Create the bucket
+	klog.Infof("Creating bucket %s in project %s", bucketName, projectID)
+	bucketAttrs := &storage.BucketAttrs{
+		Location:     region,
+		LocationType: "region",
+		UniformBucketLevelAccess: storage.UniformBucketLevelAccess{
+			Enabled: true,
+		},
+		SoftDeletePolicy: &storage.SoftDeletePolicy{
+			RetentionDuration: 0,
+		},
+	}
 
-	exec.InheritOutput(cmd)
-	err = cmd.Run()
-	if err != nil {
-		return err
+	if err := bucket.Create(ctx, projectID, bucketAttrs); err != nil {
+		return fmt.Errorf("failed to create bucket: %w", err)
 	}
 
 	if public {
-		iamArgs := []string{
-			"gsutil", "iam", "ch", "allUsers:objectViewer",
-		}
-		iamArgs = append(iamArgs, bucketPath)
-		klog.Info(strings.Join(iamArgs, " "))
-		// GCS APIs are strongly consistent but this should help with flakes
-		time.Sleep(10 * time.Second)
-		cmd = exec.Command(iamArgs[0], iamArgs[1:]...)
-		exec.InheritOutput(cmd)
-		err = cmd.Run()
+		klog.Infof("Making bucket %s public", bucketName)
+		policy, err := bucket.IAM().Policy(ctx)
 		if err != nil {
-			return err
+			return fmt.Errorf("failed to get bucket IAM policy: %w", err)
+		}
+
+		// Add allUsers as objectViewer
+		policy.Add(iam.AllUsers, "roles/storage.objectViewer")
+
+		if err := bucket.IAM().SetPolicy(ctx, policy); err != nil {
+			return fmt.Errorf("failed to set bucket IAM policy: %w", err)
 		}
 	}
+
 	return nil
 }
 

tests/e2e/kubetest2-kops/gce/zones.go

@@ -34,6 +34,12 @@ var allZones = []string{
 	"us-east4-a",
 	"us-east4-b",
 	"us-east4-c",
+	"us-east5-a",
+	"us-east5-b",
+	"us-east5-c",
+	"us-south1-a",
+	"us-south1-b",
+	"us-south1-c",
 	"us-west1-a",
 	"us-west1-b",
 	"us-west1-c",