@@ -401,7 +401,7 @@ var _ = ginkgo.Describe("[csi-multi-svc-refactor] Multi-SVC", func() {
401401 3. Delete the SVC cluster
402402 */
403403
404- ginkgo .It ("[csi-multi-svc] Verify permissions of the service account" ,
404+ ginkgo .It ("[csi-multi-svc] Verify permissions of the service account-new " ,
405405 ginkgo .Label (constants .P0 , constants .Wcp , constants .MultiSvc , constants .Vc80 ), func () {
406406 ctx , cancel := context .WithCancel (context .Background ())
407407 defer cancel ()
@@ -418,15 +418,15 @@ var _ = ginkgo.Describe("[csi-multi-svc-refactor] Multi-SVC", func() {
418418 ginkgo .By ("Verify permission on clusters for each of the wcp service account users" )
419419 // creating array of roles for both service account users as per the desired cluster permission
420420 roles := [][]string {
421- {constants .RoleCnsHostConfigStorageAndCnsVm , constants . RoleCnsSearchAndSpbm },
422- {constants . RoleCnsSearchAndSpbm , constants .RoleCnsHostConfigStorageAndCnsVm },
421+ {constants .RoleCnsHostConfigStorageAndCnsVm , "" },
422+ {"" , constants .RoleCnsHostConfigStorageAndCnsVm },
423423 }
424424 // iterating through compute cluster paths
425425 for i , path := range computeClusterPaths {
426426 role := roles [i % 2 ] // Alternates between the two roles
427427 // iterating through service account users
428428 for j , user := range wcpServiceAccUsers {
429- framework .Logf ("Verifying permission on root folder for user: %s" , user )
429+ framework .Logf ("Verifying permission on root folder for user: %s" , wcpServiceAccUsers [ i ] )
430430 userPermission , err := VerifyPermissionForWcpStorageUser (ctx , e2eTestConfig , "Cluster" , path , user , role [j ])
431431 gomega .Expect (err ).NotTo (gomega .HaveOccurred ())
432432 gomega .Expect (userPermission ).To (gomega .BeTrue (), "user permission is not valid for compute-cluster path" )
@@ -444,15 +444,30 @@ var _ = ginkgo.Describe("[csi-multi-svc-refactor] Multi-SVC", func() {
444444 // roleForUser array to store roles for both svc account user based on datastore
445445 var roleForUser []string
446446
447+ // cluster1Group := []string{"vsanDatastore (2)"}
448+ // cluster2Group := []string{"vsanDatastore (1)"}
449+ // mixedGroup := []string{"nfs0-1", "sharedVmfs_0"}
450+ // // remainGroup := []string{"local-0 (8)", "local-0 (9)", "local-0 (10)", "local-0 (11)", "local-0 (12)", "local-0 (13)", "vsanDatastore", "vsanDatastore (3)"}
451+ // parts := strings.Split(datastorePath, "/")
452+ // datastoreName := parts[len(parts)-1]
453+ // if helper_util.ContainsItem(cluster1Group, datastoreName) {
454+ // roleForUser = []string{constants.RoleCnsDatastore, ""}
455+ // } else if helper_util.ContainsItem(cluster2Group, datastoreName) {
456+ // roleForUser = []string{"", constants.RoleCnsDatastore}
457+ // } else if helper_util.ContainsItem(mixedGroup, datastoreName) {
458+ // roleForUser = []string{constants.RoleCnsDatastore, constants.RoleCnsDatastore}
459+ // } else {
460+ // roleForUser = []string{"", ""}
461+ // }
447462 switch {
448- case strings .Contains (datastorePath , "local " ):
449- roleForUser = []string {constants .RoleCnsSearchAndSpbm , constants . RoleCnsSearchAndSpbm }
450- case strings .Contains (datastorePath , "nfs" ):
463+ case strings .Contains (datastorePath , "vsanDatastore (2) " ):
464+ roleForUser = []string {constants .RoleCnsDatastore , "" }
465+ case strings .Contains (datastorePath , "nfs" ) || strings . Contains ( datastorePath , "sharedVmfs" ) :
451466 roleForUser = []string {constants .RoleCnsDatastore , constants .RoleCnsDatastore }
452467 case strings .Contains (datastorePath , "vsanDatastore (1)" ):
453- roleForUser = []string {constants . RoleCnsSearchAndSpbm , constants .RoleCnsDatastore }
454- default : // for "vsanDatastore "
455- roleForUser = []string {constants . RoleCnsDatastore , constants . RoleCnsSearchAndSpbm }
468+ roleForUser = []string {"" , constants .RoleCnsDatastore }
469+ default : // for "local-0 "
470+ roleForUser = []string {"" , "" }
456471 }
457472
458473 // iterating through service account users
@@ -483,7 +498,7 @@ var _ = ginkgo.Describe("[csi-multi-svc-refactor] Multi-SVC", func() {
483498 */
484499
485500 ginkgo .It ("[csi-multi-svc] Verify that an alarm is raised when a shared datastore " +
486- "becomes non-shared" , ginkgo .Label (constants .P0 , constants .Wcp , constants .MultiSvc , constants .Vc80 ), func () {
501+ "becomes non-shared-new " , ginkgo .Label (constants .P0 , constants .Wcp , constants .MultiSvc , constants .Vc80 ), func () {
487502 ctx , cancel := context .WithCancel (context .Background ())
488503 defer cancel ()
489504
@@ -503,7 +518,7 @@ var _ = ginkgo.Describe("[csi-multi-svc-refactor] Multi-SVC", func() {
503518 }
504519 }()
505520
506- datastorePath := "/" + dataCenter + "/datastore/" + datastoreName
521+ datastorePath := dataCenter + "/datastore/" + datastoreName
507522 ginkgo .By ("Verify datastore has permission for storage service account from supervisor cluster 1" )
508523 userPermission , err := VerifyPermissionForWcpStorageUser (ctx , e2eTestConfig , "Cluster" , datastorePath ,
509524 wcpServiceAccUsers [0 ], constants .RoleCnsDatastore )
@@ -533,7 +548,8 @@ var _ = ginkgo.Describe("[csi-multi-svc-refactor] Multi-SVC", func() {
533548 }()
534549
535550 ginkgo .By ("Verify an alarm is raised for unmounted datastore and host in the supervisor cluster 1" )
536- alarm := "Datastore not accessible to all hosts under the cluster"
551+ // alarm := "Datastore not accessible to all hosts under the cluster"
552+ alarm := "Datastore no longer accessible to all hosts in the cluster compute resource"
537553 alarmPresent , err = IsAlarmPresentOnDatacenter (ctx , e2eTestConfig , dataCenter , alarm , true )
538554 gomega .Expect (err ).NotTo (gomega .HaveOccurred ())
539555 gomega .Expect (alarmPresent ).To (gomega .BeTrue ())
@@ -598,7 +614,7 @@ var _ = ginkgo.Describe("[csi-multi-svc-refactor] Multi-SVC", func() {
598614
599615 */
600616
601- ginkgo .It ("[csi-multi-svc] Move a shared datastore from one SVC to another and check permission" ,
617+ ginkgo .It ("[csi-multi-svc] Move a shared datastore from one SVC to another and check permission-new " ,
602618 ginkgo .Label (constants .P0 , constants .Wcp , constants .MultiSvc , constants .Vc80 ), func () {
603619 ctx , cancel := context .WithCancel (context .Background ())
604620 defer cancel ()
@@ -620,7 +636,7 @@ var _ = ginkgo.Describe("[csi-multi-svc-refactor] Multi-SVC", func() {
620636
621637 datastorePath := "/" + dataCenter + "/datastore/" + datastoreName
622638 ginkgo .By ("Verify datastore has permission for storage service account from supervisor cluster 1" )
623- roleForSvcUser = []string {constants .RoleCnsDatastore , constants . RoleCnsSearchAndSpbm }
639+ roleForSvcUser = []string {constants .RoleCnsDatastore , "" }
624640 // iterating through service account users
625641 for j , user := range wcpServiceAccUsers {
626642 userPermission , err := VerifyPermissionForWcpStorageUser (ctx , e2eTestConfig , "Datastore" ,
@@ -657,7 +673,7 @@ var _ = ginkgo.Describe("[csi-multi-svc-refactor] Multi-SVC", func() {
657673 gomega .Expect (err ).NotTo (gomega .HaveOccurred ())
658674 isDsMountedOnSvc2 = false
659675 ginkgo .By ("Verify datastore has permission for storage service account from the svc1 but not from svc2" )
660- roleForSvcUser = []string {constants . RoleCnsDatastore , constants .RoleCnsSearchAndSpbm }
676+ roleForSvcUser = []string {"" , constants .RoleCnsSearchAndSpbm }
661677 // iterating through service account users
662678 for j , user := range wcpServiceAccUsers {
663679 userPermission , err := VerifyPermissionForWcpStorageUser (ctx , e2eTestConfig , "Datastore" ,
0 commit comments