Added unit tests and E2E tests

[ankush-ntx]

Summary:

This PR introduces a testing framework for the Nutanix COSI driver, including both unit tests and end-to-end (E2E) tests. In addition, several minor bugs discovered during test development have been addressed and resolved.

Changes:

Unit Tests:

• Covers core driver logic, IAM client ops, S3 client ops and provisioner methods.
• Mocks for S3 client and IAM client to isolate functionality.

E2E Tests:

• Tests all the workflows completely with edge cases.
• Including: Create/Delete buckets, Grant/Revoke user access
• Tests can be run on both a real cluster or a local cluster using Objects Triton as S3 backend objects store.

CI/CD Pipeline:

• Updated GitHub pipeline to include running unit tests when a PR is created.

Deployment Changes:

• PC_SECRET now only contains username and password credentials for the Prism Central in the previous format.
• PC_ENDPOINT instead should have the full endpoint of the Prism Central.

Fixes:

• Fixed Deleting a Bucket object with a missing bucket fails #378: Bucket deletion succeeds when bucket is missing.
• Fixed CVE-2025-22868
• Added a few more relevant error statements.
• Minor fixes in bucket policy methods.

How to run tests?

Unit Tests:
Execute the following to run unit tests:

go test ./...

To generate the coverage report and an HTML page to view the report:

go test -coverprofile=coverage.out ./...
go tool cover -html=coverage.out -o coverage.html

Open the HTML file in any web browser to view the coverage of each file.

E2E Tests:
Execute the following to run E2E tests:

sh scripts/setup_test_env.sh [flags]

Options:
-o, --oss_endpoint ENDPOINT    Nutanix Object Store instance endpoint, eg. "http://10.51.142.82:80".
-i, --pc_endpoint ENDPOINT     Prism Central endpoint, eg. "https://10.51.142.82:9440".
-u, --pc_user USERNAME         Prism Central username. [default = admin]
-p, --pc_pass PASSWORD         Prism Central password.
-a, --access_key KEY           Admin IAM Access key to be used for Nutanix Objects.
-s, --secret_key KEY           Admin IAM Secret key to be used for Nutanix Objects.
-n, --namespace NAMESAPCE      Cluster namespace for the COSI deployment [default = cosi]

Check the README.md for more info.

[anirudhbansal95]

Thanks Ankush. Reviewed the unit tests and the associated code. Yet to review the end to end tests.

[anirudhbansal95]

nit: else if can be removed from line 165 since we are returning in line 164

[ankush-ntx]

Done.

[anirudhbansal95]

Currently we allow the display name to be empty, though not the user name. Is this the expected behaviour?

[ankush-ntx]

Yes. The API call is valid even with empty displayName.

[anirudhbansal95]

Maybe use api.GetAccountName() here and in the test below

[ankush-ntx]

Done.

[anirudhbansal95]

Do we also need to update the bucket policy here to remove the user from it, like we updated the bucket policy to grant user access in the previous case?

[ankush-ntx]

Done. Changed policy SID to userId instead of username to facilitate policy removal when deleting bucket access.

[anirudhbansal95]

Maybe also check that sid2 and sid3 have "Allow" effect

[ankush-ntx]

Done.

[anirudhbansal95]

nit: Maybe add a comment that ps.Allows() doesn't modify an existing effect, if set.

[ankush-ntx]

Done.

[anirudhbansal95]

Is this a specific format in which the object not found error should be returned? Or can it be something like: ERROR_OBJECT_NOT_FOUND or some other string?

[ankush-ntx]

Fixed. Returning empty string now with error.

[anirudhbansal95]

Thanks Ankush. Took a look at the end to end tests. They look good in general with a few comments.

[anirudhbansal95]

nit: if !bucket.Status.BucketReady

[ankush-ntx]

Done.

[anirudhbansal95]

nit: if bucket.Status.BucketReady

[ankush-ntx]

Done.

[anirudhbansal95]

Do we need to call this function in other tests as well?

[ankush-ntx]

CheckBucketExistenceInObjectstore()already waits for bucket creating, so removed WaitUntilBucketExists() as it is redundant.