Enforce aliases for 'k8s.io/apimachinery/pkg/util/errors' and 'k8s.io/apimachinery/pkg/api/errors'

internal/concierge/apiserver/apiserver.go

@@ -11,7 +11,7 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
-	"k8s.io/apimachinery/pkg/util/errors"
+	utilerrors "k8s.io/apimachinery/pkg/util/errors"
 	"k8s.io/apiserver/pkg/registry/rest"
 	genericapiserver "k8s.io/apiserver/pkg/server"
 
@@ -105,7 +105,7 @@ func (c completedConfig) New() (*PinnipedServer, error) {
 			),
 		)
 	}
-	if err := errors.NewAggregate(errs); err != nil {
+	if err := utilerrors.NewAggregate(errs); err != nil {
 		return nil, fmt.Errorf("could not install API groups: %w", err)
 	}
 

internal/concierge/impersonator/impersonator.go

@@ -26,7 +26,7 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/runtime/serializer"
-	"k8s.io/apimachinery/pkg/util/errors"
+	utilerrors "k8s.io/apimachinery/pkg/util/errors"
 	"k8s.io/apimachinery/pkg/util/httpstream"
 	utilnet "k8s.io/apimachinery/pkg/util/net"
 	"k8s.io/apimachinery/pkg/util/sets"
@@ -349,7 +349,7 @@ func newInternal(
 		if listener != nil {
 			errs = append(errs, listener.Close())
 		}
-		return nil, errors.NewAggregate(errs)
+		return nil, utilerrors.NewAggregate(errs)
 	}
 	return result, nil
 }

internal/concierge/impersonator/impersonator_test.go

@@ -21,7 +21,7 @@ import (
 	"github.com/stretchr/testify/require"
 	authenticationv1 "k8s.io/api/authentication/v1"
 	corev1 "k8s.io/api/core/v1"
-	"k8s.io/apimachinery/pkg/api/errors"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/unstructuredscheme"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -1010,7 +1010,7 @@ func TestImpersonator(t *testing.T) {
 
 			probeBody, errProbe := rc.Get().AbsPath("/probe").DoRaw(ctx)
 			if tt.anonymousAuthDisabled {
-				require.True(t, errors.IsUnauthorized(errProbe), errProbe)
+				require.True(t, apierrors.IsUnauthorized(errProbe), errProbe)
 				require.Equal(t, `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Unauthorized","reason":"Unauthorized","code":401}`+"\n", string(probeBody))
 			} else {
 				require.NoError(t, errProbe)
@@ -1019,7 +1019,7 @@ func TestImpersonator(t *testing.T) {
 
 			notTCRBody, errNotTCR := rc.Get().Resource("tokencredentialrequests").DoRaw(ctx)
 			if tt.anonymousAuthDisabled {
-				require.True(t, errors.IsUnauthorized(errNotTCR), errNotTCR)
+				require.True(t, apierrors.IsUnauthorized(errNotTCR), errNotTCR)
 				require.Equal(t, `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Unauthorized","reason":"Unauthorized","code":401}`+"\n", string(notTCRBody))
 			} else {
 				require.NoError(t, errNotTCR)
@@ -1028,7 +1028,7 @@ func TestImpersonator(t *testing.T) {
 
 			ducksBody, errDucks := rc.Get().Resource("ducks").DoRaw(ctx)
 			if tt.anonymousAuthDisabled {
-				require.True(t, errors.IsUnauthorized(errDucks), errDucks)
+				require.True(t, apierrors.IsUnauthorized(errDucks), errDucks)
 				require.Equal(t, `{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Unauthorized","reason":"Unauthorized","code":401}`+"\n", string(ducksBody))
 			} else {
 				require.NoError(t, errDucks)
@@ -1046,7 +1046,7 @@ func TestImpersonator(t *testing.T) {
 			require.NoError(t, err)
 
 			_, errBadCert := tcrBadCert.PinnipedConcierge.LoginV1alpha1().TokenCredentialRequests().Create(ctx, &loginv1alpha1.TokenCredentialRequest{}, metav1.CreateOptions{})
-			require.True(t, errors.IsUnauthorized(errBadCert), errBadCert)
+			require.True(t, apierrors.IsUnauthorized(errBadCert), errBadCert)
 			require.EqualError(t, errBadCert, "Unauthorized")
 		})
 	}