From 9aa3f7496a085d76b45942de3a1c3f93efb788fa Mon Sep 17 00:00:00 2001 From: Joshua Casey Date: Mon, 20 Oct 2025 08:32:49 -0500 Subject: [PATCH] Update CEL errors for k8s 1.35+ --- ...supervisor_federationdomain_status_test.go | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/test/integration/supervisor_federationdomain_status_test.go b/test/integration/supervisor_federationdomain_status_test.go index 89d26859b..f142f3557 100644 --- a/test/integration/supervisor_federationdomain_status_test.go +++ b/test/integration/supervisor_federationdomain_status_test.go @@ -586,8 +586,9 @@ func TestSupervisorFederationDomainCRDValidations_Parallel(t *testing.T) { // These errors are appended to any other wanted errors when k8sAPIServerSupportsCEL is true wantCELErrorsForKube25Through28Inclusive []string wantCELErrorsForKube29Through33Inclusive []string - wantCELErrorsForKube29OrNewer []string + wantCELErrorsForKube29Through34Inclusive []string wantCELErrorsForKube34OrNewer []string + wantCELErrorsForKube35OrNewer []string }{ { name: "issuer cannot be empty", @@ -596,7 +597,8 @@ func TestSupervisorFederationDomainCRDValidations_Parallel(t *testing.T) { }, wantErrs: []string{`spec.issuer: Invalid value: "": spec.issuer in body should be at least 1 chars long`}, wantCELErrorsForKube25Through28Inclusive: []string{`spec.issuer: Invalid value: "string": issuer must be an HTTPS URL`}, - wantCELErrorsForKube29OrNewer: []string{`spec.issuer: Invalid value: "string": issuer must be an HTTPS URL`}, + wantCELErrorsForKube29Through34Inclusive: []string{`spec.issuer: Invalid value: "string": issuer must be an HTTPS URL`}, + wantCELErrorsForKube35OrNewer: []string{`spec.issuer: Invalid value: "": issuer must be an HTTPS URL`}, }, { name: "issuer must be a URL", @@ -604,7 +606,8 @@ func TestSupervisorFederationDomainCRDValidations_Parallel(t *testing.T) { Issuer: "foo", }, wantCELErrorsForKube25Through28Inclusive: []string{`spec.issuer: Invalid value: "string": issuer must be an HTTPS URL`}, - wantCELErrorsForKube29OrNewer: []string{`spec.issuer: Invalid value: "string": issuer must be an HTTPS URL`}, + wantCELErrorsForKube29Through34Inclusive: []string{`spec.issuer: Invalid value: "string": issuer must be an HTTPS URL`}, + wantCELErrorsForKube35OrNewer: []string{`spec.issuer: Invalid value: "foo": issuer must be an HTTPS URL`}, }, { name: "issuer URL scheme must be 'https'", @@ -612,7 +615,8 @@ func TestSupervisorFederationDomainCRDValidations_Parallel(t *testing.T) { Issuer: "http://example.com", }, wantCELErrorsForKube25Through28Inclusive: []string{`spec.issuer: Invalid value: "string": issuer must be an HTTPS URL`}, - wantCELErrorsForKube29OrNewer: []string{`spec.issuer: Invalid value: "string": issuer must be an HTTPS URL`}, + wantCELErrorsForKube29Through34Inclusive: []string{`spec.issuer: Invalid value: "string": issuer must be an HTTPS URL`}, + wantCELErrorsForKube35OrNewer: []string{`spec.issuer: Invalid value: "http://example.com": issuer must be an HTTPS URL`}, }, { name: "IDP display names cannot be empty", @@ -926,12 +930,15 @@ func TestSupervisorFederationDomainCRDValidations_Parallel(t *testing.T) { if minor >= 29 && minor <= 33 && len(tt.wantCELErrorsForKube29Through33Inclusive) > 0 { wantErr = append(wantErr, tt.wantCELErrorsForKube29Through33Inclusive...) } - if minor >= 29 && len(tt.wantCELErrorsForKube29OrNewer) > 0 { - wantErr = append(wantErr, tt.wantCELErrorsForKube29OrNewer...) + if minor >= 29 && minor <= 34 && len(tt.wantCELErrorsForKube29Through34Inclusive) > 0 { + wantErr = append(wantErr, tt.wantCELErrorsForKube29Through34Inclusive...) } if minor >= 34 && len(tt.wantCELErrorsForKube34OrNewer) > 0 { wantErr = append(wantErr, tt.wantCELErrorsForKube34OrNewer...) } + if minor >= 35 && len(tt.wantCELErrorsForKube35OrNewer) > 0 { + wantErr = append(wantErr, tt.wantCELErrorsForKube35OrNewer...) + } // Did not want any error. if len(wantErr) == 0 {