update integration test expectations for k8s 1.35 libs

2025-12-23 06:15:47 +00:00 · 2025-12-19 13:57:12 -08:00
parent bc88faa50d
commit b04ae898ca
2 changed files with 9 additions and 20 deletions
--- a/test/integration/concierge_impersonation_proxy_test.go
+++ b/test/integration/concierge_impersonation_proxy_test.go
@@ -777,26 +777,15 @@ func TestImpersonationProxy(t *testing.T) { //nolint:gocyclo // yeah, it's compl
 			})

 			_, errUID := testlib.NewKubeclient(t, nestedImpersonationUIDOnly).Kubernetes.CoreV1().Secrets("foo").Get(ctx, "bar", metav1.GetOptions{})
-			msg := `Internal Server Error: "/api/v1/namespaces/foo/secrets/bar": requested [{UID  some-awesome-uid  authentication.k8s.io/v1  }] without impersonating a user`
-			full := fmt.Sprintf(`an error on the server (%q) has prevented the request from succeeding (get secrets bar)`, msg)
-			require.EqualError(t, errUID, full)
-			require.True(t, apierrors.IsInternalError(errUID), errUID)
+			msg := `requested [{UID  some-awesome-uid  authentication.k8s.io/v1  }] without impersonating a user`
+			require.EqualError(t, errUID, msg)
+			require.True(t, apierrors.IsBadRequest(errUID), errUID) // starting in k8s 1.35 libs, this was changed from internal error to bad request
 			require.Equal(t, &apierrors.StatusError{
 				ErrStatus: metav1.Status{
-					Status: metav1.StatusFailure,
-					Code:   http.StatusInternalServerError,
-					Reason: metav1.StatusReasonInternalError,
-					Details: &metav1.StatusDetails{
-						Name: "bar",
-						Kind: "secrets",
-						Causes: []metav1.StatusCause{
-							{
-								Type:    metav1.CauseTypeUnexpectedServerResponse,
-								Message: msg,
-							},
-						},
-					},
-					Message: full,
+					Status:  metav1.StatusFailure,
+					Code:    http.StatusBadRequest,
+					Reason:  metav1.StatusReasonBadRequest,
+					Message: msg,
 				},
 			}, errUID)

@@ -1408,7 +1397,7 @@ func TestImpersonationProxy(t *testing.T) { //nolint:gocyclo // yeah, it's compl

 					whoami, errWho := impersonationProxyAdminRestClientAsAnonymous.Post().Body([]byte(`{}`)).AbsPath("/apis/identity.concierge." + env.APIGroupSuffix + "/v1alpha1/whoamirequests").DoRaw(ctx)
 					require.NoError(t, errWho, testlib.Sdump(errWho))
-					require.True(t, strings.HasPrefix(string(whoami), `{"kind":"WhoAmIRequest","apiVersion":"identity.concierge.`+env.APIGroupSuffix+`/v1alpha1","metadata":{"creationTimestamp":null},"spec":{},"status":{"kubernetesUserInfo":{"user":{"username":"system:anonymous","groups":["system:unauthenticated"],"extra":{"original-user-info.impersonation-proxy.concierge.pinniped.dev":["{\"username\":`), string(whoami))
+					require.True(t, strings.HasPrefix(string(whoami), `{"kind":"WhoAmIRequest","apiVersion":"identity.concierge.`+env.APIGroupSuffix+`/v1alpha1","metadata":{},"spec":{},"status":{"kubernetesUserInfo":{"user":{"username":"system:anonymous","groups":["system:unauthenticated"],"extra":{"original-user-info.impersonation-proxy.concierge.pinniped.dev":["{\"username\":`), string(whoami))

 					healthz, errHealth := impersonationProxyAdminRestClientAsAnonymous.Get().AbsPath("/healthz").DoRaw(ctx)
 					require.NoError(t, errHealth, testlib.Sdump(errHealth))
--- a/test/integration/supervisor_oidcclientsecret_test.go
+++ b/test/integration/supervisor_oidcclientsecret_test.go
@@ -261,7 +261,7 @@ func TestKubectlOIDCClientSecretRequest_Parallel(t *testing.T) {
 			if tt.wantErr != "" {
 				require.EqualError(t, err, tt.wantErr)
 			} else {
-				require.NoError(t, err)
+				require.NoError(t, err, "got stdout:\n%s\ngot stderr:\n%s", stdOut.String(), stdErr.String())
 			}

 			tt.assertOnStdOut(t, oidcClient.Name, stdOut.String())