message tweaks for kube

openshift · Sep 1, 2017 · 1e3e781 · 1e3e781
1 parent aae0e22
commit 1e3e781
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 11 deletions.
diff --git a/test/integration/authorization_test.go b/test/integration/authorization_test.go
@@ -1174,17 +1174,17 @@ func TestAuthorizationSubjectAccessReview(t *testing.T) {
 		localReview:       askCanEdgarDeletePods,
 		kubeAuthInterface: haroldSARGetter,
 		kubeNamespace:     "mallet-project",
-		err:               `User "harold" cannot create localsubjectaccessreviews in project "mallet-project"`,
-		kubeErr:           `User "harold" cannot create localsubjectaccessreviews.authorization.k8s.io in project "mallet-project"`,
+		err:               `User "harold" cannot create localsubjectaccessreviews in the namespace "mallet-project"`,
+		kubeErr:           `User "harold" cannot create localsubjectaccessreviews.authorization.k8s.io in the namespace "mallet-project"`,
 	}.run(t)
 	subjectAccessReviewTest{
 		description:       "system:anonymous denied ability to run subject access review in project mallet-project",
 		localInterface:    anonymousClient.LocalSubjectAccessReviews("mallet-project"),
 		localReview:       askCanEdgarDeletePods,
 		kubeAuthInterface: anonymousSARGetter,
 		kubeNamespace:     "mallet-project",
-		err:               `User "system:anonymous" cannot create localsubjectaccessreviews in project "mallet-project"`,
-		kubeErr:           `User "system:anonymous" cannot create localsubjectaccessreviews.authorization.k8s.io in project "mallet-project"`,
+		err:               `User "system:anonymous" cannot create localsubjectaccessreviews in the namespace "mallet-project"`,
+		kubeErr:           `User "system:anonymous" cannot create localsubjectaccessreviews.authorization.k8s.io in the namespace "mallet-project"`,
 	}.run(t)
 	// ensure message does not leak whether the namespace exists or not
 	subjectAccessReviewTest{
@@ -1193,17 +1193,17 @@ func TestAuthorizationSubjectAccessReview(t *testing.T) {
 		localReview:       askCanEdgarDeletePods,
 		kubeAuthInterface: haroldSARGetter,
 		kubeNamespace:     "nonexistent-project",
-		err:               `User "harold" cannot create localsubjectaccessreviews in project "nonexistent-project"`,
-		kubeErr:           `User "harold" cannot create localsubjectaccessreviews.authorization.k8s.io in project "nonexistent-project"`,
+		err:               `User "harold" cannot create localsubjectaccessreviews in the namespace "nonexistent-project"`,
+		kubeErr:           `User "harold" cannot create localsubjectaccessreviews.authorization.k8s.io in the namespace "nonexistent-project"`,
 	}.run(t)
 	subjectAccessReviewTest{
 		description:       "system:anonymous denied ability to run subject access review in project nonexistent-project",
 		localInterface:    anonymousClient.LocalSubjectAccessReviews("nonexistent-project"),
 		localReview:       askCanEdgarDeletePods,
 		kubeAuthInterface: anonymousSARGetter,
 		kubeNamespace:     "nonexistent-project",
-		err:               `User "system:anonymous" cannot create localsubjectaccessreviews in project "nonexistent-project"`,
-		kubeErr:           `User "system:anonymous" cannot create localsubjectaccessreviews.authorization.k8s.io in project "nonexistent-project"`,
+		err:               `User "system:anonymous" cannot create localsubjectaccessreviews in the namespace "nonexistent-project"`,
+		kubeErr:           `User "system:anonymous" cannot create localsubjectaccessreviews.authorization.k8s.io in the namespace "nonexistent-project"`,
 	}.run(t)
 
 	askCanHaroldUpdateProject := &authorizationapi.LocalSubjectAccessReview{

diff --git a/test/integration/bootstrap_policy_test.go b/test/integration/bootstrap_policy_test.go
@@ -112,8 +112,8 @@ func TestBootstrapPolicySelfSubjectAccessReviews(t *testing.T) {
 		localReview:       askCanClusterAdminsCreateProject,
 		kubeAuthInterface: valerieKubeClient.Authorization(),
 		kubeNamespace:     "openshift",
-		err:               `User "valerie" cannot create localsubjectaccessreviews in project "openshift"`,
-		kubeErr:           `User "valerie" cannot create localsubjectaccessreviews.authorization.k8s.io in project "openshift"`,
+		err:               `User "valerie" cannot create localsubjectaccessreviews in the namespace "openshift"`,
+		kubeErr:           `User "valerie" cannot create localsubjectaccessreviews.authorization.k8s.io in the namespace "openshift"`,
 	}.run(t)
 
 }

diff --git a/test/integration/oauth_cert_fallback_test.go b/test/integration/oauth_cert_fallback_test.go
@@ -35,7 +35,7 @@ func TestOAuthCertFallback(t *testing.T) {
 		certUser  = "system:admin"
 
 		unauthorizedError = "the server has asked for the client to provide credentials (get users ~)"
-		anonymousError    = `User "system:anonymous" cannot get users at the cluster scope`
+		anonymousError    = `User "system:anonymous" cannot get users at the cluster scope.: "User \"system:anonymous\" cannot get users at the cluster scope" (get users ~)`
 	)
 
 	// Build master config