From b1ad3418b011a107f1858df3cb3143688f7c67f9 Mon Sep 17 00:00:00 2001 From: Michael Kotelnikov <36506417+michaelkotelnikov@users.noreply.github.com> Date: Mon, 3 Jul 2023 19:51:49 +0000 Subject: [PATCH] fix: Change disallowed application destination message (#14284) (#14307) * change disallowed application destinations message Signed-off-by: michaelkot97 * Changed e2e tests Signed-off-by: michaelkot97 --------- Signed-off-by: michaelkot97 --- test/e2e/app_management_ns_test.go | 2 +- test/e2e/app_management_test.go | 6 +++--- util/argo/argo.go | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/test/e2e/app_management_ns_test.go b/test/e2e/app_management_ns_test.go index a6065aa8c195a..15cbd43534025 100644 --- a/test/e2e/app_management_ns_test.go +++ b/test/e2e/app_management_ns_test.go @@ -1179,7 +1179,7 @@ func TestNamespacedPermissions(t *testing.T) { Create() sourceError := fmt.Sprintf("application repo %s is not permitted in project 'argo-project'", RepoURL(RepoURLTypeFile)) - destinationError := fmt.Sprintf("application destination {%s %s} is not permitted in project 'argo-project'", KubernetesInternalAPIServerAddr, DeploymentNamespace()) + destinationError := fmt.Sprintf("application destination server '%s' and namespace '%s' do not match any of the allowed destinations in project 'argo-project'", KubernetesInternalAPIServerAddr, DeploymentNamespace()) appCtx. Path("guestbook-logs"). diff --git a/test/e2e/app_management_test.go b/test/e2e/app_management_test.go index 6bf4cc18312d0..054d02407a100 100644 --- a/test/e2e/app_management_test.go +++ b/test/e2e/app_management_test.go @@ -1472,7 +1472,7 @@ func TestPermissions(t *testing.T) { Create() sourceError := fmt.Sprintf("application repo %s is not permitted in project 'argo-project'", RepoURL(RepoURLTypeFile)) - destinationError := fmt.Sprintf("application destination {%s %s} is not permitted in project 'argo-project'", KubernetesInternalAPIServerAddr, DeploymentNamespace()) + destinationError := fmt.Sprintf("application destination server '%s' and namespace '%s' do not match any of the allowed destinations in project 'argo-project'", KubernetesInternalAPIServerAddr, DeploymentNamespace()) appCtx. Path("guestbook-logs"). @@ -1628,7 +1628,7 @@ func TestPermissionDeniedWithNegatedNamespace(t *testing.T) { IgnoreErrors(). CreateApp(). Then(). - Expect(Error("", "is not permitted in project")) + Expect(Error("", "do not match any of the allowed destinations in project")) } func TestPermissionDeniedWithNegatedServer(t *testing.T) { @@ -1655,7 +1655,7 @@ func TestPermissionDeniedWithNegatedServer(t *testing.T) { IgnoreErrors(). CreateApp(). Then(). - Expect(Error("", "is not permitted in project")) + Expect(Error("", "do not match any of the allowed destinations in project")) } // make sure that if we deleted a resource from the app, it is not pruned if annotated with Prune=false diff --git a/util/argo/argo.go b/util/argo/argo.go index 5319fb6fbb277..a91b64a1e51d1 100644 --- a/util/argo/argo.go +++ b/util/argo/argo.go @@ -585,7 +585,7 @@ func ValidatePermissions(ctx context.Context, spec *argoappv1.ApplicationSpec, p if !permitted { conditions = append(conditions, argoappv1.ApplicationCondition{ Type: argoappv1.ApplicationConditionInvalidSpecError, - Message: fmt.Sprintf("application destination {%s %s} is not permitted in project '%s'", spec.Destination.Server, spec.Destination.Namespace, spec.Project), + Message: fmt.Sprintf("application destination server '%s' and namespace '%s' do not match any of the allowed destinations in project '%s'", spec.Destination.Server, spec.Destination.Namespace, spec.Project), }) } // Ensure the k8s cluster the app is referencing, is configured in Argo CD