From 5b2c1dde79d3df4e5711eb42d4d86ff80cfcd285 Mon Sep 17 00:00:00 2001
From: Jon Huhn <nojnhuh@users.noreply.github.com>
Date: Wed, 8 Jan 2025 11:06:36 -0600
Subject: [PATCH] Add namespace to DRA adminAccess ValidatingAdmissionPolicy
 message

---
 test/e2e/dra/dra.go                                           | 2 +-
 .../dra/test-driver/deploy/example/admin-access-policy.yaml   | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/test/e2e/dra/dra.go b/test/e2e/dra/dra.go
index c90eac646d7..0aa0456df55 100644
--- a/test/e2e/dra/dra.go
+++ b/test/e2e/dra/dra.go
@@ -922,7 +922,7 @@ var _ = framework.SIGDescribe("node")("DRA", feature.DynamicResourceAllocation,
 			claim.Spec.Devices.Requests[0].AdminAccess = ptr.To(true)
 			_, claimTemplate := b.podInline()
 			claimTemplate.Spec.Spec.Devices.Requests[0].AdminAccess = ptr.To(true)
-			matchVAPError := gomega.MatchError(gomega.ContainSubstring("admin access to devices not enabled" /* in namespace " + b.f.Namespace.Name */))
+			matchVAPError := gomega.MatchError(gomega.ContainSubstring("admin access to devices not enabled in namespace " + b.f.Namespace.Name))
 			gomega.Eventually(ctx, func(ctx context.Context) error {
 				// First delete, in case that it succeeded earlier.
 				if err := b.f.ClientSet.ResourceV1beta1().ResourceClaims(b.f.Namespace.Name).Delete(ctx, claim.Name, metav1.DeleteOptions{}); err != nil && !apierrors.IsNotFound(err) {
diff --git a/test/e2e/dra/test-driver/deploy/example/admin-access-policy.yaml b/test/e2e/dra/test-driver/deploy/example/admin-access-policy.yaml
index 822b1c7d991..52529babcc5 100644
--- a/test/e2e/dra/test-driver/deploy/example/admin-access-policy.yaml
+++ b/test/e2e/dra/test-driver/deploy/example/admin-access-policy.yaml
@@ -25,7 +25,7 @@ spec:
   validations:
     - expression: '! object.spec.devices.requests.exists(e, has(e.adminAccess) && e.adminAccess)'
       reason: Forbidden
-      messageExpression: '"admin access to devices not enabled"' # in namespace " + object.metadata.namespace' - need to use __namespace__, but somehow that also doesn't work.
+      messageExpression: '"admin access to devices not enabled in namespace " + namespaceObject.metadata.name'
 ---
 apiVersion: admissionregistration.k8s.io/v1
 kind: ValidatingAdmissionPolicyBinding
@@ -55,7 +55,7 @@ spec:
   validations:
     - expression: '! object.spec.spec.devices.requests.exists(e, has(e.adminAccess) && e.adminAccess)'
       reason: Forbidden
-      messageExpression: '"admin access to devices not enabled"' # in namespace " + object.metadata.namespace' - need to use __namespace__, but somehow that also doesn't work.
+      messageExpression: '"admin access to devices not enabled in namespace " + namespaceObject.metadata.name'
 ---
 apiVersion: admissionregistration.k8s.io/v1
 kind: ValidatingAdmissionPolicyBinding