From 4b237a40c1ac58d6e2d60f7cbc6838b4a001c812 Mon Sep 17 00:00:00 2001
From: Todd Short <tshort@redhat.com>
Date: Wed, 7 May 2025 10:56:36 -0400
Subject: [PATCH] Add comments regarding external testing for preflight

There've been a number of changes to the preflight pre-auth conditon
message that have broken external tests. Those tests are being fixed
but we want to ensure maintainers are cautious here.

Signed-off-by: Todd Short <tshort@redhat.com>
---
 internal/operator-controller/applier/helm.go | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/internal/operator-controller/applier/helm.go b/internal/operator-controller/applier/helm.go
index 99d937308..7691989e6 100644
--- a/internal/operator-controller/applier/helm.go
+++ b/internal/operator-controller/applier/helm.go
@@ -103,12 +103,14 @@ func (h *Helm) runPreAuthorizationChecks(ctx context.Context, ext *ocv1.ClusterE
 			}
 		}
 		slices.Sort(missingRuleDescriptions)
+		// This phrase is explicitly checked by external testing
 		preAuthErrors = append(preAuthErrors, fmt.Errorf("service account requires the following permissions to manage cluster extension:\n  %s", strings.Join(missingRuleDescriptions, "\n  ")))
 	}
 	if authErr != nil {
 		preAuthErrors = append(preAuthErrors, fmt.Errorf("authorization evaluation error: %w", authErr))
 	}
 	if len(preAuthErrors) > 0 {
+		// This phrase is explicitly checked by external testing
 		return fmt.Errorf("pre-authorization failed: %v", errors.Join(preAuthErrors...))
 	}
 	return nil