diff --git a/aio/aio-builds-setup/dockerbuild/scripts-js/lib/verify-setup/constants.ts b/aio/aio-builds-setup/dockerbuild/scripts-js/lib/verify-setup/constants.ts
new file mode 100644
index 0000000000..ab5acb07cb
--- /dev/null
+++ b/aio/aio-builds-setup/dockerbuild/scripts-js/lib/verify-setup/constants.ts
@@ -0,0 +1,10 @@
+// Using the values below, we can fake the response of the corresponding methods in tests. This is
+// necessary, because the test upload-server will be running as a separate node process, so we will
+// not have direct access to the code (e.g. for mocking).
+// (See also 'lib/verify-setup/start-test-upload-server.ts'.)
+
+// Special values to be used as `authHeader` in `BuildVerifier#verify()`.
+/* tslint:disable: variable-name */
+export const BV_verify_error = 'FAKE_VERIFICATION_ERROR';
+export const BV_verify_verifiedNotTrusted = 'FAKE_VERIFIED_NOT_TRUSTED';
+/* tslint:enable: variable-name */
diff --git a/aio/aio-builds-setup/dockerbuild/scripts-js/lib/verify-setup/server-integration.e2e.ts b/aio/aio-builds-setup/dockerbuild/scripts-js/lib/verify-setup/server-integration.e2e.ts
index 151b6adbac..880084da76 100644
--- a/aio/aio-builds-setup/dockerbuild/scripts-js/lib/verify-setup/server-integration.e2e.ts
+++ b/aio/aio-builds-setup/dockerbuild/scripts-js/lib/verify-setup/server-integration.e2e.ts
@@ -1,5 +1,6 @@
 // Imports
 import * as path from 'path';
+import * as c from './constants';
 import {helper as h} from './helper';
 
 // Tests
@@ -14,9 +15,6 @@ h.runForAllSupportedSchemes((scheme, port) => describe(`integration (on ${scheme
   const getFile = (pr: string, sha: string, file: string) =>
     h.runCmd(`curl -iL ${scheme}://pr${pr}-${h.getShordSha(sha)}.${host}/${file}`);
   const uploadBuild = (pr: string, sha: string, archive: string, authHeader = 'Token FOO') => {
-    // Using `FAKE_VERIFICATION_ERROR` or `FAKE_VERIFIED_NOT_TRUSTED` as `authHeader`,
-    // we can fake the response of the overwritten `BuildVerifier.verify()` method.
-    // (See 'lib/upload-server/index-test.ts'.)
     const curlPost = `curl -iLX POST --header "Authorization: ${authHeader}"`;
     return h.runCmd(`${curlPost} --data-binary "@${archive}" ${scheme}://${host}/create-build/${pr}/${sha}`);
   };
@@ -54,7 +52,7 @@ h.runForAllSupportedSchemes((scheme, port) => describe(`integration (on ${scheme
 
       h.createDummyArchive(pr9, sha9, archivePath);
 
-      uploadBuild(pr9, sha9, archivePath, 'FAKE_VERIFIED_NOT_TRUSTED').
+      uploadBuild(pr9, sha9, archivePath, c.BV_verify_verifiedNotTrusted).
         then(() => Promise.all([
           getFile(pr9, sha9, 'index.html').then(h.verifyResponse(404)),
           getFile(pr9, sha9, 'foo/bar.js').then(h.verifyResponse(404)),
@@ -74,7 +72,7 @@ h.runForAllSupportedSchemes((scheme, port) => describe(`integration (on ${scheme
 
       h.createDummyArchive(pr9, sha9, archivePath);
 
-      uploadBuild(pr9, sha9, archivePath, 'FAKE_VERIFICATION_ERROR').
+      uploadBuild(pr9, sha9, archivePath, c.BV_verify_error).
         then(h.verifyResponse(403, errorRegex9)).
         then(() => {
           expect(h.buildExists(pr9)).toBe(false);
@@ -123,7 +121,7 @@ h.runForAllSupportedSchemes((scheme, port) => describe(`integration (on ${scheme
       h.createDummyBuild(pr9, sha0, false);
       h.createDummyArchive(pr9, sha9, archivePath);
 
-      uploadBuild(pr9, sha9, archivePath, 'FAKE_VERIFIED_NOT_TRUSTED').
+      uploadBuild(pr9, sha9, archivePath, c.BV_verify_verifiedNotTrusted).
         then(() => Promise.all([
           getFile(pr9, sha0, 'index.html').then(h.verifyResponse(404)),
           getFile(pr9, sha0, 'foo/bar.js').then(h.verifyResponse(404)),
@@ -148,7 +146,7 @@ h.runForAllSupportedSchemes((scheme, port) => describe(`integration (on ${scheme
       h.createDummyBuild(pr9, sha0);
       h.createDummyArchive(pr9, sha9, archivePath);
 
-      uploadBuild(pr9, sha9, archivePath, 'FAKE_VERIFICATION_ERROR').
+      uploadBuild(pr9, sha9, archivePath, c.BV_verify_error).
         then(h.verifyResponse(403, errorRegex9)).
         then(() => {
           expect(h.buildExists(pr9)).toBe(true);
@@ -186,7 +184,7 @@ h.runForAllSupportedSchemes((scheme, port) => describe(`integration (on ${scheme
       h.createDummyBuild(pr9, sha9, false);
       h.createDummyArchive(pr9, sha9, archivePath);
 
-      uploadBuild(pr9, sha9, archivePath, 'FAKE_VERIFIED_NOT_TRUSTED').
+      uploadBuild(pr9, sha9, archivePath, c.BV_verify_verifiedNotTrusted).
         then(h.verifyResponse(409)).
         then(() => {
           expect(h.readBuildFile(pr9, sha9, 'index.html', false)).toMatch(idxContentRegex9);
diff --git a/aio/aio-builds-setup/dockerbuild/scripts-js/lib/verify-setup/start-test-upload-server.ts b/aio/aio-builds-setup/dockerbuild/scripts-js/lib/verify-setup/start-test-upload-server.ts
index ce3fb3c34b..d649a902d0 100644
--- a/aio/aio-builds-setup/dockerbuild/scripts-js/lib/verify-setup/start-test-upload-server.ts
+++ b/aio/aio-builds-setup/dockerbuild/scripts-js/lib/verify-setup/start-test-upload-server.ts
@@ -2,16 +2,17 @@
 import {GithubPullRequests} from '../common/github-pull-requests';
 import {BUILD_VERIFICATION_STATUS, BuildVerifier} from '../upload-server/build-verifier';
 import {UploadError} from '../upload-server/upload-error';
+import * as c from './constants';
 
 // Run
 // TODO(gkalpak): Add e2e tests to cover these interactions as well.
 GithubPullRequests.prototype.addComment = () => Promise.resolve();
 BuildVerifier.prototype.verify = (expectedPr: number, authHeader: string) => {
   switch (authHeader) {
-    case 'FAKE_VERIFICATION_ERROR':
+    case c.BV_verify_error:
       // For e2e tests, fake a verification error.
       return Promise.reject(new UploadError(403, `Error while verifying upload for PR ${expectedPr}: Test`));
-    case 'FAKE_VERIFIED_NOT_TRUSTED':
+    case c.BV_verify_verifiedNotTrusted:
       // For e2e tests, fake a `verifiedNotTrusted` verification status.
       return Promise.resolve(BUILD_VERIFICATION_STATUS.verifiedNotTrusted);
     default:
diff --git a/aio/aio-builds-setup/dockerbuild/scripts-js/lib/verify-setup/upload-server.e2e.ts b/aio/aio-builds-setup/dockerbuild/scripts-js/lib/verify-setup/upload-server.e2e.ts
index 4bc4621555..2b59df69c5 100644
--- a/aio/aio-builds-setup/dockerbuild/scripts-js/lib/verify-setup/upload-server.e2e.ts
+++ b/aio/aio-builds-setup/dockerbuild/scripts-js/lib/verify-setup/upload-server.e2e.ts
@@ -1,6 +1,7 @@
 // Imports
 import * as fs from 'fs';
 import * as path from 'path';
+import * as c from './constants';
 import {CmdResult, helper as h} from './helper';
 
 // Tests
@@ -63,7 +64,7 @@ describe('upload-server (on HTTP)', () => {
 
 
     it('should reject requests for which the PR verification fails', done => {
-      const headers = `--header "Authorization: FAKE_VERIFICATION_ERROR" ${xFileHeader}`;
+      const headers = `--header "Authorization: ${c.BV_verify_error}" ${xFileHeader}`;
       const url = `http://${host}/create-build/${pr}/${sha9}`;
       const bodyRegex = new RegExp(`Error while verifying upload for PR ${pr}: Test`);
 
@@ -107,7 +108,7 @@ describe('upload-server (on HTTP)', () => {
 
     [true, false].forEach(isPublic => describe(`(for ${isPublic ? 'public' : 'hidden'} builds)`, () => {
       const authorizationHeader2 = isPublic ?
-        authorizationHeader : '--header "Authorization: FAKE_VERIFIED_NOT_TRUSTED"';
+        authorizationHeader : `--header "Authorization: ${c.BV_verify_verifiedNotTrusted}"`;
       const cmdPrefix = curl('', `${authorizationHeader2} ${xFileHeader}`);