chore: fix 'publicly accessible' wording (#242)

## Issue
Resolves #240

## Description
Reword misleading usages of the term 'publicly accessible'.

Signed-off-by: Tyler Gillson <[email protected]>

Author: TylerGillson

README.md

@@ -17,7 +17,7 @@ The Network validator plugin reconciles `NetworkValidator` custom resources to p
 3. Validate TCP connections to arbitrary host + port(s), optionally through an HTTP proxy
 4. Check each IP in a given range (starting IP + next N IPs) to ensure that they're all unallocated
 5. Check that the default NIC has an MTU of at least X, where X is the provided MTU
-6. Check that each file in a list of URLs is available and publicly accessible by any HTTP client, unless the client were behind a firewall that would prevent it from connecting to the host in the URL.
+6. Check that each file in a list of URLs is available via an HTTP HEAD request, optionally with HTTP basic authentication.
 
 Each `NetworkValidator` CR is (re)-processed every two minutes to continuously ensure that your network matches the expected state.
 

api/v1alpha1/networkvalidator_types.go

@@ -44,7 +44,7 @@ type NetworkValidatorSpec struct {
 	// +kubebuilder:validation:MaxItems=5
 	// +kubebuilder:validation:XValidation:message="TCPConnRules must have unique names",rule="self.all(e, size(self.filter(x, x.name == e.name)) == 1)"
 	TCPConnRules []TCPConnRule `json:"tcpConnRules,omitempty" yaml:"tcpConnRules,omitempty"`
-	// HTTPFileRules validate that files are publicly available via HTTP
+	// HTTPFileRules validate that files are available via HTTP HEAD requests
 	// +kubebuilder:validation:MaxItems=5
 	// +kubebuilder:validation:XValidation:message="HTTPFileRules must have unique names",rule="self.all(e, size(self.filter(x, x.name == e.name)) == 1)"
 	HTTPFileRules []HTTPFileRule `json:"httpFileRules,omitempty" yaml:"httpFileRules,omitempty"`

chart/validator-plugin-network/crds/validation.spectrocloud.labs_networkvalidators.yaml

@@ -97,8 +97,8 @@ spec:
                 - message: DNSRules must have unique names
                   rule: self.all(e, size(self.filter(x, x.name == e.name)) == 1)
               httpFileRules:
-                description: HTTPFileRules validate that files are publicly available
-                  via HTTP
+                description: HTTPFileRules validate that files are available via HTTP
+                  HEAD requests
                 items:
                   description: HTTPFileRule defines an HTTP file rule. A unique rule
                     must be created for each host requiring HTTP basic authentication.

config/crd/bases/validation.spectrocloud.labs_networkvalidators.yaml

@@ -97,8 +97,8 @@ spec:
                 - message: DNSRules must have unique names
                   rule: self.all(e, size(self.filter(x, x.name == e.name)) == 1)
               httpFileRules:
-                description: HTTPFileRules validate that files are publicly available
-                  via HTTP
+                description: HTTPFileRules validate that files are available via HTTP
+                  HEAD requests
                 items:
                   description: HTTPFileRule defines an HTTP file rule. A unique rule
                     must be created for each host requiring HTTP basic authentication.

pkg/network/network.go

@@ -218,23 +218,23 @@ func (n *RuleService) ReconcileHTTPFileRule(rule v1alpha1.HTTPFileRule) *types.V
 
 	// Build the default ValidationResult for this HTTP file rule
 	vr := BuildValidationResult(rule, constants.ValidationTypeHTTPFile)
-	vr.Condition.Message = "All files are publicly accessible."
+	vr.Condition.Message = "All files are accessible."
 	vr.Condition.Details = append(vr.Condition.Details, fmt.Sprintf(
-		"Ensuring that files %v are publicly accessible.",
+		"Ensuring that files %v are accessible.",
 		rule.Paths,
 	))
 
 	for _, path := range rule.Paths {
 		checkFileErrMsg, err := n.checkFile(path)
 		if err != nil {
-			vr.Condition.Failures = append(vr.Condition.Failures, fmt.Sprintf("failed to check file '%s': %s", path, err))
+			vr.Condition.Failures = append(vr.Condition.Failures, fmt.Sprintf("failed to check file %s: %s", path, err))
 			continue
 		}
 		if checkFileErrMsg != "" {
-			vr.Condition.Failures = append(vr.Condition.Failures, fmt.Sprintf("file '%s' is not publicly accessible; %s", path, checkFileErrMsg))
+			vr.Condition.Failures = append(vr.Condition.Failures, fmt.Sprintf("file %s is not accessible; %s", path, checkFileErrMsg))
 			continue
 		}
-		vr.Condition.Details = append(vr.Condition.Details, fmt.Sprintf("File '%s' is publicly accessible.", path))
+		vr.Condition.Details = append(vr.Condition.Details, fmt.Sprintf("File %s is accessible.", path))
 	}
 
 	if len(vr.Condition.Failures) > 0 {

pkg/network/network_test.go

@@ -37,10 +37,10 @@ func TestReconcileHTTPFileRule(t *testing.T) {
 				Condition: &vapi.ValidationCondition{
 					ValidationType: "http-file",
 					ValidationRule: "rule-1",
-					Message:        "All files are publicly accessible.",
+					Message:        "All files are accessible.",
 					Details: []string{
-						"Ensuring that files [{{serverUrl}}/file1] are publicly accessible.",
-						"File '{{serverUrl}}/file1' is publicly accessible.",
+						"Ensuring that files [{{serverUrl}}/file1] are accessible.",
+						"File {{serverUrl}}/file1 is accessible.",
 					},
 					Failures: []string{},
 					Status:   corev1.ConditionTrue,
@@ -61,11 +61,11 @@ func TestReconcileHTTPFileRule(t *testing.T) {
 				Condition: &vapi.ValidationCondition{
 					ValidationType: "http-file",
 					ValidationRule: "rule-1",
-					Message:        "All files are publicly accessible.",
+					Message:        "All files are accessible.",
 					Details: []string{
-						"Ensuring that files [{{serverUrl}}/file1 {{serverUrl}}/file2] are publicly accessible.",
-						"File '{{serverUrl}}/file1' is publicly accessible.",
-						"File '{{serverUrl}}/file2' is publicly accessible.",
+						"Ensuring that files [{{serverUrl}}/file1 {{serverUrl}}/file2] are accessible.",
+						"File {{serverUrl}}/file1 is accessible.",
+						"File {{serverUrl}}/file2 is accessible.",
 					},
 					Failures: []string{},
 					Status:   corev1.ConditionTrue,
@@ -99,10 +99,10 @@ func TestReconcileHTTPFileRule(t *testing.T) {
 					ValidationRule: "rule-1",
 					Message:        "HTTPFile check(s) failed. See failures for details.",
 					Details: []string{
-						"Ensuring that files [{{serverUrl}}/file1] are publicly accessible.",
+						"Ensuring that files [{{serverUrl}}/file1] are accessible.",
 					},
 					Failures: []string{
-						`failed to check file '{{serverUrl}}/file1': failed to send HTTP request: Head "{{serverUrl}}/file1": EOF`,
+						`failed to check file {{serverUrl}}/file1: failed to send HTTP request: Head "{{serverUrl}}/file1": EOF`,
 					},
 					Status: corev1.ConditionFalse,
 				},
@@ -124,10 +124,10 @@ func TestReconcileHTTPFileRule(t *testing.T) {
 					ValidationRule: "rule-1",
 					Message:        "HTTPFile check(s) failed. See failures for details.",
 					Details: []string{
-						"Ensuring that files [{{serverUrl}}/file1] are publicly accessible.",
+						"Ensuring that files [{{serverUrl}}/file1] are accessible.",
 					},
 					Failures: []string{
-						"file '{{serverUrl}}/file1' is not publicly accessible; '404' status code in response to HEAD request",
+						"file {{serverUrl}}/file1 is not accessible; '404' status code in response to HEAD request",
 					},
 					Status: corev1.ConditionFalse,
 				},

pkg/secrets/secrets.go

@@ -23,7 +23,7 @@ func ReadKeys(name, namespace string, keys []string, reader client.Reader) ([][]
 	for i, k := range keys {
 		data, ok := secret.Data[k]
 		if !ok {
-			return nil, fmt.Errorf("secret %s/%s does not contain key '%s'", name, namespace, k)
+			return nil, fmt.Errorf("secret %s/%s does not contain key %s", name, namespace, k)
 		}
 		values[i] = data
 	}