Try improving help texts a little. (#284)

* Try improving help texts a little. * hint to cluster inputs * hint to cluster inputs --------- Co-authored-by: Stefan Majer <[email protected]>
fi-ts · Feb 1, 2024 · 2673a83 · 2673a83
1 parent 6e9bbda
commit 2673a83
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 8 deletions.
diff --git a/cmd/cluster.go b/cmd/cluster.go
@@ -263,7 +263,7 @@ func newClusterCmd(c *config) *cobra.Command {
 	clusterCreateCmd.Flags().BoolP("disable-forwarding-to-upstream-dns", "", false, "disables direct forwarding of queries to external dns servers when node-local-dns is enabled. All dns queries will go through coredns. [optional].")
 	clusterCreateCmd.Flags().StringSlice("kube-apiserver-acl-allowed-cidrs", []string{}, "comma-separated list of external CIDRs allowed to connect to the kube-apiserver (e.g. \"212.34.68.0/24,212.34.89.0/27\")")
 	clusterCreateCmd.Flags().Bool("enable-kube-apiserver-acl", false, "restricts access from outside to the kube-apiserver to the source ip addresses set by --kube-apiserver-acl-allowed-cidrs [optional].")
-	clusterCreateCmd.Flags().String("network-isolation", "", "restricts access to the outside networks, can be one of baseline|restricted|isolated. Baseline defines no restriction, restricted will by default only allow external traffic to strictly required destinations, own cluster wide networkpolicies are possible, forbidden does not allow cluster wide networkpolicies to external networks.[optional]. Please consult the documentation for detailed description.")
+	clusterCreateCmd.Flags().String("network-isolation", "", "defines restrictions to external network communication for the cluster, can be one of baseline|restricted|isolated. baseline sets no special restrictions to external networks, restricted by default only allows external traffic to explicitly allowed destinations, forbidden disallows communication with external networks except for a limited set of networks. Please consult the documentation for detailed descriptions of the individual modes as these cannot be altered anymore after creation. [optional]")
 
 	must(clusterCreateCmd.MarkFlagRequired("name"))
 	must(clusterCreateCmd.MarkFlagRequired("project"))
@@ -291,9 +291,9 @@ func newClusterCmd(c *config) *cobra.Command {
 	}))
 	must(clusterCreateCmd.RegisterFlagCompletionFunc("network-isolation", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
 		return []string{
-			models.V1ClusterCreateRequestNetworkAccessTypeBaseline + "\tunrestricted network access for outgoing traffic, service type loadbalancer possible in all networks",
-			models.V1ClusterCreateRequestNetworkAccessTypeRestricted + "\tonly strictly required network access for outgoing traffic possible, own cluster wide network policies possible, service type loadbalancer possible in all networks",
-			models.V1ClusterCreateRequestNetworkAccessTypeForbidden + "\tonly strictly required network access for outgoing traffic possible, own cluster wide network policies not possible, service type loadbalancer possible only in private networks",
+			models.V1ClusterCreateRequestNetworkAccessTypeBaseline + "\tno special restrictions for external network traffic, service type loadbalancer possible in all networks",
+			models.V1ClusterCreateRequestNetworkAccessTypeRestricted + "\texternal network traffic needs to be allowed explicitly, own cluster wide network policies possible, service type loadbalancer possible in all networks",
+			models.V1ClusterCreateRequestNetworkAccessTypeForbidden + "\texternal network traffic is not possible except for allowed networks , own cluster wide network policies not possible, service type loadbalancer possible only in allowed networks, for the allowed networks please see cluster inputs",
 		}, cobra.ShellCompDirectiveNoFileComp
 	}))
 
@@ -503,8 +503,8 @@ func (c *config) clusterCreate() error {
 			fmt.Printf(`
 WARNING: You are going to create a cluster which has no internet access with the following consequences:
 - pulling images is only possible from private registries you provide, these registries must be resolvable from the public dns and must be secured with a trusted TLS certificate
-- service type loadbalancer can only be created in networks which are not internet facing
-- cluster wide network policies can only be created in networks which are not internet facing
+- service type loadbalancer can only be created in networks which are specified in the allowed networks (see cluster inputs)
+- cluster wide network policies can only be created in certain network ranges whichspecified in the allowed networks (see cluster inputs)
 - It is not possible to change this cluster back to %q after creation
 `, models.V1ClusterCreateRequestNetworkAccessTypeBaseline)
 			err := helper.Prompt("Are you sure? (y/n)", "y")

diff --git a/cmd/output/shootprinter.go b/cmd/output/shootprinter.go
@@ -148,11 +148,11 @@ func (s ShootIssuesTablePrinter) Print(data []*models.V1ClusterResponse) {
 
 func shootData(shoot *models.V1ClusterResponse, withIssues bool) ([]string, []string, []string) {
 	shootStats := newShootStats(shoot.Status)
-	if (*shoot).KubeAPIServerACL != nil && !*shoot.KubeAPIServerACL.Disabled {
+	if shoot.KubeAPIServerACL != nil && !*shoot.KubeAPIServerACL.Disabled {
 		shootStats.apiServer += "🔒"
 	}
 	name := *shoot.Name
-	if (*shoot).NetworkAccessType != nil {
+	if shoot.NetworkAccessType != nil {
 		if *shoot.NetworkAccessType == models.V1ClusterCreateRequestNetworkAccessTypeForbidden {
 			name = color.RedString(name)
 		}