Fix spelling in Operator docs and related protos

Related to #46191

Help us to move to a new, more scalable spell checker based on vale by
supporting spell checking in the Operator resource reference. While vale
cannot ignore specific files (unless we run the CLI on all _but_ those
files), it is possible to fine-tune a vale spell-check rule so we can
check the Operator resource reference:

- Fix specific spelling errors in some of our proto files.
- Use "Boolean" instead of "boolean" in Operator resource reference docs
  by substituting the incorrect spelling in the docs generator.
- Wrap type names and headings in backticks to avoid the vale spell
  checker. The vale spell checker ignores all content in backticks.

api/proto/teleport/accesslist/v1/accesslist.proto

@@ -82,8 +82,8 @@ message AccessListOwner {
   // owner.
   string description = 2;
 
-  // ineligible_status describes if this owner is eligible or not
-  // and if not, describes how they're lacking eligibility.
+  // describes if this owner is eligible or not and if not, describes how
+  // they're lacking eligibility.
   IneligibleStatus ineligible_status = 3;
 }
 
@@ -92,7 +92,7 @@ message AccessListAudit {
   reserved 1;
   reserved "frequency";
 
-  // next_audit_date is when the next audit date should be done by.
+  // when the next audit date should be done by.
   google.protobuf.Timestamp next_audit_date = 2;
 
   // recurrence is the recurrence definition

api/proto/teleport/legacy/types/types.proto

@@ -3116,7 +3116,7 @@ message RoleConditions {
     (gogoproto.customtype) = "Labels"
   ];
 
-  // KubernetesLabels is a map of kubernetes cluster labels used for RBAC.
+  // KubernetesLabels is a map of Kubernetes cluster labels used for RBAC.
   wrappers.LabelValues KubernetesLabels = 10 [
     (gogoproto.nullable) = false,
     (gogoproto.jsontag) = "kubernetes_labels,omitempty",
@@ -4516,7 +4516,7 @@ message OIDCConnectorSpecV3 {
   // to redirect the client back to the Teleport Proxy to complete authentication.
   // This list should match the URLs on the provider's side. The URL used for a
   // given auth request will be chosen to match the requesting Proxy's public
-  // address. If there is no match, the first url in the list will be used.
+  // address. If there is no match, the first URL in the list will be used.
   wrappers.StringValues RedirectURLs = 14 [
     (gogoproto.nullable) = false,
     (gogoproto.jsontag) = "redirect_url",

docs/pages/reference/operator-resources/resources.teleport.dev_accesslists.mdx

@@ -13,82 +13,82 @@ resource, which you can apply after installing the Teleport Kubernetes operator.
 
 ## resources.teleport.dev/v1
 
-**apiVersion:** resources.teleport.dev/v1
+`apiVersion: resources.teleport.dev/v1`
 
 |Field|Type|Description|
 |---|---|---|
-|apiVersion|string|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|
-|kind|string|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|
-|metadata|object||
-|spec|[object](#spec)|AccessList resource definition v1 from Teleport|
+|`apiVersion`|string|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|
+|`kind`|string|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|
+|`metadata`|object||
+|`spec`|[object](#spec)|AccessList resource definition v1 from Teleport|
 
-### spec
+### `spec`
 
 |Field|Type|Description|
 |---|---|---|
-|audit|[object](#specaudit)|audit describes the frequency that this access list must be audited.|
-|description|string|description is an optional plaintext description of the access list.|
-|grants|[object](#specgrants)|grants describes the access granted by membership to this access list.|
-|membership_requires|[object](#specmembership_requires)|membership_requires describes the requirements for a user to be a member of the access list. For a membership to an access list to be effective, the user must meet the requirements of Membership_requires and must be in the members list.|
-|owner_grants|[object](#specowner_grants)|owner_grants describes the access granted by owners to this access list.|
-|owners|[][object](#specowners-items)|owners is a list of owners of the access list.|
-|ownership_requires|[object](#specownership_requires)|ownership_requires describes the requirements for a user to be an owner of the access list. For ownership of an access list to be effective, the user must meet the requirements of ownership_requires and must be in the owners list.|
-|title|string|title is a plaintext short description of the access list.|
+|`audit`|[object](#specaudit)|audit describes the frequency that this access list must be audited.|
+|`description`|string|description is an optional plaintext description of the access list.|
+|`grants`|[object](#specgrants)|grants describes the access granted by membership to this access list.|
+|`membership_requires`|[object](#specmembership_requires)|membership_requires describes the requirements for a user to be a member of the access list. For a membership to an access list to be effective, the user must meet the requirements of Membership_requires and must be in the members list.|
+|`owner_grants`|[object](#specowner_grants)|owner_grants describes the access granted by owners to this access list.|
+|`owners`|[][object](#specowners-items)|owners is a list of owners of the access list.|
+|`ownership_requires`|[object](#specownership_requires)|ownership_requires describes the requirements for a user to be an owner of the access list. For ownership of an access list to be effective, the user must meet the requirements of ownership_requires and must be in the owners list.|
+|`title`|string|title is a plaintext short description of the access list.|
 
-### spec.audit
+### `spec.audit`
 
 |Field|Type|Description|
 |---|---|---|
-|next_audit_date|string|next_audit_date is when the next audit date should be done by.|
-|notifications|[object](#specauditnotifications)|notifications is the configuration for notifying users.|
-|recurrence|[object](#specauditrecurrence)|recurrence is the recurrence definition|
+|`next_audit_date`|string|when the next audit date should be done by.|
+|`notifications`|[object](#specauditnotifications)|notifications is the configuration for notifying users.|
+|`recurrence`|[object](#specauditrecurrence)|recurrence is the recurrence definition|
 
-### spec.audit.notifications
+### `spec.audit.notifications`
 
 |Field|Type|Description|
 |---|---|---|
-|start|string|start specifies when to start notifying users that the next audit date is coming up.|
+|`start`|string|start specifies when to start notifying users that the next audit date is coming up.|
 
-### spec.audit.recurrence
+### `spec.audit.recurrence`
 
 |Field|Type|Description|
 |---|---|---|
-|day_of_month|string or integer|day_of_month is the day of month that reviews will be scheduled on. Supported values are 0, 1, 15, and 31. Can be either the string or the integer representation of each option.|
-|frequency|string or integer|frequency is the frequency of reviews. This represents the period in months between two reviews. Supported values are 0, 1, 3, 6, and 12. Can be either the string or the integer representation of each option.|
+|`day_of_month`|string or integer|day_of_month is the day of month that reviews will be scheduled on. Supported values are 0, 1, 15, and 31. Can be either the string or the integer representation of each option.|
+|`frequency`|string or integer|frequency is the frequency of reviews. This represents the period in months between two reviews. Supported values are 0, 1, 3, 6, and 12. Can be either the string or the integer representation of each option.|
 
-### spec.grants
+### `spec.grants`
 
 |Field|Type|Description|
 |---|---|---|
-|roles|[]string|roles are the roles that are granted to users who are members of the access list.|
-|traits|object|traits are the traits that are granted to users who are members of the access list.|
+|`roles`|[]string|roles are the roles that are granted to users who are members of the access list.|
+|`traits`|object|traits are the traits that are granted to users who are members of the access list.|
 
-### spec.membership_requires
+### `spec.membership_requires`
 
 |Field|Type|Description|
 |---|---|---|
-|roles|[]string|roles are the user roles that must be present for the user to obtain access.|
-|traits|object|traits are the traits that must be present for the user to obtain access.|
+|`roles`|[]string|roles are the user roles that must be present for the user to obtain access.|
+|`traits`|object|traits are the traits that must be present for the user to obtain access.|
 
-### spec.owner_grants
+### `spec.owner_grants`
 
 |Field|Type|Description|
 |---|---|---|
-|roles|[]string|roles are the roles that are granted to users who are members of the access list.|
-|traits|object|traits are the traits that are granted to users who are members of the access list.|
+|`roles`|[]string|roles are the roles that are granted to users who are members of the access list.|
+|`traits`|object|traits are the traits that are granted to users who are members of the access list.|
 
-### spec.owners items
+### `spec.owners items`
 
 |Field|Type|Description|
 |---|---|---|
-|description|string|description is the plaintext description of the owner and why they are an owner.|
-|ineligible_status|string or integer|ineligible_status describes if this owner is eligible or not and if not, describes how they're lacking eligibility. Can be either the string or the integer representation of each option.|
-|name|string|name is the username of the owner.|
+|`description`|string|description is the plaintext description of the owner and why they are an owner.|
+|`ineligible_status`|string or integer|describes if this owner is eligible or not and if not, describes how they're lacking eligibility. Can be either the string or the integer representation of each option.|
+|`name`|string|name is the username of the owner.|
 
-### spec.ownership_requires
+### `spec.ownership_requires`
 
 |Field|Type|Description|
 |---|---|---|
-|roles|[]string|roles are the user roles that must be present for the user to obtain access.|
-|traits|object|traits are the traits that must be present for the user to obtain access.|
+|`roles`|[]string|roles are the user roles that must be present for the user to obtain access.|
+|`traits`|object|traits are the traits that must be present for the user to obtain access.|
 

docs/pages/reference/operator-resources/resources.teleport.dev_githubconnectors.mdx

@@ -13,40 +13,40 @@ resource, which you can apply after installing the Teleport Kubernetes operator.
 
 ## resources.teleport.dev/v3
 
-**apiVersion:** resources.teleport.dev/v3
+`apiVersion: resources.teleport.dev/v3`
 
 |Field|Type|Description|
 |---|---|---|
-|apiVersion|string|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|
-|kind|string|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|
-|metadata|object||
-|spec|[object](#spec)|GithubConnector resource definition v3 from Teleport|
+|`apiVersion`|string|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|
+|`kind`|string|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|
+|`metadata`|object||
+|`spec`|[object](#spec)|GithubConnector resource definition v3 from Teleport|
 
-### spec
+### `spec`
 
 |Field|Type|Description|
 |---|---|---|
-|api_endpoint_url|string|APIEndpointURL is the URL of the API endpoint of the Github instance this connector is for.|
-|client_id|string|ClientID is the Github OAuth app client ID.|
-|client_redirect_settings|[object](#specclient_redirect_settings)|ClientRedirectSettings defines which client redirect URLs are allowed for non-browser SSO logins other than the standard localhost ones.|
-|client_secret|string|ClientSecret is the Github OAuth app client secret. This field supports secret lookup. See the operator documentation for more details.|
-|display|string|Display is the connector display name.|
-|endpoint_url|string|EndpointURL is the URL of the GitHub instance this connector is for.|
-|redirect_url|string|RedirectURL is the authorization callback URL.|
-|teams_to_roles|[][object](#specteams_to_roles-items)|TeamsToRoles maps Github team memberships onto allowed roles.|
+|`api_endpoint_url`|string|APIEndpointURL is the URL of the API endpoint of the Github instance this connector is for.|
+|`client_id`|string|ClientID is the Github OAuth app client ID.|
+|`client_redirect_settings`|[object](#specclient_redirect_settings)|ClientRedirectSettings defines which client redirect URLs are allowed for non-browser SSO logins other than the standard localhost ones.|
+|`client_secret`|string|ClientSecret is the Github OAuth app client secret. This field supports secret lookup. See the operator documentation for more details.|
+|`display`|string|Display is the connector display name.|
+|`endpoint_url`|string|EndpointURL is the URL of the GitHub instance this connector is for.|
+|`redirect_url`|string|RedirectURL is the authorization callback URL.|
+|`teams_to_roles`|[][object](#specteams_to_roles-items)|TeamsToRoles maps Github team memberships onto allowed roles.|
 
-### spec.client_redirect_settings
+### `spec.client_redirect_settings`
 
 |Field|Type|Description|
 |---|---|---|
-|allowed_https_hostnames|[]string|a list of hostnames allowed for https client redirect URLs|
-|insecure_allowed_cidr_ranges|[]string|a list of CIDRs allowed for HTTP or HTTPS client redirect URLs|
+|`allowed_https_hostnames`|[]string|a list of hostnames allowed for https client redirect URLs|
+|`insecure_allowed_cidr_ranges`|[]string|a list of CIDRs allowed for HTTP or HTTPS client redirect URLs|
 
-### spec.teams_to_roles items
+### `spec.teams_to_roles items`
 
 |Field|Type|Description|
 |---|---|---|
-|organization|string|Organization is a Github organization a user belongs to.|
-|roles|[]string|Roles is a list of allowed logins for this org/team.|
-|team|string|Team is a team within the organization a user belongs to.|
+|`organization`|string|Organization is a Github organization a user belongs to.|
+|`roles`|[]string|Roles is a list of allowed logins for this org/team.|
+|`team`|string|Team is a team within the organization a user belongs to.|
 

docs/pages/reference/operator-resources/resources.teleport.dev_loginrules.mdx

@@ -13,20 +13,20 @@ resource, which you can apply after installing the Teleport Kubernetes operator.
 
 ## resources.teleport.dev/v1
 
-**apiVersion:** resources.teleport.dev/v1
+`apiVersion: resources.teleport.dev/v1`
 
 |Field|Type|Description|
 |---|---|---|
-|apiVersion|string|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|
-|kind|string|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|
-|metadata|object||
-|spec|[object](#spec)|LoginRule resource definition v1 from Teleport|
+|`apiVersion`|string|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|
+|`kind`|string|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|
+|`metadata`|object||
+|`spec`|[object](#spec)|LoginRule resource definition v1 from Teleport|
 
-### spec
+### `spec`
 
 |Field|Type|Description|
 |---|---|---|
-|priority|integer|Priority is the priority of the login rule relative to other login rules in the same cluster. Login rules with a lower numbered priority will be evaluated first.|
-|traits_expression|string|TraitsExpression is a predicate expression which should return the desired traits for the user upon login.|
-|traits_map|object|TraitsMap is a map of trait keys to lists of predicate expressions which should evaluate to the desired values for that trait.|
+|`priority`|integer|Priority is the priority of the login rule relative to other login rules in the same cluster. Login rules with a lower numbered priority will be evaluated first.|
+|`traits_expression`|string|TraitsExpression is a predicate expression which should return the desired traits for the user upon login.|
+|`traits_map`|object|TraitsMap is a map of trait keys to lists of predicate expressions which should evaluate to the desired values for that trait.|