diff --git a/README.md b/README.md index ef295de0..40a65e6c 100644 --- a/README.md +++ b/README.md @@ -100,28 +100,9 @@ news_link: 'https://google.com' ## Mermaid -Mermaid is loaded into content pages only when the boolean frontmatter variable `mermaid` is set to `true`. +The Docsy theme supports Mermaid diagrams. See https://www.docsy.dev/docs/adding-content/diagrams-and-formulae/#diagrams-with-mermaid -1. Use the `mermaid` shortcode to make sure your graph isn't processed as markdown: -``` -{{< mermaid >}} -graph TB - -clouddriver(Clouddriver) --> clouddriver-caching(Clouddriver-Caching); -clouddriver --> clouddriver-rw(Clouddriver-RW); -clouddriver --> clouddriver-ro(Clouddriver-RO); -clouddriver --> clouddriver-ro-deck(Clouddriver-RO-Deck) - -classDef default fill:#d8e8ec,stroke:#39546a; -linkStyle default stroke:#39546a,stroke-width:1px,fill:none; - -classDef split fill:#42f4c2,stroke:#39546a; -class clouddriver-caching,clouddriver-ro,clouddriver-ro-deck,clouddriver-rw,echo-scheduler,echo-worker split -{{< /mermaid >}} -``` - -2. Add the frontmatter variable to the page: `mermaid: true`. ## Custom YouTube Shortcode diff --git a/assets/scss/_styles_project.scss b/assets/scss/_styles_project.scss index 9ce5d132..16a829c2 100644 --- a/assets/scss/_styles_project.scss +++ b/assets/scss/_styles_project.scss @@ -3,9 +3,9 @@ @import 'homepage-hero'; @import 'slick-theme'; @import 'slick'; -@import 'docs'; @import 'navbar'; + h3 { margin-bottom: 1.6rem; } diff --git a/assets/scss/docs.scss b/assets/scss/docs.scss deleted file mode 100644 index 181b96fd..00000000 --- a/assets/scss/docs.scss +++ /dev/null @@ -1,25 +0,0 @@ -.td-main { - main { - @include media-breakpoint-up(lg) { - margin-top: 50px; - padding-top: 20px; - } - } -} - -.td-sidebar { - @include media-breakpoint-up(lg) { - padding-top: 20px; - margin-top: 50px; - } -} -.td-toc { - &.bumped { - top: 0; - .td-page-meta, - #TableOfContents { - position: relative; - top: 50px; - } - } -} diff --git a/assets/scss/navbar.scss b/assets/scss/navbar.scss index 31ce541d..7ce07e38 100644 --- a/assets/scss/navbar.scss +++ b/assets/scss/navbar.scss @@ -14,6 +14,8 @@ margin-left: 15px; } } + + .navbar-expand .navbar-nav .nav-link { padding-right: 1rem; padding-left: 1rem; diff --git a/config.toml b/config.toml index 666b867b..c70a8ef4 100644 --- a/config.toml +++ b/config.toml @@ -1,10 +1,10 @@ baseURL = "/" -title = "Spinnaker" enableRobotsTXT = true +enableInlineShortcodes = true +# Will give values to .Lastmod etc. +enableGitInfo = true -# Hugo allows theme composition (and inheritance). The precedence is from left to right. -theme = ["github.com/google/docsy", "github.com/google/docsy/dependencies"] # Language configuration [languages] [languages.en] @@ -67,8 +67,6 @@ proxy = "direct" [[module.mounts]] source = "content/en" target = "content" -# Will give values to .Lastmod etc. -enableGitInfo = true # Language settings contentDir = "content/en" @@ -79,6 +77,15 @@ enableMissingTranslationPlaceholders = true disableKinds = ["taxonomy", "taxonomyTerm"] +# Google Analytics configuration +# https://gohugo.io/templates/internal/#configure-google-analytics +# https://www.docsy.dev/docs/adding-content/feedback/#adding-analytics +googleAnalytics = "G-H0XE7ESBFR" + +# Configure how URLs look like per section. +[permalinks] +blog = "/:section/:year/:month/:day/:slug/" + # Highlighting config (copied from the docsy example site, tag v0.7.1) pygmentsCodeFences = true pygmentsUseClasses = false @@ -127,23 +134,16 @@ pygmentsStyle = "dracula" -# Configure how URLs look like per section. -[permalinks] -blog = "/:section/:year/:month/:day/:slug/" - # Image processing configuration. [imaging] resampleFilter = "CatmullRom" quality = 75 anchor = "smart" -# Google Analytics configuration -# https://gohugo.io/templates/internal/#configure-google-analytics -# https://www.docsy.dev/docs/adding-content/feedback/#adding-analytics -googleAnalytics = "G-H0XE7ESBFR" -# Comment out the next line to disable GA tracking. -# This Tag ID can be found in Google Analytics -> Admin Panel -> Data Streams -> Spinnaker Website - GA4 -> Configure Tag Settings -# google_tag_id="GT-W6BN9SN" this was for a custom fix in the site with the older theme version + + + + # Everything below this are Site Params [params] @@ -166,7 +166,7 @@ archived_version = false # The version number for the version of the docs represented in this doc set. # Used in the "version-banner" partial to display a version number for the # current doc set. -version = "latest" +version = "Latest" # A link to latest version of the docs. Used in the "version-banner" partial to # point people to the main doc site. @@ -177,6 +177,9 @@ github_repo = "https://github.com/spinnaker/spinnaker.io" # An optional link to a related project repo. For example, the sibling repository where your product code lives. github_project_repo = "https://github.com/spinnaker/spinnaker" +# Enable Algolia DocSearch +algolia_docsearch = false + # Enable Lunr.js offline search offlineSearch = true offlineSearchMaxResults = 50 @@ -194,6 +197,8 @@ offlineSearchSummaryLength = 200 [params.ui] # Enable to show the side bar menu in its compact state. sidebar_menu_compact = true +sidebar_menu_foldable= true +sidebar_cache_limit = 10 # Set to true to disable breadcrumb navigation. breadcrumb_disable = false # Set to true to hide the sidebar search box (the top nav search box will still be displayed if search is enabled) diff --git a/content/en/_index.md b/content/en/_index.md index 1eba40ab..677aeba0 100644 --- a/content/en/_index.md +++ b/content/en/_index.md @@ -18,3 +18,5 @@ contrib_text: who_should_use_header: 'Who should use Spinnaker?' who_should_use_text: 'Spinnaker provides application management and deployment to help you release software changes with high velocity and confidence. Spinnaker is an open-source, multi-cloud continuous delivery platform that combines a powerful and flexible pipeline management system with integrations to the major cloud providers. If you are looking to standardize your release processes and improve quality, Spinnaker is for you. ' --- + +{{% promoBanner %}} \ No newline at end of file diff --git a/content/en/docs/guides/runbooks/orca-quality-of-service.md b/content/en/docs/guides/runbooks/orca-quality-of-service.md index d5ead6c1..b1a84a52 100644 --- a/content/en/docs/guides/runbooks/orca-quality-of-service.md +++ b/content/en/docs/guides/runbooks/orca-quality-of-service.md @@ -42,7 +42,7 @@ This promotion process happens (by default) on a 5-second interval on every Orca With both `BufferPolicy` and `PromotionPolicy`, the results of each function returns a result with a human readable "reason", which is logged out for each execution that is evaluated so it is easy to trace. -{{< mermaid >}} +```mermaid sequenceDiagram participant ExecutionPersister participant ExecutionBufferActuator @@ -71,7 +71,7 @@ note over ExecutionPromoter: For each promoted execution ExecutionPromoter->>ExecutionPersister: Update Execution status to NOT_STARTED ExecutionPromoter->>ExecutionLauncher: Start Execution end -{{< /mermaid >}} +``` **Note**: This is the first implementation of the QoS system, we plan to iterate on this concept and make it more advanced over time. You can read the [original proposal][proposal] to get an idea of a potential roadmap. diff --git a/content/en/docs/reference/architecture/authz_authn/authentication/index.md b/content/en/docs/reference/architecture/authz_authn/authentication/index.md index 97a83eb1..b5bef823 100644 --- a/content/en/docs/reference/architecture/authz_authn/authentication/index.md +++ b/content/en/docs/reference/architecture/authz_authn/authentication/index.md @@ -8,7 +8,7 @@ mermaid: true There are three basic players in Spinnaker's authentication workflow: -{{< mermaid >}} +```mermaid graph LR classDef default fill:#d8e8ec,stroke:#7a8288; linkStyle default stroke:#7a8288, stroke-width:2px, fill:none; @@ -22,7 +22,7 @@ gate-->deck deck-->idp idp-->deck -{{< /mermaid >}} +``` 1. **Deck**: Spinnaker's UI. Consists of a set of static HTML, JavaScript, and CSS files. Generally served from an Apache server, but there is nothing special about Apache that makes Deck work. @@ -41,7 +41,7 @@ Deck is a Javascript Single Page Application (SPA). This means that when a user process below involves numerous redirects between the three parties (Deck, Gate, and the Identity Provider). -{{< mermaid >}} +```mermaid sequenceDiagram participant Apache @@ -56,7 +56,7 @@ sequenceDiagram Note right of Gate: No or expired session cookie. Gate->>-Deck: Returns empty response -{{< /mermaid >}} +``` 1. Browser requests Deck's landing page: `https://deck.url:9000/` @@ -68,7 +68,7 @@ sequenceDiagram 1. Without a user logged in, Deck requests a _protected_ URL: `https://gate.url:8084/auth/redirect?to=https://deck.url:9000`. -{{< mermaid >}} +```mermaid sequenceDiagram participant Deck participant Gate @@ -85,13 +85,13 @@ participant IdentityProvider Deck->>+IdentityProvider: GET https://idp.url/?redirect_uri=gate.url/login IdentityProvider->>-Deck: Login Page -{{< /mermaid >}} +``` 1. Given that the URL is protected, Gate sees that there is no logged-in user, so it issues an HTTP 302 redirect to an authentication-method-specific page. It saves the requested URL (`https://gate.url:8084/auth/redirect?to=https://deck.url:9000`) in the session state. -{{< mermaid >}} +```mermaid sequenceDiagram participant Deck participant Gate @@ -107,7 +107,7 @@ participant IdentityProvider IdentityProvider->>-Gate: . deactivate Gate -{{< /mermaid >}} +``` 1. In the case of LDAP, the `/login` page is hosted in Gate and is a basic form asking for credentials. Gate attempts to establish a session (preferably over SSL) with the LDAP server, sending the username and password. If successful, @@ -122,7 +122,7 @@ participant IdentityProvider 1. Gate processes the received data. This can include making additional requests to confirm the user's identity. -{{< mermaid >}} +```mermaid sequenceDiagram participant Deck participant Gate @@ -135,13 +135,13 @@ Gate->>-Deck: HTTP 302 /auth/redirect?to=deck.url Deck->>+Gate: GET /auth/redirect?to=deck.url Note right of Gate: URL is protected, but user is authenticated. Proceed! Gate->>-Deck: HTTP 302 to deck.url -{{< /mermaid >}} +``` 1) Upon successful processing, the user is now considered logged in. Gate retrieves the originally requested URL from the session state. It issues an HTTP 302 to that URL (`https://gate.url:8084/auth/redirect?to=https://deck.url:9000`). 1) The request from the browser hits the API gateway, along with the session cookie from the newly logged in user. The `to` query parameter is validated to be the associated Deck instance, and a final HTTP 302 is sent, directing the user to the `https://deck.url:9000`. -{{< mermaid >}} +```mermaid sequenceDiagram participant Apache participant Deck @@ -156,7 +156,7 @@ Gate->>-Deck: HTTP 302 to deck.url activate Deck Note right of Deck: User logged in! Huzzah! deactivate Deck -{{< /mermaid >}} +``` 1) Repeat this process from step 1. Now, the response from `https://gate.url:8084/auth/user` will contain a proper JSON object and the rest of the application will proceed to load. @@ -167,7 +167,7 @@ The OAuth specification defines numerous flows for various scenarios. Spinnaker OAuth flow looks like: -{{< mermaid >}} +```mermaid sequenceDiagram participant Deck @@ -183,7 +183,7 @@ flow looks like: Deck->>+IdentityProvider: GET https://idp.url/userLogin?client_id=foo... IdentityProvider->>-Deck: Returns login page -{{< /mermaid >}} +``` 1. User attempts to access a protected resource. @@ -202,7 +202,7 @@ flow looks like: `email profile` to access the user's email address. 1. OAuth provider prompts user for username & password. -{{< mermaid >}} +```mermaid sequenceDiagram participant Deck @@ -215,14 +215,14 @@ flow looks like: Deck->>+IdentityProvider: User confirms IdentityProvider->>-Deck: HTTP 302 to https://gate.url/login?code=abcdef -{{< /mermaid >}} +``` 1. OAuth provider confirms that the user is granting Gate access to their profile. 1. Using the `redirect_uri`, the OAuth provider redirects the user to this address, providing an additional `code` parameter. -{{< mermaid >}} +```mermaid sequenceDiagram participant Deck @@ -237,7 +237,7 @@ flow looks like: ResourceServer->>-Gate: Respondes with JSON of user profile information Note left of Gate: Gate extracts data based on userInfoMapping Gate->>-Deck: HTTP 302 to originally requested URL -{{< /mermaid >}} +``` 1. Gate uses this `code` parameter to request an _access token_ from the OAuth provider's token server. diff --git a/content/en/docs/reference/architecture/loab/index.md b/content/en/docs/reference/architecture/loab/index.md index f3342a6b..e4fb79d9 100644 --- a/content/en/docs/reference/architecture/loab/index.md +++ b/content/en/docs/reference/architecture/loab/index.md @@ -4,7 +4,7 @@ description: mermaid: true --- -{{< mermaid >}} +```mermaid sequenceDiagram Title: Life of a Bake @@ -49,5 +49,4 @@ Orca->>Rosco: Poll until task completion Rosco->>Redis: Query bake status Orca->>Redis: Update execution state end - -{{< /mermaid >}} +``` diff --git a/content/en/docs/reference/architecture/load/index.md b/content/en/docs/reference/architecture/load/index.md index cf941084..8b257905 100644 --- a/content/en/docs/reference/architecture/load/index.md +++ b/content/en/docs/reference/architecture/load/index.md @@ -4,7 +4,7 @@ mermaid: true description: --- -{{< mermaid >}} +```mermaid sequenceDiagram Title: Life of a deployment @@ -49,4 +49,4 @@ Deck->>Gate: Poll until orchestration completion Gate->>Orca: Query orchestration status Orca->>Redis: Query execution status end -{{< /mermaid >}} +``` diff --git a/content/en/docs/reference/architecture/microservices-overview.md b/content/en/docs/reference/architecture/microservices-overview.md index 18c671f0..725f3415 100644 --- a/content/en/docs/reference/architecture/microservices-overview.md +++ b/content/en/docs/reference/architecture/microservices-overview.md @@ -70,7 +70,7 @@ boxes represent "external" components, including the Deck UI, a single-page JavaScript application that runs in your browser. The gold boxes represent Halyard components which are only ran when configuring Spinnaker. -{{< mermaid >}} +```mermaid graph TB deck(Deck) --> gate; @@ -113,7 +113,7 @@ class halyard,hal halStyle; classDef external fill:#c0d89d,stroke:#39546a; class deck,api external; -{{< /mermaid >}} +``` In the table below, A filled cell indicates that the system listed in the heading of that column has a dependency on the system listed in the heading of diff --git a/content/en/docs/reference/halyard/high-availability.md b/content/en/docs/reference/halyard/high-availability.md index 84089e5c..b08b1cf3 100644 --- a/content/en/docs/reference/halyard/high-availability.md +++ b/content/en/docs/reference/halyard/high-availability.md @@ -14,7 +14,7 @@ Currently, this feature is only for Clouddriver and Echo. ## HA Clouddriver -{{< mermaid >}} +```mermaid graph TB clouddriver(Clouddriver) --> clouddriver-caching(Clouddriver-Caching); @@ -27,7 +27,7 @@ linkStyle default stroke:#39546a,stroke-width:1px,fill:none; classDef split fill:#42f4c2,stroke:#39546a; class clouddriver-caching,clouddriver-ro,clouddriver-ro-deck,clouddriver-rw,echo-scheduler,echo-worker split -{{< /mermaid >}} +``` Clouddriver benefits greatly from isolating its operations into separate services. To split Clouddriver for increased availability, run: @@ -81,7 +81,7 @@ To add a [custom profile](/docs/reference/halyard/custom/#custom-profiles) or [c ## HA Echo -{{< mermaid >}} +```mermaid graph TB echo(Echo) --> echo-scheduler(Echo-Scheduler); @@ -93,7 +93,7 @@ linkStyle default stroke:#39546a,stroke-width:1px,fill:none; classDef split fill:#42f4c2,stroke:#39546a; class clouddriver-caching,clouddriver-ro,clouddriver-rw,echo-scheduler,echo-worker split -{{< /mermaid >}} +``` Echo can be split into two separate services that handle different operations. To split Echo for increased availability, run: @@ -136,7 +136,7 @@ hal deploy apply --delete-orphaned-services With all services enabled for high availability, the new architecture looks like this: -{{< mermaid >}} +```mermaid graph TB deck(Deck) --> gate; @@ -171,7 +171,7 @@ class deck,api external classDef split fill:#42f4c2,stroke:#39546a; class clouddriver-caching,clouddriver-ro,clouddriver-ro-deck,clouddriver-rw,echo-scheduler,echo-worker split -{{< /mermaid >}} +``` ## Recoverability diff --git a/content/en/docs/setup/other_config/security/authentication/_index.md b/content/en/docs/setup/other_config/security/authentication/_index.md index aab1e547..3824e980 100644 --- a/content/en/docs/setup/other_config/security/authentication/_index.md +++ b/content/en/docs/setup/other_config/security/authentication/_index.md @@ -12,7 +12,7 @@ There are a lot of moving parts involved with getting authentication to work. T There are three basic systems involved with Spinnaker's authentication workflow: your identity provider, Gate, and Deck. The changes will primarily be made to either your identity provider or Gate. Deck itself will not require changes or updates, but it's useful to understand how all three parts interact. -{{< mermaid >}} +```mermaid graph LR classDef default fill:#d8e8ec,stroke:#7a8288; linkStyle default stroke:#7a8288, stroke-width:2px, fill:none; @@ -25,7 +25,7 @@ deck-->gate gate-->deck deck-->idp idp-->deck -{{< /mermaid >}} +``` 1. **Deck**: Spinnaker's UI. Consists of a set of static HTML, JavaScript, and CSS files. Generally served from an Apache server, but there is nothing special about Apache that makes Deck work. diff --git a/content/en/docs/setup/other_config/security/authentication/saml/index.md b/content/en/docs/setup/other_config/security/authentication/saml/index.md index daa763b7..1c2616cd 100644 --- a/content/en/docs/setup/other_config/security/authentication/saml/index.md +++ b/content/en/docs/setup/other_config/security/authentication/saml/index.md @@ -115,7 +115,7 @@ IdP for login, and redirected back to Spinnaker. Some SAML providers will allow first_, and click a link to be taken to Spinnaker. -{{< mermaid >}} +```mermaid sequenceDiagram participant Deck @@ -127,7 +127,7 @@ first_, and click a link to be taken to Spinnaker. Deck->>+IdentityProvider: GET https://idp.url/?SAMLRequest=... IdentityProvider->>-Deck: Returns login page -{{< /mermaid >}} +``` 1. User attempts to access a protected resource. @@ -140,7 +140,7 @@ first_, and click a link to be taken to Spinnaker. [here](#network-architecture-and-ssl-termination) for how to override this value. 1. SAML provider prompts user for username & password. - {{< mermaid >}} + ```mermaid sequenceDiagram participant Deck @@ -153,7 +153,7 @@ first_, and click a link to be taken to Spinnaker. Note right of Gate: User identity verified Note right of Gate: Gate extracts data based on userInfoMapping Gate->>-Deck: HTTP 302 /something/protected - {{< /mermaid >}} + ``` 1. A SAML response must be POSTed to `/saml/SSO`, and most browsers won't re-POST when given an HTTP 302. Instead, providers sometimes return a page (with HTTP 200) that has a self-submitting HTML form to POST to Gate's `/saml/SSO` diff --git a/layouts/_default/baseof.html b/layouts/_default/baseof.html index f354e71f..93d594a1 100644 --- a/layouts/_default/baseof.html +++ b/layouts/_default/baseof.html @@ -1,28 +1,20 @@ - +
{{ partial "head.html" . }} - - -