From 14c353993b915bdc414bbd675e005758d0ba0e90 Mon Sep 17 00:00:00 2001
From: "Benjamin A. Petersen" <ben@benjaminapetersen.me>
Date: Mon, 31 Jul 2023 13:06:58 -0400
Subject: [PATCH] site sidebar: create new How-to sub-heading for IDP config

---
 site/content/docs/howto/idps/_index.md             | 14 ++++++++++++++
 .../configure-supervisor-with-activedirectory.md   |  6 +++---
 .../{ => idps}/configure-supervisor-with-auth0.md  |  2 +-
 .../{ => idps}/configure-supervisor-with-dex.md    |  2 +-
 .../{ => idps}/configure-supervisor-with-gitlab.md |  2 +-
 .../configure-supervisor-with-jumpcloudldap.md     |  2 +-
 .../{ => idps}/configure-supervisor-with-okta.md   |  2 +-
 .../configure-supervisor-with-openldap.md          |  2 +-
 ...nfigure-supervisor-with-workspace_one_access.md |  2 +-
 .../tutorials/concierge-and-supervisor-demo.md     |  2 +-
 .../2021-08-27-supporting-ad-oidc-workflows.md     |  2 +-
 ...01-18-idp-refresh-tls-ciphers-for-compliance.md |  2 +-
 site/content/posts/2022-04-15-fips-and-more.md     |  2 +-
 .../pinniped/layouts/partials/docs-sidebar.html    |  6 ++++--
 14 files changed, 32 insertions(+), 16 deletions(-)
 create mode 100644 site/content/docs/howto/idps/_index.md
 rename site/content/docs/howto/{ => idps}/configure-supervisor-with-activedirectory.md (96%)
 rename site/content/docs/howto/{ => idps}/configure-supervisor-with-auth0.md (99%)
 rename site/content/docs/howto/{ => idps}/configure-supervisor-with-dex.md (99%)
 rename site/content/docs/howto/{ => idps}/configure-supervisor-with-gitlab.md (99%)
 rename site/content/docs/howto/{ => idps}/configure-supervisor-with-jumpcloudldap.md (99%)
 rename site/content/docs/howto/{ => idps}/configure-supervisor-with-okta.md (99%)
 rename site/content/docs/howto/{ => idps}/configure-supervisor-with-openldap.md (99%)
 rename site/content/docs/howto/{ => idps}/configure-supervisor-with-workspace_one_access.md (99%)

diff --git a/site/content/docs/howto/idps/_index.md b/site/content/docs/howto/idps/_index.md
new file mode 100644
index 00000000..6a55f90e
--- /dev/null
+++ b/site/content/docs/howto/idps/_index.md
@@ -0,0 +1,14 @@
+---
+title: How-to Guides for Configuring IDPs
+cascade:
+  layout: docs
+menu:
+  docs:
+    name: How-to Configure IDPs
+    identifier: howto-configure-idps
+    weight: 60
+---
+
+These how-to guides show you how to install and configure Pinniped with specific identity providers:
+
+{{< docsmenu "howto-configure-idps" >}}
diff --git a/site/content/docs/howto/configure-supervisor-with-activedirectory.md b/site/content/docs/howto/idps/configure-supervisor-with-activedirectory.md
similarity index 96%
rename from site/content/docs/howto/configure-supervisor-with-activedirectory.md
rename to site/content/docs/howto/idps/configure-supervisor-with-activedirectory.md
index e314d586..095a70e5 100644
--- a/site/content/docs/howto/configure-supervisor-with-activedirectory.md
+++ b/site/content/docs/howto/idps/configure-supervisor-with-activedirectory.md
@@ -7,7 +7,7 @@ menu:
   docs:
     name: Configure Supervisor With Active Directory
     weight: 110
-    parent: howtos
+    parent: howto-configure-idps
 ---
 The Supervisor is an [OpenID Connect (OIDC)](https://openid.net/connect/) issuer that supports connecting a single
 "upstream" identity provider to many "downstream" cluster clients.
@@ -28,7 +28,7 @@ Create an [ActiveDirectoryIdentityProvider](https://github.com/vmware-tanzu/pinn
 
 This ActiveDirectoryIdentityProvider uses all the default configuration options.
 The default configuration options are documented in the
-[Active Directory configuration reference]({{< ref "../reference/active-directory-configuration">}}).
+[Active Directory configuration reference]({{< ref "../../reference/active-directory-configuration">}}).
 
 ```yaml
 apiVersion: idp.supervisor.pinniped.dev/v1alpha1
@@ -160,7 +160,7 @@ spec:
 ```
 
 More information about the defaults for these configuration options can be found in
-the [Active Directory configuration reference]({{< ref "../reference/active-directory-configuration">}}).
+the [Active Directory configuration reference]({{< ref "../../reference/active-directory-configuration">}}).
 
 ## Next steps
 
diff --git a/site/content/docs/howto/configure-supervisor-with-auth0.md b/site/content/docs/howto/idps/configure-supervisor-with-auth0.md
similarity index 99%
rename from site/content/docs/howto/configure-supervisor-with-auth0.md
rename to site/content/docs/howto/idps/configure-supervisor-with-auth0.md
index d7a50b78..28f3bd26 100644
--- a/site/content/docs/howto/configure-supervisor-with-auth0.md
+++ b/site/content/docs/howto/idps/configure-supervisor-with-auth0.md
@@ -7,7 +7,7 @@ menu:
   docs:
     name: Configure Supervisor With Auth0 OIDC
     weight: 80
-    parent: howtos
+    parent: howto-configure-idps
 ---
 The Supervisor is an [OpenID Connect (OIDC)](https://openid.net/connect/) issuer that supports connecting a single
 "upstream" identity provider to many "downstream" cluster clients.
diff --git a/site/content/docs/howto/configure-supervisor-with-dex.md b/site/content/docs/howto/idps/configure-supervisor-with-dex.md
similarity index 99%
rename from site/content/docs/howto/configure-supervisor-with-dex.md
rename to site/content/docs/howto/idps/configure-supervisor-with-dex.md
index fe549ca8..92e773b6 100644
--- a/site/content/docs/howto/configure-supervisor-with-dex.md
+++ b/site/content/docs/howto/idps/configure-supervisor-with-dex.md
@@ -7,7 +7,7 @@ menu:
   docs:
     name: Configure Supervisor With Dex OIDC
     weight: 80
-    parent: howtos
+    parent: howto-configure-idps
 ---
 
 The Supervisor is an [OpenID Connect (OIDC)](https://openid.net/connect/) issuer that supports connecting a single
diff --git a/site/content/docs/howto/configure-supervisor-with-gitlab.md b/site/content/docs/howto/idps/configure-supervisor-with-gitlab.md
similarity index 99%
rename from site/content/docs/howto/configure-supervisor-with-gitlab.md
rename to site/content/docs/howto/idps/configure-supervisor-with-gitlab.md
index 75e08414..f0df6040 100644
--- a/site/content/docs/howto/configure-supervisor-with-gitlab.md
+++ b/site/content/docs/howto/idps/configure-supervisor-with-gitlab.md
@@ -7,7 +7,7 @@ menu:
   docs:
     name: Configure Supervisor With GitLab OIDC
     weight: 90
-    parent: howtos
+    parent: howto-configure-idps
 ---
 The Supervisor is an [OpenID Connect (OIDC)](https://openid.net/connect/) issuer that supports connecting a single
 "upstream" identity provider to many "downstream" cluster clients.
diff --git a/site/content/docs/howto/configure-supervisor-with-jumpcloudldap.md b/site/content/docs/howto/idps/configure-supervisor-with-jumpcloudldap.md
similarity index 99%
rename from site/content/docs/howto/configure-supervisor-with-jumpcloudldap.md
rename to site/content/docs/howto/idps/configure-supervisor-with-jumpcloudldap.md
index 53becbb1..c27e01bd 100644
--- a/site/content/docs/howto/configure-supervisor-with-jumpcloudldap.md
+++ b/site/content/docs/howto/idps/configure-supervisor-with-jumpcloudldap.md
@@ -7,7 +7,7 @@ menu:
   docs:
     name: Configure Supervisor With JumpCloud LDAP
     weight: 110
-    parent: howtos
+    parent: howto-configure-idps
 ---
 The Supervisor is an [OpenID Connect (OIDC)](https://openid.net/connect/) issuer that supports connecting a single
 "upstream" identity provider to many "downstream" cluster clients.
diff --git a/site/content/docs/howto/configure-supervisor-with-okta.md b/site/content/docs/howto/idps/configure-supervisor-with-okta.md
similarity index 99%
rename from site/content/docs/howto/configure-supervisor-with-okta.md
rename to site/content/docs/howto/idps/configure-supervisor-with-okta.md
index 1c955b6f..80f4bbf8 100644
--- a/site/content/docs/howto/configure-supervisor-with-okta.md
+++ b/site/content/docs/howto/idps/configure-supervisor-with-okta.md
@@ -7,7 +7,7 @@ menu:
   docs:
     name: Configure Supervisor With Okta OIDC
     weight: 80
-    parent: howtos
+    parent: howto-configure-idps
 ---
 The Supervisor is an [OpenID Connect (OIDC)](https://openid.net/connect/) issuer that supports connecting a single
 "upstream" identity provider to many "downstream" cluster clients.
diff --git a/site/content/docs/howto/configure-supervisor-with-openldap.md b/site/content/docs/howto/idps/configure-supervisor-with-openldap.md
similarity index 99%
rename from site/content/docs/howto/configure-supervisor-with-openldap.md
rename to site/content/docs/howto/idps/configure-supervisor-with-openldap.md
index 399a9fce..26c7336f 100644
--- a/site/content/docs/howto/configure-supervisor-with-openldap.md
+++ b/site/content/docs/howto/idps/configure-supervisor-with-openldap.md
@@ -7,7 +7,7 @@ menu:
   docs:
     name: Configure Supervisor With OpenLDAP
     weight: 100
-    parent: howtos
+    parent: howto-configure-idps
 ---
 The Supervisor is an [OpenID Connect (OIDC)](https://openid.net/connect/) issuer that supports connecting a single
 "upstream" identity provider to many "downstream" cluster clients.
diff --git a/site/content/docs/howto/configure-supervisor-with-workspace_one_access.md b/site/content/docs/howto/idps/configure-supervisor-with-workspace_one_access.md
similarity index 99%
rename from site/content/docs/howto/configure-supervisor-with-workspace_one_access.md
rename to site/content/docs/howto/idps/configure-supervisor-with-workspace_one_access.md
index fc6b6ffd..4c51416a 100644
--- a/site/content/docs/howto/configure-supervisor-with-workspace_one_access.md
+++ b/site/content/docs/howto/idps/configure-supervisor-with-workspace_one_access.md
@@ -7,7 +7,7 @@ menu:
   docs:
     name: Configure Supervisor With Workspace ONE Access
     weight: 80
-    parent: howtos
+    parent: howto-configure-idps
 ---
 The Supervisor is an [OpenID Connect (OIDC)](https://openid.net/connect/) issuer that supports connecting a single
 "upstream" identity provider to many "downstream" cluster clients.
diff --git a/site/content/docs/tutorials/concierge-and-supervisor-demo.md b/site/content/docs/tutorials/concierge-and-supervisor-demo.md
index 5131aba1..59951313 100644
--- a/site/content/docs/tutorials/concierge-and-supervisor-demo.md
+++ b/site/content/docs/tutorials/concierge-and-supervisor-demo.md
@@ -408,7 +408,7 @@ The general steps required to create and configure a client in Okta are:
 3. Create a test user with an email and a password. It does not need to be a real email address for the purposes of this tutorial.
 4. Create an app in the Okta UI.
    1. For more information about creating an app in the Okta UI, see the
-      [Configure Supervisor With Okta OIDC howto doc]({{< ref "../howto/configure-supervisor-with-okta" >}}).
+      [Configure Supervisor With Okta OIDC howto doc]({{< ref "../howto/idps/configure-supervisor-with-okta" >}}).
    2. Make sure that the test user is assigned to the app in the app's "Assignments" tab.
    3. Add the FederationDomain's callback endpoint to the "Sign-in redirect URIs" list on the app in the UI.
       The callback endpoint is the FederationDomain's issuer URL plus `/callback`,
diff --git a/site/content/posts/2021-08-27-supporting-ad-oidc-workflows.md b/site/content/posts/2021-08-27-supporting-ad-oidc-workflows.md
index c9071d47..48133a81 100644
--- a/site/content/posts/2021-08-27-supporting-ad-oidc-workflows.md
+++ b/site/content/posts/2021-08-27-supporting-ad-oidc-workflows.md
@@ -60,7 +60,7 @@ Here’s what an example configuration looks like
    password: "YOUR_PASSWORD"
  ```
 
-You can also customize the userSearch and groupSearch as shown in the examples in our reference documentation [here]({{< ref "docs/howto/configure-supervisor-with-activedirectory.md" >}})
+You can also customize the userSearch and groupSearch as shown in the examples in our reference documentation [here]({{< ref "docs/howto/idps/configure-supervisor-with-activedirectory.md" >}})
 
 In the above example, users will be able to login with either their sAMAccountName (i.e. pinny), userPrincipalName (i.e. pinny@example.com) or mail attribute.  This reduces the need to tell users what specific value from AD must be provided in the username field.  Regardless of what value the user provides in the username field, the userPrincipalName will be used as the identity in Kubernetes clusters.  UPN is used as the username attribute by default as it is unique within an AD forest.  Similarly, a UPN is generated for each group using its sAMAccountName attribute and the AD domain hostname.  The default AD configuration finds both direct and nested groups.
 
diff --git a/site/content/posts/2022-01-18-idp-refresh-tls-ciphers-for-compliance.md b/site/content/posts/2022-01-18-idp-refresh-tls-ciphers-for-compliance.md
index 59b44215..acbb32f1 100644
--- a/site/content/posts/2022-01-18-idp-refresh-tls-ciphers-for-compliance.md
+++ b/site/content/posts/2022-01-18-idp-refresh-tls-ciphers-for-compliance.md
@@ -61,7 +61,7 @@ spec:
     allowPasswordGrant: false
 ```
 
-Refer to a more complete example for configuring Okta at [how to configure Okta as IDP with Supervisor]({{< ref "docs/howto/configure-supervisor-with-okta.md" >}}).
+Refer to a more complete example for configuring Okta at [how to configure Okta as IDP with Supervisor]({{< ref "docs/howto/idps/configure-supervisor-with-okta.md" >}}).
 
 Inside Okta, when you create the Application, make sure to select refresh tokens as the Grant type along with Authorization code. See below:
 
diff --git a/site/content/posts/2022-04-15-fips-and-more.md b/site/content/posts/2022-04-15-fips-and-more.md
index 47161b14..7ae7d586 100644
--- a/site/content/posts/2022-04-15-fips-and-more.md
+++ b/site/content/posts/2022-04-15-fips-and-more.md
@@ -41,7 +41,7 @@ For more information on this feature refer to [#981](https://github.com/vmware-t
 
 We continue to gather feedback from the community around the need to integrate with different Identity Providers. With this in mind, we have documented our support for configuring [VMware Workspace ONE Access](https://www.vmware.com/products/workspace-one/access.html) (formerly VMware Identity Manager) as an Identity provider. Workspace ONE access also acts as a broker to other identity stores and providers—including Active Directory (AD), Active Directory Federation Services (ADFS), Azure AD, Okta and Ping Identity to enable authentication across on-premises, software-as-a-service (SaaS), web and native applications. Available as a cloud-hosted service, Workspace ONE Access is an integral part of the Workspace ONE platform.
 
-Refer to our detailed guide  on [how to configure supervisor with Workspace ONE Access]({{< ref "docs/howto/configure-supervisor-with-workspace_one_access.md" >}}).  
+Refer to our detailed guide  on [how to configure supervisor with Workspace ONE Access]({{< ref "docs/howto/idps/configure-supervisor-with-workspace_one_access.md" >}}).  
 
 ## What else is in this release?
 
diff --git a/site/themes/pinniped/layouts/partials/docs-sidebar.html b/site/themes/pinniped/layouts/partials/docs-sidebar.html
index 046befa3..47d76469 100644
--- a/site/themes/pinniped/layouts/partials/docs-sidebar.html
+++ b/site/themes/pinniped/layouts/partials/docs-sidebar.html
@@ -15,11 +15,13 @@
                     {{- if .HasChildren }}
                     <ul class="sub-menu">
                         {{- range .Children }}
-                            <li><a href="{{ .URL }}"{{ if $currentPage.IsMenuCurrent "docs" . }} class="active"{{ end }} >{{ .Name }}</a></li>
+                            <li>
+                                <a href="{{ .URL }}"{{ if $currentPage.IsMenuCurrent "docs" . }} class="active"{{ end }} >{{ .Name }}</a>
+                            </li>
                         {{- end }}
                     </ul>
                     {{- end }}
                 </li>
         {{- end }}
     </ul>
-</div>
\ No newline at end of file
+</div>