From 7b82b7a0102579e6a84124958f075f6ecf3c1a67 Mon Sep 17 00:00:00 2001
From: Pinny <pinniped-ci-bot@users.noreply.github.com>
Date: Thu, 1 Apr 2021 19:15:23 +0000
Subject: [PATCH] Update CLI docs for v0.7.0 release

---
 site/content/docs/reference/cli.md | 138 ++++++++++++++++-------------
 1 file changed, 74 insertions(+), 64 deletions(-)

diff --git a/site/content/docs/reference/cli.md b/site/content/docs/reference/cli.md
index 9cb92b33..e5786505 100644
--- a/site/content/docs/reference/cli.md
+++ b/site/content/docs/reference/cli.md
@@ -10,98 +10,108 @@ menu:
     parent: reference
 ---
 
-## `pinniped version`
+## pinniped get kubeconfig
 
-Print the version of this Pinniped CLI.
+Generate a Pinniped-based kubeconfig for a cluster
 
-```sh
-pinniped version [flags]
 ```
-
-- `-h`, `--help`:
-
-   help for kubeconfig
-
-## `pinniped get kubeconfig`
-
-Generate a Pinniped-based kubeconfig for a cluster.
-
-```sh
 pinniped get kubeconfig [flags]
 ```
 
-- `-h`, `--help`:
+### Options
 
-  help for kubeconfig
-- `--concierge-api-group-suffix string`:
+```
+      --concierge-api-group-suffix string     Concierge API group suffix (default "pinniped.dev")
+      --concierge-authenticator-name string   Concierge authenticator name (default: autodiscover)
+      --concierge-authenticator-type string   Concierge authenticator type (e.g., 'webhook', 'jwt') (default: autodiscover)
+      --concierge-ca-bundle path              Path to TLS certificate authority bundle (PEM format, optional, can be repeated) to use when connecting to the Concierge
+      --concierge-credential-issuer string    Concierge CredentialIssuer object to use for autodiscovery (default: autodiscover)
+      --concierge-endpoint string             API base for the Concierge endpoint
+      --concierge-mode mode                   Concierge mode of operation (default TokenCredentialRequestAPI)
+      --concierge-skip-wait                   Skip waiting for any pending Concierge strategies to become ready (default: false)
+  -h, --help                                  help for kubeconfig
+      --kubeconfig string                     Path to kubeconfig file
+      --kubeconfig-context string             Kubeconfig context name (default: current active context)
+      --no-concierge                          Generate a configuration which does not use the Concierge, but sends the credential to the cluster directly
+      --oidc-ca-bundle path                   Path to TLS certificate authority bundle (PEM format, optional, can be repeated)
+      --oidc-client-id string                 OpenID Connect client ID (default: autodiscover) (default "pinniped-cli")
+      --oidc-issuer string                    OpenID Connect issuer URL (default: autodiscover)
+      --oidc-listen-port uint16               TCP port for localhost listener (authorization code flow only)
+      --oidc-request-audience string          Request a token with an alternate audience using RFC8693 token exchange
+      --oidc-scopes strings                   OpenID Connect scopes to request during login (default [offline_access,openid,pinniped:request-audience])
+      --oidc-session-cache string             Path to OpenID Connect session cache file
+      --oidc-skip-browser                     During OpenID Connect login, skip opening the browser (just print the URL)
+  -o, --output string                         Output file path (default: stdout)
+      --skip-validation                       Skip final validation of the kubeconfig (default: false)
+      --static-token string                   Instead of doing an OIDC-based login, specify a static token
+      --static-token-env string               Instead of doing an OIDC-based login, read a static token from the environment
+      --timeout duration                      Timeout for autodiscovery and validation (default 10m0s)
+```
 
-  Concierge API group suffix (default "pinniped.dev")
-- `--concierge-authenticator-name string`:
+### SEE ALSO
 
-  Concierge authenticator name (default: autodiscover)
-- `--concierge-authenticator-type string`:
+* [pinniped get]()	 - get
 
-  Concierge authenticator type (e.g., 'webhook', 'jwt') (default: autodiscover)
-- `--concierge-ca-bundle path`:
+## pinniped help
 
-  Path to TLS certificate authority bundle (PEM format, optional, can be repeated) to use when connecting to the Concierge
-- `--concierge-credential-issuer string`:
+Help about any command
 
-  Concierge CredentialIssuer object to use for autodiscovery (default: autodiscover)
-- `--concierge-endpoint string`:
+### Synopsis
 
-  API base for the Concierge endpoint
-- `--concierge-mode mode`:
+Help provides help for any command in the application.
+Simply type pinniped help [path to command] for full details.
 
-  Concierge mode of operation (default TokenCredentialRequestAPI)
-- `--concierge-skip-wait`:
+```
+pinniped help [command] [flags]
+```
 
-  Skip waiting for any pending Concierge strategies to become ready (default: false)
-- `--kubeconfig string`:
+### Options
 
-  Path to kubeconfig file
-- `--kubeconfig-context string`:
+```
+  -h, --help   help for help
+```
 
-  Kubeconfig context name (default: current active context)
-- `--no-concierge`:
+### SEE ALSO
 
-  Generate a configuration which does not use the Concierge, but sends the credential to the cluster directly
-- `--oidc-ca-bundle path`:
+* [pinniped]()	 - pinniped
 
-  Path to TLS certificate authority bundle (PEM format, optional, can be repeated)
-- `--oidc-client-id string`:
+## pinniped version
 
-  OpenID Connect client ID (default: autodiscover) (default "pinniped-cli")
-- `--oidc-issuer string`:
+Print the version of this Pinniped CLI
 
-  OpenID Connect issuer URL (default: autodiscover)
-- `--oidc-listen-port uint16`:
+```
+pinniped version [flags]
+```
 
-  TCP port for localhost listener (authorization code flow only)
-- `--oidc-request-audience string`:
+### Options
 
-  Request a token with an alternate audience using RFC8693 token exchange
-- `--oidc-scopes strings`:
+```
+  -h, --help   help for version
+```
 
-  OpenID Connect scopes to request during login (default [offline_access,openid,pinniped:request-audience])
-- `--oidc-session-cache string`:
+### SEE ALSO
 
-  Path to OpenID Connect session cache file
-- `--oidc-skip-browser`:
+* [pinniped]()	 - pinniped
 
-  During OpenID Connect login, skip opening the browser (just print the URL)
-- `-o`, `--output string`:
+## pinniped whoami
 
-  Output file path (default: stdout)
-- `--skip-validation`:
+Print information about the current user
 
-  Skip final validation of the kubeconfig (default: false)
-- `--static-token string`:
+```
+pinniped whoami [flags]
+```
 
-  Instead of doing an OIDC-based login, specify a static token
-- `--static-token-env string`:
+### Options
 
-  Instead of doing an OIDC-based login, read a static token from the environment
-- `--timeout duration`:
+```
+      --api-group-suffix string     Concierge API group suffix (default "pinniped.dev")
+  -h, --help                        help for whoami
+      --kubeconfig string           Path to kubeconfig file
+      --kubeconfig-context string   Kubeconfig context name (default: current active context)
+  -o, --output string               Output format (e.g., 'yaml', 'json', 'text') (default "text")
+```
+
+### SEE ALSO
+
+* [pinniped]()	 - pinniped
 
-  Timeout for autodiscovery and validation (default 10m0s)