Update docs to reference the latest k8s codegen version

Signed-off-by: Margo Crawford <margaretc@vmware.com>

site/config.yaml

@@ -8,6 +8,7 @@ params:
   slack_url: "https://kubernetes.slack.com/messages/pinniped"
   community_url: "https://go.pinniped.dev/community"
   latest_version: v0.14.0
+  latest_codegen_version: 1.23
 pygmentsCodefences: true
 pygmentsStyle: "pygments"
 markup:

site/content/docs/background/architecture.md

@@ -48,7 +48,7 @@ Pinniped supports the following IDPs.
 1. Any Active Directory identity provider (via LDAP).
 
 The
-[`idp.supervisor.pinniped.dev`](https://github.com/vmware-tanzu/pinniped/blob/main/generated/1.20/README.adoc#k8s-api-idp-supervisor-pinniped-dev-v1alpha1)
+[`idp.supervisor.pinniped.dev`](https://github.com/vmware-tanzu/pinniped/blob/main/generated/{{< latestcodegenversion >}}/README.adoc#k8s-api-idp-supervisor-pinniped-dev-v1alpha1)
 API group contains the Kubernetes custom resources that configure the Pinniped
 Supervisor's upstream IDPs.
 
@@ -83,7 +83,7 @@ Pinniped supports the following authenticator types.
    set on the `kube-apiserver` process.
 
 The
-[`authentication.concierge.pinniped.dev`](https://github.com/vmware-tanzu/pinniped/blob/main/generated/1.20/README.adoc#k8s-api-authentication-concierge-pinniped-dev-v1alpha1)
+[`authentication.concierge.pinniped.dev`](https://github.com/vmware-tanzu/pinniped/blob/main/generated/{{< latestcodegenversion >}}/README.adoc#k8s-api-authentication-concierge-pinniped-dev-v1alpha1)
 API group contains the Kubernetes custom resources that configure the Pinniped
 Concierge's authenticators.
 

site/content/docs/howto/configure-supervisor-with-activedirectory.md

@@ -22,7 +22,7 @@ and that you have [configured a FederationDomain to issue tokens for your downst
 
 ## Configure the Supervisor cluster
 
-Create an [ActiveDirectoryIdentityProvider](https://github.com/vmware-tanzu/pinniped/blob/main/generated/1.20/README.adoc#activedirectoryidentityprovider) in the same namespace as the Supervisor.
+Create an [ActiveDirectoryIdentityProvider](https://github.com/vmware-tanzu/pinniped/blob/main/generated/{{< latestcodegenversion >}}/README.adoc#activedirectoryidentityprovider) in the same namespace as the Supervisor.
 
 ### ActiveDirectoryIdentityProvider with default options
 

site/content/docs/howto/configure-supervisor-with-dex.md

@@ -71,7 +71,7 @@ staticClients:
 
 ## Configure the Supervisor
 
-Create an [OIDCIdentityProvider](https://github.com/vmware-tanzu/pinniped/blob/main/generated/1.20/README.adoc#oidcidentityprovider) resource in the same namespace as the Supervisor.
+Create an [OIDCIdentityProvider](https://github.com/vmware-tanzu/pinniped/blob/main/generated/{{< latestcodegenversion >}}/README.adoc#oidcidentityprovider) resource in the same namespace as the Supervisor.
 
 For example, the following OIDCIdentityProvider and the corresponding Secret use Dex's `email` claim as the Kubernetes username:
 

site/content/docs/howto/configure-supervisor-with-gitlab.md

@@ -41,7 +41,7 @@ For example, to create a user-owned application:
 
 ## Configure the Supervisor cluster
 
-Create an [OIDCIdentityProvider](https://github.com/vmware-tanzu/pinniped/blob/main/generated/1.20/README.adoc#oidcidentityprovider) in the same namespace as the Supervisor.
+Create an [OIDCIdentityProvider](https://github.com/vmware-tanzu/pinniped/blob/main/generated/{{< latestcodegenversion >}}/README.adoc#oidcidentityprovider) in the same namespace as the Supervisor.
 
 For example, this OIDCIdentityProvider and corresponding Secret for [gitlab.com](https://gitlab.com) use the `nickname` claim (GitLab username) as the Kubernetes username:
 

site/content/docs/howto/configure-supervisor-with-jumpcloudldap.md

@@ -45,7 +45,7 @@ Here are some good resources to review while setting up and using JumpCloud's LD
 
 ## Configure the Supervisor cluster
 
-Create an [LDAPIdentityProvider](https://github.com/vmware-tanzu/pinniped/blob/main/generated/1.20/README.adoc#ldapidentityprovider) in the same namespace as the Supervisor.
+Create an [LDAPIdentityProvider](https://github.com/vmware-tanzu/pinniped/blob/main/generated/{{< latestcodegenversion >}}/README.adoc#ldapidentityprovider) in the same namespace as the Supervisor.
 
 For example, this LDAPIdentityProvider configures the LDAP entry's `uid` as the Kubernetes username,
 and the `cn` (common name) of each group to which the user belongs as the Kubernetes group names.

site/content/docs/howto/configure-supervisor-with-okta.md

@@ -49,7 +49,7 @@ For example, to create an app:
 
 ## Configure the Supervisor
 
-Create an [OIDCIdentityProvider](https://github.com/vmware-tanzu/pinniped/blob/main/generated/1.20/README.adoc#oidcidentityprovider) in the same namespace as the Supervisor.
+Create an [OIDCIdentityProvider](https://github.com/vmware-tanzu/pinniped/blob/main/generated/{{< latestcodegenversion >}}/README.adoc#oidcidentityprovider) in the same namespace as the Supervisor.
 
 For example, this OIDCIdentityProvider and corresponding Secret use Okta's `email` claim as the Kubernetes username:
 

site/content/docs/howto/configure-supervisor-with-openldap.md

@@ -185,7 +185,7 @@ kubectl apply -f openldap.yaml
 
 ## Configure the Supervisor cluster
 
-Create an [LDAPIdentityProvider](https://github.com/vmware-tanzu/pinniped/blob/main/generated/1.20/README.adoc#ldapidentityprovider) in the same namespace as the Supervisor.
+Create an [LDAPIdentityProvider](https://github.com/vmware-tanzu/pinniped/blob/main/generated/{{< latestcodegenversion >}}/README.adoc#ldapidentityprovider) in the same namespace as the Supervisor.
 
 For example, this LDAPIdentityProvider configures the LDAP entry's `uid` as the Kubernetes username,
 and the `cn` (common name) of each group to which the user belongs as the Kubernetes group names.

site/content/docs/reference/active-directory-configuration.md

@@ -11,7 +11,7 @@ menu:
 ---
 
 This describes the default values for the `ActiveDirectoryIdentityProvider` user and group search. For more about `ActiveDirectoryIdentityProvider`
-configuration, see [the API reference documentation](https://github.com/vmware-tanzu/pinniped/blob/main/generated/1.20/README.adoc#activedirectoryidentityprovider).
+configuration, see [the API reference documentation](https://github.com/vmware-tanzu/pinniped/blob/main/generated/{{< latestcodegenversion >}}/README.adoc#activedirectoryidentityprovider).
 
 ### `spec.userSearch.base`
 

site/content/docs/reference/api.md

@@ -9,4 +9,4 @@ menu:
     weight: 35
     parent: reference
 ---
-Full API reference documentation for the Pinniped Kubernetes API is available [on GitHub](https://github.com/vmware-tanzu/pinniped/blob/main/generated/1.23/README.adoc).
+Full API reference documentation for the Pinniped Kubernetes API is available [on GitHub](https://github.com/vmware-tanzu/pinniped/blob/main/generated/{{< latestcodegenversion >}}/README.adoc).

site/content/docs/reference/supported-clusters.md

@@ -30,7 +30,7 @@ Most managed Kubernetes services do not support this.
 2. Impersonation Proxy: Can be run on any Kubernetes cluster. Default configuration requires that a `LoadBalancer` service can be created. Most cloud-hosted Kubernetes environments have this
 capability. The Impersonation Proxy automatically provisions (when `spec.impersonationProxy.mode` is set to `auto`) a `LoadBalancer` for ingress to the impersonation endpoint. Users who wish to use the impersonation proxy without an automatically
 configured `LoadBalancer` can do so with an automatically provisioned `ClusterIP` or with a Service that they provision themselves. These options
-can be configured in the spec of the [`CredentialIssuer`](https://github.com/vmware-tanzu/pinniped/blob/main/generated/1.20/README.adoc#credentialissuer).
+can be configured in the spec of the [`CredentialIssuer`](https://github.com/vmware-tanzu/pinniped/blob/main/generated/{{< latestcodegenversion >}}/README.adoc#credentialissuer).
 
 If a cluster is capable of supporting both strategies, the Pinniped CLI will use the
 token credential request API strategy by default.

site/content/docs/tutorials/concierge-and-supervisor-demo.md

@@ -361,7 +361,7 @@ kubectl get secret supervisor-tls-cert \
 
 ### Configure a FederationDomain in the Pinniped Supervisor
 
-The Supervisor should be configured to have a [FederationDomain](https://github.com/vmware-tanzu/pinniped/blob/main/generated/1.20/README.adoc#federationdomain), which, under the hood:
+The Supervisor should be configured to have a [FederationDomain](https://github.com/vmware-tanzu/pinniped/blob/main/generated/{{< latestcodegenversion >}}/README.adoc#federationdomain), which, under the hood:
 - Acts as an OIDC provider to the Pinniped CLI, creating a consistent interface for the CLI to use regardless
   of which protocol the Supervisor is using to talk to the external identity provider
 - Also acts as an OIDC provider to the workload cluster's Concierge component, which will receive JWT tokens
@@ -417,7 +417,7 @@ The general steps required to create and configure a client in Okta are:
 
 ### Configure the Supervisor to use Okta as the external identity provider
 
-Create an [OIDCIdentityProvider](https://github.com/vmware-tanzu/pinniped/blob/main/generated/1.20/README.adoc#oidcidentityprovider) and a Secret.
+Create an [OIDCIdentityProvider](https://github.com/vmware-tanzu/pinniped/blob/main/generated/{{< latestcodegenversion >}}/README.adoc#oidcidentityprovider) and a Secret.
 
 ```sh
 # Replace the issuer's domain, the client ID, and client secret below.
@@ -488,7 +488,7 @@ kubectl apply -f \
 
 Configure the Concierge on the first workload cluster to trust the Supervisor's
 FederationDomain for authentication by creating a
-[JWTAuthenticator](https://github.com/vmware-tanzu/pinniped/blob/main/generated/1.20/README.adoc#jwtauthenticator).
+[JWTAuthenticator](https://github.com/vmware-tanzu/pinniped/blob/main/generated/{{< latestcodegenversion >}}/README.adoc#jwtauthenticator).
 
 ```sh
 # The audience value below is an arbitrary value which must uniquely

site/themes/pinniped/layouts/shortcodes/latestcodegenversion.html

@@ -0,0 +1 @@
+{{ .Site.Params.latest_codegen_version }}