site sidebar: menu renaming & reorganization

site/content/docs/howto/concierge/_index.md

@@ -0,0 +1,14 @@
+---
+title: How-to Guides for Configuring Concierge
+cascade:
+  layout: docs
+menu:
+  docs:
+    name: Concierge Configuration
+    identifier: howto-configure-concierge
+    weight: 60
+---
+
+These how-to guides show you how to install and configure Pinniped Concierge:
+
+{{< docsmenu "howto-configure-concierge" >}}

site/content/docs/howto/concierge/configure-concierge-jwt.md

@@ -5,9 +5,9 @@ cascade:
   layout: docs
 menu:
   docs:
-    name: Configure Concierge JWT Authentication
+    name: JWT Authentication
     weight: 30
-    parent: howtos
+    parent: howto-configure-concierge
 ---
 The Concierge can validate [JSON Web Tokens (JWTs)](https://tools.ietf.org/html/rfc7519), which are commonly issued by [OpenID Connect (OIDC)](https://openid.net/connect/) identity providers.
 

site/content/docs/howto/concierge/configure-concierge-supervisor-jwt.md

@@ -5,9 +5,9 @@ cascade:
   layout: docs
 menu:
   docs:
-    name: Configure Concierge JWT Authentication with the Supervisor
+    name: JWT Authentication with Supervisor
-    weight: 50
+    weight: 40
-    parent: howtos
+    parent: howto-configure-concierge
 ---
 The Concierge can validate [JSON Web Tokens (JWTs)](https://tools.ietf.org/html/rfc7519), which are commonly issued by [OpenID Connect (OIDC)](https://openid.net/connect/) identity providers.
 

site/content/docs/howto/concierge/configure-concierge-webhook.md

@@ -5,9 +5,9 @@ cascade:
   layout: docs
 menu:
   docs:
-    name: Configure Concierge Webhook Authentication
+    name: Webhook Authentication
-    weight: 40
+    weight: 50
-    parent: howtos
+    parent: howto-configure-concierge
 ---
 
 The Concierge can validate arbitrary tokens via an external webhook endpoint using the [same validation process as Kubernetes itself](https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication).

site/content/docs/howto/idps/_index.md

@@ -4,7 +4,7 @@ cascade:
   layout: docs
 menu:
   docs:
-    name: How-to Configure IDPs
+    name: Supervisor Configuration
     identifier: howto-configure-idps
     weight: 60
 ---

site/content/docs/howto/idps/configure-supervisor-with-activedirectory.md

@@ -5,7 +5,7 @@ cascade:
   layout: docs
 menu:
   docs:
-    name: Configure Supervisor With Active Directory
+    name: With Active Directory
     weight: 110
     parent: howto-configure-idps
 ---

site/content/docs/howto/idps/configure-supervisor-with-auth0.md

@@ -5,7 +5,7 @@ cascade:
   layout: docs
 menu:
   docs:
-    name: Configure Supervisor With Auth0 OIDC
+    name: With Auth0 OIDC
     weight: 80
     parent: howto-configure-idps
 ---

site/content/docs/howto/idps/configure-supervisor-with-dex.md

@@ -5,7 +5,7 @@ cascade:
   layout: docs
 menu:
   docs:
-    name: Configure Supervisor With Dex OIDC
+    name: With Dex OIDC
     weight: 80
     parent: howto-configure-idps
 ---

site/content/docs/howto/idps/configure-supervisor-with-gitlab.md

@@ -5,7 +5,7 @@ cascade:
   layout: docs
 menu:
   docs:
-    name: Configure Supervisor With GitLab OIDC
+    name: With GitLab OIDC
     weight: 90
     parent: howto-configure-idps
 ---

site/content/docs/howto/idps/configure-supervisor-with-jumpcloudldap.md

@@ -5,7 +5,7 @@ cascade:
   layout: docs
 menu:
   docs:
-    name: Configure Supervisor With JumpCloud LDAP
+    name: With JumpCloud LDAP
     weight: 110
     parent: howto-configure-idps
 ---

site/content/docs/howto/idps/configure-supervisor-with-okta.md

@@ -5,7 +5,7 @@ cascade:
   layout: docs
 menu:
   docs:
-    name: Configure Supervisor With Okta OIDC
+    name: With Okta OIDC
     weight: 80
     parent: howto-configure-idps
 ---

site/content/docs/howto/idps/configure-supervisor-with-openldap.md

@@ -5,7 +5,7 @@ cascade:
   layout: docs
 menu:
   docs:
-    name: Configure Supervisor With OpenLDAP
+    name: With OpenLDAP
     weight: 100
     parent: howto-configure-idps
 ---

site/content/docs/howto/idps/configure-supervisor-with-workspace_one_access.md

@@ -5,7 +5,7 @@ cascade:
   layout: docs
 menu:
   docs:
-    name: Configure Supervisor With Workspace ONE Access
+    name: With Workspace ONE Access
     weight: 80
     parent: howto-configure-idps
 ---

site/content/docs/howto/idps/configure-supervisor.md

@@ -5,9 +5,9 @@ cascade:
   layout: docs
 menu:
   docs:
-    name: Configure Supervisor as an OIDC Issuer
+    name: As an OIDC Issuer
-    weight: 70
+    weight: 10
-    parent: howtos
+    parent: howto-configure-idps
 ---
 
 The Supervisor is an [OpenID Connect (OIDC)](https://openid.net/connect/) issuer that supports connecting a single

site/content/docs/tutorials/concierge-and-supervisor-demo.md

@@ -101,7 +101,7 @@ had to make some choices. The choices made for this tutorial were:
 - For web-based login flows as used by OIDC identity providers, the Pinniped Supervisor needs TLS certificates
   that are trusted by the end users' web browsers. There are many ways to create TLS certificates.
   There are also several ways to configure the TLS certificates on the Supervisor, as described in the
-  [docs for configuring the Supervisor]({{< ref "../howto/configure-supervisor" >}}).
+  [docs for configuring the Supervisor]({{< ref "../howto/idps/configure-supervisor" >}}).
   For this tutorial we will use [Let's Encrypt](https://letsencrypt.org) with [cert-manager](https://cert-manager.io/docs/),
   because any reader could use these services if they would like to try these steps themselves.
 - The Pinniped Concierge can be installed in many types of Kubernetes clusters, as described in
@@ -198,7 +198,7 @@ kubectl apply \
 ### Create a LoadBalancer Service for the Supervisor
 
 There are several options for exposing the Supervisor's endpoints outside the cluster, which are described in the
-[howto guide for configuring the Supervisor]({{< ref "../howto/configure-supervisor" >}}). For this tutorial,
+[howto guide for configuring the Supervisor]({{< ref "../howto/idps/configure-supervisor" >}}). For this tutorial,
 we will use a public LoadBalancer.
 
 Create a LoadBalancer to expose the Supervisor's endpoints to the public, being careful to only

site/content/docs/tutorials/concierge-only-demo.md

@@ -24,8 +24,8 @@ for a more specific example of installing onto a local kind cluster, including t
 1. [Install the Concierge]({{< ref "../howto/install-concierge" >}}).
 1. [Install the Pinniped command-line tool]({{< ref "../howto/install-cli" >}}).
 1. Configure the Concierge with a
-   [JWT]({{< ref "../howto/configure-concierge-jwt" >}}) or
+   [JWT]({{< ref "../howto/concierge/configure-concierge-jwt" >}}) or
-   [webhook]({{< ref "../howto/configure-concierge-webhook" >}}) authenticator.
+   [webhook]({{< ref "../howto/concierge/configure-concierge-webhook" >}}) authenticator.
 1. Generate a kubeconfig using the Pinniped command-line tool (run `pinniped get kubeconfig --help` for more information).
 1. Run `kubectl` commands using the generated kubeconfig. The Pinniped Concierge will automatically be used for authentication during those commands.
 

site/content/posts/2021-06-02-first-ldap-release.md

@@ -111,7 +111,7 @@ And it is important that your users are using authentic kubeconfig files handed
 ### How to use LDAP with your Pinniped Supervisor
 
 Once you have [installed]({{< ref "docs/howto/install-supervisor.md" >}})
-and [configured]({{< ref "docs/howto/configure-supervisor.md" >}}) the Supervisor, adding an LDAP provider is as easy as creating
+and [configured]({{< ref "docs/howto/idps/configure-supervisor.md" >}}) the Supervisor, adding an LDAP provider is as easy as creating
 an [LDAPIdentityProvider](https://github.com/vmware-tanzu/pinniped/blob/main/generated/1.20/README.adoc#ldapidentityprovider) resource.
 
 We've provided examples of using [OpenLDAP]({{< ref "docs/howto/install-supervisor.md" >}})

site/content/posts/2021-08-27-supporting-ad-oidc-workflows.md

@@ -23,7 +23,7 @@ Our initial LDAP implementation released with v.10.0 can be used to work with an
 
 Pinniped Supervisor authenticates your users with the AD provider via the LDAP protocol, and then issues unique, short-lived, per-cluster tokens. Our previous blog post on [LDAP configuration]({{< ref "2021-06-02-first-ldap-release.md">}}), elaborates on the security considerations to support integration at the Pinniped Supervisor level instead of at the Concierge.
 
-To setup the AD configuration, once you have Supervisor configured with ingress [installed the Pinniped Supervisor]({{< ref "docs/howto/install-supervisor.md" >}}) and you have [configured a FederationDomain]({{< ref "docs/howto/configure-supervisor" >}}) to issue tokens for your downstream clusters, you can create an [ActiveDirectoryIdentityProvider](https://github.com/vmware-tanzu/pinniped/blob/main/generated/1.20/README.adoc#activedirectoryidentityprovider) in the same namespace as the Supervisor.
+To setup the AD configuration, once you have Supervisor configured with ingress [installed the Pinniped Supervisor]({{< ref "docs/howto/install-supervisor.md" >}}) and you have [configured a FederationDomain]({{< ref "docs/howto/idps/configure-supervisor" >}}) to issue tokens for your downstream clusters, you can create an [ActiveDirectoryIdentityProvider](https://github.com/vmware-tanzu/pinniped/blob/main/generated/1.20/README.adoc#activedirectoryidentityprovider) in the same namespace as the Supervisor.
 Here’s what an example configuration looks like
 
 ```yaml

site/themes/pinniped/assets/scss/_components.scss

@@ -291,10 +291,9 @@
             }
         }
         code {
-            background-color: $white;
+            background: #efefef;
-            color: $darkgrey;
+            padding: 2px 4px;
-            border: 2px solid #EFEFEF;
+            font-size: 85%;
-            padding: 2px 8px;
             .c1 {
                 color: $blue;
                 font-style: italic;
@@ -310,10 +309,9 @@
             white-space: -o-pre-wrap;
             word-wrap: break-word;
             code {
-                display: block;
+                background: #efefef;
-                border: 15px solid #EFEFEF;
+                padding: 2px 4px;
-                padding: 15px;
+                font-size: 85%;
-                margin-bottom: 30px;
             }
         }
         img {
@@ -458,24 +456,34 @@
             width: 100%;
             float: none;
         }
-
+        position: relative;
+        // border-right: 1px solid $lightgrey;
+        a.active {
+            background: $lightgrey;
+            padding: 5px 7px;
+            margin-left: -7px;
+        }
+        h3 {
+            font-size: 18px;
+            font-family: $metropolis-medium;
+            margin-bottom: 10px;
+            a {
+                font-weight: 300;
+                line-height: 1.25;
+                color: #000;
+            }
+        }
         ul {
             padding-left: 0px;
+            margin-top: 0;
             margin-bottom: 35px;
-            ul {
+            list-style-type: none;
-                padding-left: 15px;
-                margin-top: 10px;
-                margin-bottom: 15px;
-            }
             li {
-                display: list-item;
+                padding-right: 0px;
-                margin-bottom: 15px;
                 a {
-                    color: $grey;
+                    display: block;
                     font-size: 14px;
-                    &.active {
+                    font-weight: 300;
-                        color: $blue;
-                    }
                 }
                 &.heading {
                     color: $black;
@@ -523,10 +531,9 @@
             }
         }
         code {
-            background-color: $white;
+            background: #efefef;
-            color: $darkgrey;
+            padding: 2px 4px;
-            border: 2px solid #EFEFEF;
+            font-size: 85%;
-            padding: 2px 8px;
             .c1 {
                 color: $blue;
                 font-style: italic;
@@ -542,11 +549,9 @@
             white-space: -o-pre-wrap;
             word-wrap: break-word;
             code {
-                display: block;
+                background: #efefef;
-                border: 15px solid #EFEFEF;
+                padding: 2px 4px;
-                padding: 15px;
+                font-size: 85%;
-                margin-bottom: 30px;
-                font-size: 14px;
             }
         }
         img {

site/themes/pinniped/layouts/partials/docs-sidebar.html

@@ -7,21 +7,19 @@
                  dir="auto" style="position: relative; vertical-align: top;">
         </span>
 </form>
-    <ul>
+    <div class="navigation">
         {{- $currentPage := . }}
         {{- range .Site.Menus.docs }}
+        <h3>
+            <a href="{{ .URL }}" class="{{ cond ($currentPage.IsMenuCurrent "docs" .) "active" "" }}">{{ .Name }}</a>
+        </h3>
+        <ul>
+           {{- range .Children }}
                 <li>
-                    <a href="{{ .URL }}" class="{{ cond ($currentPage.IsMenuCurrent "docs" .) "active" "" }}">{{ .Name }}</a>
+                    <a href="{{ .URL }}"{{ if $currentPage.IsMenuCurrent "docs" . }} class="active"{{ end }} >{{ .Name }}</a>
-                    {{- if .HasChildren }}
-                    <ul class="sub-menu">
-                        {{- range .Children }}
-                            <li>
-                                <a href="{{ .URL }}"{{ if $currentPage.IsMenuCurrent "docs" . }} class="active"{{ end }} >{{ .Name }}</a>
-                            </li>
-                        {{- end }}
-                    </ul>
-                    {{- end }}
                 </li>
+            {{- end }}
+        </ul>
         {{- end }}
-    </ul>
+    </div>
 </div>