Ryan Richard
488f08dd6e
Provide a way to override the new HTTP loopback-only validation
...
Add new deprecated_insecure_accept_external_unencrypted_http_requests
value in values.yaml. Allow it to be a boolean or a string to make it
easier to use (both --data-value and --data-value-yaml will work).
Also:
- Consider "ip6-localhost" and "ip6-loopback" to be loopback addresses
for the validation
- Remove unused env.SupervisorHTTPAddress var
- Deprecate the `service_http_*` values in values.yaml by renaming them
and causing a ytt render error when the old names are used
2022-03-28 17:03:23 -07:00
Monis Khan
57fb085bef
Add Workspace ONE Access docs
...
Signed-off-by: Monis Khan <mok@vmware.com>
2022-03-24 20:17:54 -04:00
Ryan Richard
8d12c1b674
HTTP listener: default disabled and may only bind to loopback interfaces
2022-03-24 15:46:10 -07:00
Nigel Brown
b5be8c6c9b
Update _index.html
...
Add current community meeting info
2022-03-21 13:08:54 -05:00
Mo Khan
853cc753b8
Merge pull request #1024 from anjaltelang/main
...
Blog changes for Group refresh
2022-03-04 13:28:18 -05:00
Pinny
cdfb3b75cb
Updated versions in docs for v0.15.0 release
2022-03-04 17:36:24 +00:00
Pinny
89e68489ea
Updated versions in docs for v0.14.0 release
2022-03-03 21:57:36 +00:00
Mo Khan
eec5f0fa26
Fix v0.15.0 release link
2022-03-03 15:28:01 -05:00
Ryan Richard
7e8eba3244
Update 2022-01-18-idp-refresh-tls-ciphers-for-compliance.md
2022-03-03 12:23:42 -08:00
Margo Crawford
b8bdfa1b9a
Update docs to reference the latest k8s codegen version
...
Signed-off-by: Margo Crawford <margaretc@vmware.com>
2022-03-03 10:36:42 -08:00
Anjali Telang
27f04e9ab9
Blog changes for Group refresh
...
Signed-off-by: Anjali Telang <atelang@vmware.com>
2022-03-03 12:49:01 -05:00
Mo Khan
be2aee957c
Bump API docs to 1.23
...
Seems like this should be automated.
2022-03-02 09:04:41 -05:00
Mo Khan
c4ae5cfebb
Merge pull request #1003 from enj/enj/d/dex_password
...
Update dex docs regarding password grant
2022-02-15 15:45:54 -05:00
Ryan Richard
0175445ece
Merge branch 'main' into gke_tutorial
2022-02-15 09:22:52 -08:00
Ryan Richard
f728ea743f
Add --ignore-not-found to delete Supervisor app command
2022-02-15 09:04:47 -08:00
Ryan Richard
230e563ab7
Another draft of the new tutorial guide
2022-02-14 17:23:57 -08:00
Monis Khan
a21a5bca1e
Update dex docs regarding password grant
...
Signed-off-by: Monis Khan <mok@vmware.com>
2022-02-13 12:48:20 -05:00
Ryan Richard
05ec8cba8c
Add a new subheading to the tutorial doc
2022-02-11 17:16:40 -08:00
Ryan Richard
e57a1a7891
Overwrite the old Supervisor+Concierge tutorial with the new one
...
And make it easier for web site readers to find by adding prominent
links to it from several places.
2022-02-11 17:03:13 -08:00
Mo Khan
2c0b5b733b
Bump site latest_version to v0.14.0
2022-02-10 16:13:39 -05:00
Ryan Richard
c56ef5c40c
First draft of a Supervisor on GKE + Concierge on GKE tutorial
...
Including ingress, DNS, cert-manager + letsencrypt for TLS certs,
Okta, multiple workload clusters, etc.
2022-02-09 17:13:40 -08:00
Nanci Lancaster
d728c89ba6
updated search functionality of docs on site
...
Signed-off-by: Nanci Lancaster <nancil@vmware.com>
2022-02-09 11:01:37 -05:00
Margo Crawford
3b1153cd91
Update latest version to v0.13.0
2022-01-21 15:19:40 -08:00
anjalitelang
6590230bcd
Merge pull request #954 from anjaltelang/main
...
Blog for v0.13.0
2022-01-21 15:17:18 -08:00
Pinny
4f06cd3c2e
Update CLI docs for v0.13.0 release
2022-01-21 23:12:12 +00:00
Margo Crawford
dea9bf9b90
Merge pull request #970 from vmware-tanzu/kubectl-apply-resources
...
When instructing users how to install the concierge with kubectl apply,
2022-01-21 13:36:52 -08:00
Margo Crawford
726e88ea03
When instructing users how to install the concierge with kubectl apply,
...
reccommend using install-pinniped-concierge-crds.yaml, then
install-pinniped-concierge-resources.yaml.
Previously we recommended install-pinniped-concierge-crds (a subset),
then install-pinniped-concierge (everything concierge related, including
the crds). This works fine for install, but not uninstall. Instead we
should use a separate yaml file that contains everything in
install-pinniped-concierge but *not* in install-pinniped-concierge-crds.
We have been generating this file in CI since a5ced4286b6febc7474b7adee34eeb1b62ec82b7
but we haven't released since then so we haven't been able to recommend
its use.
2022-01-21 10:26:45 -08:00
Margo Crawford
62a8967db1
Request offline_access in the concierge with supervisor demo
...
It's a generic config and not OIDC provider specific
but since most providers require it it seems like the
best default.
2022-01-21 09:58:04 -08:00
Monis Khan
1e1789f6d1
Allow configuration of supervisor endpoints
...
This change allows configuration of the http and https listeners
used by the supervisor.
TCP (IPv4 and IPv6 with any interface and port) and Unix domain
socket based listeners are supported. Listeners may also be
disabled.
Binding the http listener to TCP addresses other than 127.0.0.1 or
::1 is deprecated.
The deployment now uses https health checks. The supervisor is
always able to complete a TLS connection with the use of a bootstrap
certificate that is signed by an in-memory certificate authority.
To support sidecar containers used by service meshes, Unix domain
socket based listeners include ACLs that allow writes to the socket
file from any runAsUser specified in the pod's containers.
Signed-off-by: Monis Khan <mok@vmware.com>
2022-01-18 17:43:45 -05:00
Nanci Lancaster
e31a410096
Updated community and resources pages
2021-12-16 16:02:47 -06:00
Ryan Richard
aa361a70a7
clarifications to code walkthrough doc
2021-12-03 10:50:02 -08:00
Ryan Richard
7b6bdd8129
fix link to blog and add another in doc
2021-12-03 10:32:16 -08:00
Ryan Richard
2736c3603a
fix typo in doc
2021-12-03 09:17:17 -08:00
Ryan Richard
3ea90467b7
add first draft of code walk-through doc
2021-12-02 17:18:50 -08:00
Monis Khan
2ba5d51120
Change default install hint to use get.pinniped.dev/cli
...
This avoids a hard link against a docs page that may change over
time.
Signed-off-by: Monis Khan <mok@vmware.com>
2021-10-26 17:14:13 -04:00
Anjali Telang
59256264ec
Changing the architecture.md weight back to 100
...
Signed-off-by: Anjali Telang <atelang@vmware.com>
2021-10-26 16:34:32 -04:00
Anjali Telang
f93cdcb9c5
Merge remote-tracking branch 'upstream/main' into main
2021-10-26 15:29:56 -04:00
Ryan Richard
dec43289f6
Lots of small updates based on PR feedback
2021-10-20 15:53:25 -07:00
Anjali Telang
a22507f835
Architecture should be on top of the docs page
...
Signed-off-by: Anjali Telang <atelang@vmware.com>
2021-10-19 13:46:30 -04:00
Ryan Richard
d3ade82f3f
Update docs
2021-10-19 09:48:40 -07:00
Ryan Richard
d68bebeb49
Merge branch 'main' into upstream_refresh
2021-10-18 15:35:46 -07:00
Ryan Richard
ddb23bd2ed
Add upstream refresh related config to OIDCIdentityProvider CRD
...
Also update related docs.
2021-10-14 15:49:44 -07:00
Margo Crawford
4aa66b9667
Update site/content/docs/reference/supported-clusters.md
...
Co-authored-by: Mo Khan <i@monis.app>
2021-10-06 11:23:29 -07:00
Margo Crawford
11797db866
Change description of impersonation proxy strategy in supported clusters.
...
This was wrong, since you don't need a LoadBalancer to run the
impersonation proxy if you specify spec.service.type = "None" or
"ClusterIP" on the CredentialIssuer.
2021-10-06 11:08:17 -07:00
Ryan Richard
95b9782549
Update config.yaml
2021-09-16 11:43:40 -07:00
Matt Moyer
402c213183
So long and thanks for all the fish 🦭
...
Today is my last day working full time on Pinniped (for now). This change removes me from the MAINTAINERS.md and the website.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-09-03 12:38:53 -05:00
Anjali Telang
4e7214c6b5
Rephrased again
...
Signed-off-by: Anjali Telang <atelang@vmware.com>
2021-09-02 14:54:14 -04:00
Anjali Telang
85daec4748
Rephrased
...
Signed-off-by: Anjali Telang <atelang@vmware.com>
2021-09-02 14:51:36 -04:00
Anjali Telang
cf014656af
Add Reference to release notes in the v0.11.0 Blog post
...
Signed-off-by: Anjali Telang <atelang@vmware.com>
2021-09-02 14:44:53 -04:00
Anjali Telang
fcffab9a4c
Add community info and resolve some minor issues
...
Signed-off-by: Anjali Telang <atelang@vmware.com>
2021-09-01 13:23:26 -04:00
Ryan Richard
92f7f12bab
Update latest release tag in site/config.yaml, used by docs
2021-08-31 16:47:40 -07:00
Ryan Richard
7c40185676
Merge pull request #825 from anjaltelang/main
...
Add Blog post for v0.11.0 release
2021-08-31 16:46:23 -07:00
Pinny
abf19f649d
Update CLI docs for v0.11.0 release
2021-08-31 23:40:00 +00:00
Pinny
0a2a716796
Update CLI docs for v0.10.0 release
2021-08-31 23:21:54 +00:00
Anjali Telang
a27e398923
Changed date and cleaned up some more AD format
...
Signed-off-by: Anjali Telang <atelang@vmware.com>
2021-08-31 15:02:57 -04:00
Ryan Richard
883007aa1b
Merge pull request #756 from vmware-tanzu/ad-identity-provider-docs
...
Document how to configure the ActiveDirectoryIdentityProvider
2021-08-31 10:48:25 -07:00
Anjali Telang
ba1470ea9d
Add AD changes
...
Signed-off-by: Anjali Telang <atelang@vmware.com>
2021-08-30 21:04:48 -04:00
Matt Moyer
0c8d885c26
Update YouTube demo link to our official page.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-08-30 16:29:32 -05:00
Anjali Telang
23fb84029b
changes made on ryan's review comments
...
Signed-off-by: Anjali Telang <atelang@vmware.com>
2021-08-28 15:59:04 -04:00
Anjali Telang
42af8acd1e
Fixed yaml format for Aud
...
Signed-off-by: Anjali Telang <atelang@vmware.com>
2021-08-27 17:14:53 -04:00
Anjali Telang
bb657e7432
Blog for v0.11.0
...
Signed-off-by: Anjali Telang <atelang@vmware.com>
2021-08-27 17:00:34 -04:00
Margo Crawford
44e5e9d8c9
Add sentence about api docs
2021-08-26 17:02:56 -07:00
Ryan Richard
f579b1cb9f
Merge pull request #812 from vmware-tanzu/resources_section_web_site
...
Add "Resources" section to pinniped.dev web site
2021-08-26 16:23:36 -07:00
Ryan Richard
e24040b0a9
add link to CNCF presentation slides
2021-08-26 15:52:04 -07:00
Ryan Richard
86bfd4f5e4
Number each install step using "1."
2021-08-25 16:37:36 -07:00
Ryan Richard
d453bf3403
Add "Resources" section to pinniped.dev web site
2021-08-25 16:25:53 -07:00
Ryan Richard
399737e7c6
Install docs use more GitOps-friendly style
2021-08-25 14:33:48 -07:00
Margo Crawford
cec3c2133a
Update with new default values
2021-08-19 16:27:43 -07:00
Ryan Richard
42d31a7085
Update login.md doc to mention OIDC CLI-based flow
2021-08-19 09:59:47 -07:00
Matt Moyer
a464c81711
Bump latest version on website.
...
We accidentally missed this in the v0.10.0 release process. The new YAML field here should make it easier to automate this step, which seems like a really good idea.
2021-08-03 09:21:54 -05:00
Matt Moyer
65fa47cbcd
Link to the release from our v0.10.0 blog post.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-07-30 16:35:38 -05:00
Matt Moyer
7773fb8afe
Add v0.10.0 blog post.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-07-30 15:30:56 -05:00
Matt Moyer
c3e037b24e
Fix a broken link in .../docs/howto/configure-supervisor.md.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-07-29 09:56:00 -05:00
Matt Moyer
62afb34877
Fix command typo and expand description of values.yaml a bit.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-07-29 08:45:19 -05:00
Matt Moyer
fd5ed2e5da
Rework "install" sections of our docs.
...
- Remove all the "latest" links and replace them with our new shortcode so they point at the latest release in a more explicit way.
This also eliminates one of the sections in our Concierge and Supervisor install guides, since you're always installing a specific version.
- Provide instructions for installing with both kapp (one step) and kubectl (two steps for the Concierge).
- Minor wording changes. Mainly we are now a bit less verbose about reminding people they can choose a different version (once per page instead of in each step).
- When we give an example `kapp deploy` command, don't suggest `--yes` and `--diff-changes`.
Users can still use these but it seems overly verbose for an example command.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-07-29 08:45:19 -05:00
Matt Moyer
ca82609d1a
Create a site parameter and shortcode for "latestversion".
...
This gives us a single line of YAML to edit when we want to bump our docs to the latest version number.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-07-29 08:45:18 -05:00
Margo Crawford
a6dc5b912f
Document how to configure the ActiveDirectoryIdentityProvider
2021-07-28 14:35:29 -07:00
Ryan Richard
f4829178b3
Use sentence case for headers in docs
...
Following some common developer style guides such as
Google
https://developers.google.com/style/capitalization#capitalization-in-titles-and-headings
and Microsoft
https://docs.microsoft.com/en-us/style-guide/scannable-content/headings#formatting-headings
2021-07-26 17:18:44 -07:00
Ryan Richard
e30cf6e51a
Merge branch 'main' into cli_username_password_env_vars
2021-07-22 09:29:03 -07:00
Ryan Richard
64aba7e703
Add new howto guide login.md
2021-07-21 12:10:47 -07:00
Margo Crawford
a7af63ca3a
Merge pull request #729 from rdimitrov/dimitrovr/add-dex-docs
...
Add documentation for configuring Supervisor with Dex and Github
2021-07-21 08:48:49 -07:00
Nanci Lancaster
fec59eb1bf
Merge pull request #731 from microwavables/main
...
Removed Andrew Keesler, Pablo Schumaker from site, moved them to emeritus status on maintainers file,
2021-07-20 15:37:04 -07:00
Radoslav Dimitrov
f6273b0604
Update the Prerequisites section and add a note about the groups scope
...
Add Dex to the prerequisites and add a note that to query for the groups
scope the user must set the organizations Dex should search against.
Otherwise the groups claim would be empty. This is because of the format
group claims are represented, i.e. "org:team".
Signed-off-by: Radoslav Dimitrov <dimitrovr@vmware.com>
2021-07-20 13:49:45 +03:00
Radoslav Dimitrov
0bdd1bc68f
Add documentation for configuring Supervisor with Dex and Github
...
The following guide describes the process of configuring Supervisor
with Dex and identify users through their Github account. Issue #415
Signed-off-by: Radoslav Dimitrov <dimitrovr@vmware.com>
2021-07-19 16:00:43 +03:00
Ryan Richard
11eb18d348
ytt install docs suggest that you checkout the release tag
...
Previously, the ytt install docs suggested that you use ytt templates
from the HEAD of main with the container image from the latest public
release, which could result in a mismatch.
2021-07-14 10:59:51 -07:00
Matt Moyer
913c140be8
Update the latest version number in the docs.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-06-15 09:46:51 -05:00
Matt Moyer
02335e2ade
Bump the latest version referenced in the docs.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-06-03 17:25:32 -05:00
Matt Moyer
87660611d2
Tweak blog post to add a shoutout.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-06-02 11:28:54 -05:00
Ryan Richard
a08e4ec043
Update architecture.md
2021-06-02 08:54:04 -07:00
Matt Moyer
e38a7548cc
Link the v0.9.0 release from the blog post.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-06-02 10:24:17 -05:00
Pinny
b5dea42bbe
Update CLI docs for v0.9.0 release
2021-06-02 15:22:13 +00:00
Matt Moyer
e6301f0e74
Update latest version number in docs.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-06-02 10:05:07 -05:00
Matt Moyer
aca33e45fb
Fix blog post date to match actual v0.9.0 release.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-06-02 10:02:59 -05:00
Ryan Richard
8f2e8b8a6c
Merge branch 'main' into ldap_docs
2021-05-28 16:20:02 -07:00
Ryan Richard
cd7f5741d8
Incorporate feedback into LDAP blog post
2021-05-27 14:29:40 -07:00
Ryan Richard
83001d8cce
Fix typo in LDAP blog post
2021-05-27 14:13:07 -07:00
Margo Crawford
f330b52076
Update values.yaml to include CredentialIssuer ImpersonationProxy spec.
2021-05-27 13:36:18 -07:00
Ryan Richard
ec2956d54e
Forgot to mention the CLI in the LDAP blog post
2021-05-27 13:05:45 -07:00
Ryan Richard
0d43105759
Blog post for LDAP release
2021-05-27 12:06:01 -07:00
Ryan Richard
9621ad9d2c
More doc updates
2021-05-26 10:08:03 -07:00