Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Various website updates #1169

Merged
merged 5 commits into from
Jan 23, 2023
Merged

Various website updates #1169

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
31a7e3c
don't copy other reference files over to docs/
SgtCoDFish Jan 20, 2023
e0acd6d
'backport' cmctl links fixes to v1.11-docs
SgtCoDFish Jan 20, 2023
e3c355c
fix invalid HTML in sidebar
SgtCoDFish Jan 20, 2023
4dc2b53
fix invalid HTML in version selector
SgtCoDFish Jan 20, 2023
9b67fc5
update committed docs + add new api-ref intro
SgtCoDFish Jan 20, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 8 additions & 6 deletions components/docs/Sidebar/Dropdown.jsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,12 +36,14 @@ export default function Dropdown({
{routes.routes.map((r, idx) => {
if (!r.path) {
return (
<Dropdown
routes={r}
parentOpen={open}
key={`${r.title}-${idx}`}
setSidebarCollapsed={setSidebarCollapsed}
/>
<li key={`${r.title}-${idx}`}>
<Dropdown
routes={r}
parentOpen={open}
key={`${r.title}-${idx}`}
Copy link
Member

@inteon inteon Jan 23, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@SgtCoDFish
This key is now double (on this and the parent HTML tag), not sure if that is a good/ bad thing.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wasn't sure either 😂 But it worked fine for me in testing so I assumed it wouldn't be a huge problem!

setSidebarCollapsed={setSidebarCollapsed}
/>
</li>
inteon marked this conversation as resolved.
Show resolved Hide resolved
)
} else {
return (
Expand Down
2 changes: 1 addition & 1 deletion components/docs/VersionSelect.jsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ export default function VersionSelect({
<div className="bg-gray-1 rounded-md border-2 border-gray-2/50">
<Listbox value={selectedVersion} onChange={setSelectedVersion}>
<Listbox.Button className="w-full">
<Listbox.Label className="cursor-pointer">version: </Listbox.Label>{labelFromVersion(version)}
version: {labelFromVersion(version)}
inteon marked this conversation as resolved.
Show resolved Hide resolved
</Listbox.Button>
<Listbox.Options>
<Listbox.Option key={version} value={version}>
Expand Down
2 changes: 2 additions & 0 deletions content/docs/cli/controller.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ Flags:
--acme-http01-solver-resource-limits-memory string Defines the resource limits Memory size when spawning new ACME HTTP01 challenge solver pods. (default "64Mi")
--acme-http01-solver-resource-request-cpu string Defines the resource request CPU size when spawning new ACME HTTP01 challenge solver pods. (default "10m")
--acme-http01-solver-resource-request-memory string Defines the resource request Memory size when spawning new ACME HTTP01 challenge solver pods. (default "64Mi")
--acme-http01-solver-run-as-non-root Defines the ability to run the http01 solver as root for troubleshooting issues (default true)
--add_dir_header If true, adds the file directory to the header of the log messages
inteon marked this conversation as resolved.
Show resolved Hide resolved
--alsologtostderr log to standard error as well as files (no effect when -logtostderr=true)
--auto-certificate-annotations strings The annotation consumed by the ingress-shim controller to indicate a ingress is requesting a certificate (default [kubernetes.io/tls-acme])
Expand All @@ -45,6 +46,7 @@ Flags:
LiteralCertificateSubject=true|false (ALPHA - default=false)
ServerSideApply=true|false (ALPHA - default=false)
StableCertificateRequestName=true|false (ALPHA - default=false)
UseCertificateRequestBasicConstraints=true|false (ALPHA - default=false)
ValidateCAA=true|false (ALPHA - default=false)
-h, --help help for cert-manager-controller
--issuer-ambient-credentials Whether an issuer may make use of ambient credentials. 'Ambient Credentials' are credentials drawn from the environment, metadata services, or local files which are not explicitly configured in the Issuer API object. When this flag is enabled, the following sources for credentials are also used: AWS - All sources the Go SDK defaults to, notably including any EC2 IAM roles available via instance metadata.
Expand Down
1 change: 1 addition & 0 deletions content/docs/cli/webhook.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ Flags:
LiteralCertificateSubject=true|false (ALPHA - default=false)
ServerSideApply=true|false (ALPHA - default=false)
StableCertificateRequestName=true|false (ALPHA - default=false)
UseCertificateRequestBasicConstraints=true|false (ALPHA - default=false)
ValidateCAA=true|false (ALPHA - default=false)
--healthz-port int port number to listen on for insecure healthz connections (default 6080)
-h, --help help for webhook
Expand Down
43 changes: 27 additions & 16 deletions content/docs/reference/api-docs.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
---
title: API Reference
description: >-
Learn about the cert-manager API which includes Custom Resources such as
Certificate, CertificateRequest, Issuer and ClusterIssuer.
cert-manager API documentation, including Custom Resources such as
Certificate, CertificateRequest, Issuer and ClusterIssuer
---
Learn about the cert-manager API which includes Custom Resources such as Certificate, CertificateRequest, Issuer and ClusterIssuer.
<p>cert-manager API documentation, including various Custom Resource Definitions</p>
inteon marked this conversation as resolved.
Show resolved Hide resolved
<p>Packages:</p>
<ul>
<li>
Expand All @@ -24,7 +24,7 @@ Learn about the cert-manager API which includes Custom Resources such as Certifi
<div>
<p>Package v1 is the v1 version of the API.</p>
</div>
Resource Types:
<p>Resource Types:</p>
inteon marked this conversation as resolved.
Show resolved Hide resolved
<ul>
<li>
<a href="#acme.cert-manager.io/v1.Challenge">Challenge</a>
Expand Down Expand Up @@ -750,12 +750,12 @@ Resource Types:
<td>
<code>parentRefs</code>
<br />
<em>[]sigs.k8s.io/gateway-api/apis/v1alpha2.ParentReference</em>
<em>[]sigs.k8s.io/gateway-api/apis/v1beta1.ParentReference</em>
inteon marked this conversation as resolved.
Show resolved Hide resolved
</td>
<td>
<p>
When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See:
<a href="https://gateway-api.sigs.k8s.io/v1alpha2/api-types/httproute/#attaching-to-gateways">https://gateway-api.sigs.k8s.io/v1alpha2/api-types/httproute/#attaching-to-gateways</a>
<a href="https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways">https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways</a>
</p>
</td>
</tr>
Expand Down Expand Up @@ -1231,6 +1231,17 @@ Resource Types:
<p>PreferredChain is the chain to use if the ACME server outputs multiple. PreferredChain is no guarantee that this one gets delivered by the ACME endpoint. For example, for Let&rsquo;s Encrypt&rsquo;s DST crosssign you would use: &ldquo;DST Root CA X3&rdquo; or &ldquo;ISRG Root X1&rdquo; for the newer Let&rsquo;s Encrypt root CA. This value picks the first certificate bundle in the ACME alternative chains that has a certificate with this value as its issuer&rsquo;s CN</p>
</td>
</tr>
<tr>
<td>
<code>caBundle</code>
<br />
<em>[]byte</em>
</td>
<td>
<em>(Optional)</em>
<p>Base64-encoded bundle of PEM CAs which can be used to validate the certificate chain presented by the ACME server. Mutually exclusive with SkipTLSVerify; prefer using CABundle to prevent various kinds of security vulnerabilities. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection.</p>
</td>
</tr>
<tr>
<td>
<code>skipTLSVerify</code>
Expand All @@ -1239,7 +1250,7 @@ Resource Types:
</td>
<td>
<em>(Optional)</em>
<p>Enables or disables validation of the ACME server TLS certificate. If true, requests to the ACME server will not have their TLS certificate validated (i.e. insecure connections will be allowed). Only enable this option in development environments. The cert-manager system installed roots will be used to verify connections to the ACME server if this is false. Defaults to false.</p>
<p>INSECURE: Enables or disables validation of the ACME server TLS certificate. If true, requests to the ACME server will not have the TLS certificate chain validated. Mutually exclusive with CABundle; prefer using CABundle to prevent various kinds of security vulnerabilities. Only enable this option in development environments. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. Defaults to false.</p>
</td>
</tr>
<tr>
Expand Down Expand Up @@ -2443,7 +2454,7 @@ Resource Types:
<div>
<p>Package v1 is the v1 version of the API.</p>
</div>
Resource Types:
<p>Resource Types:</p>
<ul>
<li>
<a href="#cert-manager.io/v1.Certificate">Certificate</a>
Expand Down Expand Up @@ -4470,7 +4481,7 @@ Resource Types:
<em>bool</em>
</td>
<td>
<p> Create enables JKS keystore creation for the Certificate. If true, a file named <code>keystore.jks</code> will be created in the target Secret resource, encrypted using the password stored in <code>passwordSecretRef</code>. The keystore file will only be updated upon re-issuance. A file named <code>truststore.jks</code> will also be created in the target Secret resource, encrypted using the password stored in <code>passwordSecretRef</code> containing the issuing Certificate Authority </p>
<p> Create enables JKS keystore creation for the Certificate. If true, a file named <code>keystore.jks</code> will be created in the target Secret resource, encrypted using the password stored in <code>passwordSecretRef</code>. The keystore file will be updated immediately. A file named <code>truststore.jks</code> will also be created in the target Secret resource, encrypted using the password stored in <code>passwordSecretRef</code> containing the issuing Certificate Authority </p>
</td>
</tr>
<tr>
Expand Down Expand Up @@ -4668,7 +4679,7 @@ Resource Types:
<em>bool</em>
</td>
<td>
<p> Create enables PKCS12 keystore creation for the Certificate. If true, a file named <code>keystore.p12</code> will be created in the target Secret resource, encrypted using the password stored in <code>passwordSecretRef</code>. The keystore file will only be updated upon re-issuance. A file named <code>truststore.p12</code> will also be created in the target Secret resource, encrypted using the password stored in <code>passwordSecretRef</code> containing the issuing Certificate Authority </p>
<p> Create enables PKCS12 keystore creation for the Certificate. If true, a file named <code>keystore.p12</code> will be created in the target Secret resource, encrypted using the password stored in <code>passwordSecretRef</code>. The keystore file will be updated immediately. A file named <code>truststore.p12</code> will also be created in the target Secret resource, encrypted using the password stored in <code>passwordSecretRef</code> containing the issuing Certificate Authority </p>
</td>
</tr>
<tr>
Expand Down Expand Up @@ -4950,7 +4961,7 @@ Resource Types:
</td>
<td>
<em>(Optional)</em>
<p>PEM-encoded CA bundle (base64-encoded) used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. Mutually exclusive with CABundleSecretRef. If neither CABundle nor CABundleSecretRef are defined, the cert-manager controller system root certificates are used to validate the TLS connection.</p>
<p>Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by Vault. Only used if using HTTPS to connect to Vault and ignored for HTTP connections. Mutually exclusive with CABundleSecretRef. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection.</p>
</td>
</tr>
<tr>
Expand All @@ -4963,7 +4974,7 @@ Resource Types:
</td>
<td>
<em>(Optional)</em>
<p>CABundleSecretRef is a reference to a Secret which contains the CABundle which will be used when connecting to Vault when using HTTPS. Mutually exclusive with CABundle. If neither CABundleSecretRef nor CABundle are defined, the cert-manager controller system root certificates are used to validate the TLS connection. If no key for the Secret is specified, cert-manager will default to &lsquo;ca.crt&rsquo;.</p>
<p>Reference to a Secret containing a bundle of PEM-encoded CAs to use when verifying the certificate chain presented by Vault when using HTTPS. Mutually exclusive with CABundle. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. If no key for the Secret is specified, cert-manager will default to &lsquo;ca.crt&rsquo;.</p>
</td>
</tr>
</tbody>
Expand Down Expand Up @@ -5148,7 +5159,7 @@ Resource Types:
</td>
<td>
<em>(Optional)</em>
<p>CABundle is a PEM encoded TLS certificate to use to verify connections to the TPP instance. If specified, system roots will not be used and the issuing CA for the TPP instance must be verifiable using the provided root. If not specified, the connection will be verified using the cert-manager system root certificates.</p>
<p>Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP. If undefined, the certificate bundle in the cert-manager controller container is used to validate the chain.</p>
</td>
</tr>
</tbody>
Expand Down Expand Up @@ -5261,7 +5272,7 @@ Resource Types:
<div>
<p>Package v1 contains meta types for cert-manager APIs</p>
</div>
Resource Types:
<p>Resource Types:</p>
<ul></ul>
<h3 id="meta.cert-manager.io/v1.ConditionStatus"> ConditionStatus (<code>string</code> alias) </h3>
<p> (<em>Appears on:</em> <a href="#cert-manager.io/v1.CertificateCondition">CertificateCondition</a>, <a href="#cert-manager.io/v1.CertificateRequestCondition">CertificateRequestCondition</a>, <a href="#cert-manager.io/v1.IssuerCondition">IssuerCondition</a>) </p>
Expand Down Expand Up @@ -5421,7 +5432,7 @@ Resource Types:
<div>
<p>Package v1alpha1 is the v1alpha1 version of the webhook config API.</p>
</div>
Resource Types:
<p>Resource Types:</p>
<ul></ul>
<h3 id="webhook.config.cert-manager.io/v1alpha1.DynamicServingConfig">DynamicServingConfig</h3>
<p> (<em>Appears on:</em> <a href="#webhook.config.cert-manager.io/v1alpha1.TLSConfig">TLSConfig</a>) </p>
Expand Down Expand Up @@ -5659,5 +5670,5 @@ Resource Types:
</table>
<hr />
<p>
<em> Generated with <code>gen-crd-api-reference-docs</code> on git commit <code>da3265115</code>. </em>
<em> Generated with <code>gen-crd-api-reference-docs</code> on git commit <code>7ebb5f515</code>. </em>
</p>
16 changes: 8 additions & 8 deletions content/v1.10-docs/reference/api-docs.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
---
title: API Reference
description: >-
Learn about the cert-manager API which includes Custom Resources such as
Certificate, CertificateRequest, Issuer and ClusterIssuer.
cert-manager API documentation, including Custom Resources such as
Certificate, CertificateRequest, Issuer and ClusterIssuer
---
Learn about the cert-manager API which includes Custom Resources such as Certificate, CertificateRequest, Issuer and ClusterIssuer.
<p>cert-manager API documentation, including various Custom Resource Definitions</p>
<p>Packages:</p>
<ul>
<li>
Expand All @@ -24,7 +24,7 @@ Learn about the cert-manager API which includes Custom Resources such as Certifi
<div>
<p>Package v1 is the v1 version of the API.</p>
</div>
Resource Types:
<p>Resource Types:</p>
<ul>
<li>
<a href="#acme.cert-manager.io/v1.Challenge">Challenge</a>
Expand Down Expand Up @@ -2443,7 +2443,7 @@ Resource Types:
<div>
<p>Package v1 is the v1 version of the API.</p>
</div>
Resource Types:
<p>Resource Types:</p>
<ul>
<li>
<a href="#cert-manager.io/v1.Certificate">Certificate</a>
Expand Down Expand Up @@ -5261,7 +5261,7 @@ Resource Types:
<div>
<p>Package v1 contains meta types for cert-manager APIs</p>
</div>
Resource Types:
<p>Resource Types:</p>
<ul></ul>
<h3 id="meta.cert-manager.io/v1.ConditionStatus"> ConditionStatus (<code>string</code> alias) </h3>
<p> (<em>Appears on:</em> <a href="#cert-manager.io/v1.CertificateCondition">CertificateCondition</a>, <a href="#cert-manager.io/v1.CertificateRequestCondition">CertificateRequestCondition</a>, <a href="#cert-manager.io/v1.IssuerCondition">IssuerCondition</a>) </p>
Expand Down Expand Up @@ -5421,7 +5421,7 @@ Resource Types:
<div>
<p>Package v1alpha1 is the v1alpha1 version of the webhook config API.</p>
</div>
Resource Types:
<p>Resource Types:</p>
<ul></ul>
<h3 id="webhook.config.cert-manager.io/v1alpha1.DynamicServingConfig">DynamicServingConfig</h3>
<p> (<em>Appears on:</em> <a href="#webhook.config.cert-manager.io/v1alpha1.TLSConfig">TLSConfig</a>) </p>
Expand Down Expand Up @@ -5659,5 +5659,5 @@ Resource Types:
</table>
<hr />
<p>
<em> Generated with <code>gen-crd-api-reference-docs</code> on git commit <code>da3265115</code>. </em>
<em> Generated with <code>gen-crd-api-reference-docs</code> on git commit <code>83791ee45</code>. </em>
</p>
2 changes: 2 additions & 0 deletions content/v1.11-docs/cli/controller.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ Flags:
--acme-http01-solver-resource-limits-memory string Defines the resource limits Memory size when spawning new ACME HTTP01 challenge solver pods. (default "64Mi")
--acme-http01-solver-resource-request-cpu string Defines the resource request CPU size when spawning new ACME HTTP01 challenge solver pods. (default "10m")
--acme-http01-solver-resource-request-memory string Defines the resource request Memory size when spawning new ACME HTTP01 challenge solver pods. (default "64Mi")
--acme-http01-solver-run-as-non-root Defines the ability to run the http01 solver as root for troubleshooting issues (default true)
--add_dir_header If true, adds the file directory to the header of the log messages
--alsologtostderr log to standard error as well as files (no effect when -logtostderr=true)
--auto-certificate-annotations strings The annotation consumed by the ingress-shim controller to indicate a ingress is requesting a certificate (default [kubernetes.io/tls-acme])
Expand All @@ -45,6 +46,7 @@ Flags:
LiteralCertificateSubject=true|false (ALPHA - default=false)
ServerSideApply=true|false (ALPHA - default=false)
StableCertificateRequestName=true|false (ALPHA - default=false)
UseCertificateRequestBasicConstraints=true|false (ALPHA - default=false)
ValidateCAA=true|false (ALPHA - default=false)
-h, --help help for cert-manager-controller
--issuer-ambient-credentials Whether an issuer may make use of ambient credentials. 'Ambient Credentials' are credentials drawn from the environment, metadata services, or local files which are not explicitly configured in the Issuer API object. When this flag is enabled, the following sources for credentials are also used: AWS - All sources the Go SDK defaults to, notably including any EC2 IAM roles available via instance metadata.
Expand Down
1 change: 1 addition & 0 deletions content/v1.11-docs/cli/webhook.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ Flags:
LiteralCertificateSubject=true|false (ALPHA - default=false)
ServerSideApply=true|false (ALPHA - default=false)
StableCertificateRequestName=true|false (ALPHA - default=false)
UseCertificateRequestBasicConstraints=true|false (ALPHA - default=false)
ValidateCAA=true|false (ALPHA - default=false)
--healthz-port int port number to listen on for insecure healthz connections (default 6080)
-h, --help help for webhook
Expand Down
Loading