Skip to content

Commit

Permalink
Merge branch 'master' into DOC-1241
Browse files Browse the repository at this point in the history
  • Loading branch information
@karl-cardenas-coding
karl-cardenas-coding committed Jul 17, 2024
2 parents 9d6fca2 + f87c018 commit ebb13f0
Show file tree
Hide file tree
Showing 14 changed files with 114 additions and 35 deletions.
23 changes: 22 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -465,14 +465,20 @@ Result
![Result](/static/assets/docs/images/hide_copy_button.webp)
### Admonitions - Warning / Info / Tip / Danger
### Admonitions - Warning / Info / Tip / Danger / Tech Preview / Further Guidance
:::warning
Some **content** with _Markdown_ `syntax`.
:::
:::info
Some **content** with _Markdown_ `syntax`.
:::
:::tip
Some **content** with _Markdown_ `syntax`.
Expand All @@ -485,10 +491,25 @@ Some **content** with _Markdown_ `syntax`.
:::
:::preview
Some **content** with _Markdown_ `syntax`.
:::
:::further
Some **content** with _Markdown_ `syntax`.
:::
https://docusaurus.io/docs/markdown-features/admonitions
The content must have a new line at the beginning and at the end of the tag.
For guidance on using admonitions, refer to
[Spectro Cloud Internal Style Guide: Admonitions/Callouts](https://spectrocloud.atlassian.net/wiki/spaces/DE/pages/1765933057/Spectro+Cloud+Internal+Style+Guide#Admonitions%2FCallouts).
### Video
To add a video, use the following syntax. Ensure you capitalize the letter "V":
Expand Down
2 changes: 1 addition & 1 deletion docs/docs-content/clusters/edge/architecture.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ The following are architectural highlights of Palette-provisioned Edge native cl

- Configurable Kubernetes API servers to work with virtual IP address (VIP) or Dynamic DNS.

- Edge artifacts hardened by default according to
- Edge artifacts hardened according to
[Center for Internet Security (CIS) standards](https://www.cisecurity.org/cis-benchmarks).

- Edge supports adding multiple devices to the site to form a multi-node Kubernetes cluster.
Expand Down
2 changes: 1 addition & 1 deletion docs/docs-content/clusters/edge/edge.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ The following are some highlights of the comprehensive Palette Edge Solution:

- Distro-agnostic Kubernetes and OS

- Edge artifacts hardened by default according to
- Edge artifacts hardened according to
[Center for Internet Security (CIS) standards](https://www.cisecurity.org/cis-benchmarks).

- Secured remote troubleshooting
Expand Down
9 changes: 5 additions & 4 deletions docs/docs-content/clusters/edge/edgeforge-workflow/edgeforge-workflow.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,10 +51,11 @@ EdgeForge contains the following critical components:

- Edge Provider Container Images.

The EdgeForge process applies Center for Information System (CIS) hardening to the Edge artifacts by default. This means
we implement the guidelines and solutions provided by CIS to secure your systems automatically. The code for how we
achieve CIS hardening is open-source, available in the
[CanvOS repository](https://github.com/spectrocloud/CanvOS/tree/main/cis-harden).
You can apply Center for Information System (CIS) hardening to the Edge artifacts with the `CIS_HARDENING` argument in
your `.arg` file, which implements the guidelines and solutions provided by CIS to secure your systems automatically.
For more information about available arguments in `.arg`, refer to
[Edge Artifacts Build Configuration](./palette-canvos/arg.md). The code for how we achieve CIS hardening is open-source,
available in the [CanvOS repository](https://github.com/spectrocloud/CanvOS/tree/main/cis-harden).

### Edge Installer ISO

Expand Down
43 changes: 24 additions & 19 deletions docs/docs-content/clusters/edge/edgeforge-workflow/palette-canvos/arg.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,22 +11,27 @@ tags: ["edge"]
During the EdgeForge process, you provide an **.arg** document that contains a list of parameters to configure the build
of both the provider images and the Edge Installer ISO. This page lists the parameters available in the **.arg** file.

| **Argument** | **Description** | **Allowed Values** |
| ----------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------- |
| `ARCH` | Architecture of the image. Required. | `amd64`, `arm64`. |
| `AUTO_ENROLL_SECUREBOOT_KEYS` | Determines whether to auto enroll keys used for Trusted Boot. | `true`, `false`. Default is `false`. |
| `CUSTOM_TAG` | A custom tag for the provider images. This custom tag will be appended to the `IMAGE_REGISTRY` and `IMAGE_REPO` parameters to form the full image tag. | Lowercase alphanumeric string without spaces. |
| `FIPS_ENABLED` | Whether to generate FIPS compliant binaries. | `true`, `false.` Default is `false` |
| `HTTP_PROXY` | URL of the HTTP Proxy server. | URL string. |
| `HTTPS_PROXY` | URL of the HTTPS Proxy server. | URL string. |
| `IMAGE_REGISTRY` | The image registry to use for tagging the generated provider images. Required. | Your image registry hostname, without `http` or `https` <br /> Example: docker.io/spectrocloud. |
| `IMAGE_REPO` | The image repository to use for tagging the generated provider images. Required. | Your image repository name. |
| `INCLUDE_MS_SECUREBOOT_KEYS` | Whether to include Microsoft's secure boot keys in the set of keys to enroll in your device for secure boot. Almost every machine requires these keys. | `true`, `false`. Default is `true`. |
| `ISO_NAME` | Name of the Installer ISO file. Required. | Lowercase alphanumeric string without spaces. The characters `-` and `_` are allowed. |
| `IS_UKI` | Determines whether to build a Unified Kernel Image (UKI) to enabled Trusted Boot. Refer to [Trusted Boot](../../trusted-boot/trusted-boot.md) for more information. | `true`, `false`. Default is `false`. |
| `K8S_DISTRIBUTION` | Kubernetes distribution. | ` k3s`, `rke2`, `kubeadm`, `kubeadm-fips`. |
| `NO_PROXY` | URLS that should be excluded from the proxy. | Comma-separated URL string. |
| `OS_DISTRIBUTION` | OS distribution. | `ubuntu`, `opensuse-leap`, `rhel`. |
| `OS_VERSION` | OS version. This applies to Ubuntu only. | `20`, `22`. |
| `PROXY_CERT_PATH` | Absolute path of the SSL Proxy certificate in the PEM format. | Absolute path string. |
| `UPDATE_KERNEL` | Determines whether to upgrade the Kernel version to the latest from the upstream OS provider. | `true`, `false`. |
| **Argument** | **Description** | **Allowed Values** |
| ----------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------- |
| `ARCH` | Architecture of the image. Required. | `amd64`, `arm64`. |
| `AUTO_ENROLL_SECUREBOOT_KEYS` | Determines whether to auto enroll keys used for Trusted Boot. | `true`, `false`. Default is `false`. |
| `CIS_HARDENING` | Whether to harden Edge artifacts according to [Center for Internet Security (CIS) standards](https://www.cisecurity.org/cis-benchmarks). | `true`, `false`, Default is `false`. |
| `CLUSTERCONFIG` | Path to a cluster definition file. For more information refer to [Export Cluster Definition](../../local-ui/cluster-management/export-cluster-definition.md). | URL string. |
| `CUSTOM_TAG` | A custom tag for the provider images. This custom tag will be appended to the `IMAGE_REGISTRY` and `IMAGE_REPO` parameters to form the full image tag. | Lowercase alphanumeric string without spaces. |
| `FIPS_ENABLED` | Whether to generate FIPS compliant binaries. | `true`, `false.` Default is `false` |
| `HTTP_PROXY` | URL of the HTTP Proxy server. | URL string. |
| `HTTPS_PROXY` | URL of the HTTPS Proxy server. | URL string. |
| `IMAGE_REGISTRY` | The image registry to use for tagging the generated provider images. Required. | Your image registry hostname, without `http` or `https` <br /> Example: docker.io/spectrocloud. |
| `IMAGE_REPO` | The image repository to use for tagging the generated provider images. Required. | Your image repository name. |
| `INCLUDE_MS_SECUREBOOT_KEYS` | Whether to include Microsoft's secure boot keys in the set of keys to enroll in your device for secure boot. Almost every machine requires these keys. | `true`, `false`. Default is `true`. |
| `ISO_NAME` | Name of the Installer ISO file. Required. | Lowercase alphanumeric string without spaces. The characters `-` and `_` are allowed. |
| `IS_UKI` | Determines whether to build a Unified Kernel Image (UKI) to enabled Trusted Boot. Refer to [Trusted Boot](../../trusted-boot/trusted-boot.md) for more information. | `true`, `false`. Default is `false`. |
| `K8S_DISTRIBUTION` | Kubernetes distribution. | ` k3s`, `rke2`, `kubeadm`, `kubeadm-fips`. |
| `MY_ORG` | Name of the org to use during secure boot key generation. For more information, refer to [Generate Keys](../../trusted-boot/keys/generate-keys.md). | String. |
| `NO_PROXY` | URLS that should be excluded from the proxy. | Comma-separated URL string. |
| `OS_DISTRIBUTION` | Operating System (OS) distribution. | `ubuntu`, `opensuse-leap`, `rhel`. |
| `OS_VERSION` | OS version. This applies to Ubuntu only. | `20`, `22`. |
| `PROXY_CERT_PATH` | Absolute path of the SSL Proxy certificate in the PEM format. | Absolute path string. |
| `UBUNTU_PRO_KEY` | Subscription key to a Ubuntu Pro subscription. A Ubuntu Pro subscription is needed to generate FIPS-compliant Edge artifacts with Ubuntu as the OS. | String. |
| `UKI_BRING_YOUR_OWN_KEYS` | Whether to use your own Certificate Authority (CA) to generate secure boot keys. For more information, refer to the Generate Keys using an Existing CA tab in [Generate Keys](../../trusted-boot/keys/generate-keys.md). | `false` |
| `UPDATE_KERNEL` | Determines whether to upgrade the Kernel version to the latest from the upstream OS provider. | `true`, `false`. |
7 changes: 7 additions & 0 deletions docs/docs-content/clusters/pcg/deploy-pcg/vmware.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,13 @@ tags: ["pcg"]
This guide provides you with the steps to deploy a PCG cluster to a VMware vSphere environment. Before you begin the
installation, carefully review the [Prerequisites](#prerequisites) section.

:::further

Refer to our [Deploy App Workloads with a PCG](../../../tutorials/cluster-deployment/pcg/deploy-app-pcg.md) tutorial for
detailed guidance on how to deploy app workloads with a PCG.

:::

## Prerequisites

:::info
Expand Down
2 changes: 1 addition & 1 deletion docs/docs-content/integrations/prometheus-operator.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1235,7 +1235,7 @@ data "spectrocloud_pack_simple" "pack-info" {

- [Prometheus Remote Write Tuning](https://prometheus.io/docs/practices/remote_write)

- [Thanos & Prometheus](https://prometheus-operator.dev/docs/operator/thanos)
- [Thanos & Prometheus](https://prometheus-operator.dev/docs/platform/thanos/)

- [Prometheus FAQ](https://prometheus.io/docs/introduction/faq)

Expand Down
4 changes: 2 additions & 2 deletions docusaurus.config.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,7 @@ const config = {
},
},
admonitions: {
keywords: ["preview"],
keywords: ["preview", "further"],
extendDefaults: true,
},
// exclude: ["api/v1/palette-apis-3-4"],
Expand Down Expand Up @@ -146,7 +146,7 @@ const config = {
lastVersion: "current",
includeCurrentVersion: true,
admonitions: {
keywords: ["preview"],
keywords: ["preview", "further"],
extendDefaults: true,
},
versions: {
Expand Down
9 changes: 8 additions & 1 deletion src/css/custom.scss
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,8 @@ html {
--openapi-demo-font-size-code: 10px;
--openapi-demo-font-size-input: 10px;
--custom-sidebar-item-color: #aeb1be;
--custom-purple-border-color: #7d77ca;
--custom-byzantine-border-color: #b54aa1;
}

.markdown h1:first-child {
Expand Down Expand Up @@ -212,10 +214,15 @@ p img.markdown-image {
}

.admonition-tech-preview {
border: 1px solid var(--custom-purple-important-color);
border: 1px solid var(--custom-purple-border-color);
background-color: var(--custom-purple-alert-bg-color);
}

.admonition-further-guidance {
border: 1px solid var(--custom-byzantine-border-color);
background-color: var(--custom-byzantine-alert-bg-color);
}

.desktop-only-display {
@media (max-width: 768px) {
display: none;
Expand Down
Loading

0 comments on commit ebb13f0

Please sign in to comment.