diff --git a/.github/workflows/closed_pr.yaml b/.github/workflows/closed_pr.yaml index fa629a580..b7faa1a17 100644 --- a/.github/workflows/closed_pr.yaml +++ b/.github/workflows/closed_pr.yaml @@ -7,6 +7,6 @@ on: jobs: push: - uses: stakater/.github/.github/workflows/pull_request_closed.yaml@v0.0.54 + uses: stakater/.github/.github/workflows/mkdocs_pull_request_closed.yaml@v0.0.60 secrets: - GH_TOKEN: ${{ secrets.STAKATER_GITHUB_TOKEN }} + GH_TOKEN: ${{ secrets.STAKATER_GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/delete_branch.yaml b/.github/workflows/delete_branch.yaml index b6c6ab76f..fe711f047 100644 --- a/.github/workflows/delete_branch.yaml +++ b/.github/workflows/delete_branch.yaml @@ -5,6 +5,7 @@ on: jobs: delete: - uses: stakater/.github/.github/workflows/branch_deleted.yaml@v0.0.54 + uses: stakater/.github/.github/workflows/mkdocs_branch_deleted.yaml@v0.0.60 secrets: GH_TOKEN: ${{ secrets.STAKATER_GITHUB_TOKEN }} + \ No newline at end of file diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index 51256af4e..f99704f78 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -8,14 +8,14 @@ on: jobs: doc_qa: - uses: stakater/.github/.github/workflows/pull_request_doc_qa.yaml@v0.0.54 + uses: stakater/.github/.github/workflows/pull_request_doc_qa.yaml@v0.0.60 with: MD_CONFIG: .github/md_config.json DOC_SRC: content MD_LINT_CONFIG: .markdownlint.yaml build_container: if: ${{ github.base_ref == 'main' }} - uses: stakater/.github/.github/workflows/pull_request_container_build.yaml@v0.0.54 + uses: stakater/.github/.github/workflows/pull_request_container_build.yaml@v0.0.60 with: DOCKER_BUILD_CONTEXTS: content=https://github.com/stakater/mto-docs.git#pull-request-deployments DOCKER_FILE_PATH: Dockerfile @@ -26,6 +26,6 @@ jobs: SLACK_WEBHOOK_URL: ${{ secrets.STAKATER_DELIVERY_SLACK_WEBHOOK }} DOCKER_SECRETS: GIT_AUTH_TOKEN=${{ secrets.STAKATER_GITHUB_TOKEN }} deploy_doc: - uses: stakater/.github/.github/workflows/pull_request_versioned_doc.yaml@v0.0.54 + uses: stakater/.github/.github/workflows/mkdocs_pull_request_versioned_doc.yaml@v0.0.60 secrets: GH_TOKEN: ${{ secrets.STAKATER_GITHUB_TOKEN }} diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml index 92e1886a9..a611441f3 100644 --- a/.github/workflows/push.yaml +++ b/.github/workflows/push.yaml @@ -8,6 +8,6 @@ on: jobs: push: - uses: stakater/.github/.github/workflows/push_versioned_doc.yaml@v0.0.54 + uses: stakater/.github/.github/workflows/mkdocs_push_versioned_doc.yaml@v0.0.60 secrets: GH_TOKEN: ${{ secrets.STAKATER_GITHUB_TOKEN }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 69e137d96..31832eb26 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -7,11 +7,11 @@ on: jobs: create_release: - uses: stakater/.github/.github/workflows/release_template.yaml@v0.0.54 + uses: stakater/.github/.github/workflows/release_template.yaml@v0.0.60 secrets: SLACK_WEBHOOK_URL: ${{ secrets.STAKATER_DELIVERY_SLACK_WEBHOOK }} build_container: - uses: stakater/.github/.github/workflows/push_container_only.yaml@v0.0.54 + uses: stakater/.github/.github/workflows/push_container_only.yaml@v0.0.60 with: DOCKER_BUILD_CONTEXTS: content=https://github.com/stakater/mto-docs.git#gh-pages DOCKER_FILE_PATH: Dockerfile diff --git a/.gitignore b/.gitignore index 9c9d311be..78f0ab946 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,6 @@ # Dist files dist/ +site/ lib/ # Test temp files @@ -22,4 +23,6 @@ node_modules site/ -.idea \ No newline at end of file +.idea + +mkdocs.yml \ No newline at end of file diff --git a/.gitmodules b/.gitmodules index a47a9fc2f..03dbece50 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,3 +1,3 @@ -[submodule "vocabulary"] - path = vocabulary - url = git@github.com:stakater/vocabulary.git +[submodule "theme_common"] + path = theme_common + url = https://github.com/stakater/stakater-docs-mkdocs-theme.git diff --git a/.vale.ini b/.vale.ini index 56d1b7546..0ffa197c3 100644 --- a/.vale.ini +++ b/.vale.ini @@ -1,4 +1,4 @@ -StylesPath = "vocabulary/styles" +StylesPath = "theme_common/vocabulary/styles" MinAlertLevel = warning Vocab = "Stakater" diff --git a/Dockerfile b/Dockerfile index 12cc4afdc..4a13dfcc7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -18,4 +18,4 @@ LABEL name="Multi Tenant Operator Documentation" \ EXPOSE 8080:8080/tcp -CMD ["nginx", "-g", "daemon off;"] +CMD ["nginx", "-g", "daemon off;"] \ No newline at end of file diff --git a/DockerfileLocal b/DockerfileLocal new file mode 100644 index 000000000..0b3a246ec --- /dev/null +++ b/DockerfileLocal @@ -0,0 +1,44 @@ + +FROM python:3.12-alpine as builder + +# set workdir +RUN mkdir -p $HOME/application +WORKDIR $HOME/application + +# copy the entire application +COPY --chown=1001:root . . + +RUN pip install -r theme_common/requirements.txt + +# In case you have your own python dependencies, you can use activate below command: +# RUN pip install -r requirements.txt + +# pre-mkbuild step, we are infusing common and local theme changes +RUN python theme_common/scripts/combine_theme_resources.py theme_common/resources theme_override/resources dist/_theme +RUN python theme_common/scripts/combine_mkdocs_config_yaml.py theme_common/mkdocs.yml theme_override/mkdocs.yml mkdocs.yml + +RUN rm -f 'prepare_theme.sh' && \ + rm -rf theme_global && \ + rm -rf theme_common + +# build the docs +RUN mkdocs build +# remove the build theme because it is not needed after site is build. +RUN rm -rf dist + +FROM nginxinc/nginx-unprivileged:1.25-alpine as deploy +COPY --from=builder $HOME/application/site/ /usr/share/nginx/html/ +COPY default.conf /etc/nginx/conf.d/ + +# set non-root user +USER 1001 + +LABEL name="Multi Tenant Operator Documentation" \ + maintainer="Stakater " \ + vendor="Stakater" \ + release="1" \ + summary="Documentation for Multi Tenant Operator" + +EXPOSE 8080:8080/tcp + +CMD ["nginx", "-g", "daemon off;"] diff --git a/README.md b/README.md index e3a1f686f..99fc69334 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,104 @@ # Multi Tenant Operator Documentation Documentation for [Multi Tenant Operator](https://www.stakater.com/mto) + + +SAAP docs are built using [MkDocs](https://github.com/mkdocs/mkdocs) which is based on Python. + +## GitHub Actions + +This repository has GitHub action workflow which checks the quality of the documentation and builds the Dockerfile image on Pull Requests. On a push to the main branch, it will create a GitHub release and push the built Dockerfile image to an image repository. + +## How to make changes +It is important to know that you should only make changes in `theme_override` and `content` directory. Also, be mindful of which `mkdocs.yml` file you change since there are more than one such files. + + +## Take update on git submodule + +This project contains a git submodule and if you wish to take an update on it, you can use this command: + +```bash +git submodule update --init --recursive --remote +``` + +view `.gitmodules` file to see linked git submodules. + +## Build locally + +There are at least three options to get fast continuous feedback during local development: + +1. Build and run the docs using the Dockerfile image +2. Run the commands locally + +### Build Dockerfile image and run container + +Build Dockerfile test image: + +```bash +docker build . -t test -f Dockerfilelocal +``` + +Run test container: + +```bash +docker run -p 8080:8080 test +``` + +Then access the docs on [`localhost:8080`](localhost:8080). + +### Run commands locally + +Use [virtualenvwrapper](https://virtualenvwrapper.readthedocs.io/en/latest/install.html) to set up Python virtual environment. + +Install [Python 3](https://www.python.org/downloads/). + +Install python environment dependencies if you are using any other than what is defined in `theme_common`. + +Then run below script to prepare theme from local and common theme resources. It will output to `dist/_theme` directory and create `mkdocs.yml` file in root directory. We are also installing the python dependencies coming from `theme_common` here. + +```bash +$ ./prepare_theme.sh +``` + +Finally, serve the docs using the built-in web server which is based on Python http server - note that the production build will use Nginx instead: + +```bash +$ mkdocs serve +``` + +or + +```bash +$ python3 -m mkdocs serve +``` + +if you want to make theme changes with live reload, you can use `--watch-theme` with serve like below: +```bash +$ mkdocs serve --watch-theme +``` +Then, you can make changes in `content` or `dist/_theme` folder. Please note that `dist/_theme` is a build folder and any changes made here will be lost if you do not move them to theme_common or theme_override folder. + + +### QA Checks + +Markdown linting: + +```bash +$ brew install markdownlint-cli +$ markdownlint -c .markdownlint.yaml content +``` + +Spell checking: + +```bash +$ brew install vale +$ vale content +``` + +## Use Tilt + +Install [Tilt](https://docs.tilt.dev/index.html), then run: + +```bash +$ tilt up +``` \ No newline at end of file diff --git a/content/faq.md b/content/faq.md index 13f52877e..8a691a0db 100644 --- a/content/faq.md +++ b/content/faq.md @@ -8,7 +8,7 @@ unable to find annotation openshift.io/sa.scc.uid-range ``` -**Answer.** OpenShift recently updated its process of handling SCC, and it's now managed by annotations like `openshift.io/sa.scc.uid-range` on the namespaces. Absence of them wont let pods schedule. The fix for the above error is to make sure ServiceAccount `system:serviceaccount:openshift-infra.` regex is always mentioned in `PrivilegedServiceAccounts` section of `IntegrationConfig`. This regex will allow operations from all `ServiceAccounts` present in `openshift-infra` namespace. More info at [Privileged Service Accounts](./integration-config.md#privileged-serviceaccounts) +**Answer.** OpenShift recently updated its process of handling SCC, and it's now managed by annotations like `openshift.io/sa.scc.uid-range` on the namespaces. Absence of them wont let pods schedule. The fix for the above error is to make sure ServiceAccount `system:serviceaccount:openshift-infra.` regex is always mentioned in `PrivilegedServiceAccounts` section of `IntegrationConfig`. This regex will allow operations from all `ServiceAccounts` present in `openshift-infra` namespace. More info at [Privileged Service Accounts](./how-to-guides/integration-config.md#privileged-serviceaccounts) ## Namespace Admission Webhook diff --git a/content/integration-config.md b/content/integration-config.md deleted file mode 100644 index bb1d1ea38..000000000 --- a/content/integration-config.md +++ /dev/null @@ -1,430 +0,0 @@ -# Integration Config - -IntegrationConfig is used to configure settings of multi-tenancy for Multi Tenant Operator. - -```yaml -apiVersion: tenantoperator.stakater.com/v1alpha1 -kind: IntegrationConfig -metadata: - name: tenant-operator-config - namespace: multi-tenant-operator -spec: - tenantRoles: - default: - owner: - clusterRoles: - - admin - editor: - clusterRoles: - - edit - viewer: - clusterRoles: - - view - - viewer - custom: - - labelSelector: - matchExpressions: - - key: stakater.com/kind - operator: In - values: - - build - matchLabels: - stakater.com/kind: dev - owner: - clusterRoles: - - custom-owner - editor: - clusterRoles: - - custom-editor - viewer: - clusterRoles: - - custom-viewer - - custom-view - openshift: - project: - labels: - stakater.com/workload-monitoring: "true" - annotations: - openshift.io/node-selector: node-role.kubernetes.io/worker= - group: - labels: - role: customer-reader - sandbox: - labels: - stakater.com/kind: sandbox - clusterAdminGroups: - - cluster-admins - privilegedNamespaces: - - ^default$ - - ^openshift-* - - ^kube-* - privilegedServiceAccounts: - - ^system:serviceaccount:openshift-* - - ^system:serviceaccount:kube-* - namespaceAccessPolicy: - deny: - privilegedNamespaces: - users: - - system:serviceaccount:openshift-argocd:argocd-application-controller - - adam@stakater.com - groups: - - cluster-admins - argocd: - namespace: openshift-operators - namespaceResourceBlacklist: - - group: '' # all groups - kind: ResourceQuota - clusterResourceWhitelist: - - group: tronador.stakater.com - kind: EnvironmentProvisioner - rhsso: - enabled: true - realm: customer - endpoint: - url: https://iam-keycloak-auth.apps.prod.abcdefghi.kubeapp.cloud/ - secretReference: - name: auth-secrets - namespace: openshift-auth - vault: - enabled: true - accessorPath: oidc/ - address: 'https://vault.apps.prod.abcdefghi.kubeapp.cloud/' - roleName: mto - sso: - clientName: vault -``` - -Following are the different components that can be used to configure multi-tenancy in a cluster via Multi Tenant Operator. - -## TenantRoles - -TenantRoles are required within the IntegrationConfig, as they are used for defining what roles will be applied to each Tenant namespace. The field allows optional custom roles, that are then used to create RoleBindings for namespaces that match a labelSelector. - -> ⚠️ If you do not configure roles in any way, then the default OpenShift roles of `owner`, `edit`, and `view` will apply to Tenant members. Their details can be found [here](./reference-guides/custom-roles.md) - -```yaml -tenantRoles: - default: - owner: - clusterRoles: - - admin - editor: - clusterRoles: - - edit - viewer: - clusterRoles: - - view - - viewer - custom: - - labelSelector: - matchExpressions: - - key: stakater.com/kind - operator: In - values: - - build - matchLabels: - stakater.com/kind: dev - owner: - clusterRoles: - - custom-owner - editor: - clusterRoles: - - custom-editor - viewer: - clusterRoles: - - custom-viewer - - custom-view -``` - -### Default - -This field contains roles that will be used to create default roleBindings for each namespace that belongs to tenants. These roleBindings are only created for a namespace if that namespace isn't already matched by the `custom` field below it. Therefore, it is required to have at least one role mentioned within each of its three subfields: `owner`, `editor`, and `viewer`. These 3 subfields also correspond to the member fields of the [Tenant CR](./how-to-guides/tenant.md) - -### Custom - -An array of custom roles. Similar to the `default` field, you can mention roles within this field as well. However, the custom roles also require the use of a `labelSelector` for each iteration within the array. The roles mentioned here will only apply to the namespaces that are matched by the labelSelector. If a namespace is matched by 2 different labelSelectors, then both roles will apply to it. Additionally, roles can be skipped within the labelSelector. These missing roles are then inherited from the `default` roles field . For example, if the following custom roles arrangement is used: - -```yaml -custom: -- labelSelector: - matchExpressions: - - key: stakater.com/kind - operator: In - values: - - build - matchLabels: - stakater.com/kind: dev - owner: - clusterRoles: - - custom-owner -``` - -Then the `editor` and `viewer` roles will be taken from the `default` roles field, as that is required to have at least one role mentioned. - -## OpenShift - -``` yaml -openshift: - project: - labels: - stakater.com/workload-monitoring: "true" - annotations: - openshift.io/node-selector: node-role.kubernetes.io/worker= - group: - labels: - role: customer-reader - sandbox: - labels: - stakater.com/kind: sandbox - clusterAdminGroups: - - cluster-admins - privilegedNamespaces: - - ^default$ - - ^openshift-* - - ^kube-* - privilegedServiceAccounts: - - ^system:serviceaccount:openshift-* - - ^system:serviceaccount:kube-* - namespaceAccessPolicy: - deny: - privilegedNamespaces: - users: - - system:serviceaccount:openshift-argocd:argocd-application-controller - - adam@stakater.com - groups: - - cluster-admins -``` - -### Project, group and sandbox - -We can use the `openshift.project`, `openshift.group` and `openshift.sandbox` fields to automatically add `labels` and `annotations` to the **Projects** and **Groups** managed via MTO. - -```yaml - openshift: - project: - labels: - stakater.com/workload-monitoring: "true" - annotations: - openshift.io/node-selector: node-role.kubernetes.io/worker= - group: - labels: - role: customer-reader - sandbox: - labels: - stakater.com/kind: sandbox -``` - -If we want to add default *labels/annotations* to sandbox namespaces of tenants than we just simply add them in `openshift.project.labels`/`openshift.project.annotations` respectively. - -Whenever a project is made it will have the labels and annotations as mentioned above. - -```yaml -kind: Project -apiVersion: project.openshift.io/v1 -metadata: - name: bluesky-build - annotations: - openshift.io/node-selector: node-role.kubernetes.io/worker= - labels: - workload-monitoring: 'true' - stakater.com/tenant: bluesky -spec: - finalizers: - - kubernetes -status: - phase: Active -``` - -```yaml -kind: Group -apiVersion: user.openshift.io/v1 -metadata: - name: bluesky-owner-group - labels: - role: customer-reader -users: - - andrew@stakater.com -``` - -### Cluster Admin Groups - -### Cluster Admin Groups - -`clusterAdminGroups:` Contains names of the groups that are allowed to perform CRUD operations on namespaces present on the cluster. Users in the specified group(s) will be able to perform these operations without MTO getting in their way. MTO does not interfere even with the deletion of privilegedNamespaces. - -!!! note - User `kube:admin` is bypassed by default to perform operations as a cluster admin, this includes operations on all the namespaces. - -### Privileged Namespaces - -`privilegedNamespaces:` Contains the list of `namespaces` ignored by MTO. MTO will not manage the `namespaces` in this list. Treatment for privileged namespaces does not involve further integrations or finalizers processing as with normal namespaces. Values in this list are regex patterns. - -For example: - -- To ignore the `default` namespace, we can specify `^default$` -- To ignore all namespaces starting with the `openshift-` prefix, we can specify `^openshift-.*`. -- To ignore any namespace containing `stakater` in its name, we can specify `^stakater.`. (A constant word given as a regex pattern will match any namespace containing that word.) - -### Privileged ServiceAccounts - -`privilegedServiceAccounts:` Contains the list of `ServiceAccounts` ignored by MTO. MTO will not manage the `ServiceAccounts` in this list. Values in this list are regex patterns. For example, to ignore all `ServiceAccounts` starting with the `system:serviceaccount:openshift-` prefix, we can use `^system:serviceaccount:openshift-.*`; and to ignore a specific service account like `system:serviceaccount:builder` service account we can use `^system:serviceaccount:builder$.` - -!!! note - `stakater`, `stakater.` and `stakater.*` will have the same effect. To check out the combinations, go to [Regex101](https://regex101.com/), select Golang, and type your expected regex and test string. - -### Namespace Access Policy - -`namespaceAccessPolicy.Deny:` Can be used to restrict privileged *users/groups* CRUD operation over managed namespaces. - -```yaml -namespaceAccessPolicy: - deny: - privilegedNamespaces: - groups: - - cluster-admins - users: - - system:serviceaccount:openshift-argocd:argocd-application-controller - - adam@stakater.com -``` - -> ⚠️ If you want to use a more complex regex pattern (for the `openshift.privilegedNamespaces` or `openshift.privilegedServiceAccounts` field), it is recommended that you test the regex pattern first - either locally or using a platform such as . - -## ArgoCD - -### Namespace - -`argocd.namespace` is an optional field used to specify the namespace where ArgoCD Applications and AppProjects are deployed. The field should be populated when you want to create an ArgoCD AppProject for each tenant. - -### NamespaceResourceBlacklist - -```yaml -argocd: - namespaceResourceBlacklist: - - group: '' # all resource groups - kind: ResourceQuota - - group: '' - kind: LimitRange - - group: '' - kind: NetworkPolicy -``` - -`argocd.namespaceResourceBlacklist` prevents ArgoCD from syncing the listed resources from your GitOps repo. - -### ClusterResourceWhitelist - -```yaml -argocd: - clusterResourceWhitelist: - - group: tronador.stakater.com - kind: EnvironmentProvisioner -``` - -`argocd.clusterResourceWhitelist` allows ArgoCD to sync the listed cluster scoped resources from your GitOps repo. - -## Provision - -```yaml -provision: - console: true - showback: true -``` - -`provision.console:` Can be used to enable/disable console GUI for MTO. -`provision.showback:` Can be used to enable/disable showback feature on the console. - -Integration config will be managing the following resources required for console GUI: - -- `Showback` cronjob. -- `Keycloak` deployment. -- `MTO-OpenCost` operator. -- `MTO-Prometheus` operator. -- `MTO-Postgresql` stateful set. - -Details on console GUI and showback can be found [here](./explanation/console.md) - -## RHSSO (Red Hat Single Sign-On) - -Red Hat Single Sign-On [RHSSO](https://access.redhat.com/products/red-hat-single-sign-on) is based on the Keycloak project and enables you to secure your web applications by providing Web single sign-on (SSO) capabilities based on popular standards such as SAML 2.0, OpenID Connect and OAuth 2.0. - -If `RHSSO` is configured on a cluster, then RHSSO configuration can be enabled. - -```yaml -rhsso: - enabled: true - realm: customer - endpoint: - secretReference: - name: auth-secrets - namespace: openshift-auth - url: https://iam-keycloak-auth.apps.prod.abcdefghi.kubeapp.cloud/ -``` - -If enabled, then admins have to provide secret and URL of RHSSO. - -- `secretReference.name:` Will contain the name of the secret. -- `secretReference.namespace:` Will contain the namespace of the secret. -- `realm:` Will contain the realm name which is configured for users. -- `url:` Will contain the URL of RHSSO. - -## Vault - -[Vault](https://www.vaultproject.io/) is used to secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API. - -If `vault` is configured on a cluster, then Vault configuration can be enabled. - -```yaml -Vault: - enabled: true - accessorPath: oidc/ - address: 'https://vault.apps.prod.abcdefghi.kubeapp.cloud/' - roleName: mto - sso: - clientName: vault -``` - -If enabled, then admins have to provide following details: - -- `accessorPath:` Accessor Path within Vault to fetch SSO accessorID -- `address:` Valid Vault address reachable within cluster. -- `roleName:` Vault's Kubernetes authentication role -- `sso.clientName:` SSO client name. - -For more details around enabling Kubernetes auth in Vault, visit [here](https://developer.hashicorp.com/vault/docs/auth/kubernetes) - -The role created within Vault for Kubernetes authentication should have the following permissions: - -```yaml -path "secret/*" { - capabilities = ["create", "read", "update", "patch", "delete", "list"] -} -path "sys/mounts" { - capabilities = ["read", "list"] -} -path "sys/mounts/*" { - capabilities = ["create", "read", "update", "patch", "delete", "list"] -} -path "managed-addons/*" { - capabilities = ["read", "list"] -} -path "auth/kubernetes/role/*" { - capabilities = ["create", "read", "update", "patch", "delete", "list"] -} -path "sys/auth" { - capabilities = ["read", "list"] -} -path "sys/policies/*" { - capabilities = ["create", "read", "update", "patch", "delete", "list"] -} -path "identity/group" { - capabilities = ["create", "read", "update", "patch", "delete", "list"] -} -path "identity/group-alias" { - capabilities = ["create", "read", "update", "patch", "delete", "list"] -} -path "identity/group/name/*" { - capabilities = ["read", "list"] -} -path "identity/group/id/*" { - capabilities = ["create", "read", "update", "patch", "delete", "list"] -} -``` diff --git a/notes.md b/notes.md new file mode 100644 index 000000000..e69de29bb diff --git a/prepare_theme.sh b/prepare_theme.sh new file mode 100755 index 000000000..67cf92e0f --- /dev/null +++ b/prepare_theme.sh @@ -0,0 +1,3 @@ +pip install -r theme_common/requirements.txt +python theme_common/scripts/combine_theme_resources.py theme_common/resources theme_override/resources dist/_theme +python theme_common/scripts/combine_mkdocs_config_yaml.py theme_common/mkdocs.yml theme_override/mkdocs.yml mkdocs.yml diff --git a/theme_common b/theme_common new file mode 160000 index 000000000..a016003f0 --- /dev/null +++ b/theme_common @@ -0,0 +1 @@ +Subproject commit a016003f0e5fd0382a0c8962d63fa46332579190 diff --git a/mkdocs.yml b/theme_override/mkdocs.yml similarity index 66% rename from mkdocs.yml rename to theme_override/mkdocs.yml index 9c591ea19..6ffccd329 100644 --- a/mkdocs.yml +++ b/theme_override/mkdocs.yml @@ -3,44 +3,6 @@ docs_dir: content site_url: https://docs.stakater.com/ repo_url: https://github.com/stakater/mto-docs edit_uri: blob/main/content/ -use_directory_urls: false -theme: - name: material - logo: assets/images/favicon.svg - favicon: assets/images/favicon.svg - custom_dir: custom_theme/ - palette: - primary: white - features: - - content.code.copy - -markdown_extensions: - - admonition - - pymdownx.details - - pymdownx.superfences - - attr_list - - pymdownx.emoji: - emoji_index: !!python/name:pymdownx.emoji.twemoji - emoji_generator: !!python/name:pymdownx.emoji.to_svg - -extra: - analytics: - provider: google - property: G-TTH1YYW5TX - consent: - title: Cookie consent - actions: - - accept - - reject - - manage - description: >- - We use cookies to recognize your repeated visits and preferences, as well - as to measure the effectiveness of our documentation and whether users - find what they're searching for. With your consent, you're helping us to - make our documentation better. - version: - provider: mike - default: latest nav: - index.md @@ -93,7 +55,3 @@ nav: - changelog.md - eula.md - troubleshooting.md -plugins: - - search - - mermaid2 - - glightbox diff --git a/custom_theme/404.html b/theme_override/resources/404.html similarity index 100% rename from custom_theme/404.html rename to theme_override/resources/404.html diff --git a/custom_theme/assets/images/favicon.svg b/theme_override/resources/assets/images/favicon.svg similarity index 100% rename from custom_theme/assets/images/favicon.svg rename to theme_override/resources/assets/images/favicon.svg diff --git a/custom_theme/main.html b/theme_override/resources/main.html similarity index 100% rename from custom_theme/main.html rename to theme_override/resources/main.html diff --git a/vocabulary b/vocabulary deleted file mode 160000 index 5e5fd5928..000000000 --- a/vocabulary +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 5e5fd5928e6656037a67be50c968e8011f7ca1eb