This change improves the output of tsh ssh when running on multiple
nodes. Stdout and stderr are now labeled with the hostname of the
node they came from. The --log-dir flag on tsh ssh will create a
directory where the separated output of each command will be stored.
* Remove "Preview" designation
Teleport is moving away from the concept of a preview feature. This
change reflects this move on the docs site.
* Respond to zmb3 feedback
Restore the "Preview" note to the AI Assist page.
* Skeleton out docs refactor (#31017)
* Start outlining index pages
* More reshuffling
* Remove old guides index page
* Adjust sidebar config
* Fix redirect
* Fix crosslinks
* Fix changelog links
* Fix more links
* Add short descriptions for platform guides
* Improve some page descriptions/signposting
* Nicer title
* Outline intro page
* Add notes on common usecases
* Remove old sections from introduction
* Start to outline overview topics
* Roughly expand on overview to cover bot user/bot role
* Clarify usecases
* Attempt to break up further reading section to be intelligible
* SPAG
* Add TODOs
* Machine ID Docs Refactor: Kubernetes Platform Guide + some AWS/GCP (#31796)
* Add config files needed for Kubernetes deployment
* Tidy examples under defined headers
* Add namespace to specs
* Add notes on join methods
* Further details on Kubernetes joining
* Document kubernetes rbac resources
* Skeleton out GCP/Linux platform guides
* Add necessary topics to the background for GCP and Linux
* Try and rewrite the blank role mdx to be less rubbish
I'm pulling my hair out over this lol
* Add a todo so I can come back to this part of the description when i can use words
* Further flesh out the background shape and intor shape for the platform guides
* Add more steps to k8s guide
* Fix links to k8s page
* Explain `kubernetes` join method
* Add documentation to the token yaml
* Add reasoning for role
* Document deployment manifest
* Add notes on determining if the deployment is healthy.
* Add token yaml for aws/gcp from my reference notes
* Add token/bot creation step for aws,gcp,linux
* customizing
* Machine ID Docs Refactor: Add `tctl` and `terraform` access guides (#32036)
* Outline `tctl` access doc
* Flesh out Terraform page with an example
* Fill out the copy for the Terraform provider guide
* Add explanation to configure tbot step of Terraform guide
* Add similar explanatory prose to tctl.mdx
* Add example role for tctl guide
* Try to better explain modifying the existing role
* Fix prerequisites
* Note on configuring permissions
* Fix SPAG
* Appease linter
* Expand intro for Terraform
* Please linter with newlines
* Remove spurious newline
* Clarify install/confgiure language
* Update docs/pages/machine-id/access-guides/tctl.mdx
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Update docs/pages/machine-id/access-guides/tctl.mdx
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Update docs/pages/machine-id/access-guides/tctl.mdx
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Update docs/pages/machine-id/access-guides/terraform.mdx
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Remove bactics from title
* Make example roles less powerful
* Add example of tctl command to check success
* Correctly say platform guide not access guide
* Be more specific in mentioning `tbot`
---------
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Remove V11 support warnings from platform guides
* Machine ID Docs Refactor: Linux VM based Platform Guides (#32472)
* Add pre-requisites
* Add example systemd service
* Notes on oneshot mode
* Offer daemon or oneshot mode docs
* Hide one-shot mode from `token` join based Linux
* Clarify Linux user for access
* Use variables for the token and explain commands
* Explain creating systemd service
* Explain when to prefer one-shot mode
* Add skeleton for Azure
* Document azure join token fields
* Add intros for guides
* Explain why we protect the directory
* Add install instructions
* Remove step regarding writing token to a seperate file
* Move coinfigure outputs to template
* Signify each step as local machine or target host
* Explain gcp/azure join methods
* Explain token and iam join methods
* Remove no longer recommended host certs guide
* Add next step
* Correct list of supported join methods
* Machine ID Docs Refactor: Rewrite GitLab and CircleCI guides (#32834)
* Start reshaping the circleic guide
* Make some changes to the GitLab side as well
* Add role creation to GitLab guide
* Add role creation step to CircleCI guide
* Adjust token file name
* Make sure anonymous telemetry advice is included
* Machine ID Docs Refactor: GitHub Actions docs (#32854)
* Start restructuring GHA guides
* Copy in Kubernetes Action example
* Add example DIY workflow
* Adjust examples with replacement steps
* Link off to the action github pages
* Tidy up introduction for GHA guide
* Explain GHA examples better and more searchably
* Improved title
* Add example role modifications
* Machine ID Docs Refactor: Ansible Access Guide (#32741)
* Rework Ansible with Server Access guide
* SPAG and consistency suggested changes
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Clarify intro and use the variable throughout
* suggested fixes
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Clarify configuring bot rbac
---------
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Machine ID Docs Refactor: Application Access (#32745)
* Rework Application Access docs
* Code review suggestions
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Clarify RBAC
---------
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Machine ID Docs Refactor: SSH Access guide (#32735)
* Add prereqs for ssh access guide
* Outline steps and output config
* Add guidance on tsha nd OpenSSH
* Guidance on other tools
* Simplify guidance on other tools
* Link to ansible guide
* Apply suggestions from code review
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Reorganise RBAC section
* Fix miscopied sentence
---------
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Machine ID Docs Refactor: Architecture and Introduction (#32901)
* Rewrite getting started guide next steps
* Rewrite introduction introduction to focus on tangible machine ID benefits
* Overview
* Add todo markers
* Rewrite overview
* Rewrite some of the architecture page
* Apply suggestions from code review
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Rearrange "overview" to act as "concepts"
---------
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Machine ID Docs Refactor: Database Access (#32743)
* Rewrite database access guide
* Apply suggestions from code review
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Apply suggestions from code review
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Clarify that systemd should be used rather than exercise for reader
---------
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Machine ID Docs Refactor: Kubernetes Access (#32744)
* Rewrite Kubernetes access guide
* Code review suggestions
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Explain need for kubectl on both client machine and machine id host
* spag
* Fix `kubernetes_resources` example
* Further clarify `kubernetes_resources`
---------
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Edit the Machine ID docs refactor (#33596)
* Edit the Machine ID docs refactor
- **Rename the new guides:** Use the "Connect a Bot" and "Deploy Machine
ID" language instead of "Access Guides" and "Platform Guides" to
connect these guides more explicitly to the language we use in the
"Concepts" discussion of the Machine ID landing page.
- **Add context to the deployment guide index page**: Reduce repetition
and provide information about each deployment method to help users get
more context about how Machine ID runs and joins a cluster, as well as
to help users choose a deployment guide.
- **Make links more visible on the Machine ID intro page:** Use a video
banner for the Machine ID intro so it takes up less space on the page.
Shorten some sections and add more specific H2s for the links.
- **Streamline some deployment guides:** Where guides include
"Background" and "Guide" H2s, blend the introductory information with
the guide so we can promote the "Step" H2s to H3s and direct the reader
to the step-by-step instructions more quickly.
- **Add new pages to the docs table of contents.**
* Respond to zmb3 feedback
- List cloud platforms before CI/CD platforms on the sidebar
- Recommend using platform-signed identity documents in the deployment
guide intro page.
- Edit language introducing join tokens.
* Respond to strideynet feedback
- Edit wording in the deployment guide index page, including renaming a
section heading and adding language re: renewable certs in the static
token join method.
- Change GitHub Actions link.
- Rename the Access Guides back to "Access Guides"
* Fix spelling
* Appease linter
---------
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* docs: Add WinSCP to PuTTY client instructions
* Restore validity section
* Restore validity section
* Formatting tweaks
* Merge lists
* Change title
* Fix docs link title to match page
* Bump tsh version for WinSCP support
* Whitelist WinSCP in spellcheck
* putty.mdx -> putty-winscp.mdx
Fixes#16050
- Replace absolute `https://gravitational.com` and
`https://goteleport.com` docs links with relative paths to MDX files,
allowing the docs linter to check them.
- In one case, a "Documentation" H4 section listed documentation changes
that were part of a Teleport release. This is the only release note
that contains documentation changes, so I have removed it to be
consistent with the rest of the changelog.
The distroless images which include a shell for debugging are `public.ecr.aws/gravitational/teleport-distroless-debug` rather than `public.ecr.aws/gravitational/teleport-distroless`.
Fixes#29957
Improves the page load performance of our CLI reference documentation by
splitting up the long CLI reference page. This also has other benefits,
including:
- **SEO**: Users don't need to search for the Teleport CLI reference
(and don't need to know that this page exists), but can search for a
specific tool they want reference docs for.
- **In-page search:** Users searching within a specific page will get
results for the tool they are researching, not all of Teleport's CLI
tools.
We'll be adding a linter that checks for absolute docs links in order to
ensure that the docs engine's link-checking logic works as expected.
This change sets up the docs to pass the linter.
* Update CHANGELOG.md to include Helm image change
* Apply suggestions from code review
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
---------
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
* Fix Helm chart Join token secret creation
Since #20763 was merged, we lost the ability of the chart reusing the
externally created secrets for join token.
This PR changes the logic and allows to control the secret creation
using the `joinTokenSecret.create` boolean and the secret name with
`joinTokenSecret.name`.
Fixes#20763
* Add changelog
In gravitational/docs#238, we will add a linter that lints for incorrect
usage of Teleport terms. This change fixes linter violations to
anticipate this new linter.
Changes include:
- Ensuring that Teleport service names are capitalized
- No longer using the "[Resource] Access" terminology. Instead, talk
about adding resources, using Teleport services, etc.
An issue with `gravitational/docs` caused the docs linter to stop
catching issues for a period of time. Now that we have addressed the
linter issue, this change addresses warnings/errors flagged by the
linter.
Co-authored-by: Alex Fornuto <alex.fornuto@goteleport.com>
The `tsh appps` family of commands is aliased to `tsh apps`, so both
invocations work correctly. The command itself is defined as `tsh apps`,
so this is what appears in the help message.
Update references to `tsh app` to recommend `tsh apps` instead so that
there isn't confusion when browsing `tsh help` and looking for a missing
`app` subcommand.
Fixes#21367
Closes#19765
The CHANGELOG includes some links to docs pages that use a full URL,
including the `ver` path segment. These links broke once we changed the
docs engine to recognize the `[0-9]+.x` format for versions, rather than
`[0-9]+.[0-9]+`.
If we were to change these links to use the new version format, though,
they would break once we deprecate that version.
This change turns all of the paths in these links to relative paths to
MDX files. In the CHANGELOG.md file, they will now link to pages on
GitHub. In the the docs changelog page, they will link to the current
version of the docs. Users who want to see how the pages looked when we
released the appropraite version can do so by using the version switcher
dropdown.
Closes#14578
The Jira Cloud guide applies to all Jira deployments already, so we
don't need to maintain separate guides. This change renames the Jira
Cloud guide so it's about Jira in general.
* Organize docs guide sections chronologically
This change aims to make docs navigation easier by organizing some docs
sections according to the sequence of steps a user would take to set up
Teleport.
The current docs organization uses a variety of categories and schemes
to organize the docs. For example, there is a "Home" section that
includes the Changelog, Installation page, and Getting Started guides; a
"Setup" section that includes references and admin guides; and
edition-specific sections (Enterprise, Cloud). For a user who is setting
up Teleport--or who has already done some setup work and wants more
advanced instructions--it's difficult to know where in the docs to find
the right information.
This change organizes our how-to guides into the following categories
that describe the process of setting up Teleport:
- Try out Teleport
- Deploy a Cluster (including choosing an edition)
- Configure Access (including SSO, RBAC, and Access Requests)
- Manage your Cluster (admin guides, operations, etc.)
- Use Teleport (this section already exists)
I moved the Reference section after this chronology, since users can
access the reference guides anywhere in the setup process.
As part of the change, I have also moved the content from the
"Enterprise" and "Cloud" sections into "Deploy a Cluster", since this
content has to do with how to deploy a specific edition of Teleport.
Note that this change does _not_ attempt to reorganize our
protocol-specific sections. While adding resources is part of the
Teleport setup process, we have a lot of content in our
protocol-specific sections, and moving it all into a single section
related to adding resources to a cluster would (a) exceed the maximum
depth for subsections in the nav bar and (b) cause more confusion than
it alleviates.
* Respond to PR feedback
- Create a "Compliance Frameworks" section of "Configure Access" with
the FedRAMP and SOC 2 guides
- Rename "Use Teleport" to "Connect your Client"
- Move the database GUI client guide into "Connect your Client"
* Add redirects
* Fix linter issues
Reorganize our Access Request guides
Fixes#13696
Most guides to Access Requests are currently not listed on the sidebar,
and the guides that are listed are available for Cloud as well as
Enterprise. This change makes it easier to find our Access Requests
guides by moving them to the Access Controls section and listing all
guides on the sidebar. It adds the "Access Requests" and "Access Request
Plugins" subsections to "Access Controls".
Since the Access Controls section includes one subsection, called
"Guides", this change also renames that subsection--and adds a
descriptive intro paragraph to the section's menu page--in order to
accommodate the Access Requests and Access Request Plugins subsections.
Move some guides into "Access Requests"
Updates the image used to run the doc-tests CI build and pulls in changes from #13774 to fix compatibility issues with the new image.
See-Also: #13457
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
The linting applied to file via the tools in next appears to vary if the files are outside the /src directory: If the files are under /src, a rigorous lint is applied. If the files are outside of /src, a "less-rigorous" lint is applied, letting many legitimate issues slip through.
This patch alters the CI script to symlink the /workspace directory (the mount-point that GCB uses to inject code into the container running a build step) under the next image's /src/content directory, so that the correct, rigorous lint will be applied.
It also fixes the lint errors that have crept in during the time the linter was being incorrectly lenient.
See-Also: #9600
See-Also: #10107
With this change `tsh login` will still always add teleport contexts and credentials to the kubeconfig, but will only update the current context if:
- `tsh login` is called with `--kube-cluster` set, or
- `tsh kube login <kube cluster>` is called.