docs: add plumbing for static site (#314)

* docs: add plumbing for static site

* fix broken links

.github/workflows/gh-pages.yaml

@@ -0,0 +1,30 @@
+name: github pages
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  deploy:
+    runs-on: ubuntu-18.04
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          submodules: true # Fetch Hugo themes (true OR recursive)
+          fetch-depth: 0 # Fetch all history for .GitInfo and .Lastmod
+
+      - name: Setup Hugo
+        uses: peaceiris/actions-hugo@v2
+        with:
+          hugo-version: "0.75.1"
+          extended: true
+
+      - name: Build
+        run: |
+          make -C website production-build
+      - name: Deploy
+        uses: peaceiris/actions-gh-pages@v3
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          publish_dir: ./website/public

.gitignore

@@ -343,3 +343,7 @@ manifest_staging/charts/csi-secrets-store-provider-azure/charts/
 
 # Go tools
 .tools/
+
+# website
+website/public
+website/resources

docs/ingress-tls.md

@@ -185,7 +185,7 @@ Depending on the TLS certificate lifecycle, follow one of the following steps:
               name: secrets-store-creds
 ```
 
-If not using [service principal mode](./service-principal-mode.md), remove the following snippet from [deployment-app-one.yaml](./samples/ingress-controller-tls/deployment-app-one.yaml) and [deployment-app-two.yaml](./samples/ingress-controller-tls/deployment-app-two.yaml)
+If not using [service principal mode](./service-principal-mode.md), remove the following snippet from [deployment-app-one.yaml](./sample/ingress-controller-tls/deployment-app-one.yaml) and [deployment-app-two.yaml](./sample/ingress-controller-tls/deployment-app-two.yaml)
 
 ```yaml
             nodePublishSecretRef:
@@ -212,7 +212,7 @@ Next, [Deploy the ingress resource](#Deploy-an-Ingress-Resource-referencing-the-
 
 * ### Deploy Application with Ingress reference to Secrets Store CSI
 
-remove the following snippet from [deployment-app-one.yaml](./samples/ingress-controller-tls/deployment-app-one.yaml) and [deployment-app-two.yaml](./samples/ingress-controller-tls/deployment-app-two.yaml)
+remove the following snippet from [deployment-app-one.yaml](./sample/ingress-controller-tls/deployment-app-one.yaml) and [deployment-app-two.yaml](./sample/ingress-controller-tls/deployment-app-two.yaml)
 
 ```yaml
           volumeMounts:

netlify.toml

@@ -0,0 +1,10 @@
+[build]
+base = "website/"
+publish = "/public"
+
+[context.deploy-preview]
+command = "make preview-build"
+
+[context.deploy-preview.environment]
+HUGO_VERSION = "0.75.1"
+HUGO_ENABLEGITINFO = "true"

website/content/en/configurations/identity-access-modes/pod-identity-mode.md

@@ -24,7 +24,7 @@ Not all steps need to be followed on the instructions for the aad-pod-identity p
       kubectl apply -f https://raw.githubusercontent.com/Azure/aad-pod-identity/master/deploy/infra/deployment-rbac.yaml
       ```
 
-   - 💡 Follow the [Role assignment](https://github.com/Azure/aad-pod-identity/blob/master/docs/readmes/README.role-assignment.md) documentation to setup all the required roles for aad-pod-identity components.
+   - 💡 Follow the [Role assignment](https://azure.github.io/aad-pod-identity/docs/getting-started/role-assignment/) documentation to setup all the required roles for aad-pod-identity components.
 
 1. Create an Azure User Identity
 
@@ -91,7 +91,7 @@ Not all steps need to be followed on the instructions for the aad-pod-identity p
     kubectl create -f aadpodidentitybinding.yaml
     ```
 
-2. Add the following to [this](../examples/nginx-pod-inline-volume-pod-identity.yaml) deployment yaml:
+2. Add the following to [this](https://github.com/Azure/secrets-store-csi-driver-provider-azure/blob/master/examples/nginx-pod-inline-volume-pod-identity.yaml) deployment yaml:
 
     Include the `aadpodidbinding` label matching the `selector` value set in the previous step so that this pod will be assigned an identity
     ```yaml
@@ -100,7 +100,7 @@ Not all steps need to be followed on the instructions for the aad-pod-identity p
       aadpodidbinding: <AzureIdentityBinding Selector created from previous step>
     ```
     
-3. Update [this sample deployment](../examples/v1alpha1_secretproviderclass_pod_identity.yaml) to create a `SecretProviderClass` resource with `usePodIdentity: "true"` to provide Azure-specific parameters for the Secrets Store CSI driver.
+3. Update [this sample deployment](https://github.com/Azure/secrets-store-csi-driver-provider-azure/blob/master/examples/v1alpha1_secretproviderclass_pod_identity.yaml) to create a `SecretProviderClass` resource with `usePodIdentity: "true"` to provide Azure-specific parameters for the Secrets Store CSI driver.
 
     Make sure to update `usepodidentity` to `true`
     ```yaml

website/content/en/configurations/identity-access-modes/service-principal-mode.md

@@ -48,7 +48,7 @@ description: >
     az keyvault set-policy -n $KEYVAULT_NAME --certificate-permissions get --spn $AZURE_CLIENT_ID
     ```
 
-1. Update your [linux deployment yaml](../examples/nginx-pod-inline-volume-service-principal.yaml) or [windows deployment yaml](../examples/windows-pod-secrets-store-inline-volume-secret-providerclass.yaml) to reference the service principal kubernetes secret created in the previous step
+2. Update your [linux deployment yaml](https://github.com/Azure/secrets-store-csi-driver-provider-azure/blob/master/examples/nginx-pod-inline-volume-service-principal.yaml) or [windows deployment yaml](https://github.com/Azure/secrets-store-csi-driver-provider-azure/blob/master/examples/windows-pod-secrets-store-inline-volume-secret-providerclass.yaml) to reference the service principal kubernetes secret created in the previous step
 
     If you did not change the name of the secret reference previously, no changes are needed.
 

website/content/en/configurations/sync-with-k8-secretes.md

@@ -29,4 +29,4 @@ spec:
 > NOTE: Here is the list of supported Kubernetes Secret types: `Opaque`, `kubernetes.io/basic-auth`, `bootstrap.kubernetes.io/token`, `kubernetes.io/dockerconfigjson`, `kubernetes.io/dockercfg`, `kubernetes.io/ssh-auth`, `kubernetes.io/service-account-token`, `kubernetes.io/tls`.  
 
 - Here is a sample [`SecretProviderClass` custom resource](https://github.com/kubernetes-sigs/secrets-store-csi-driver/blob/master/test/bats/tests/azure/azure_synck8s_v1alpha1_secretproviderclass.yaml) that syncs a secret from Azure Key Vault to a Kubernetes secret.
-- To view an example of type `kubernetes.io/tls`, refer to the [ingress-controller-tls sample](sample/ingress-controller-tls/README.md#deploy-a-secretsproviderclass-resource)
+- To view an example of type `kubernetes.io/tls`, refer to the [ingress-controller-tls sample](https://github.com/Azure/secrets-store-csi-driver-provider-azure/blob/master/docs/ingress-tls.md)

website/content/en/demos-and-tutorials/tutorials/setup-keyvault.md

@@ -31,7 +31,7 @@ az keyvault key create --vault-name $KEYVAULT_NAME --name <keyNameHere>
 az keyvault certificate create --vault-name $KEYVAULT_NAME --name <certNameHere> -p "$(az keyvault certificate get-default-policy)"
 ```
 
-**Please keep track of the Key Vault Objects' name, type, and version** . You will be adding them to a `secrets.env` file for testing as described [here](/docs/testing.md#preparing-your-secrets)
+**Please keep track of the Key Vault Objects' name, type, and version** . You will be adding them to a `secrets.env` file for testing as described [here](../../../testing/#preparing-your-secrets)
 
 You can retrieve the value of a Key Vault secret with the following script:
 

website/content/en/getting-started/_index.md

@@ -18,9 +18,9 @@ Recommended Kubernetes version:
 
 **Deployment using Helm**
 
-Follow [this guide](charts/csi-secrets-store-provider-azure/README.md) to install the Secrets Store CSI driver and the Azure Key Vault provider using Helm.
+Follow [this guide](https://github.com/Azure/secrets-store-csi-driver-provider-azure/blob/master/charts/csi-secrets-store-provider-azure/README.md) to install the Secrets Store CSI driver and the Azure Key Vault provider using Helm.
 
-Alternatively, follow [this guide](docs/install-yamls.md) to install using deployment yamls.
+Alternatively, follow [this guide](https://github.com/Azure/secrets-store-csi-driver-provider-azure/blob/master/docs/install-yamls.md) to install using deployment yamls.
 
 **In addition, if you are using Secrets Store CSI Driver and the Azure Keyvault Provider in a cluster with [pod security policy](https://kubernetes.io/docs/concepts/policy/pod-security-policy/) enabled**, review and create the following policy that enables the spec required for Secrets Store CSI Driver and the Azure Keyvault Provider to work:
 
@@ -51,7 +51,7 @@ Create a `SecretProviderClass` custom resource to provide provider-specific para
 
 > NOTE: The `SecretProviderClass` has to be in the same namespace as the pod referencing it.
 
-Update [this sample deployment](examples/v1alpha1_secretproviderclass_service_principal.yaml) to create a `SecretProviderClass` resource to provide Azure-specific parameters for the Secrets Store CSI driver.
+Update [this sample deployment](https://github.com/Azure/secrets-store-csi-driver-provider-azure/blob/master/examples/v1alpha1_secretproviderclass_service_principal.yaml) to create a `SecretProviderClass` resource to provide Azure-specific parameters for the Secrets Store CSI driver.
 
 To provide identity to access key vault, refer to the following [section](#provide-identity-to-access-key-vault).
 
@@ -111,16 +111,16 @@ To provide identity to access key vault, refer to the following [section](#provi
 
 The Azure Key Vault Provider offers four modes for accessing a Key Vault instance:
 
-1. [Service Principal](docs/service-principal-mode.md)
-1. [Pod Identity](docs/pod-identity-mode.md)
-1. [VMSS User Assigned Managed Identity](docs/user-assigned-msi-mode.md)
-1. [VMSS System Assigned Managed Identity](docs/system-assigned-msi-mode.md)
+1. [Service Principal](../configurations/identity-access-modes/service-principal-mode)
+2. [Pod Identity](../configurations/identity-access-modes/pod-identity-mode)
+3. [VMSS User Assigned Managed Identity](../configurations/identity-access-modes/user-assigned-msi-mode)
+4. [VMSS System Assigned Managed Identity](../configurations/identity-access-modes/system-assigned-msi-mode)
 
 #### Update your Deployment Yaml
 
 To ensure your application is using the Secrets Store CSI driver, update your deployment yaml to use the `secrets-store.csi.k8s.io` driver and reference the `SecretProviderClass` resource created in the previous step.
 
-Update your [linux deployment yaml](examples/nginx-pod-inline-volume-service-principal.yaml) or [windows deployment yaml](examples/windows-pod-secrets-store-inline-volume-secret-providerclass.yaml) to use the Secrets Store CSI driver and reference the `SecretProviderClass` resource created in the previous step. 
+Update your [linux deployment yaml](https://raw.githubusercontent.com/Azure/secrets-store-csi-driver-provider-azure/master/examples/nginx-pod-inline-volume-service-principal.yaml) or [windows deployment yaml](https://raw.githubusercontent.com/Azure/secrets-store-csi-driver-provider-azure/master/examples/windows-pod-secrets-store-inline-volume-secret-providerclass.yaml) to use the Secrets Store CSI driver and reference the `SecretProviderClass` resource created in the previous step. 
 
   ```yaml
     volumes:

website/content/en/testing/_index.md

@@ -9,7 +9,7 @@ description: >
 
 ## Local End-To-End Testing for the Azure Key Vault Provider
 
-This section will show you how to locally test the Azure Key Vault Provider end-to-end (e2e). The e2e tests utilize Bats for testing the scripts. Take a look inside the [test/bats](/test/bats) folder to see the tests and the deployments needed for creating the e2e tests.
+This section will show you how to locally test the Azure Key Vault Provider end-to-end (e2e). The e2e tests utilize Bats for testing the scripts. Take a look inside the [test/bats](https://github.com/Azure/secrets-store-csi-driver-provider-azure/tree/master/test/bats) folder to see the tests and the deployments needed for creating the e2e tests.
 
 ### E2E Prerequisites
 
@@ -25,11 +25,11 @@ As as prerequisite, you will need to have an [Azure Key Vault](https://docs.micr
 
 ### Set up an Azure Key Vault
 
-For assistance on setting up an Azure Key Vault specific to testing this project, please refer to [this guide](/docs/setup-keyvault.md)
+For assistance on setting up an Azure Key Vault specific to testing this project, please refer to [this guide](../demos-and-tutorials/tutorials/setup-keyvault/)
 
 ### Assign a Service Principal to Your Azure Key Vault
 
-For assistance on assigning an existing or new Service Principal to your Key Vault, please follow [this guide](/docs/service-principal-mode.md).
+For assistance on assigning an existing or new Service Principal to your Key Vault, please follow [this guide](../configurations/identity-access-modes/service-principal-mode/).
 
 ### Preparing your secrets
 

website/content/en/troubleshooting/equal-to-and-greater-than-version-0.0.9.md

@@ -1,7 +1,7 @@
 ---
 type: docs
-title: "For Azure Key Vault Provider version `0.0.9+`"
-linkTitle: "For Azure Key Vault Provider version `0.0.9+`"
+title: "For Azure Key Vault Provider version 0.0.9+"
+linkTitle: "For Azure Key Vault Provider version 0.0.9+"
 weight: 2
 description: >
   For versions equal to and greater than 0.0.9

website/content/en/troubleshooting/less-than-version-0.0.9.md

@@ -1,7 +1,7 @@
 ---
 type: docs
-title: "For Azure Key Vault Provider version < `0.0.9`"
-linkTitle: "For Azure Key Vault Provider version < `0.0.9`"
+title: "For Azure Key Vault Provider version < 0.0.9"
+linkTitle: "For Azure Key Vault Provider version < 0.0.9"
 weight: 1
 description: >
   For versions less than 0.0.9

website/content/en/upgrading/_index.md

@@ -9,14 +9,16 @@ description: >
 
 ## Upgrading to Key Vault provider 0.0.9+
 
-**tl;dr** - :warning: `0.0.9+` release of the Azure Key Vault provider is incompatible with the Secrets Store CSI Driver versions < `v0.0.14`.
+{{% alert title="Warning" color="warning" %}}
+**tl;dr** - `0.0.9+` release of the Azure Key Vault provider is incompatible with the Secrets Store CSI Driver versions < `v0.0.14`.
+{{% /alert %}}
 
 Prior to `v0.0.14` release of the Secrets Store CSI Driver, the driver communicated with the provider by invoking the provider binary installed on the host. However with `v0.0.14` the driver now introduces a new option to communicate with the provider using gRPC. This feature is enabled by a feature flag in the driver `--grpc-supported-providers=azure`. The `0.0.9` release of the Azure Key Vault provider implements the gRPC server changes and is no longer backward compatible with the Secrets Store CSI Driver versions < `v0.0.14`.
 
 Please carefully read this doc as you upgrade to the latest release of the Azure Key Vault Provider
 
 
-### If the Secrets Store CSI Driver and Azure Key Vault Provider were installed using helm charts from this [repo](../charts/csi-secrets-store-provider-azure/README.md)
+### If the Secrets Store CSI Driver and Azure Key Vault Provider were installed using helm charts from this [repo](https://github.com/Azure/secrets-store-csi-driver-provider-azure/blob/master/charts/csi-secrets-store-provider-azure/README.md)
 
 `helm upgrade` to the latest chart release in the repo will update the Azure Key Vault Provider and Secrets Store CSI Driver to the compatible versions
 
@@ -47,12 +49,12 @@ mcr.microsoft.com/k8s/csi/secrets-store/driver:v0.0.14
 mcr.microsoft.com/oss/azure/secrets-store/provider-azure:0.0.9
 ```
 
-### If the Secrets Store CSI Driver and Azure Key Vault Provider were installed using [deployment yamls](install-yamls.md)
+### If the Secrets Store CSI Driver and Azure Key Vault Provider were installed using [deployment yamls](https://github.com/Azure/secrets-store-csi-driver-provider-azure/blob/master/docs/install-yamls.md)
 
 The driver and provider need to be updated one after the other to ensure compatible versions are being run.
 
 1. Update the driver by installing the yamls from [Install the Secrets Store CSI Driver](https://github.com/kubernetes-sigs/secrets-store-csi-driver#install-the-secrets-store-csi-driver)
      - **ACTION REQUIRED** If using the yamls from the Secrets Store CSI Driver, add the following flag `--grpc-supported-providers=azure` to the [Linux](https://github.com/kubernetes-sigs/secrets-store-csi-driver/blob/master/deploy/secrets-store-csi-driver.yaml) and [Windows](https://github.com/kubernetes-sigs/secrets-store-csi-driver/blob/master/deploy/secrets-store-csi-driver-windows.yaml) daemonset manifests.
        - The flag needs to be added to the secrets-store container args
      - **ACTION REQUIRED** If using the helm charts from secrets-store-csi-driver, then run `helm upgrade` with `--set grpcSupportedProviders=azure`
-2. After the driver is upgraded to the latest version install the latest Azure Key Vault provider by following the [doc](install-yamls.md)
+2. After the driver is upgraded to the latest version install the latest Azure Key Vault provider by following the [doc](https://github.com/Azure/secrets-store-csi-driver-provider-azure/blob/master/docs/install-yamls.md)

website/layouts/_default/baseof.html

@@ -0,0 +1,30 @@
+<!doctype html>
+<html lang="{{ .Site.Language.Lang }}" class="no-js">
+  <head>
+    {{ partial "head.html" . }}
+    <title>{{ if .IsHome }}{{ .Site.Title }}{{ else }}{{ with .Title }}{{ . }} | {{ end }}{{ .Site.Title }}{{ end }}</title>
+  </head>
+  <body class="td-{{ .Kind }}">
+    <header>
+      {{ partial "navbar.html" . }}
+    </header>
+    <div class="container-fluid td-outer">
+      <div class="td-main">
+        <div class="row flex-xl-nowrap">
+          <div class="col-12 col-md-3 col-xl-2 td-sidebar d-print-none">
+            {{ partial "sidebar.html" . }}
+          </div>
+          <div class="d-none d-xl-block col-xl-2 td-toc d-print-none">
+            {{ partial "toc.html" . }}
+          </div>
+          <main class="col-12 col-md-9 col-xl-8 pl-md-5" role="main">
+            {{ if not .Site.Params.ui.breadcrumb_disable }}{{ partial "breadcrumb.html" . }}{{ end }}
+            {{ block "main" . }}{{ end }}
+          </main>
+        </div>
+      </div>
+      {{ partial "footer.html" . }}
+    </div>
+    {{ partial "scripts.html" . }}
+  </body>
+</html>

website/layouts/_default/content.html

@@ -0,0 +1,14 @@
+<div class="td-content">
+	<h1>{{ .Title }}</h1>
+	{{ with .Params.description }}<div class="lead">{{ . | markdownify }}</div>{{ end }}
+	{{ .Content }}
+	{{ if (and (not .Params.hide_feedback) (.Site.Params.ui.feedback.enable) (.Site.GoogleAnalytics)) }}
+		{{ partial "feedback.html" .Site.Params.ui.feedback }}
+		<br />
+	{{ end }}
+	{{ if (.Site.DisqusShortname) }}
+		<br />
+		{{ partial "disqus-comment.html" . }}
+	{{ end }}
+	<div class="text-muted mt-5 pt-3 border-top">{{ partial "page-meta-lastmod.html" . }}</div>
+</div>

website/layouts/_default/list.html

@@ -0,0 +1,17 @@
+{{ define "main" }}
+<div class="td-content">
+	<h1>{{ .Title }}</h1>
+	{{ with .Params.description }}<div class="lead">{{ . | markdownify }}</div>{{ end }}
+	{{ .Content }}
+        {{ partial "section-index.html" . }}
+	{{ if (and (not .Params.hide_feedback) (.Site.Params.ui.feedback.enable) (.Site.GoogleAnalytics)) }}
+		{{ partial "feedback.html" .Site.Params.ui.feedback }}
+		<br />
+	{{ end }}
+	{{ if (.Site.DisqusShortname) }}
+		<br />
+		{{ partial "disqus-comment.html" . }}
+	{{ end }}
+	<div class="text-muted mt-5 pt-3 border-top">{{ partial "page-meta-lastmod.html" . }}</div>
+</div>
+{{ end }}