Attempt at modernizing the sidecar SPIRE integration doc (#15574)

* This is wildly out of date

Signed-off-by: Benjamin Leggett <[email protected]>

* Fixup

Signed-off-by: Benjamin Leggett <[email protected]>

* Replace snippet syntax to make the site compile

* more

* Update content/en/docs/ops/integrations/spire/index.md

Co-authored-by: Craig Box <[email protected]>

* Update content/en/docs/ops/integrations/spire/index.md

Co-authored-by: Craig Box <[email protected]>

* Update content/en/docs/ops/integrations/spire/index.md

Co-authored-by: Craig Box <[email protected]>

* Update content/en/docs/ops/integrations/spire/index.md

Co-authored-by: Craig Box <[email protected]>

* Update content/en/docs/ops/integrations/spire/index.md

Co-authored-by: Craig Box <[email protected]>

* Update content/en/docs/ops/integrations/spire/index.md

Co-authored-by: Craig Box <[email protected]>

* Review comments, lints, fixups

Signed-off-by: Benjamin Leggett <[email protected]>

* Genfix

Signed-off-by: Benjamin Leggett <[email protected]>

* Fix

Signed-off-by: Benjamin Leggett <[email protected]>

* Twiddle

Signed-off-by: Benjamin Leggett <[email protected]>

* Tests

Signed-off-by: Benjamin Leggett <[email protected]>

* Fix

Signed-off-by: Benjamin Leggett <[email protected]>

* Wrong namespace

Signed-off-by: Benjamin Leggett <[email protected]>

* Statefulset now

Signed-off-by: Benjamin Leggett <[email protected]>

* Fixup

Signed-off-by: Benjamin Leggett <[email protected]>

* More test fixup

Signed-off-by: Benjamin Leggett <[email protected]>

* fix

Signed-off-by: Benjamin Leggett <[email protected]>

* Reviews, testfix

Signed-off-by: Benjamin Leggett <[email protected]>

* Gen

Signed-off-by: Benjamin Leggett <[email protected]>

---------

Signed-off-by: Benjamin Leggett <[email protected]>
Co-authored-by: Craig Box <[email protected]>

content/en/docs/ops/integrations/spire/automatic_registration_test.sh

@@ -22,12 +22,14 @@ set -o pipefail
 # @setup profile=none
 
 # Install SPIRE configured with k8s Controller Manager
-snip_install_spire_with_controller_manager
-_wait_for_daemonset spire spire-agent
-_wait_for_deployment spire spire-server
+snip_install_spire_crds
+snip_install_spire_istio_overrides
+_wait_for_daemonset spire-server spire-agent
+_wait_for_statefulset spire-server spire-server
 
 # Create ClusterSPIFFEID
-snip_create_clusterspiffeid
+snip_spire_csid_istio_gateway
+snip_spire_csid_istio_sidecar
 
 # Install Istio
 set +u # Do not exit when value is unset. CHECK_FILE in the IstioOperator might be unset
@@ -44,19 +46,18 @@ _wait_for_deployment default sleep
 # Set spire-server pod variable
 snip_set_spire_server_pod_name_var
 
-# Verify registration identities were created for sleep and ingress gateway
-_verify_contains snip_verifying_that_identities_were_created_for_workloads_1 "spiffe://example.org/ns/default/sa/sleep"
-_verify_contains snip_verifying_that_identities_were_created_for_workloads_1 "spiffe://example.org/ns/istio-system/sa/istio-ingressgateway-service-account"
-
 # Set sleep pod and pod uid variables
-snip_set_sleep_pod_vars
+snip_set_sleep_pod_var
 
 # Verify sleep workload identity was issued by SPIRE
 snip_get_sleep_svid
 _verify_contains snip_get_svid_subject "O = SPIRE"
 
 # @cleanup
+#
 kubectl delete -f samples/security/spire/sleep-spire.yaml
 istioctl uninstall --purge --skip-confirmation
 kubectl delete ns istio-system
-snip_cleanup_spire_1
+snip_uninstall_spire
+snip_uninstall_spire_crds
+kubectl delete ns spire-server