diff --git a/content/en/blog/2021-01-06-january-update.md b/content/en/blog/2021-01-06-january-update.md index c645ea537..08f64a4b6 100644 --- a/content/en/blog/2021-01-06-january-update.md +++ b/content/en/blog/2021-01-06-january-update.md @@ -112,7 +112,7 @@ Azure DevOps users will have to specify to use libgit2 in their GitRepository resources. Follow [the generic git server -guide](/flux/installation/#generic-git-server) +guide](/flux/installation/bootstrap/generic-git-server/) for further instructions in how to use Flux with Azure DevOps. Upcoming events diff --git a/content/en/blog/2021-04-29-may-update/index.md b/content/en/blog/2021-04-29-may-update/index.md index 8dc53c094..f9d5e7082 100644 --- a/content/en/blog/2021-04-29-may-update/index.md +++ b/content/en/blog/2021-04-29-may-update/index.md @@ -67,7 +67,7 @@ The Flux v2 CLI and the GitOps Toolkit controllers are now CII Best Practices certified. Checkout the [new bootstrap -procedure](/flux/installation/_index.md#generic-git-server). +procedure](/flux/installation/bootstrap/generic-git-server/). 0.13 comes with **breaking changes to image automation** and has the following highlights: @@ -95,7 +95,7 @@ Please follow the [upgrade procedure for image automation](https://github.com/fluxcd/flux2/discussions/1333). Checkout the [new bootstrap customisation -feature](/flux/installation/_index.md#customize-flux-manifests). +feature](/flux/installation/configuration/boostrap-customization/). The [Image automation guide](/flux/guides/image-update/) has been updated to the new APIs, and also includes a reference to a diff --git a/content/en/blog/2021-11-30-december-update/index.md b/content/en/blog/2021-11-30-december-update/index.md index 0093425f5..70a2f298c 100644 --- a/content/en/blog/2021-11-30-december-update/index.md +++ b/content/en/blog/2021-11-30-december-update/index.md @@ -98,7 +98,7 @@ Big shout-out to Soulé Ba for adding Bitbucket support to Flux. This will make lots of Flux users happy. Thank you very much! To find out how to bootstrap Flux on Bitbucket Server, please review -[our documentation](/flux/installation/#bitbucket-server-and-data-center). +[our documentation](/flux/installation/bootstrap/bitbucket/). We love feedback, so please reach out if you have any questions or are missing anything. We are also working on support for BitBucket Cloud, for which we might need some help testing, documentation or wherever diff --git a/content/en/blog/2022-01-31-january-update/index.md b/content/en/blog/2022-01-31-january-update/index.md index 1f87060f7..bc538018d 100644 --- a/content/en/blog/2022-01-31-january-update/index.md +++ b/content/en/blog/2022-01-31-january-update/index.md @@ -39,7 +39,7 @@ previously the controllers ignored the service account. #### :lock: Security enhancements - Platform admins have the option to [lock down Flux on multi-tenant - clusters](/flux/installation/#multi-tenancy-lockdown) + clusters](/flux/installation/configuration/multitenancy/) and enforce tenant isolation at namespace level without having to use a 3rd party admission controller. - The Flux installation conforms to the Kubernetes [restricted pod diff --git a/content/en/blog/2022-03-09-pod-security-standard-restricted.md b/content/en/blog/2022-03-09-pod-security-standard-restricted.md index 08ec44d6d..e0653c9c7 100644 --- a/content/en/blog/2022-03-09-pod-security-standard-restricted.md +++ b/content/en/blog/2022-03-09-pod-security-standard-restricted.md @@ -83,7 +83,7 @@ issue](https://github.com/fluxcd/source-controller/issues/582) ([related upstream report](https://github.com/openshift/cluster-kube-apiserver-operator/issues/1325)). The work-around right now is to remove the seccomp profile as -described in [these instructions](/flux/use-cases/openshift/#flux-installation-with-cli). +described in [these instructions](/flux/use-cases/openshift/). {{% /note %}} ## `seccomp` and `RuntimeDefault` diff --git a/content/en/blog/2022-08-02-july-update/index.md b/content/en/blog/2022-08-02-july-update/index.md index 71e580435..f96a502c0 100644 --- a/content/en/blog/2022-08-02-july-update/index.md +++ b/content/en/blog/2022-08-02-july-update/index.md @@ -300,7 +300,7 @@ couple of small things we landed recently: this document shows how to do just that. - We expanded our documentation on Azure to include [Using Helm OCI with Azure Container - Registry](/flux/use-cases/azure/#using-helm-oci-with-azure-container-registry). + Registry](/flux/components/source/helmrepositories/#provider). - Flagger news! We updated the docs on our website to match the newest version of Flagger (1.22). This adds a tutorial for how to do [Canary analysis with KEDA diff --git a/content/en/blog/2022-12-01-november-update/index.md b/content/en/blog/2022-12-01-november-update/index.md index 75ca5b2cc..4c6d4d578 100644 --- a/content/en/blog/2022-12-01-november-update/index.md +++ b/content/en/blog/2022-12-01-november-update/index.md @@ -79,7 +79,7 @@ Check out these new pieces of documentation: - Guide: [AWS CodeCommit bootstrap](/flux/use-cases/aws-codecommit/) - Guide: [Azure DevOps - bootstrap](/flux/use-cases/azure/#flux-installation-for-azure-devops) + bootstrap](/flux/installation/bootstrap/azure-devops/) 💖 Big thanks to all the Flux contributors that helped us with this release! diff --git a/content/en/blog/2023-05-02-april-update/index.md b/content/en/blog/2023-05-02-april-update/index.md index f6ff80ac8..ebf0c9991 100644 --- a/content/en/blog/2023-05-02-april-update/index.md +++ b/content/en/blog/2023-05-02-april-update/index.md @@ -35,7 +35,7 @@ In addition, RC.1 comes with support for auth with Azure Workload Identity when pulling OCI artifacts from ACR and when decrypting secret with Azure Vault. Also, Bootstrap for GitLab was extended with support for generating [GitLab Deploy -Tokens](/flux/installation/#gitlab-and-gitlab-enterprise). +Tokens](/flux/installation/bootstrap/gitlab/). Big thanks to all the Flux contributors that helped us with this release! @@ -73,7 +73,7 @@ reconciliation of multiple resources using `.spec.resources.matchLabels`. The v1 API is backwards compatible with v1beta2, no fields were removed. To upgrade Flux from `v0.x` to `v2.0.0-rc-1` you can either rerun -[flux bootstrap](/flux/installation/#bootstrap-upgrade) +[flux bootstrap](/flux/installation/upgrade/#flux-controllers-upgrade) or use the [Flux GitHub Action](https://github.com/fluxcd/flux2/tree/main/action). To upgrade the APIs from v1beta2, after deploying the new CRDs and controllers, diff --git a/content/en/flux/cheatsheets/troubleshooting.md b/content/en/flux/cheatsheets/troubleshooting.md index 95eda45a8..7da871c00 100644 --- a/content/en/flux/cheatsheets/troubleshooting.md +++ b/content/en/flux/cheatsheets/troubleshooting.md @@ -157,7 +157,7 @@ in [`helm/helm#8281`](https://github.com/helm/helm/issues/8281). If you are running into this, confirm first that your chart has all the required excludes in their respective [`.helmignore`](https://helm.sh/docs/chart_template_guide/helm_ignore_file/) and -[`.sourceignore`](/flux/components/source/api/#source.toolkit.fluxcd.io/v1.GitRepository) files. +[`.sourceignore`](/flux/components/source/api/v1/#source.toolkit.fluxcd.io/v1.GitRepository) files. ### How to debug "not ready" errors? diff --git a/content/en/flux/flux-e2e.md b/content/en/flux/flux-e2e.md index 3e87d846c..fc82e3831 100644 --- a/content/en/flux/flux-e2e.md +++ b/content/en/flux/flux-e2e.md @@ -75,7 +75,7 @@ Source controller. Kustomize controller delivers, or applies, resources into a c user defines how Kustomize controller delivers workloads from sources. The Kustomize controller is responsible for validating manifests against the Kubernetes API, and managing access to permissions in a way that is safe for -multi-tenant clusters through Kubernetes Service Account impersonation. The controller supports health assessment of deployed resources and dependency +multi-tenant clusters through Kubernetes Service Account impersonation. The controller supports health checking of deployed resources and dependency ordering, optionally enabled garbage collection or "pruning" of deleted resources from the cluster when they are removed from the source, and also notification of when cluster state changes – Kustomizations can also target and deliver resources onto a remote cluster, (which can, but does not necessarily also run its own local independent set of Flux controllers.) @@ -120,7 +120,7 @@ changes to a given Git repository. The behavior of the automation process is def That resource defines the way that automated commits are created and pushed. The `ImagePolicy` is another custom resource that determines what image tags go where. `ImagePolicy` can be defined to select the latest image from images within a SemVer range, or more flexible RegEx filters with alphabetical or -numerical sorting to select the "latest" image. Image tags can also be [filtered with FilterTags](/flux/components/image/imagepolicies/#filtertags) +numerical sorting to select the "latest" image. Image tags can also be [filtered with FilterTags](/flux/components/image/imagepolicies/#filter-tags) before they are considered as candidate images by the policy rule. The updates are governed by marking fields to be updated in each YAML file. For each field marked, the automation process checks the image policy named, and @@ -150,7 +150,7 @@ A brief outline of the life cycle of a change as it's processed through Flux, ce 13. [Using a GitRepository-backed or S3-backed HelmRelease][] is an alternative to use Helm without a `HelmRepository`. 14. [Channel-based Providers for Notifications][] re-publish `Events` from Flux resources at-large to a channel where users can see them. 15. [Git Commit Status Provider Notifications][] re-publish `Events` from the Kustomize Controller as commit checks. -16. [Waiting and Health Assessment for Flux Kustomization][]. +16. [Waiting and Health Checking for Flux Kustomization][]. ### Bootstrapping Flux @@ -428,8 +428,8 @@ that refer to or use them. The Kustomize Controller communicates directly with the Kubernetes API using [server-side apply and update][] API operations instead of running the `kubectl apply` command as a separate forked process and passing it manifest data through a system pipe. Applying resource manifests directly to the Kubernetes API is both more efficient and provides more control over the process, enabling the Kustomize Controller to give real-time feedback on validation errors, -garbage-collection and resource health assessment. It also allows the Kubernetes API to track [field management][], so different management tools or -controllers can set field values within the same resource without interfering with each other. +garbage-collection and resource "health assessment" or health checking. It also allows the Kubernetes API to track [field management][], so different +management tools or controllers can set field values within the same resource without interfering with each other. The server-side apply operation is synchronous rather than asynchronous. If any resources fail to become ready before a specified timeout, the controller can abort the entire transaction. The timeout value is used in two separate contexts, such that either or both of them can take up to `spec.timeout` seconds @@ -569,13 +569,13 @@ commit hash to be present in the metadata. The provider will continuously receive events as they happen, and multiple events may be received for the same commit hash. The Git providers are configured to update the status only if it has changed. This avoids repeatedly spamming the commit status history. -### Waiting and Health Assessment for Flux Kustomization +### Waiting and Health Checking for Flux Kustomization Kustomize Controller can be configured with or without `spec.wait` which decides whether the `Kustomization` will be considered ready as soon as the resources are applied, or if the Kustomization will not be considered ready until the resources it created are all marked as ready. -The health checking feature is called [Health Assessment][] in the Flux Kustomization API. +The health checking feature is called [Health Checks][] in the Flux Kustomization API. [Bootstrapping Flux]: #bootstrapping-flux [Generating a Flux resource]: #generating-a-flux-resource @@ -593,7 +593,7 @@ The health checking feature is called [Health Assessment][] in the Flux Kustomiz [Using a GitRepository-backed or S3-backed HelmRelease]: #using-a-gitrepository-backed-or-s3-backed-helmrelease [Channel-based Providers for Notifications]: #channel-based-providers-for-notifications [Git Commit Status Provider Notifications]: #git-commit-status-provider-notifications -[Waiting and Health Assessment for Flux Kustomization]: #waiting-and-health-assessment-for-flux-kustomization +[Waiting and Health Checking for Flux Kustomization]: #waiting-and-health-checking-for-flux-kustomization [GitOps toolkit]: /flux/components/ [Security]: /flux/security/ @@ -626,4 +626,4 @@ The health checking feature is called [Health Assessment][] in the Flux Kustomiz [Alert API]: /flux/components/notification/alert/ [Event API]: /flux/components/notification/event/ [Setup Git Commit Status Notications]: /flux/guides/notifications/#git-commit-status -[Health Assessment]: /flux/components/kustomize/kustomization/#health-assessment +[Health Checks]: /flux/components/kustomize/kustomization/#health-checks diff --git a/content/en/flux/get-started.md b/content/en/flux/get-started.md index 988ab260d..ccdf64707 100644 --- a/content/en/flux/get-started.md +++ b/content/en/flux/get-started.md @@ -30,7 +30,7 @@ To install the CLI with Homebrew run: brew install fluxcd/tap/flux ``` -For other installation methods, see the [CLI install documentation](installation.md#install-the-flux-cli). +For other installation methods, see the [CLI install documentation](/flux/installation/#install-the-flux-cli). ## Export your credentials @@ -262,7 +262,7 @@ To resume updates run the command `flux resume kustomization `. ## Customize podinfo deployment To customize a deployment from a repository you don't control, you can use Flux -[in-line patches](../components/kustomize/kustomization/#override-kustomize-config). The following example shows how to use in-line patches to change the podinfo deployment. +[in-line patches](/flux/components/kustomize/kustomization/#patches). The following example shows how to use in-line patches to change the podinfo deployment. 1. Add the following to the field `spec` of your `podinfo-kustomization.yaml` file: diff --git a/content/en/flux/guides/cron-job-image-auth.md b/content/en/flux/guides/cron-job-image-auth.md index 18058fb4e..a494160ac 100644 --- a/content/en/flux/guides/cron-job-image-auth.md +++ b/content/en/flux/guides/cron-job-image-auth.md @@ -301,7 +301,7 @@ Note that the resulting ImagePullSecret for Flux could also be specified by Pods #### Generating Tokens for Managed Identities [short-lived] -As a pre-requisite, your AKS cluster will need [AAD Pod Identity](../use-cases/azure.md#aad-pod-identity) installed. +As a pre-requisite, your AKS cluster will need [AAD Pod Identity](/flux/components/image/imagerepositories/#aad-pod-identity) installed. Once we have AAD Pod Identity installed, we can create a Deployment that frequently refreshes an image pull secret into our desired Namespace. diff --git a/content/en/flux/guides/helmreleases.md b/content/en/flux/guides/helmreleases.md index d338f50ce..da6c1f506 100644 --- a/content/en/flux/guides/helmreleases.md +++ b/content/en/flux/guides/helmreleases.md @@ -382,7 +382,7 @@ spec: {{% alert color="info" title="Garbage Collection" %}} Stale `ConfigMaps`, previously generated by Kustomize, will be removed from the cluster by kustomize-controller if -[pruning](../components/kustomize/kustomization/#garbage-collection) is enabled. +[pruning](/flux/components/kustomize/kustomization/#prune) is enabled. {{% /alert %}} ## Refer to values in Secret generated with Kustomize and SOPS diff --git a/content/en/flux/guides/image-update.md b/content/en/flux/guides/image-update.md index d5d31fbd0..4769b88a1 100644 --- a/content/en/flux/guides/image-update.md +++ b/content/en/flux/guides/image-update.md @@ -65,7 +65,7 @@ If you bootstrapped Flux before, you need to add `--components-extra=image-reflector-controller,image-automation-controller` to your bootstrapping routine as image automation components are not installed by default. Please note that you need to delete the `flux-system` secret before rerunning bootstrap -to [rotate the deploy key](../installation.md#deploy-key-rotation). +to [rotate the deploy key](/flux/installation/#deploy-key-rotation). {{% /alert %}} Install Flux with the image automation components: diff --git a/content/en/flux/guides/mozilla-sops.md b/content/en/flux/guides/mozilla-sops.md index edfb97b1b..dd541e253 100644 --- a/content/en/flux/guides/mozilla-sops.md +++ b/content/en/flux/guides/mozilla-sops.md @@ -382,7 +382,7 @@ spec: selector: ${IDENTITY_NAME} ``` -[Customize your Flux Manifests](../installation/_index.md#customize-flux-manifests) so that kustomize-controller has the proper credentials. +[Customize your Flux Manifests](/flux/cheatsheets/bootstrap/#how-to-customize-flux) so that kustomize-controller has the proper credentials. Patch the kustomize-controller Pod template so that the label matches the `AzureIdentity` selector. Additionally, the SOPS specific environment variable `AZURE_AUTH_METHOD=msi` to activate the proper auth method within kustomize-controller. diff --git a/content/en/flux/guides/notifications.md b/content/en/flux/guides/notifications.md index 4a6b9b03a..141fbda50 100644 --- a/content/en/flux/guides/notifications.md +++ b/content/en/flux/guides/notifications.md @@ -146,9 +146,9 @@ of the event. Therefore the providers will only work with `Kustomization` as an event source, as it is the only resource which includes this data. {{% /alert %}} -First follow the [get started guide](../../get-started) if you do not have a Kubernetes cluster with Flux installed in it. +First follow the [get started guide](/flux/get-started) if you do not have a Kubernetes cluster with Flux installed in it. You will need a authentication token to communicate with the API. The authentication method depends on -the git provider used, refer to the [Provider CRD](../../components/notification/provider/#git-commit-status) +the git provider used, refer to the [Provider CRD](/flux/components/notification/provider/#git-commit-status-updates) for details about how to get the correct token. The guide will use GitHub, but the other providers will work in a very similar manner. The token will need to have write access to the repository it is going to update the commit status in. Store the generated token in a Secret with the following data format in the cluster. diff --git a/content/en/flux/migration/flux-v1-automation-migration.md b/content/en/flux/migration/flux-v1-automation-migration.md index 1101b16ca..43e4716e1 100644 --- a/content/en/flux/migration/flux-v1-automation-migration.md +++ b/content/en/flux/migration/flux-v1-automation-migration.md @@ -143,7 +143,7 @@ guide][flux-v1-migration]. When starting from scratch, you are likely to have used `flux bootstrap`. Rerun the command, and include the image automation controllers in your starting configuration with the flag -`--components-extra`, [as shown in the installation guide][flux-bootstrap]. +`--components-extra`, [as shown in the installation guide][additional components]. This will commit changes to your Git repository and sync them in the cluster. @@ -159,7 +159,7 @@ If you followed the [Flux v1 migration guide][flux-v1-migration], you will alrea Flux v2 controllers. The automation controllers are currently considered an optional extra to those, but are installed and run in much the same way. You may or may not have committed the Flux v2 configuration to your Git repository. If you did, go to the section [After committing Flux v2 -configuration to Git](#after-committing-flux-v2-configuration-to-git). +configuration to Git](#after-committing-a-flux-v2-configuration-to-git). If _not_, you will be installing directly to the cluster: @@ -546,7 +546,7 @@ timestamp part of the tag will be extracted and sorted numerically in ascending reference docs][imagepolicy-ref] for more examples. Once you have made sure you have image tags and an `ImagePolicy`, jump ahead to [Checking -the ImagePolicy works](#checking-that-the-image-policy-works). +the ImagePolicy works](#checking-that-the-imagepolicy-works). ### How to use SemVer image tags @@ -746,7 +746,7 @@ from ["Migrating each manifest to Flux v2"](#migrating-each-manifest-to-flux-v2) [image-update-tute-custom]: /flux/guides/image-update/#configure-image-update-for-custom-resources [flux-v1-migration]: /flux/migration/flux-v1-migration/ [install-cli]: /flux/get-started/#install-the-flux-cli -[flux-bootstrap]: /flux/installation/_index.md#bootstrap +[additional components]: /flux/installation/configuration/optional-components/ [github-pat]: https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token [image-update-tute-creds]: /flux/guides/image-update/#configure-image-scanning [image-update-tute-clouds]: /flux/guides/image-update/#imagerepository-cloud-providers-authentication diff --git a/content/en/flux/migration/helm-operator-migration.md b/content/en/flux/migration/helm-operator-migration.md index 569d5b3e1..b757a6abb 100644 --- a/content/en/flux/migration/helm-operator-migration.md +++ b/content/en/flux/migration/helm-operator-migration.md @@ -76,7 +76,7 @@ Getting similar behaviour is still possible [using a workaround that makes use o There was a long outstanding request for the Helm Operator to support merging single values at a given path. -With the Helm Controller this now possible by defining a [`targetPath` in the `ValuesReference`](../components/helm/api.md#helm.toolkit.fluxcd.io/v2beta1.ValuesReference), which supports the same formatting as you would supply as an argument to the `helm` binary using `--set [path]=[value]`. In addition to this, the referred value can contain the same value formats (e.g. `{a,b,c}` for a list). You can read more about the available formats and limitations in the [Helm documentation](https://helm.sh/docs/intro/using_helm/#the-format-and-limitations-of---set). +With the Helm Controller this now possible by defining a [`targetPath` in the `ValuesReference`](/flux/components/helm/api/#helm.toolkit.fluxcd.io/v2beta1.ValuesReference), which supports the same formatting as you would supply as an argument to the `helm` binary using `--set [path]=[value]`. In addition to this, the referred value can contain the same value formats (e.g. `{a,b,c}` for a list). You can read more about the available formats and limitations in the [Helm documentation](https://helm.sh/docs/intro/using_helm/#the-format-and-limitations-of---set). ### Support added for depends-on relationships @@ -175,7 +175,7 @@ spec: version: 1.2.3 ``` -With the Helm Controller, you now create a `HelmRepository` resource in addition to the `HelmRelease` you would normally create (for all available fields, consult the [Source API reference](../components/source/api.md#source.toolkit.fluxcd.io/v1beta2.HelmRepository)): +With the Helm Controller, you now create a `HelmRepository` resource in addition to the `HelmRelease` you would normally create (for all available fields, consult the [Source API reference](/flux/components/source/api/v1beta2/#source.toolkit.fluxcd.io/v1beta2.HelmRepository)): ```yaml --- @@ -643,7 +643,7 @@ spec: #### Automated rollbacks -The configuration below shows an automated rollback configuration that equals [the configuration for the Helm Operator showed above](#defining-a-rollback-uninstall-configuration) (for all available fields, consult the [`UpgradeRemediation`](../components/helm/api.md#helm.toolkit.fluxcd.io/v2beta1.UpgradeRemediation) and [`Rollback`](../components/helm/api.md#helm.toolkit.fluxcd.io/v2beta1.Rollback) API references): +The configuration below shows an automated rollback configuration that equals [the configuration for the Helm Operator showed above](#defining-a-rollback--uninstall-configuration) (for all available fields, consult the [`UpgradeRemediation`](/flux/components/helm/api/#helm.toolkit.fluxcd.io/v2beta1.UpgradeRemediation) and [`Rollback`](/flux/components/helm/api/#helm.toolkit.fluxcd.io/v2beta1.Rollback) API references): ```yaml apiVersion: helm.toolkit.fluxcd.io/v2beta1 diff --git a/content/en/flux/security/_index.md b/content/en/flux/security/_index.md index 738917b6d..86f2b036c 100644 --- a/content/en/flux/security/_index.md +++ b/content/en/flux/security/_index.md @@ -212,6 +212,6 @@ as it can be. For more information, checkout the [Flux Security Best Practices]( [^1]: However, by design cross-namespace references are an exception to RBAC. Platform admins have to option to turnoff cross-namespace references as described in the -[installation documentation](../installation/_index.md#multi-tenancy-lockdown). +[installation documentation](/flux/installation/configuration/multitenancy/). [^2]: Platform admins have to option to enforce impersonation as described in the -[installation documentation](../installation/_index.md#multi-tenancy-lockdown). +[installation documentation](/flux/installation/configuration/multitenancy/). diff --git a/content/en/flux/security/best-practices.md b/content/en/flux/security/best-practices.md index 8c6997461..31ccbc2c7 100644 --- a/content/en/flux/security/best-practices.md +++ b/content/en/flux/security/best-practices.md @@ -268,7 +268,7 @@ The recommendations below are based on Flux's latest version. Audit Procedure - Check whether you adhere to [Kubernetes Network Isolation Guidelines](https://kubernetes.io/docs/concepts/security/multi-tenancy/#network-isolation) - - Confirm that the [Network Policy](/flux-e2e/#fluxs-default-configuration-for-networkpolicy) objects created by Flux are being enforced by the CNI. Alternatively, run a tool such as [Cyclonus](https://github.com/mattfenwick/cyclonus) or [Sonobuoy](https://github.com/vmware-tanzu/sonobuoy) to validate NetworkPolicy enforcement by the CNI plugin on your cluster. + - Confirm that the [Network Policy](/flux/flux-e2e/#fluxs-default-configuration-for-networkpolicy) objects created by Flux are being enforced by the CNI. Alternatively, run a tool such as [Cyclonus](https://github.com/mattfenwick/cyclonus) or [Sonobuoy](https://github.com/vmware-tanzu/sonobuoy) to validate NetworkPolicy enforcement by the CNI plugin on your cluster. ## Additional Best Practices for Tenant Dedicated Cluster Multi-tenancy diff --git a/content/en/flux/security/contextual-authorization.md b/content/en/flux/security/contextual-authorization.md index 03d06f303..6d3cc2945 100644 --- a/content/en/flux/security/contextual-authorization.md +++ b/content/en/flux/security/contextual-authorization.md @@ -52,18 +52,18 @@ Support for context-based authorization should only increase over time. For more information, please visit the tracking issue: https://github.com/fluxcd/flux2/issues/3003. -[AWS Buckets]: ../components/source/buckets/#aws -[Azure Buckets]: ../components/source/buckets/#azure -[GCP Buckets]: ../components/source/buckets/#gcp -[AWS OCI Repository]: ../components/source/ocirepositories/#aws -[Azure OCI Repository]: ../components/source/ocirepositories/#azure -[GCP OCI Repository]: ../components/source/ocirepositories/#gcp -[AWS Helm Repository]: ../components/source/helmrepositories/#aws -[Azure Helm Repository]: ../components/source/helmrepositories/#azure -[GCP Helm Repository]: ../components/source/helmrepositories/#gcp -[AWS Container Registry]: ../guides/image-update/#using-native-aws-ecr-auto-login -[Azure Container Registry]: ../guides/image-update/#using-native-azure-acr-auto-login -[GCP Container Registry]: ../guides/image-update/#using-native-gcp-gcr-auto-login -[AWS KMS]: ../guides/mozilla-sops/#aws -[Azure KMS]: ../guides/mozilla-sops/#azure -[GCP KMS]: ../guides/mozilla-sops/#google-cloud +[AWS Buckets]: /flux/components/source/buckets/#aws +[Azure Buckets]: /flux/components/source/buckets/#azure +[GCP Buckets]: /flux/components/source/buckets/#gcp +[AWS OCI Repository]: /flux/components/source/ocirepositories/#aws +[Azure OCI Repository]: /flux/components/source/ocirepositories/#azure +[GCP OCI Repository]: /flux/components/source/ocirepositories/#gcp +[AWS Helm Repository]: /flux/components/source/helmrepositories/#aws +[Azure Helm Repository]: /flux/components/source/helmrepositories/#azure +[GCP Helm Repository]: /flux/components/source/helmrepositories/#gcp +[AWS Container Registry]: /flux/components/image/imagerepositories/#aws +[Azure Container Registry]: /flux/components/image/imagerepositories/#azure +[GCP Container Registry]: /flux/components/image/imagerepositories/#gcp +[AWS KMS]: /flux/guides/mozilla-sops/#aws +[Azure KMS]: /flux/guides/mozilla-sops/#azure +[GCP KMS]: /flux/guides/mozilla-sops/#google-cloud diff --git a/content/en/flux/use-cases/gh-actions-helm-promotion.md b/content/en/flux/use-cases/gh-actions-helm-promotion.md index 3386dbee3..a6599b244 100644 --- a/content/en/flux/use-cases/gh-actions-helm-promotion.md +++ b/content/en/flux/use-cases/gh-actions-helm-promotion.md @@ -217,7 +217,7 @@ to the repositories used with `flux bootstrap github`. ## Relevant documentation -- [Guides > Manage Helm Releases](../guides/helmreleases.md) -- [Toolkit Components > Helm Repository API](../components/source/helmrepositories.md) -- [Toolkit Components > Helm Release API](../components/helm/helmreleases.md) -- [Toolkit Components > Notification API > GitHub Dispatch](../components/notification/provider.md#github-repository-dispatch) +- [Guides > Manage Helm Releases](/flux/guides/helmreleases.md) +- [Toolkit Components > Helm Repository API](/flux/components/source/helmrepositories.md) +- [Toolkit Components > Helm Release API](/flux/components/helm/helmreleases.md) +- [Toolkit Components > Notification API > GitHub Dispatch](/flux/components/notification/provider/#github-dispatch) diff --git a/content/en/flux/use-cases/gh-actions-manifest-generation.md b/content/en/flux/use-cases/gh-actions-manifest-generation.md index a88fd8ac7..ca7e24df0 100644 --- a/content/en/flux/use-cases/gh-actions-manifest-generation.md +++ b/content/en/flux/use-cases/gh-actions-manifest-generation.md @@ -1254,7 +1254,7 @@ If you are on GitHub, and are struggling to get started using GitHub Actions, or [image update guide]: /flux/guides/image-update/ [any old app]: https://github.com/kingdonb/any_old_app [Flux bootstrap guide]: /flux/get-started/ -[String Substitution with sed -i]: #string-substitution-with-sed-i +[String Substitution with sed -i]: #string-substitution-with-sed--i [Docker Build and Tag with Version]: #docker-build-and-tag-with-version [Jsonnet for YAML Document Rehydration]: #jsonnet-for-yaml-document-rehydration [Commit Across Repositories Workflow]: #commit-across-repositories-workflow @@ -1291,7 +1291,7 @@ If you are on GitHub, and are struggling to get started using GitHub Actions, or [anguslees example jsonnet]: https://github.com/anguslees/kustomize-libsonnet/blob/master/example.jsonnet [Kubernetes docs on Using Service Accounts]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-multiple-service-accounts [sops/issues/315]: https://github.com/mozilla/sops/issues/315 -[using various cloud providers]: /guides/mozilla-sops/#using-various-cloud-providers +[using various cloud providers]: /flux/guides/mozilla-sops/#encrypting-secrets-using-various-cloud-providers [Decrypt SOPS Secrets]: https://github.com/marketplace/actions/decrypt-sops-secrets [Sops Binary Installer]: https://github.com/marketplace/actions/sops-binary-installer [04-update-fleet-infra.yaml]: https://github.com/kingdonb/any_old_app/blob/main/.github/workflows/04-update-fleet-infra.yaml diff --git a/content/en/flux/use-cases/helm.md b/content/en/flux/use-cases/helm.md index 1b7b318ac..f407d0751 100644 --- a/content/en/flux/use-cases/helm.md +++ b/content/en/flux/use-cases/helm.md @@ -156,9 +156,9 @@ to a chart. The Flux Kustomize Controller method allows you to accomplish this on any chart without additional templated annotations. You may also use Kustomize Controller -built-in [Mozilla SOPS integration](../components/kustomize/kustomization.md#secrets-decryption) +built-in [Mozilla SOPS integration](/flux/components/kustomize/kustomization/#decryption) to securely manage your encrypted secrets stored in git. -See the [Flux SOPS guide](../guides/mozilla-sops.md) for step-by-step instructions through various use cases. +See the [Flux SOPS guide](/flux/guides/mozilla-sops/) for step-by-step instructions through various use cases. ## Automatic Release Upgrades diff --git a/content/en/roadmap.md b/content/en/roadmap.md index b5daff13d..319f742d4 100644 --- a/content/en/roadmap.md +++ b/content/en/roadmap.md @@ -49,7 +49,7 @@ The completion of this milestone is marked by the [v2.0.0](https://github.com/fl - [x] Multi-tenancy lockdown - [x] [Allow setting a default service account for impersonation](https://github.com/fluxcd/flux2/issues/2340) - [x] [Allow disabling cross-namespace references](https://github.com/fluxcd/flux2/issues/2337) - - [x] [Document multi-tenancy lockdown configuration](flux/installation.md#multi-tenancy-lockdown) + - [x] [Document multi-tenancy lockdown configuration](/flux/installation/configuration/multitenancy/) - [x] Conformance testing - [x] End-to-end testing for bootstrap on AMD64 and ARM64 clusters