From efcf3bd27c05e67a56c8e686605d9c72aebfa456 Mon Sep 17 00:00:00 2001 From: Tom Wieczorek Date: Thu, 10 Oct 2024 15:45:25 +0200 Subject: [PATCH 1/4] Small whitespace and Markdown fixes Signed-off-by: Tom Wieczorek --- ...adr-001-autopilot-oci-basic-auth-support.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/docs/architecture/adr-001-autopilot-oci-basic-auth-support.md b/docs/architecture/adr-001-autopilot-oci-basic-auth-support.md index e030c0652ae9..fb4ffd5dd766 100644 --- a/docs/architecture/adr-001-autopilot-oci-basic-auth-support.md +++ b/docs/architecture/adr-001-autopilot-oci-basic-auth-support.md @@ -6,12 +6,12 @@ Registries are increasingly being used as generic artifact stores, expanding beyond their traditional role of hosting container images. To align with this trend, it is beneficial for Autopilot to support pulling artifacts directly from registries. Currently, Autopilot's capabilities are limited to downloading -artifacts via the HTTP[S] protocols. +artifacts via the HTTP\[S\] protocols. Enhancing Autopilot to pull artifacts directly from registries will streamline workflows and improve efficiency by allowing integration and deployment of -diverse artifacts without relying solely on HTTP[S] endpoints. This update will -enable Autopilot to handle registry-specific protocols and authentication +diverse artifacts without relying solely on HTTP\[S\] endpoints. This update +will enable Autopilot to handle registry-specific protocols and authentication mechanisms, aligning it with modern deployment practices. Currently, Autopilot does not support the retrieval of artifacts via the HTTP @@ -60,16 +60,16 @@ type PlanResourceURL struct { // InsecureSkipTLSVerify indicates whether certificates in the remote // URL (if using TLS) can be ignored. - InsecureSkipTLSVerify bool `json:"insecureSkipTLSVerify,omitempty"` + InsecureSkipTLSVerify bool `json:"insecureSkipTLSVerify,omitempty"` } ``` `SecretRef` property is of type `SecretReference` as defined by `k8s.io/api/core/v1` package. The secret pointed by the provided `SecretRef` -will be used for pulling artifacts using either HTTP[S] or OCI protocols and is -expected to by of type `kubernetes.io/dockerconfigjson` if the protocol in use -is `oci://` or of type `Opaque` if protocols `http://` or `https://` are used -(see below for details on the Secret layout). +will be used for pulling artifacts using either HTTP\[S\] or OCI protocols and +is expected to by of type `kubernetes.io/dockerconfigjson` if the protocol in +use is `oci://` or of type `Opaque` if protocols `http://` or `https://` are +used (see below for details on the Secret layout). Example configuration for OCI: @@ -133,7 +133,7 @@ behaviour in case of conflicting configurations: > In the case where the three properties are set (`username`, `password`, and > `authorization`) Autopilot will ignore `username` and `password`, i.e. -> `authorization` takes precedence over username and password. +> `authorization` takes precedence over username and password. The `authorization` entry is used as is, its content is placed directly into the `Authorization` header. For example a secret like the following will make From fd8deba7588964034922ead45c0610070a82b01b Mon Sep 17 00:00:00 2001 From: Tom Wieczorek Date: Thu, 10 Oct 2024 16:12:13 +0200 Subject: [PATCH 2/4] Move markdownlint config into its canonical place So that it will be picked up by the usual tooling. Signed-off-by: Tom Wieczorek --- .github/workflows/docs.yml | 6 +++--- .../markdownlint-config.jsonc => .markdownlint.jsonc | 0 2 files changed, 3 insertions(+), 3 deletions(-) rename .github/workflows/markdownlint-config.jsonc => .markdownlint.jsonc (100%) diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index b475468138c7..ffa2f425fef6 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -8,7 +8,7 @@ on: paths: - '**.md' - .github/workflows/docs.yml - - .github/workflows/markdownlint-config.jsonc + - .markdownlint.jsonc pull_request: branches: - main @@ -16,7 +16,7 @@ on: paths: - '**.md' - .github/workflows/docs.yml - - .github/workflows/markdownlint-config.jsonc + - .markdownlint.jsonc jobs: lint: name: Lint markdown @@ -25,6 +25,6 @@ jobs: - uses: actions/checkout@v4 - uses: articulate/actions-markdownlint@v1 with: - config: .github/workflows/markdownlint-config.jsonc + config: .markdownlint.jsonc ignore: autopilot version: 0.42.0 diff --git a/.github/workflows/markdownlint-config.jsonc b/.markdownlint.jsonc similarity index 100% rename from .github/workflows/markdownlint-config.jsonc rename to .markdownlint.jsonc From 1ac9fbd21fae4d26acb52b254045ed6a3138f50a Mon Sep 17 00:00:00 2001 From: Tom Wieczorek Date: Thu, 10 Oct 2024 16:14:56 +0200 Subject: [PATCH 3/4] Use tabs in the example Go code Signed-off-by: Tom Wieczorek --- .markdownlint.jsonc | 3 ++ ...dr-001-autopilot-oci-basic-auth-support.md | 42 +++++++++---------- 2 files changed, 24 insertions(+), 21 deletions(-) diff --git a/.markdownlint.jsonc b/.markdownlint.jsonc index 4f5ade25886c..5b5a5e979d20 100644 --- a/.markdownlint.jsonc +++ b/.markdownlint.jsonc @@ -5,6 +5,9 @@ "first-line-h1": false, "single-trailing-newline": false, "ol-prefix": "one_or_ordered", + "MD010": { + "code_blocks": false // Go uses tabs ¯\_(ツ)_/¯ + }, "MD033": { "allowed_elements": [ "br" // The br tag is more readable than two trailing spaces. diff --git a/docs/architecture/adr-001-autopilot-oci-basic-auth-support.md b/docs/architecture/adr-001-autopilot-oci-basic-auth-support.md index fb4ffd5dd766..39d7a330e809 100644 --- a/docs/architecture/adr-001-autopilot-oci-basic-auth-support.md +++ b/docs/architecture/adr-001-autopilot-oci-basic-auth-support.md @@ -31,12 +31,12 @@ Starting with the current `PlanResourceURL` struct: ```go type PlanResourceURL struct { - // URL is the URL of a downloadable resource. - URL string `json:"url"` + // URL is the URL of a downloadable resource. + URL string `json:"url"` - // Sha256 provides an optional SHA256 hash of the URL's content for - // verification. - Sha256 string `json:"sha256,omitempty"` + // Sha256 provides an optional SHA256 hash of the URL's content for + // verification. + Sha256 string `json:"sha256,omitempty"` } ``` @@ -45,22 +45,22 @@ pulls. This will be achieved by adjusting the struct as follows: ```go type PlanResourceURL struct { - // URL is the URL of a downloadable resource. - URL string `json:"url"` - - // Sha256 provides an optional SHA256 hash of the URL's content for - // verification. - Sha256 string `json:"sha256,omitempty"` - - // SecretRef holds a reference to a secret where the credentials are - // stored. We use these credentials when pulling the artifacts from the - // provided URL using - // any of the supported protocols (http, https, and oci). - SecretRef *corev1.SecretReference `json:"secretRef,omitempty"` - - // InsecureSkipTLSVerify indicates whether certificates in the remote - // URL (if using TLS) can be ignored. - InsecureSkipTLSVerify bool `json:"insecureSkipTLSVerify,omitempty"` + // URL is the URL of a downloadable resource. + URL string `json:"url"` + + // Sha256 provides an optional SHA256 hash of the URL's content for + // verification. + Sha256 string `json:"sha256,omitempty"` + + // SecretRef holds a reference to a secret where the credentials are + // stored. We use these credentials when pulling the artifacts from the + // provided URL using + // any of the supported protocols (http, https, and oci). + SecretRef *corev1.SecretReference `json:"secretRef,omitempty"` + + // InsecureSkipTLSVerify indicates whether certificates in the remote + // URL (if using TLS) can be ignored. + InsecureSkipTLSVerify bool `json:"insecureSkipTLSVerify,omitempty"` } ``` From 58480b138c6a0799cc7fd170aa7bcc753bb1c329 Mon Sep 17 00:00:00 2001 From: Tom Wieczorek Date: Thu, 10 Oct 2024 17:14:41 +0200 Subject: [PATCH 4/4] Use more Markdown headlines Signed-off-by: Tom Wieczorek --- .../adr-001-autopilot-oci-basic-auth-support.md | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/docs/architecture/adr-001-autopilot-oci-basic-auth-support.md b/docs/architecture/adr-001-autopilot-oci-basic-auth-support.md index 39d7a330e809..caa264574020 100644 --- a/docs/architecture/adr-001-autopilot-oci-basic-auth-support.md +++ b/docs/architecture/adr-001-autopilot-oci-basic-auth-support.md @@ -71,7 +71,9 @@ is expected to by of type `kubernetes.io/dockerconfigjson` if the protocol in use is `oci://` or of type `Opaque` if protocols `http://` or `https://` are used (see below for details on the Secret layout). -Example configuration for OCI: +### Example Configurations + +#### Configuration for OCI ```yaml url: oci://my.registry/binaries/k0s:v1.30.1+k0s.0 @@ -81,7 +83,7 @@ secretRef: name: artifacts-registry ``` -Example configuration for OCI using plain HTTP transport: +#### Configuration for OCI using plain HTTP transport ```yaml url: oci+http://my.registry/binaries/k0s:v1.30.1+k0s.0 @@ -91,7 +93,7 @@ secretRef: name: artifacts-registry ``` -Example configuration for HTTPS: +#### Configuration for HTTPS ```yaml url: https://my.file.server/binaries/k0s-v1.30.1+k0s.0 @@ -101,7 +103,7 @@ secretRef: name: artifacts-basic-auth ``` -Example configuration for HTTP: +#### Configuration for HTTP ```yaml url: http://my.file.server/binaries/k0s-v1.30.1+k0s.0