diff --git a/dictionary-octopus.txt b/dictionary-octopus.txt index e7d64b1cb0..9626505911 100644 --- a/dictionary-octopus.txt +++ b/dictionary-octopus.txt @@ -16,6 +16,7 @@ Bento bootstrap bootstrapped bootstrapper +changeit childelement choco cicd @@ -54,6 +55,7 @@ dockerhub DONTVALIDATEPATH dpkg Dspring +Elyton emptytitle Fargate feedcred @@ -81,6 +83,7 @@ hyperthreading IMDS inetmgr inetsrv +inkey internalcustomer Istio istioctl @@ -90,7 +93,9 @@ itemtype ITSM jwks keyrings +kubeconfig Kubelet +kubelogin kustomization kustomize lastmod @@ -161,6 +166,7 @@ rehype reindexing releaseprogression remoting +replicasets reprioritize reprovisioned reprovisioning @@ -232,4 +238,4 @@ octopusbob servername octopusdemos sqlcmd -sqlvolume \ No newline at end of file +sqlvolume diff --git a/src/pages/docs/administration/managing-infrastructure/subscriptions/index.md b/src/pages/docs/administration/managing-infrastructure/subscriptions/index.md index 0abdb5f1e0..33e6e87e64 100644 --- a/src/pages/docs/administration/managing-infrastructure/subscriptions/index.md +++ b/src/pages/docs/administration/managing-infrastructure/subscriptions/index.md @@ -1,7 +1,7 @@ --- layout: src/layouts/Default.astro pubDate: 2023-01-01 -modDate: 2023-01-01 +modDate: 2023-04-10 title: Subscriptions description: Subscriptions allow you to subscribe to events that are happening within Octopus, so you can be notified when events have occurred and react accordingly. navOrder: 1600 @@ -55,7 +55,7 @@ A subscription with the filters: That filter is translated to look for events where the category is Deployment Started AND for the environments Staging OR Production AND for the project Hello World. ::: -You can read more about getting started with notifications in our [Getting Started guide](docs/getting-started/best-practices/notifications). +You can read more about getting started with notifications in our [Getting Started guide](/docs/getting-started/best-practices/notifications). :::div{.hint} **Dates and Timezone** @@ -113,7 +113,7 @@ While we make every effort to ensure events are only ever sent *once* to a given ::: -## Event visibility and permissions {#Subscriptions-EventVisibilityandPermissions} +## Event visibility and permissions {#Subscriptions-Event-Visibility-and-Permissions} Because certain teams may be restricted to only see certain events, subscriptions give you the ability to scope to one or more teams. Teams may be restricted to certain criteria, such as project(s) and/or environment(s). Combine these restrictions with team roles and you can successfully control which events get seen for a given subscription. See more information on [Managing Users and Teams](/docs/security/users-and-teams/) as well as our [User Roles](/docs/security/users-and-teams/user-roles) documentation if you wish to learn more. diff --git a/src/pages/docs/deployments/certificates/wildfly-certificate-import.md b/src/pages/docs/deployments/certificates/wildfly-certificate-import.md index 8d34fd69dc..35be1e22bd 100644 --- a/src/pages/docs/deployments/certificates/wildfly-certificate-import.md +++ b/src/pages/docs/deployments/certificates/wildfly-certificate-import.md @@ -1,7 +1,7 @@ --- layout: src/layouts/Default.astro pubDate: 2023-01-01 -modDate: 2023-01-01 +modDate: 2024-04-10 title: Import certificates into WildFly and JBoss EAP description: Configure WildFly or JBoss EAP with a certificate managed by Octopus. navOrder: 50 @@ -158,9 +158,9 @@ The `Elytron server SSL context name` defines the name of the Elytron SSL Contex ::: :::div{.hint} -You can find more information of the Elytron subsystem components in the [WildFly documentation](https://docs.jboss.org/author/display/WFLY/Using+the+Elytron+Subsystem#UsingtheElytronSubsystem-onewayapps). +You can find more information of the Elytron subsystem components in the [WildFly documentation](https://docs.jboss.org/author/display/WFLY/Elytron%20Subsystem.html). ::: ## Configuration file backups -Before any changes are made to the WildFly or JBoss EAP configurations, a `:take-snapshot` command is run. This will create a backup file in the `domain/configuration/standalone_xml_history/snapshot` or `standaline/configuration/standalone_xml_history/snapshot` directory. +Before any changes are made to the WildFly or JBoss EAP configurations, a `:take-snapshot` command is run. This will create a backup file in the `domain/configuration/standalone_xml_history/snapshot` or `standalone/configuration/standalone_xml_history/snapshot` directory. diff --git a/src/pages/docs/deployments/deployment-freezes.md b/src/pages/docs/deployments/deployment-freezes.md index 7d904a4f7f..5aae594024 100644 --- a/src/pages/docs/deployments/deployment-freezes.md +++ b/src/pages/docs/deployments/deployment-freezes.md @@ -1,7 +1,7 @@ --- layout: src/layouts/Default.astro pubDate: 2024-03-25 -modDate: 2024-03-25 +modDate: 2024-04-10 title: Deployment freezes description: Deployment freezes allow you to pause deployments for a specified time range navOrder: 170 @@ -83,5 +83,5 @@ As this is an early access feature, we are aware of some flaws in the UI when as ## Learn more - [Projects](/docs/projects/) -- [Environments](/docs/infrastructure/environments/index) +- [Environments](/docs/infrastructure/environments) - Learn more about our concept of [Spaces](/docs/administration/spaces) diff --git a/src/pages/docs/infrastructure/deployment-targets/kubernetes-target/index.md b/src/pages/docs/infrastructure/deployment-targets/kubernetes-target/index.md index 23ee6cf75a..974f9a55db 100644 --- a/src/pages/docs/infrastructure/deployment-targets/kubernetes-target/index.md +++ b/src/pages/docs/infrastructure/deployment-targets/kubernetes-target/index.md @@ -1,7 +1,7 @@ --- layout: src/layouts/Default.astro pubDate: 2023-01-01 -modDate: 2023-01-01 +modDate: 2024-03-04 title: Kubernetes cluster description: How to configure a Kubernetes cluster as a deployment target in Octopus navOrder: 50 @@ -45,30 +45,30 @@ A number of the fields in this configuration file map directly to the fields in apiVersion: v1 clusters: - cluster: - certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUV5REN... + certificate-authority-data: XXXXXXXXXXXXXXXX... server: https://kubernetes.example.org:443 - name: k8scluster + name: k8s-cluster contexts: - context: - cluster: k8scluster - user: k8suser - name: k8suser -current-context: k8scluster + cluster: k8s-cluster + user: k8s_user + name: k8s_user +current-context: k8s-cluster kind: Config preferences: {} users: -- name: k8suser +- name: k8s_user user: - client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tL... - client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKS0FJQkFBS0... - token: 1234567890abcdefghijkl -- name: k8suser2 + client-certificate-data: XXXXXXXXXXXXXXXX... + client-key-data: XXXXXXXXXXXXXXXX... + token: 1234567890xxxxxxxxxxxxx +- name: k8s_user2 user: password: some-password username: exp -- name: k8suser3 +- name: k8s_user3 user: - token: 1234567890abcdefghijkl + token: 1234567890xxxxxxxxxxxxx ``` ## Add a Kubernetes target @@ -129,7 +129,7 @@ users: C:\OpenSSL-Win32\bin\openssl pkcs12 ` -passout pass: ` -export ` - -out certificateandkey.pfx ` + -out certificate_and_key.pfx ` -in certificate.crt ` -inkey private.key ``` @@ -140,7 +140,7 @@ users: openssl pkcs12 \ -passout pass: \ -export \ - -out certificateandkey.pfx \ + -out certificate_and_key.pfx \ -in certificate.crt \ -inkey private.key ``` @@ -158,18 +158,18 @@ Decoding the `certificate-authority-data` field results in a string that looks s ``` -----BEGIN CERTIFICATE----- -MIIEyDCCArCgAwIBAgIRAOBNYnhYDBamTvQn... +XXXXXXXXXXXXXXXX... -----END CERTIFICATE----- ``` Save this text to a file called `ca.pem`, and upload it to the [Octopus certificate management area](https://oc.to/CertificatesDocumentation). The certificate can then be selected in the `cluster certificate authority` field. 9. Enter the Kubernetes Namespace. -When a single Kubernetes cluster is shared across environments, resources deployed to the cluster will often be separated by environment and by application, team, or service. In this situation, the recommended approach is to create a namespace for each application and environment (e.g., `myapplication-development` and `my-application-production`), and create a Kubernetes service account that has permissions to just that namespace. +When a single Kubernetes cluster is shared across environments, resources deployed to the cluster will often be separated by environment and by application, team, or service. In this situation, the recommended approach is to create a namespace for each application and environment (e.g., `my-application-development` and `my-application-production`), and create a Kubernetes service account that has permissions to just that namespace. -Where each environment has its own Kubernetes cluster, namespaces can be assigned to each application, team or service (e.g. `myapplication`). +Where each environment has its own Kubernetes cluster, namespaces can be assigned to each application, team or service (e.g. `my-application`). -In both scenarios, a target is then created for each Kubernetes cluster and namespace. The `Target Role` tag is set to the application name (e.g. `myapplication`), and the `Environments` are set to the matching environment. +In both scenarios, a target is then created for each Kubernetes cluster and namespace. The `Target Role` tag is set to the application name (e.g. `my-application`), and the `Environments` are set to the matching environment. When a Kubernetes target is used, the namespace it references is created automatically if it does not already exist. @@ -177,6 +177,10 @@ When a Kubernetes target is used, the namespace it references is created automat To make use of the Kubernetes steps, the Octopus Server or workers that will run the steps need to have the `kubectl` executable installed. Linux workers also need to have the `jq`, `xargs` and `base64` applications installed. 11. Click **SAVE**. +:::div{.warning} +Setting the Worker Pool directly on the Deployment Target will override the Worker Pool defined in a Deployment Process. +::: + ## Create service accounts The recommended approach to configuring a Kubernetes target is to have a service account for each application and namespace. @@ -271,7 +275,7 @@ The token can then be saved as a Token Octopus account, and assigned to the Kube Kubernetes targets use the `kubectl` executable to communicate with the Kubernetes cluster. This executable must be available on the path on the target where the step is run. When using workers, this means the `kubectl` executable must be in the path on the worker that is executing the step. Otherwise the `kubectl` executable must be in the path on the Octopus Server itself. ## Vendor Authentication Plugins -Prior to `kubectl` version 1.26, the logic for authenticating against various cloud providers (eg Azure Kubernetes Services, Google Kubernetes Engine) was included "in-tree" in `kubetcl`. From version 1.26 onward, the cloud-vendor specific authentication code has been removed from `kubectl`, in favor of a plugin approach. +Prior to `kubectl` version 1.26, the logic for authenticating against various cloud providers (eg Azure Kubernetes Services, Google Kubernetes Engine) was included "in-tree" in `kubectl`. From version 1.26 onward, the cloud-vendor specific authentication code has been removed from `kubectl`, in favor of a plugin approach. What this means for your deployments: @@ -337,7 +341,7 @@ kubectl version --client --output=yaml # Write a custom kube config. This is useful when you have a config that works, and you want to confirm it works in Octopus. Write-Host "Health check with custom config file" -Set-Content -Path "myconfig.yml" -Value @" +Set-Content -Path "my-config.yml" -Value @" apiVersion: v1 clusters: - cluster: @@ -347,8 +351,8 @@ clusters: contexts: - context: cluster: test - user: testadmin - name: testadmin + user: test_admin + name: test_admin - context: cluster: test user: test @@ -357,16 +361,16 @@ current-context: test kind: Config preferences: {} users: -- name: testadmin +- name: test_admin user: token: auth-token-goes-here - name: test user: client-certificate-data: certificate-data-goes-here - client-key-data: certificate-key-gies-here + client-key-data: certificate-key-goes-here "@ -kubectl version --short --kubeconfig myconfig.yml +kubectl version --short --kubeconfig my-config.yml exit 0 diff --git a/src/pages/docs/projects/community-step-templates.md b/src/pages/docs/projects/community-step-templates.md index b218ff142c..352bb26a3c 100644 --- a/src/pages/docs/projects/community-step-templates.md +++ b/src/pages/docs/projects/community-step-templates.md @@ -1,7 +1,7 @@ --- layout: src/layouts/Default.astro pubDate: 2023-01-01 -modDate: 2023-01-01 +modDate: 2024-04-10 title: Community step templates description: How to take advantage of step templates contributed by the Octopus community. navOrder: 50 @@ -78,8 +78,8 @@ If you run into any problems with a community step template, don't worry - [we a Our community step templates live in our [Library repository](https://github.com/OctopusDeploy/Library) on GitHub. If you're familiar with GitHub, you can raise an [issue](https://github.com/OctopusDeploy/Library/issues), and a member of the Octopus team will triage the issue and work with you to get the issue resolved. -In addition, as the code is open-source, you can also submit a [pull request](https://github.com/OctopusDeploy/Library/pulls) to fix an issue. We have [contributing guidelines](https://github.com/OctopusDeploy/Library/blob/master/.github/CONTRIBUTING/) that we recommend reading before submitting a change. +In addition, as the code is open-source, you can also submit a [pull request](https://github.com/OctopusDeploy/Library/pulls) to fix an issue. We have [contributing guidelines](https://github.com/OctopusDeploy/Library/blob/master/.github/CONTRIBUTING.md) that we recommend reading before submitting a change. ## Security -Community step templates are created, updated, and fixed by the Octopus team and the Octopus community. The Octopus team reviews all contributions before they are added to the Octopus library so that the step template only does what the template is designed to do and nothing malicious. \ No newline at end of file +Community step templates are created, updated, and fixed by the Octopus team and the Octopus community. The Octopus team reviews all contributions before they are added to the Octopus library so that the step template only does what the template is designed to do and nothing malicious. diff --git a/src/pages/docs/projects/custom-step-templates.md b/src/pages/docs/projects/custom-step-templates.md index be184fcbad..d45c637b9b 100644 --- a/src/pages/docs/projects/custom-step-templates.md +++ b/src/pages/docs/projects/custom-step-templates.md @@ -1,7 +1,7 @@ --- layout: src/layouts/Default.astro pubDate: 2023-01-01 -modDate: 2023-01-01 +modDate: 2024-04-10 title: Custom step templates description: How to create reusable steps navOrder: 60 @@ -93,7 +93,7 @@ If you want to transport, backup, or share your custom step templates with the c Now you can take that exported template document and commit it to source control, or share it on the [Community Library](https://library.octopus.com/). :::div{.success} -Take a look at the [contributing guide](https://github.com/OctopusDeploy/Library/blob/master/.github/CONTRIBUTING/) for the Community Library and submit your step template as a [pull request](https://github.com/OctopusDeploy/Library/pulls). +Take a look at the [contributing guide](https://github.com/OctopusDeploy/Library/blob/master/.github/CONTRIBUTING.md) for the Community Library and submit your step template as a [pull request](https://github.com/OctopusDeploy/Library/pulls). ::: ## Linking custom step templates to community step templates