From 62afa2efee1b83caef7800efbc219c21e7e4decf Mon Sep 17 00:00:00 2001 From: Qiming Teng Date: Tue, 9 May 2023 11:05:54 +0800 Subject: [PATCH] Fix issues in generated config API references This PR fixes some issues caused by the bad format in source code comments that confuse the reference generator. Problems are related to the use of `*` in comment text as literal string rather than emphasis. --- .../config-api/apiserver-audit.v1.md | 26 +++++++++++-------- .../reference/config-api/kubelet-config.v1.md | 10 +++---- .../config-api/kubelet-config.v1beta1.md | 10 +++---- .../kubelet-credentialprovider.v1.md | 12 ++++----- .../kubelet-credentialprovider.v1alpha1.md | 12 ++++----- .../kubelet-credentialprovider.v1beta1.md | 12 ++++----- 6 files changed, 43 insertions(+), 39 deletions(-) diff --git a/content/en/docs/reference/config-api/apiserver-audit.v1.md b/content/en/docs/reference/config-api/apiserver-audit.v1.md index e89270a91a..2837e7c323 100644 --- a/content/en/docs/reference/config-api/apiserver-audit.v1.md +++ b/content/en/docs/reference/config-api/apiserver-audit.v1.md @@ -322,12 +322,14 @@ The empty string represents the core API group.

Resources is a list of resources this rule applies to.

-

For example: -'pods' matches pods. -'pods/log' matches the log subresource of pods. -'' matches all resources and their subresources. -'pods/' matches all subresources of pods. -'*/scale' matches all scale subresources.

+

For example:

+

If wildcard is present, the validation rule will ensure resources do not overlap with each other.

An empty list implies all resources and subresources in this API groups apply.

@@ -501,10 +503,12 @@ An empty list implies every namespace.

NonResourceURLs is a set of URL paths that should be audited. -s are allowed, but only as the full, final step in the path. -Examples: -"/metrics" - Log requests for apiserver metrics -"/healthz" - Log all health checks

+*s are allowed, but only as the full, final step in the path. +Examples:

+
    +
  • "/metrics" - Log requests for apiserver metrics
    • +
  • "/healthz*" - Log all health checks
    • +
omitStages
@@ -552,4 +556,4 @@ Policy.OmitManagedFields will stand. - \ No newline at end of file + diff --git a/content/en/docs/reference/config-api/kubelet-config.v1.md b/content/en/docs/reference/config-api/kubelet-config.v1.md index 0b55fb12c5..c4b8a999ea 100644 --- a/content/en/docs/reference/config-api/kubelet-config.v1.md +++ b/content/en/docs/reference/config-api/kubelet-config.v1.md @@ -81,9 +81,9 @@ to provide credentials. Images are expected to contain the registry domain and URL path.

Each entry in matchImages is a pattern which can optionally contain a port and a path. Globs can be used in the domain, but not in the port or the path. Globs are supported -as subdomains like '*.k8s.io' or 'k8s.*.io', and top-level-domains such as 'k8s.*'. -Matching partial subdomains like 'app*.k8s.io' is also supported. Each glob can only match -a single subdomain segment, so *.io does not match *.k8s.io.

+as subdomains like *.k8s.io or k8s.*.io, and top-level-domains such as k8s.*. +Matching partial subdomains like app*.k8s.io is also supported. Each glob can only match +a single subdomain segment, so *.io does not match *.k8s.io.

A match exists between an image and a matchImage when all of the below are true:

  • Both contain the same number of domain parts and each part matches.
    • @@ -93,9 +93,9 @@ a single subdomain segment, so *.io does not match *.k8s.io.

    Example values of matchImages:

    • 123456789.dkr.ecr.us-east-1.amazonaws.com
      • -
    • *.azurecr.io
      • +
    • *.azurecr.io
    • gcr.io
      • -
    • *.registry.io
      • +
    • *.*.registry.io
    • registry.io:8080/path
    diff --git a/content/en/docs/reference/config-api/kubelet-config.v1beta1.md b/content/en/docs/reference/config-api/kubelet-config.v1beta1.md index ceb38a718f..3ecb49baca 100644 --- a/content/en/docs/reference/config-api/kubelet-config.v1beta1.md +++ b/content/en/docs/reference/config-api/kubelet-config.v1beta1.md @@ -1303,9 +1303,9 @@ to provide credentials. Images are expected to contain the registry domain and URL path.

    Each entry in matchImages is a pattern which can optionally contain a port and a path. Globs can be used in the domain, but not in the port or the path. Globs are supported -as subdomains like '*.k8s.io' or 'k8s.*.io', and top-level-domains such as 'k8s.*'. -Matching partial subdomains like 'app*.k8s.io' is also supported. Each glob can only match -a single subdomain segment, so *.io does not match *.k8s.io.

    +as subdomains like *.k8s.io or k8s.*.io, and top-level-domains such as k8s.*. +Matching partial subdomains like app*.k8s.io is also supported. Each glob can only match +a single subdomain segment, so *.io does not match *.k8s.io.

    A match exists between an image and a matchImage when all of the below are true:

    • Both contain the same number of domain parts and each part matches.
      • @@ -1315,9 +1315,9 @@ a single subdomain segment, so *.io does not match *.k8s.io.

      Example values of matchImages:

      • 123456789.dkr.ecr.us-east-1.amazonaws.com
        • -
      • *.azurecr.io
        • +
      • *.azurecr.io
      • gcr.io
        • -
      • *.registry.io
        • +
      • *.*.registry.io
      • registry.io:8080/path
      diff --git a/content/en/docs/reference/config-api/kubelet-credentialprovider.v1.md b/content/en/docs/reference/config-api/kubelet-credentialprovider.v1.md index 1608442710..5379c0651c 100644 --- a/content/en/docs/reference/config-api/kubelet-credentialprovider.v1.md +++ b/content/en/docs/reference/config-api/kubelet-credentialprovider.v1.md @@ -89,9 +89,9 @@ should be valid for all images that match against this key. A plugin should set this field to null if no valid credentials can be returned for the requested image.

      Each key in the map is a pattern which can optionally contain a port and a path. Globs can be used in the domain, but not in the port or the path. Globs are supported -as subdomains like '.k8s.io' or 'k8s..io', and top-level-domains such as 'k8s.'. -Matching partial subdomains like 'app.k8s.io' is also supported. Each glob can only match -a single subdomain segment, so *.io does not match *.k8s.io.

      +as subdomains like *.k8s.io or k8s.*.io, and top-level-domains such as k8s.*. +Matching partial subdomains like app*.k8s.io is also supported. Each glob can only match +a single subdomain segment, so *.io does not match *.k8s.io.

      The kubelet will match images against the key when all of the below are true:

      • Both contain the same number of domain parts and each part matches.
        • @@ -108,9 +108,9 @@ stopping after the first successfully authenticated pull.

        Example keys:

        • 123456789.dkr.ecr.us-east-1.amazonaws.com
          • -
        • *.azurecr.io
          • +
        • *.azurecr.io
        • gcr.io
          • -
        • ..registry.io
          • +
        • *.*.registry.io
        • registry.io:8080/path
        @@ -166,4 +166,4 @@ An empty password is valid.

        - \ No newline at end of file + diff --git a/content/en/docs/reference/config-api/kubelet-credentialprovider.v1alpha1.md b/content/en/docs/reference/config-api/kubelet-credentialprovider.v1alpha1.md index 4d2e9196ed..f4f610ffe2 100644 --- a/content/en/docs/reference/config-api/kubelet-credentialprovider.v1alpha1.md +++ b/content/en/docs/reference/config-api/kubelet-credentialprovider.v1alpha1.md @@ -89,9 +89,9 @@ should be valid for all images that match against this key. A plugin should set this field to null if no valid credentials can be returned for the requested image.

        Each key in the map is a pattern which can optionally contain a port and a path. Globs can be used in the domain, but not in the port or the path. Globs are supported -as subdomains like '.k8s.io' or 'k8s..io', and top-level-domains such as 'k8s.'. -Matching partial subdomains like 'app.k8s.io' is also supported. Each glob can only match -a single subdomain segment, so *.io does not match *.k8s.io.

        +as subdomains like *.k8s.io or k8s.*.io, and top-level-domains such as k8s.*. +Matching partial subdomains like app*.k8s.io is also supported. Each glob can only match +a single subdomain segment, so *.io does not match *.k8s.io.

        The kubelet will match images against the key when all of the below are true:

        • Both contain the same number of domain parts and each part matches.
          • @@ -108,9 +108,9 @@ stopping after the first successfully authenticated pull.

          Example keys:

          • 123456789.dkr.ecr.us-east-1.amazonaws.com
            • -
          • *.azurecr.io
            • +
          • *.azurecr.io
          • gcr.io
            • -
          • ..registry.io
            • +
          • *.*.registry.io
          • registry.io:8080/path
          @@ -166,4 +166,4 @@ An empty password is valid.

          - \ No newline at end of file + diff --git a/content/en/docs/reference/config-api/kubelet-credentialprovider.v1beta1.md b/content/en/docs/reference/config-api/kubelet-credentialprovider.v1beta1.md index cac38ef9bd..b53b6bde50 100644 --- a/content/en/docs/reference/config-api/kubelet-credentialprovider.v1beta1.md +++ b/content/en/docs/reference/config-api/kubelet-credentialprovider.v1beta1.md @@ -89,9 +89,9 @@ should be valid for all images that match against this key. A plugin should set this field to null if no valid credentials can be returned for the requested image.

          Each key in the map is a pattern which can optionally contain a port and a path. Globs can be used in the domain, but not in the port or the path. Globs are supported -as subdomains like '.k8s.io' or 'k8s..io', and top-level-domains such as 'k8s.'. -Matching partial subdomains like 'app.k8s.io' is also supported. Each glob can only match -a single subdomain segment, so *.io does not match *.k8s.io.

          +as subdomains like *.k8s.io or k8s.*.io, and top-level-domains such as k8s.*. +Matching partial subdomains like app*.k8s.io is also supported. Each glob can only match +a single subdomain segment, so *.io does not match *.k8s.io.

          The kubelet will match images against the key when all of the below are true:

          • Both contain the same number of domain parts and each part matches.
            • @@ -108,9 +108,9 @@ stopping after the first successfully authenticated pull.

            Example keys:

            • 123456789.dkr.ecr.us-east-1.amazonaws.com
              • -
            • *.azurecr.io
              • +
            • *.azurecr.io
            • gcr.io
              • -
            • ..registry.io
              • +
            • *.*.registry.io
            • registry.io:8080/path
            @@ -166,4 +166,4 @@ An empty password is valid.

            - \ No newline at end of file +