Remove shortcode 'code' (#19035)

A long time ago, we added a new shortcode `codenew` as a replacement of the `code` shortcode. The intention was to consolidate all example manifests to a single subdirectory, i.e. `content/<lang>/examples`. Now this transition is almost over. We have only two instances where the old `code` shortcode is referenced. This PR makes the `policy.rego` file inlined content so that all referenes to `code` are killed. We can safely drop the `code` shortcode. If desired, we can rename the `codenew` shortcode to `code` in a (series of) separate PR(s).
2020-02-11 11:52:00 +08:00 · 2020-02-11 11:52:00 +08:00 · b550c6c051
parent 2faf1024d9
commit b550c6c051
5 changed files with 152 additions and 188 deletions
--- a/content/en/docs/tasks/federation/policy.rego
+++ b/content/en/docs/tasks/federation/policy.rego
@ -1,74 +0,0 @@
 # OPA supports a high-level declarative language named Rego for authoring and
 # enforcing policies. For more information on Rego, visit
 # http://openpolicyagent.org.
 # Rego policies are namespaced by the "package" directive.
 package kubernetes.placement
 # Imports provide aliases for data inside the policy engine. In this case, the
 # policy simply refers to "clusters" below.
 import data.kubernetes.clusters
 # The "annotations" rule generates a JSON object containing the key
 # "federation.kubernetes.io/replica-set-preferences" mapped to <preferences>.
 # The preferences values is generated dynamically by OPA when it evaluates the
 # rule.
 #
 # The SchedulingPolicy Admission Controller running inside the Federation API
 # server will merge these annotations into incoming Federated resources. By
 # setting replica-set-preferences, we can control the placement of Federated
 # ReplicaSets.
 #
 # Rules are defined to generate JSON values (booleans, strings, objects, etc.)
 # When OPA evaluates a rule, it generates a value IF all of the expressions in
 # the body evaluate successfully. All rules can be understood intuitively as
 # <head> if <body> where <body> is true if <expr-1> AND <expr-2> AND ...
 # <expr-N> is true (for some set of data.)
 annotations["federation.kubernetes.io/replica-set-preferences"] = preferences {
    input.kind = "ReplicaSet"
    value = {"clusters": cluster_map, "rebalance": true}
    json.marshal(value, preferences)
 }
 # This "annotations" rule generates a value for the "federation.alpha.kubernetes.io/cluster-selector"
 # annotation.
 #
 # In English, the policy asserts that resources in the "production" namespace
 # that are not annotated with "criticality=low" MUST be placed on clusters
 # labelled with "on-premises=true".
 annotations["federation.alpha.kubernetes.io/cluster-selector"] = selector {
    input.metadata.namespace = "production"
    not input.metadata.annotations.criticality = "low"
    json.marshal([{
        "operator": "=",
        "key": "on-premises",
        "values": "[true]",
    }], selector)
 }
 # Generates a set of cluster names that satisfy the incoming Federated
 # ReplicaSet's requirements. In this case, just PCI compliance.
 replica_set_clusters[cluster_name] {
    clusters[cluster_name]
    not insufficient_pci[cluster_name]
 }
 # Generates a set of clusters that must not be used for Federated ReplicaSets
 # that request PCI compliance.
 insufficient_pci[cluster_name] {
    clusters[cluster_name]
    input.metadata.annotations["requires-pci"] = "true"
    not pci_clusters[cluster_name]
 }
 # Generates a set of clusters that are PCI certified. In this case, we assume
 # clusters are annotated to indicate if they have passed PCI compliance audits.
 pci_clusters[cluster_name] {
    clusters[cluster_name].metadata.annotations["pci-certified"] = "true"
 }
 # Helper rule to generate a mapping of desired clusters to weights. In this
 # case, weights are static.
 cluster_map[cluster_name] = {"weight": 1} {
    replica_set_clusters[cluster_name]
 }
--- a/content/en/docs/tasks/federation/set-up-placement-policies-federation.md
+++ b/content/en/docs/tasks/federation/set-up-placement-policies-federation.md
@ -108,7 +108,82 @@ Create the namespace if it does not already exist:
 Configure a sample policy to test the external policy engine:
-{{< code file="policy.rego" >}}
+```
 # OPA supports a high-level declarative language named Rego for authoring and
 # enforcing policies. For more information on Rego, visit
 # http://openpolicyagent.org.
 # Rego policies are namespaced by the "package" directive.
 package kubernetes.placement
 # Imports provide aliases for data inside the policy engine. In this case, the
 # policy simply refers to "clusters" below.
 import data.kubernetes.clusters
 # The "annotations" rule generates a JSON object containing the key
 # "federation.kubernetes.io/replica-set-preferences" mapped to <preferences>.
 # The preferences values is generated dynamically by OPA when it evaluates the
 # rule.
 #
 # The SchedulingPolicy Admission Controller running inside the Federation API
 # server will merge these annotations into incoming Federated resources. By
 # setting replica-set-preferences, we can control the placement of Federated
 # ReplicaSets.
 #
 # Rules are defined to generate JSON values (booleans, strings, objects, etc.)
 # When OPA evaluates a rule, it generates a value IF all of the expressions in
 # the body evaluate successfully. All rules can be understood intuitively as
 # <head> if <body> where <body> is true if <expr-1> AND <expr-2> AND ...
 # <expr-N> is true (for some set of data.)
 annotations["federation.kubernetes.io/replica-set-preferences"] = preferences {
    input.kind = "ReplicaSet"
    value = {"clusters": cluster_map, "rebalance": true}
    json.marshal(value, preferences)
 }
 # This "annotations" rule generates a value for the "federation.alpha.kubernetes.io/cluster-selector"
 # annotation.
 #
 # In English, the policy asserts that resources in the "production" namespace
 # that are not annotated with "criticality=low" MUST be placed on clusters
 # labelled with "on-premises=true".
 annotations["federation.alpha.kubernetes.io/cluster-selector"] = selector {
    input.metadata.namespace = "production"
    not input.metadata.annotations.criticality = "low"
    json.marshal([{
        "operator": "=",
        "key": "on-premises",
        "values": "[true]",
    }], selector)
 }
 # Generates a set of cluster names that satisfy the incoming Federated
 # ReplicaSet's requirements. In this case, just PCI compliance.
 replica_set_clusters[cluster_name] {
    clusters[cluster_name]
    not insufficient_pci[cluster_name]
 }
 # Generates a set of clusters that must not be used for Federated ReplicaSets
 # that request PCI compliance.
 insufficient_pci[cluster_name] {
    clusters[cluster_name]
    input.metadata.annotations["requires-pci"] = "true"
    not pci_clusters[cluster_name]
 }
 # Generates a set of clusters that are PCI certified. In this case, we assume
 # clusters are annotated to indicate if they have passed PCI compliance audits.
 pci_clusters[cluster_name] {
    clusters[cluster_name].metadata.annotations["pci-certified"] = "true"
 }
 # Helper rule to generate a mapping of desired clusters to weights. In this
 # case, weights are static.
 cluster_map[cluster_name] = {"weight": 1} {
    replica_set_clusters[cluster_name]
 }
 ```
 Shown below is the command to create the sample policy:
--- a/content/zh/docs/tasks/federation/policy.rego
+++ b/content/zh/docs/tasks/federation/policy.rego
@ -1,74 +0,0 @@
 # OPA supports a high-level declarative language named Rego for authoring and
 # enforcing policies. For more information on Rego, visit
 # http://openpolicyagent.org.
 # Rego policies are namespaced by the "package" directive.
 package kubernetes.placement
 # Imports provide aliases for data inside the policy engine. In this case, the
 # policy simply refers to "clusters" below.
 import data.kubernetes.clusters
 # The "annotations" rule generates a JSON object containing the key
 # "federation.kubernetes.io/replica-set-preferences" mapped to <preferences>.
 # The preferences values is generated dynamically by OPA when it evaluates the
 # rule.
 #
 # The SchedulingPolicy Admission Controller running inside the Federation API
 # server will merge these annotations into incoming Federated resources. By
 # setting replica-set-preferences, we can control the placement of Federated
 # ReplicaSets.
 #
 # Rules are defined to generate JSON values (booleans, strings, objects, etc.)
 # When OPA evaluates a rule, it generates a value IF all of the expressions in
 # the body evaluate successfully. All rules can be understood intuitively as
 # <head> if <body> where <body> is true if <expr-1> AND <expr-2> AND ...
 # <expr-N> is true (for some set of data.)
 annotations["federation.kubernetes.io/replica-set-preferences"] = preferences {
    input.kind = "ReplicaSet"
    value = {"clusters": cluster_map, "rebalance": true}
    json.marshal(value, preferences)
 }
 # This "annotations" rule generates a value for the "federation.alpha.kubernetes.io/cluster-selector"
 # annotation.
 #
 # In English, the policy asserts that resources in the "production" namespace
 # that are not annotated with "criticality=low" MUST be placed on clusters
 # labelled with "on-premises=true".
 annotations["federation.alpha.kubernetes.io/cluster-selector"] = selector {
    input.metadata.namespace = "production"
    not input.metadata.annotations.criticality = "low"
    json.marshal([{
        "operator": "=",
        "key": "on-premises",
        "values": "[true]",
    }], selector)
 }
 # Generates a set of cluster names that satisfy the incoming Federated
 # ReplicaSet's requirements. In this case, just PCI compliance.
 replica_set_clusters[cluster_name] {
    clusters[cluster_name]
    not insufficient_pci[cluster_name]
 }
 # Generates a set of clusters that must not be used for Federated ReplicaSets
 # that request PCI compliance.
 insufficient_pci[cluster_name] {
    clusters[cluster_name]
    input.metadata.annotations["requires-pci"] = "true"
    not pci_clusters[cluster_name]
 }
 # Generates a set of clusters that are PCI certified. In this case, we assume
 # clusters are annotated to indicate if they have passed PCI compliance audits.
 pci_clusters[cluster_name] {
    clusters[cluster_name].metadata.annotations["pci-certified"] = "true"
 }
 # Helper rule to generate a mapping of desired clusters to weights. In this
 # case, weights are static.
 cluster_map[cluster_name] = {"weight": 1} {
    replica_set_clusters[cluster_name]
 }
--- a/content/zh/docs/tasks/federation/set-up-placement-policies-federation.md
+++ b/content/zh/docs/tasks/federation/set-up-placement-policies-federation.md
@ -188,7 +188,82 @@ Configure a sample policy to test the external policy engine:
 -->
 配置一个示例策略来测试外部策略引擎:
-{{< code file="policy.rego" >}}
+```
 # OPA supports a high-level declarative language named Rego for authoring and
 # enforcing policies. For more information on Rego, visit
 # http://openpolicyagent.org.
 # Rego policies are namespaced by the "package" directive.
 package kubernetes.placement
 # Imports provide aliases for data inside the policy engine. In this case, the
 # policy simply refers to "clusters" below.
 import data.kubernetes.clusters
 # The "annotations" rule generates a JSON object containing the key
 # "federation.kubernetes.io/replica-set-preferences" mapped to <preferences>.
 # The preferences values is generated dynamically by OPA when it evaluates the
 # rule.
 #
 # The SchedulingPolicy Admission Controller running inside the Federation API
 # server will merge these annotations into incoming Federated resources. By
 # setting replica-set-preferences, we can control the placement of Federated
 # ReplicaSets.
 #
 # Rules are defined to generate JSON values (booleans, strings, objects, etc.)
 # When OPA evaluates a rule, it generates a value IF all of the expressions in
 # the body evaluate successfully. All rules can be understood intuitively as
 # <head> if <body> where <body> is true if <expr-1> AND <expr-2> AND ...
 # <expr-N> is true (for some set of data.)
 annotations["federation.kubernetes.io/replica-set-preferences"] = preferences {
    input.kind = "ReplicaSet"
    value = {"clusters": cluster_map, "rebalance": true}
    json.marshal(value, preferences)
 }
 # This "annotations" rule generates a value for the "federation.alpha.kubernetes.io/cluster-selector"
 # annotation.
 #
 # In English, the policy asserts that resources in the "production" namespace
 # that are not annotated with "criticality=low" MUST be placed on clusters
 # labelled with "on-premises=true".
 annotations["federation.alpha.kubernetes.io/cluster-selector"] = selector {
    input.metadata.namespace = "production"
    not input.metadata.annotations.criticality = "low"
    json.marshal([{
        "operator": "=",
        "key": "on-premises",
        "values": "[true]",
    }], selector)
 }
 # Generates a set of cluster names that satisfy the incoming Federated
 # ReplicaSet's requirements. In this case, just PCI compliance.
 replica_set_clusters[cluster_name] {
    clusters[cluster_name]
    not insufficient_pci[cluster_name]
 }
 # Generates a set of clusters that must not be used for Federated ReplicaSets
 # that request PCI compliance.
 insufficient_pci[cluster_name] {
    clusters[cluster_name]
    input.metadata.annotations["requires-pci"] = "true"
    not pci_clusters[cluster_name]
 }
 # Generates a set of clusters that are PCI certified. In this case, we assume
 # clusters are annotated to indicate if they have passed PCI compliance audits.
 pci_clusters[cluster_name] {
    clusters[cluster_name].metadata.annotations["pci-certified"] = "true"
 }
 # Helper rule to generate a mapping of desired clusters to weights. In this
 # case, weights are static.
 cluster_map[cluster_name] = {"weight": 1} {
    replica_set_clusters[cluster_name]
 }
 ```
 <!--
 Shown below is the command to create the sample policy:
--- a/layouts/shortcodes/code.html
+++ b/layouts/shortcodes/code.html
@ -1,38 +0,0 @@
 {{ $p := .Page }}
 {{ $file := .Get "file" }}
 {{ $codelang := .Get "language" | default (path.Ext $file | strings.TrimPrefix ".") }} 
 {{ $fileDir := path.Split $file }}
 {{ $bundlePath := path.Join .Page.File.Dir $fileDir.Dir }}
 {{ $filename := path.Join $p.File.Dir $file }}
 {{ $ghlink := printf "https://%s/blob/master/content/%s/%s" site.Params.githubwebsiterepo .Page.Lang $filename | safeURL }}
 {{/* First assume this is a bundle and the file is inside it. */}}
 {{ $resource := $p.Resources.GetMatch (printf "%s*" $file ) }}
 {{ with $resource }}
 {{ $.Scratch.Set "content" .Content }}
 {{ else }}
 {{/* Read the file relative to the content root. */}}
 {{ $resource := readFile $filename}}
 {{ with $resource }}{{ $.Scratch.Set "content" . }}{{ end }}
 {{ end }}
 {{ if not ($.Scratch.Get "content") }}
 {{ errorf "[%s] %q not found in %q" site.Language.Lang $fileDir.File $bundlePath }}
 {{ end }}
 {{ with $.Scratch.Get "content" }}
 <table class="includecode" id="{{ $file | anchorize }}">
    <thead>
        <tr>
            <th>
                {{ with $ghlink }}<a href="{{ . }}" download="{{ $file }}">{{ end }}
                    <code>{{ $file }} {{ $bundlePath }}</code>
                {{ if $ghlink }}</a>{{ end }}
                <img src="{{ "images/copycode.svg" | relURL }}" style="max-height:24px" onclick="copyCode('{{ $file | anchorize }}')" title="Copy {{ $file }} to clipboard">
            </th>
        </tr>
    </thead>
    <tbody>
        <tr>
            <td>{{ highlight . $codelang "" }}  </td>
        </tr>
    </tbody>
 </table>
 {{ end }}