EV-6493: Mirror TLS-consolidation and operator-metrics docs into version-3.23-2#2783
Merged
Merged
Conversation
…ion-3.23-2 Backports the user-facing doc changes from tigera#2631 and tigera#2630 into the version-3.23-2 snapshot. Master (calico-enterprise/) was updated; the version-3.23-2 snapshot was not, leaving a published-3.23 reader on the old per-component TLS pages and the old PrometheusRule names. PR tigera#2631 (TLS doc consolidation): - Deletes 10 per-component TLS pages (apiserver-tls, manager-tls, typha-node-tls, secure-metrics, log-storage-tls, linseed-tls, compliance-tls, packetcapture-tls, crypto-auth, certificate-management). - Rewrites operations/comms/index.mdx as the single consolidated reference (secrets table, requirements, create/update procedure). - Moves operations/comms/secure-bgp.mdx to networking/configuring/. - Updates cross-references in operations/index, bgp-metrics, typha configuration, bgppeer, bare-metal docs, and upgrade guides. - Restructures the sidebar: comms collapses to a single doc entry; secure-bgp moves under Networking - Configuring. PR tigera#2630 (operator metrics + PrometheusRule rename): - Adds operations/monitor/metrics/operator-metrics.mdx documenting TLS expiry, component status, and license metrics. - Renames the PrometheusRule resource from calico-prometheus-dp-rate to calico in configure-prometheus.mdx and license-options.mdx. - Adds the operator-metrics entry to the version-3.23-2 sidebar. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
✅ Deploy Preview for calico-docs-preview-next ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
✅ Deploy Preview succeeded!Built without sensitive environment variables
To edit notification comments on pull requests, go to your Netlify project configuration. |
Contributor
There was a problem hiding this comment.
Pull request overview
Backports Calico Enterprise documentation updates into the calico-enterprise_versioned_docs/version-3.23-2/ snapshot to match the newer “TLS consolidation” content model and the updated operator/PrometheusRule naming, ensuring readers of the published 3.23-2 docs see the current guidance.
Changes:
- Consolidates per-component TLS pages into a single
operations/comms/indexTLS reference and removes the old per-component pages from the 3.23-2 snapshot. - Moves “Secure BGP sessions” documentation into
networking/configuring/secure-bgpand updates cross-references accordingly. - Adds an “Operator metrics” page and updates PrometheusRule name references to
calico, plus sidebar wiring.
Reviewed changes
Copilot reviewed 24 out of 25 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| calico-enterprise_versioned_sidebars/version-3.23-2-sidebars.json | Updates navigation to reflect consolidated TLS doc, moved Secure BGP doc, and new Operator metrics page. |
| calico-enterprise_versioned_docs/version-3.23-2/reference/resources/bgppeer.mdx | Updates BGPPeer password reference to point at the moved Secure BGP sessions doc. |
| calico-enterprise_versioned_docs/version-3.23-2/reference/component-resources/typha/configuration.mdx | Updates Typha TLS configuration reference to point at consolidated TLS certificates doc. |
| calico-enterprise_versioned_docs/version-3.23-2/operations/monitor/prometheus/configure-prometheus.mdx | Renames PrometheusRule example resource from calico-prometheus-dp-rate to calico. |
| calico-enterprise_versioned_docs/version-3.23-2/operations/monitor/metrics/operator-metrics.mdx | Adds new operator metrics reference (metrics, example queries, built-in alerts). |
| calico-enterprise_versioned_docs/version-3.23-2/operations/monitor/metrics/bgp-metrics.mdx | Removes link to deleted secure-metrics page. |
| calico-enterprise_versioned_docs/version-3.23-2/operations/license-options.mdx | Updates PrometheusRule name in kubectl example to calico. |
| calico-enterprise_versioned_docs/version-3.23-2/operations/index.mdx | Collapses comms card list to a single consolidated TLS doc entry. |
| calico-enterprise_versioned_docs/version-3.23-2/operations/comms/typha-node-tls.mdx | Deleted; content replaced by consolidated TLS certificates doc. |
| calico-enterprise_versioned_docs/version-3.23-2/operations/comms/secure-metrics.mdx | Deleted; comms/TLS model consolidated and link removed elsewhere. |
| calico-enterprise_versioned_docs/version-3.23-2/operations/comms/packetcapture-tls.mdx | Deleted; content replaced by consolidated TLS certificates doc. |
| calico-enterprise_versioned_docs/version-3.23-2/operations/comms/manager-tls.mdx | Deleted; content replaced by consolidated TLS certificates doc. |
| calico-enterprise_versioned_docs/version-3.23-2/operations/comms/log-storage-tls.mdx | Deleted; content replaced by consolidated TLS certificates doc. |
| calico-enterprise_versioned_docs/version-3.23-2/operations/comms/linseed-tls.mdx | Deleted; content replaced by consolidated TLS certificates doc. |
| calico-enterprise_versioned_docs/version-3.23-2/operations/comms/index.mdx | Rewritten as the consolidated “Provide TLS certificates” reference (table, procedures, monitoring, CSR API). |
| calico-enterprise_versioned_docs/version-3.23-2/operations/comms/crypto-auth.mdx | Deleted; content superseded by consolidated TLS certificates doc. |
| calico-enterprise_versioned_docs/version-3.23-2/operations/comms/compliance-tls.mdx | Deleted; content replaced by consolidated TLS certificates doc. |
| calico-enterprise_versioned_docs/version-3.23-2/operations/comms/certificate-management.mdx | Deleted; CSR-based management guidance now lives in consolidated TLS doc. |
| calico-enterprise_versioned_docs/version-3.23-2/operations/comms/apiserver-tls.mdx | Deleted; content replaced by consolidated TLS certificates doc. |
| calico-enterprise_versioned_docs/version-3.23-2/networking/configuring/secure-bgp.mdx | Adds the Secure BGP sessions doc in its new location (moved from comms). |
| calico-enterprise_versioned_docs/version-3.23-2/getting-started/upgrading/upgrading-enterprise/openshift-upgrade.mdx | Updates log storage TLS link to point at consolidated TLS certificates doc. |
| calico-enterprise_versioned_docs/version-3.23-2/getting-started/upgrading/upgrading-enterprise/kubernetes-upgrade-tsee/operator.mdx | Updates log storage TLS link to point at consolidated TLS certificates doc. |
| calico-enterprise_versioned_docs/version-3.23-2/getting-started/upgrading/upgrading-enterprise/kubernetes-upgrade-tsee/helm.mdx | Updates log storage TLS link to point at consolidated TLS certificates doc. |
| calico-enterprise_versioned_docs/version-3.23-2/getting-started/bare-metal/typha-node-tls.mdx | Updates reference from deleted Typha/Node TLS page to consolidated TLS certificates doc. |
| calico-enterprise_versioned_docs/version-3.23-2/getting-started/bare-metal/about.mdx | Updates certfile option reference to point at consolidated TLS certificates doc. |
|
|
||
| ## Monitor certificates | ||
|
|
||
| The operator labels and annotates every TLS secret it manages: |
The DocCardLink hook (useDocUrl) constructs the href by string-joining the docId, so docId='operations/comms/index' renders as .../operations/comms/index which Docusaurus's broken-link checker flags in the versioned tree (the actual route is .../operations/comms/). Master gets away with the same pattern only because of a Netlify /*/index /:splat 301! rewrite at the edge. Sidestep the issue in version-3.23-2 with a plain markdown link to the consolidated TLS reference. Loses the card visual, but the page is reachable via the sidebar too, so the UX cost is small. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Backports the documentation changes from #2631 and #2630 into the
calico-enterprise_versioned_docs/version-3.23-2/snapshot (and its sidebar). Both upstream PRs touched only thecalico-enterprise/master tree; the version-3.23-2 snapshot was untouched, so a reader on the published 3.23 docs still sees the old per-component TLS pages and the old PrometheusRule names.This PR is CE-only by request (skips a parallel mirror into
calico-cloud_versioned_docs/version-22-2/).From #2631 — EV-6493: Consolidate TLS certificate docs
operations/comms/(apiserver-tls, manager-tls, typha-node-tls, secure-metrics, log-storage-tls, linseed-tls, compliance-tls, packetcapture-tls, crypto-auth, certificate-management).operations/comms/index.mdxas the single consolidated TLS reference (secrets table, requirements, create/update procedure).operations/comms/secure-bgp.mdx→networking/configuring/secure-bgp.mdx.operations/index.mdx,operations/monitor/metrics/bgp-metrics.mdx,reference/component-resources/typha/configuration.mdx,reference/resources/bgppeer.mdx,getting-started/bare-metal/about.mdx,getting-started/bare-metal/typha-node-tls.mdx, and the three Kubernetes/OpenShift upgrade guides.version-3.23-2-sidebars.json: the comms category collapses to a singleoperations/comms/indexdoc entry, andsecure-bgpmoves under Networking → Configuring.From #2630 — EV-6493: Add operator metrics page and rename PrometheusRule
operations/monitor/metrics/operator-metrics.mdx(copied verbatim fromupstream/main:calico-enterprise/..., so it carries the operator#4663 alignment and the later clarifying edits).calico-prometheus-dp-rate→calicoinoperations/monitor/prometheus/configure-prometheus.mdxandoperations/license-options.mdx.operator-metricsentry to the version-3.23-2 sidebar under Operations → Monitoring → Metrics.Diff shape
25 files changed: 1 add, 10 deletes, 1 rename, 13 modifies — mirrors the CE-side counts in #2631 + #2630.
Test plan
🤖 Generated with Claude Code