Azure · chewong · Jul 12, 2021 · Jul 8, 2021 · Jul 12, 2021
@@ -24,3 +24,6 @@ hack/tools/bin/
 obj/
 sa.key
 sa.pub
+
+# book
+docs/book/book/
@@ -1,71 +1,6 @@
 # AAD Pod Managed Identity
 
-AAD Pod Managed Identity enables Kubernetes applications to access cloud resources securely with Azure Active Directory based on annotated service accounts.
-
-## Overview
-
-This repo contains the following:
-
-1. Mutating Webhook
-   1. The webhook is for mutating pods that reference an annotated service account. The webhook will inject the environment variables and the projected service account token volume.
-2. Proxy init and sidecar container
-   1. The init and sidecar container will be used for applications that are still using the older versions of the library.
-
-## Installation
-
-### Install Webhook
-
-1. Install [cert-manager]((https://github.com/jetstack/cert-manager))
-
-   cert-manager is used for provisioning the certificates for the webhook server. Cert manager also has a component called CA injector, which is responsible for injecting the CA bundle into the MutatingWebhookConfiguration.
-
-   ```bash
-   kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.2.0/cert-manager.yaml
-   ```
-
-1. Deploy the webhook
-
-   Replace the tenant ID and environment name in [here](https://github.com/Azure/aad-pod-managed-identity/blob/master/deploy/aad-pi-webhook.yaml#L41-L42) before executing
-
-   ```bash
-   kubectl apply -f deploy/aad-pi-webhook.yaml
-   ```
-
-1. Validate the webhook has been installed and is running
-
-   ```bash
-   kubectl get all -n aad-pi-webhook-system
-   NAME                                                     READY   STATUS    RESTARTS   AGE
-   pod/aad-pi-webhook-controller-manager-5fc5559ddd-rgj46   1/1     Running   0          8d
-
-   NAME                                                        TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)    AGE
-   service/aad-pi-webhook-controller-manager-metrics-service   ClusterIP   10.0.123.94   <none>        8443/TCP   8d
-   service/aad-pi-webhook-webhook-service                      ClusterIP   10.0.2.106    <none>        443/TCP    8d
-
-   NAME                                                READY   UP-TO-DATE   AVAILABLE   AGE
-   deployment.apps/aad-pi-webhook-controller-manager   1/1     1            1           8d
-
-   NAME                                                           DESIRED   CURRENT   READY   AGE
-   replicaset.apps/aad-pi-webhook-controller-manager-5fc5559ddd   1         1         1       8d
-   ```
-
-## Uninstall
-
-### Uninstall Webhook
-
-1. Delete webhook
-
-   ```bash
-   kubectl delete -f deploy/aad-pi-webhook.yaml
-   ```
-
-1. Delete cert-manager
-
-   If you installed cert-manager for use with the aad-pod-managed-identity webhook, then delete the cert-manager components
-
-   ```bash
-   kubectl delete -f https://github.com/jetstack/cert-manager/releases/download/v1.2.0/cert-manager.yaml
-   ```
+AAD Pod Managed Identity is the next iteration of [AAD Pod Identity](https://github.com/Azure/aad-pod-identity) that enables Kubernetes applications to access Azure cloud resources securely with [Azure Active Directory](https://azure.microsoft.com/en-us/services/active-directory/) based on annotated [service accounts](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/).
 
 ## Contributing
 

@@ -0,0 +1,20 @@
+TOOLS_BIN_DIR := $(PWD)/bin
+CRATE_INSTALL := $(realpath ../../third_party/japaric/trust/crate_install.sh)
+
+MDBOOK := $(TOOLS_BIN_DIR)/mdbook
+$(MDBOOK):
+	$(CRATE_INSTALL) --git rust-lang/mdBook --tag v0.4.10 --to $(TOOLS_BIN_DIR) --force
+
+MDBOOK_TOC := $(TOOLS_BIN_DIR)/mdbook-toc
+$(MDBOOK_TOC):
+	$(CRATE_INSTALL) --git badboy/mdbook-toc --tag 0.7.0 --to $(TOOLS_BIN_DIR) --force
+
+DEPS := $(MDBOOK) $(MDBOOK_TOC)
+
+.PHONY: build
+build: $(DEPS)
+	$(MDBOOK) build
+
+.PHONY: serve
+serve: $(DEPS)
+	$(MDBOOK) serve
@@ -0,0 +1,9 @@
+# AAD Pod Managed Identity Book
+
+This directory includes the source code for https://azure.github.io/aad-pod-managed-identity/.
+
+## Development
+
+```bash
+make serve
+```
@@ -0,0 +1,13 @@
+[book]
+authors = ["Ernest Wong"]
+language = "en"
+multilingual = false
+src = "src"
+title = "AAD Pod Managed Identity"
+
+[output.html]
+curly-quotes = true
+git-repository-url = "https://github.com/Azure/aad-pod-managed-identity"
+
+[preprocessor.toc]
+command = "bin/mdbook-toc"
@@ -0,0 +1,11 @@
+# Summary
+
+[Introduction](./introduction.md)
+[Quick Start](./quick-start.md)
+[Concepts]()
+- [Topics]()
+- [Troubleshooting]()
+- [Known Limitations]()
+- [Developers]()
+- [Contributing](./contributing.md)
+- [Code of Conduct](./code-of-conduct.md)
@@ -0,0 +1,3 @@
+# Code of Conduct
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). For more information, see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq) or contact [[email protected]](mailto:[email protected]) with any additional questions or comments.
@@ -0,0 +1,5 @@
+# Contributing
+
+The AAD Pod Managed Identity project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit [https://cla.microsoft.com](https://cla.microsoft.com).
+
+When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
@@ -0,0 +1,14 @@
+# Introduction
+
+AAD Pod Managed Identity is the next iteration of [AAD Pod Identity](https://github.com/Azure/aad-pod-identity) that enables Kubernetes applications to access Azure cloud resources securely with [Azure Active Directory](https://azure.microsoft.com/en-us/services/active-directory/) based on annotated [service accounts](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/).
+
+
+## Overview
+
+The repository contains the following components:
+
+1. Mutating Webhook
+   > The webhook is for mutating pods that reference an annotated service account. The webhook will inject the environment variables and the projected service account token volume.
+
+2. Proxy init and sidecar container
+   > The init and sidecar container will be used for applications that are still using [AAD Pod Identity](https://github.com/Azure/aad-pod-identity).
-Original file line number
+Diff line change
@@ Expand Up / @@ -24,3 +24,6 @@ hack/tools/bin/ @@
     obj/
     sa.key
     sa.pub
+    # book
+    docs/book/book/
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,3 @@
		# Code of Conduct

		This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). For more information, see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq) or contact [[email protected]](mailto:[email protected]) with any additional questions or comments.