diff --git a/docs/enterprise/console-settings.yaml b/docs/enterprise/console-settings.yaml index 1494c3581..53cd46b1e 100644 --- a/docs/enterprise/console-settings.yaml +++ b/docs/enterprise/console-settings.yaml @@ -15,15 +15,28 @@ settings: - name: "General" doc: | The **General** tab defines the route path, both from the internet and to the internal service, and the policies attached. Note that policies enforced on a Namespace the Route resides in will also be applied. + + Several fields in the New Route View behave the same as their counterpoints in open-source Pomerium. See [Configuation Settings](/reference/) for more information on the following fields: + - [From](/reference/#from) + - [To](/reference/#to) + - [Redirect](/reference/#redirect) + - [Pass Identity Headers](/reference/#pass-identity-headers) settings: - name: "Name" - - name: "From" - - name: "To" - - name: "Redirect" + doc: This value is only visible in the Console UI. - name: "Policies" - - name: "Pass Identity Headers" + doc: Add or remove Policies to be applied to the Route. Note that Policies enforced in the Route's Namespace will be applied automatically. - name: "Enable Google Cloud Serverless Authentication" + doc: | + @Travis plz explain. - name: "Matchers" + settings: + - name: Path + dupe: true + - name: Prefix + dupe: true + - name: Regex + dupe: true - name: "Rewrite" - name: "Timeouts" - name: "Headers" @@ -39,19 +52,19 @@ settings: Policies can be constructed three ways: - #### Web UI + ### Web UI From the **BUILDER** tab, users can add allow or deny blocks to a policy, containing and/or/not/nor logic to allow or deny sets of users and groups. ![A policy being constructed in Pomerium Enterprise console allowing a single user access](../img/example-policy-single-user.png) - #### Pomerium Policy Language + ### Pomerium Policy Language From the **EDITOR** tab users can write policies in Pomerium Policy Language (**PPL**), a YAML-based notation. ![A policy as viewed from the editor tab](../img/example-policy-editor.png) - #### Rego + ### Rego For those using [OPA](https://www.openpolicyagent.org/), the **REGO** tab will accept policies written in Rego. @@ -59,7 +72,8 @@ settings: A policy can only support PPL or Rego. Once one is set, the other tab is disabled. ::: - #### Overrides + ### Overrides + - **Any Authenticated User**: This setting will allow access to a route with this policy attached to any user who can authenticate to your Identity Provider (**IdP**). - **CORS Preflight**: - **Public Access**: This setting allows complete, unrestricted access to an associated route. Use this setting with caution. diff --git a/scripts/generate-console-pages.js b/scripts/generate-console-pages.js index 7ec8d3c51..80f224ed0 100755 --- a/scripts/generate-console-pages.js +++ b/scripts/generate-console-pages.js @@ -1,5 +1,8 @@ // generate-console-pages.js +const fs = require('fs'); +const yaml = require('js-yaml'); + /** * This helper script, run by the technical writers, (re)generates markdown * documents for the Enterprise reference section. It assumes the existence @@ -8,12 +11,23 @@ * running `pomerium-console gendocs. */ -const fs = require('fs'); -const yaml = require('js-yaml'); - // Functions +/** + * + * Import content from /docs/reference/settings.yaml when needed. + */ +const fromOSSettings = (dupe) => { //Where dupe is the name provided to the function in writeSubsection() + //console.log(`dupe: ${dupe}`) // For Debugging + const asArray = Object.entries(OSSettings) + //console.log(asArray) // For Debugging + return asArray.filter(x => x.name === dupe).doc + //console.log(JSON.stringify(recursiveSearch([OSSettings], `${dupe}`))) // One of several helper functions I tried and scrapped. + //return console.log(asArray) +} + + /** * Import console environment/config options from `pomerium-console_serve.yaml` */ @@ -52,7 +66,8 @@ The keys listed below can be applied in Pomerium Console's \`config.yaml\` file, /** - * Read `console-settings.yaml` and write markdown pages under `docs/enterprise/reference`. + * Read `console-settings.yaml` and write + * markdown pages under `docs/enterprise/reference`. */ const writePage = (setting) => { let path = './docs/enterprise/reference/' + setting.name.replace(/\s/g, '-').toLowerCase() + ".md" @@ -80,14 +95,19 @@ meta: } /** - * Called by writePage, this function handles nested settings objects. + * Called by writePage, this function + * handles nested settings objects. */ const writeSubsection = (subsection, depth) => { + let subContent = '' if (!subsection.name) { return } + if (subsection.dupe) { + subContent = fromOSSettings(subsection.name) + } let header = '#'.repeat(depth) + ' ' + subsection.name + '\n' + '\n' - let subContent = subsection.doc ? subsection.doc.toString() + '\n' : '' + subContent = subContent + (subsection.doc ? subsection.doc.toString() + '\n\n' : '') subsection.attributes ? subContent = subContent + subsection.attributes.toString() : null subsection.settings ? subContent = subContent + subsection.settings.map(turtles => writeSubsection(turtles, depth + 1)).join('') : '' return header + subContent @@ -99,6 +119,8 @@ console.log("Reading console-settings.yaml") let docs = yaml.load(fs.readFileSync('./docs/enterprise/console-settings.yaml', 'utf8')) let keysFile = yaml.load(fs.readFileSync('./docs/enterprise/pomerium-console_serve.yaml', 'utf8')) +let OSSettings = yaml.load(fs.readFileSync('./docs/reference/settings.yaml', 'utf8')) + //console.log(`OSSettings: ${JSON.stringify(OSSettings)}`) // For Debugging writeConfigPage(keysFile)