feat: add netlify book configuration

Author: aramase

README.md

@@ -1,4 +1,4 @@
-# Kubernetes-Secrets-Store-CSI-Driver
+# Kubernetes Secrets Store CSI Driver
 
 [![Build status](https://prow.k8s.io/badge.svg?jobs=secrets-store-csi-driver-e2e-vault-postsubmit)](https://testgrid.k8s.io/sig-auth-secrets-store-csi-driver#secrets-store-csi-driver-e2e-vault-postsubmit)
 ![GitHub release (latest by date)](https://img.shields.io/github/v/release/kubernetes-sigs/secrets-store-csi-driver)
@@ -28,7 +28,7 @@ Join us to help define the direction and implementation of this project!
 
 #### Table of Contents
 
-- [Kubernetes-Secrets-Store-CSI-Driver](#kubernetes-secrets-store-csi-driver)
+- [Kubernetes Secrets Store CSI Driver](#kubernetes-secrets-store-csi-driver)
   - [Want to help?](#want-to-help)
   - [Features](#features)
       - [Table of Contents](#table-of-contents)

docs/book/Makefile

@@ -0,0 +1,36 @@
+# Copyright 2020 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Directories.
+ROOT_DIR:=$(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+TOOLS_DIR := ../../hack/tools
+TOOLS_BIN_DIR := $(TOOLS_DIR)/bin
+BIN_DIR := bin
+
+# Binaries.
+TABULATE := $(TOOLS_BIN_DIR)/mdbook-tabulate
+$(TABULATE): $(TOOLS_DIR)/go.mod
+	cd $(TOOLS_DIR); go build -tags=tools -o $(BIN_DIR)/mdbook-tabulate ./mdbook/tabulate
+
+EMBED := $(TOOLS_BIN_DIR)/mdbook-embed
+$(EMBED): $(TOOLS_DIR)/go.mod
+	cd $(TOOLS_DIR); go build -tags=tools -o $(BIN_DIR)/mdbook-embed ./mdbook/embed
+
+RELEASELINK := $(TOOLS_BIN_DIR)/mdbook-releaselink
+$(RELEASELINK): $(TOOLS_DIR)/go.mod
+	cd $(TOOLS_DIR); go build -tags=tools -o $(BIN_DIR)/mdbook-releaselink ./mdbook/releaselink
+
+.PHONY: serve
+serve:
+	mdbook serve

docs/book/OWNERS

@@ -0,0 +1,5 @@
+# See the OWNERS docs at https://go.k8s.io/owners
+
+reviewers:
+- aramase
+- ritazh

docs/book/book.toml

@@ -0,0 +1,19 @@
+[book]
+authors = ["The Secrets Store CSI Driver Maintainers"]
+language = "en"
+multilingual = false
+src = "src"
+title = "The Secrets Store CSI Driver Book"
+
+[output.html]
+curly-quotes = true
+git-repository-url = "https://sigs.k8s.io/secrets-store-csi-driver"
+
+[preprocessor.tabulate]
+command = "./util-tabulate.sh"
+
+[preprocessor.embed]
+command = "./util-embed.sh"
+
+[preprocessor.releaselink]
+command = "./util-releaselink.sh"

docs/book/install-and-build.sh

@@ -0,0 +1,65 @@
+#!/bin/bash
+
+# Copyright 2020 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/../..
+cd "${KUBE_ROOT}" || exit 1
+
+os=$(go env GOOS)
+arch=$(go env GOARCH)
+mdBookVersion="v0.4.3"
+
+# translate arch to rust's conventions (if we can)
+if [[ ${arch} == "amd64" ]]; then
+    arch="x86_64"
+elif [[ ${arch} == "x86" ]]; then
+    arch="i686"
+fi
+
+# translate os to rust's conventions (if we can)
+ext="tar.gz"
+cmd="tar -C /tmp -xzvf"
+case ${os} in
+    windows)
+        target="pc-windows-msvc"
+        ext="zip"
+        cmd="unzip -d /tmp"
+        ;;
+    darwin)
+        target="apple-darwin"
+        ;;
+    linux)
+        # works for linux, too
+        target="unknown-${os}-gnu"
+        ;;
+    *)
+        target="unknown-${os}"
+        ;;
+esac
+
+# grab mdbook
+# we hardcode linux/amd64 since rust uses a different naming scheme
+echo "downloading mdBook-${mdBookVersion}-${arch}-${target}.${ext}"
+set -x
+curl -sL -o /tmp/mdbook.${ext} "https://github.com/rust-lang-nursery/mdBook/releases/download/${mdBookVersion}/mdBook-${mdBookVersion}-${arch}-${target}.${ext}"
+${cmd} /tmp/mdbook.${ext}
+chmod +x /tmp/mdbook
+
+# Finally build the book.
+(cd docs/book && /tmp/mdbook build)

docs/book/src/SUMMARY.md

@@ -0,0 +1,11 @@
+# Summary
+
+[Introduction](./introduction.md)
+[Usage](./usage.md)
+- [Topics](./topics/topics.md)
+    - [New Provider](./topics/new-provider.md)
+    - [Secret Auto Rotation](./topics/rotation.md)
+    - [Metrics](./topics/metrics.md)
+- [Providers](./providers.md)
+- [Testing](./testing.md)
+- [Known Limitations](./known-limitations.md)]

docs/book/src/introduction.md

@@ -0,0 +1 @@
+{{#include ../../../README.md}}

docs/book/src/known-limitations.md

@@ -0,0 +1,16 @@
+# Known Limitations
+
+This document highlights the current limitations when using secrets-store-csi-driver.
+
+## Mounted content and Kubernetes Secret not updated after secret is updated in external secrets-store
+
+When the secret/key is updated in external secrets store after the inital pod deployment, the updated secret is not automatically reflected in the pod mount or the Kubernetes secret. 
+
+This feature is planned for release `v0.0.15+`. See [design doc](https://docs.google.com/document/d/1RGT0vmeUnN71n_u5fZKsSCa2YQpGw99rfGN9RlFMgHs/edit?usp=sharing) for more details.
+
+### How to fetch the latest content with release `v0.0.14` and earlier?
+
+1. If the `SecretProviderClass` has `secretObjects` defined, then delete the Kubernetes secret.
+2. Restart the application pod.
+
+When the pod is recreated, `kubelet` invokes the CSI driver for mounting the volume. As part of this mount request, the latest content will be fetched from external secrets store and populated in the pod. The same content is then mirrored in the Kubenetes secret data.

docs/book/src/providers.md

@@ -0,0 +1,16 @@
+# Providers
+
+This project features a pluggable provider interface developers can implement that defines the actions of the Secrets Store CSI driver. This enables retrieval of sensitive objects stored in an enterprise-grade external secrets store into Kubernetes while continue to manage these objects outside of Kubernetes.
+
+## Criteria for Supported Providers
+
+Here is a list of criteria for supported provider:
+1. Code audit of the provider implementation to ensure it adheres to the required provider-driver interface - [Implementing a Provider for Secrets Store CSI Driver](docs/README.new-provider.md)
+2. Add provider to the e2e test suite to demonstrate it functions as expected https://github.com/kubernetes-sigs/secrets-store-csi-driver/tree/master/test/bats Please use existing providers e2e tests as a reference.
+3. If any update is made by a provider (not limited to security updates), the provider is expected to update the provider's e2e test in this repo
+
+## Removal from Supported Providers
+
+Failure to adhere to the [Criteria for Supported Providers](#criteria-for-supported-providers) will result in the removal of the provider from the supported list and subject to another review before it can be added back to the list of supported providers.
+
+When a provider's e2e tests are consistently failing with the latest version of the driver, the driver maintainers will coordinate with the provider maintainers to provide a fix. If the test failures are not resolved within 4 weeks, then the provider will be removed from the list of supported providers. 

docs/book/src/testing.md

@@ -0,0 +1,13 @@
+# Testing
+
+## Unit Tests
+
+Run unit tests locally with `make test`.
+
+## End-to-end Tests
+
+End-to-end tests automatically runs on Prow when a PR is submitted. If you want to run using a local or remote Kubernetes cluster, make sure to have `kubectl`, `helm` and `bats` set up in your local environment and then run `make e2e-azure` or `make e2e-vault` with custom images.
+
+Job config for test jobs run for each PR in prow can be found [here](https://github.com/kubernetes/test-infra/blob/master/config/jobs/kubernetes-sigs/secrets-store-csi-driver/secrets-store-csi-driver-config.yaml)
+
+