DOCS - Prep Collate docs structure (#17655)

* Prep docs * Prep docs
open-metadata · Sep 2, 2024 · 11d32e6 · 11d32e6
1 parent 6bbb8a6
commit 11d32e6
Show file tree

Hide file tree

Showing 32 changed files with 5,868 additions and 3 deletions.
diff --git a/.github/workflows/sync-docs-v1.yml b/.github/workflows/sync-docs-v1.yml
@@ -10,7 +10,7 @@
 #  See the License for the specific language governing permissions and
 #  limitations under the License.
 
-name: Sync publish docs v1
+name: Sync publish docs
 on:
   push:
     branches:
@@ -56,8 +56,38 @@ jobs:
         commit-message: See ORIGIN_COMMIT from $GITHUB_REF
         target-branch: publish
 
+    - name: Push content Collate
+      id: push_content_collate
+      continue-on-error: true
+      uses: cpina/github-action-push-to-another-repository@main
+      env:
+        SSH_DEPLOY_KEY: ${{ secrets.DOCS_COLLATE_SSH_DEPLOY_KEY }}
+      with:
+        source-directory: openmetadata-docs/content/v1.5.x
+        target-directory: content/
+        destination-github-username: 'open-metadata'
+        destination-repository-name: 'docs-collate'
+        user-email: [email protected]
+        commit-message: See ORIGIN_COMMIT from $GITHUB_REF
+        target-branch: main
+
+    - name: Push images Collate
+      id: push_images_collate
+      continue-on-error: true
+      uses: cpina/github-action-push-to-another-repository@main
+      env:
+        SSH_DEPLOY_KEY: ${{ secrets.DOCS_COLLATE_SSH_DEPLOY_KEY }}
+      with:
+        source-directory: openmetadata-docs/images/
+        target-directory: public/images/
+        destination-github-username: 'open-metadata'
+        destination-repository-name: 'docs-collate'
+        user-email: [email protected]
+        commit-message: See ORIGIN_COMMIT from $GITHUB_REF
+        target-branch: main
+
     - name: Slack on Failure
-      if: steps.push_content.outcome != 'success'
+      if: ${{ steps.push_content.outcome != 'success' || steps.push_content_collate != 'success' }}
       uses: slackapi/[email protected]
       with:
         payload: |

diff --git a/openmetadata-docs/content/v1.5.x/collate-menu.md b/openmetadata-docs/content/v1.5.x/collate-menu.md
diff --git a/openmetadata-docs/content/v1.5.x/deployment/security/ldap/bare-metal.md b/openmetadata-docs/content/v1.5.x/deployment/security/ldap/bare-metal.md
@@ -59,7 +59,7 @@ Mandatory LDAP Specific Configuration:
 
 - `host`: hostName for the Ldap Server (Ex - localhost).
 - `port`: port of the Ldap Server to connect to (Ex - 10636).
-- `dnAdminPrincipal`: This is the DN Admin Principal(Complete path Example :- cn=admin,dc=example,dc=com ) with a lookup access in the Directory.
+- `dnAdminPrincipal`: This is the DN Admin Principal(Complete path Example :- cn=admin,dc=example,dc=com) with a lookup access in the Directory.
 - `dnAdminPassword`: Above Admin Principal Password.
 - `userBaseDN`: User Base DN(Complete path Example :- ou=people,dc=example,dc=com).
 

diff --git a/openmetadata-docs/content/v1.5.x/security-collate/amazon-cognito-sso/index.md b/openmetadata-docs/content/v1.5.x/security-collate/amazon-cognito-sso/index.md
@@ -0,0 +1,70 @@
+---
+title: Amazon Cognito SSO
+slug: /security/amazon-cognito
+collate: true
+---
+
+# Amazon Cognito SSO
+
+Follow the sections in this guide to set up Amazon Cognito SSO.
+
+{% note %}
+
+Security requirements for your **production** environment:
+- **DELETE** the admin default account shipped by OM in case you had [Basic Authentication](/deployment/security/basic-auth)
+  enabled before configuring the authentication with Amazon Cognito SSO.
+- **UPDATE** the Private / Public keys used for the [JWT Tokens](/deployment/security/enable-jwt-tokens) in case it is
+  enabled.
+
+{% /note %}
+
+## Create Server Credentials
+
+### Step 1: Login to AWS Portal
+
+- Login to [Amazon AWS Portal](https://aws.amazon.com/).
+- Search for `Cognito` in the search box and select Cognito Service from the dropdown menu.
+
+{% image src="/images/v1.5/deployment/security/amazon-cognito-sso/create-server-credentials-1.png" alt="create-account" caption="Search for Cognito" /%}
+
+### Step 2: Setup User Pool
+
+- Click on the "Create user pool" button if you do not have any user pools configured yet. Skip this step if you already have a user pool available. 
+- Select the type of ID providers you want to configure for your users and click "Next"
+
+{% image src="/images/v1.5/deployment/security/amazon-cognito-sso/create-server-credentials-2.png" alt="create-account" caption="Setup User Pool" /%}
+
+- Configure the security requirements in Step 2 as per your organizational needs and proceed to Step 3 
+- Configure the Sign-up experience in Step 3. Make sure to add email as a required attribute before proceeding to step 4
+
+{% image src="/images/v1.5/deployment/security/amazon-cognito-sso/create-server-credentials-3.png" alt="create-account" caption="Configure Sign up Experience" /%}
+
+- Configure message delivery as per your organizational needs and proceed to Step 5
+- In Step 5, add a name for the user pool and check the "Use the Cognito Hosted UI" option and provide a Cognito domain as shown in the screenshot below
+
+{% image src="/images/v1.5/deployment/security/amazon-cognito-sso/create-server-credentials-4.png" alt="create-account" caption="Integrate your App" /%}
+
+- In the same step, select "Public client" for the Initial App client type and configure the Allowed callback URLs
+  with `http://localhost:8585/callback` as shown in the screenshot below. Note: For production deployments, the Allowed
+  callback URLs should be updated with the appropriate domain name.
+
+{% image src="/images/v1.5/deployment/security/amazon-cognito-sso/create-server-credentials-5.png" alt="create-account" caption="Configure the App Client" /%}
+
+- The last step is to Review and create the User Pool.
+
+### Step 3: Where to find the Credentials
+
+- The `User Pool ID` can be found in the User Pool summary page as seen in the screenshot below
+
+{% image src="/images/v1.5/deployment/security/amazon-cognito-sso/create-server-credentials-6.png" alt="create-account" caption="User Pool ID" /%}
+
+- The App client ID can be found under the "App Integration" tab of the User Pool page. There will be a section that
+  lists all the App clients with client name and client ID as shown below
+
+{% image src="/images/v1.5/deployment/security/amazon-cognito-sso/create-server-credentials-7.png" alt="create-account" /%}
+
+{% image src="/images/v1.5/deployment/security/amazon-cognito-sso/create-server-credentials-8.png" alt="create-account" caption="Client ID" /%}
+
+You will need to share the following information with the Collate team:
+- Client ID
+- User Pool ID
diff --git a/openmetadata-docs/content/v1.5.x/security-collate/auth0/index.md b/openmetadata-docs/content/v1.5.x/security-collate/auth0/index.md
@@ -0,0 +1,77 @@
+---
+title: Auth0 SSO
+slug: /security/auth0
+collate: true
+---
+
+# Auth0 SSO
+
+Follow the sections in this guide to set up Auth0 SSO.
+
+{%important%}
+
+Security requirements for your **production** environment:
+- **DELETE** the admin default account shipped by OM in case you had [Basic Authentication](/deployment/security/basic-auth)
+  enabled before configuring the authentication with Auth0 SSO.
+- **UPDATE** the Private / Public keys used for the [JWT Tokens](/deployment/security/enable-jwt-tokens). The keys we provide
+  by default are aimed only for quickstart and testing purposes. They should NEVER be used in a production installation.
+
+{%/important%}
+
+## Create Server Credentials
+
+### Step 1: Create the Account
+
+- If you don't have an account, [Sign up](https://auth0.com/signup) to create one.
+- Select the Account Type, i.e., Company or Personal
+- Click I need advanced settings and click next.
+
+{% image 
+src="/images/v1.5/deployment/security/auth0/create-account-1.png" 
+alt="create-account" /%}
+
+- Provide the Tenant Domain, select the region and click on Create Account.
+
+{% image 
+src="/images/v1.5/deployment/security/auth0/create-account-2.png" 
+alt="create-account" /%}
+
+- Once done, you will land on the dashboard page.
+
+{% image
+src="/images/v1.5/deployment/security/auth0/create-account-3.png" 
+alt="create-account" /%}
+
+### Step 2: Create a New Application
+
+- Once you are on the Dashboard page, click on `Applications > Applications` available on the left-hand side panel.
+
+{% image 
+src="/images/v1.5/deployment/security/auth0/create-new-app-1.png" 
+alt="create-app" /%}
+
+- Click on `Create Application`.
+
+{% image 
+src="/images/v1.5/deployment/security/auth0/create-new-app-2.png" 
+alt="create-app" /%}
+
+- Enter the Application name.
+- Choose an application type and click on `Create`.
+
+{% image 
+src="/images/v1.5/deployment/security/auth0/create-new-app-3.png" 
+alt="create-app" /%}
+
+### Step 3: Where to Find the Credentials
+
+- Navigate to the Settings tab. 
+- You will find your `Client ID` and `Domain`.
+
+{% image 
+src="/images/v1.5/deployment/security/auth0/credentials.png" 
+alt="credentials" /%}
+
+You will need to share the following information with the Collate team:
+- Client ID
+- Domain
diff --git a/openmetadata-docs/content/v1.5.x/security-collate/azure/index.md b/openmetadata-docs/content/v1.5.x/security-collate/azure/index.md
@@ -0,0 +1,80 @@
+---
+title: Azure SSO
+slug: /security/azure
+collate: true
+---
+
+# Azure SSO
+
+Follow the sections in this guide to set up Azure SSO.
+
+{% note %}
+
+Security requirements for your **production** environment:
+- **DELETE** the admin default account shipped by OM in case you had [Basic Authentication](/deployment/security/basic-auth)
+  enabled before configuring the authentication with Azure SSO.
+- **UPDATE** the Private / Public keys used for the [JWT Tokens](/deployment/security/enable-jwt-tokens). The keys we provide
+  by default are aimed only for quickstart and testing purposes. They should NEVER be used in a production installation.
+
+{% /note %}
+
+## Create Server Credentials
+
+### Step 1: Login to Azure Active Directory
+
+- Login to [Microsoft Azure Portal](https://azure.microsoft.com/en-in/services/active-directory/external-identities/)
+- Navigate to the Azure Active Directory.
+
+{% note %}
+
+Admin permissions are required to register the application on the Azure portal.
+
+{% /note %}
+
+### Step 2: Create a New Application
+
+- From the Azure Active Directory, navigate to the `App Registrations` section from the left nav bar.
+
+{% image src="/images/v1.5/deployment/security/azure/create-app-1.png" alt="create-app" /%} 
+
+- Click on `New Registration`. This step is for registering the OpenMetadata UI.
+
+{% image src="/images/v1.5/deployment/security/azure/create-app-2.png" alt="create-app" /%}
+
+- Provide an Application Name for registration.
+- Provide a redirect URL as a `Single Page Application`.
+- Click on `Register`.
+
+{% note %}
+
+- **SPA (Single Page Application):**  
+  This type is designed for implicit flows. In this case, providing both the client ID and client secret will result in a failure because the implicit flow only requires the client ID for authentication.
+
+- **Web:**  
+  This type is intended for confidential clients. If you select this option, you must provide both the client ID and client secret. Simply passing the client ID will cause the authorization process to fail, as the Authorization Code flow requires both credentials for successful authentication.
+
+### Recommendation:
+
+- Use the **Web** type for confidential clients that require both a client ID and secret.
+- Use the **SPA** type for applications using implicit flows where only a client ID is needed.
+
+{% /note %}
+
+{% image src="/images/v1.5/deployment/security/azure/create-app-3.png" alt="create-app" /%}
+
+### Step 3: Where to Find the Credentials
+
+- The `Client ID` and the `Tenant ID` are displayed in the Overview section of the registered application.
+
+{% image src="/images/v1.5/deployment/security/azure/where-to-find-credentials.png" alt="create-app" /%}
+
+- When passing the details for `authority`, the `Tenant ID` is added to the URL as shown in the example
+  below. `https://login.microsoftonline.com/TenantID`
+
+```commandline
+"authority": "https://login.microsoftonline.com/c11234b7c-b1b2-9854-0mn1-56abh3dea295"
+```
+
+You will need to share the following information with the Collate team:
+- Client ID
+- Tenant ID
diff --git a/openmetadata-docs/content/v1.5.x/security-collate/custom-oidc/index.md b/openmetadata-docs/content/v1.5.x/security-collate/custom-oidc/index.md
@@ -0,0 +1,32 @@
+---
+title: Custom OIDC SSO
+slug: /security/custom-oidc
+collate: true
+---
+
+# Custom OIDC SSO
+
+Follow the sections in this guide to set up Custom OIDC SSO.
+
+{% note %}
+
+Security requirements for your **production** environment:
+- **DELETE** the admin default account shipped by OM in case you had [Basic Authentication](/deployment/security/basic-auth)
+  enabled before configuring the authentication with Custom OIDC SSO.
+- **UPDATE** the Private / Public keys used for the [JWT Tokens](/deployment/security/enable-jwt-tokens). The keys we provide
+  by default are aimed only for quickstart and testing purposes. They should NEVER be used in a production installation.
+
+{% /note %}
+
+## Create Server Credentials
+
+- Go to the console of your preferred custom OIDC SSO provider
+- Create an OIDC client application with implicit flow enabled to get a client ID.
+
+### Create Client ID and Secret Key
+
+- Navigate to your preferred OIDC provider console and create an OIDC client application.
+- Generate client ID and secret key in JSON format.
+
+You will need to share the following information with the Collate team:
+- Client ID