Skip to content

chore: promote Secure to top-level Antora module (JTBD Phase 2)#3134

Merged
gtrivedi88 merged 16 commits into
eclipse-che:mainfrom
gtrivedi88:jtbd-secure-category
Jul 3, 2026
Merged

chore: promote Secure to top-level Antora module (JTBD Phase 2)#3134
gtrivedi88 merged 16 commits into
eclipse-che:mainfrom
gtrivedi88:jtbd-secure-category

Conversation

@gtrivedi88

Copy link
Copy Markdown
Contributor

Summary

  • Promote security content from Administration Guide into modules/secure/
  • Follows CCS category definition: Secure = 'Implement security controls and ensure compliance'
  • Mirrors downstream devspaces-documentation structure (shipped in DS 3.29)

Changes

  • New modules/secure/ with nav.adoc, 12 pages
  • Moved: security-best-practices, 6 OAuth provider pages, identity management, authorization, GDPR
  • Updated antora.yml with secure nav
  • Slimmed administration-guide nav (removed security + identity sections)
  • Cross-module xrefs updated in install, end-user-guide, discover
  • page-aliases for backward-compatible URLs
  • JTBD titles applied: "Protect your deployment", "Give developers credential-free Git access", "Control who can access Che"

Test plan

  • Antora build succeeds
  • Old admin-guide URLs redirect via page-aliases
  • Secure nav renders correctly
  • No broken xrefs across modules

Made with Cursor

@gtrivedi88 gtrivedi88 requested review from a team, deerskindoll and mkuznyetsov as code owners June 29, 2026 14:24
@gtrivedi88 gtrivedi88 requested a review from svor June 29, 2026 14:24
@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown

Click here to review and test in web IDE: Contribute

@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown

🎊 Navigate the preview: https://6a479f349ff16064a6c397fc--eclipse-che-docs-pr.netlify.app 🎊

Comment thread modules/administration-guide/nav.adoc
@gtrivedi88 gtrivedi88 force-pushed the jtbd-secure-category branch 2 times, most recently from 8a048b6 to ae0988b Compare July 2, 2026 11:04

[id="configuring-oauth-for-git-providers"]
= Configuring OAuth for Git providers
= Give developers credential-free Git access

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

tbh, I'm not sure this is the best title, and it might be confusing. Can we leave OAuth as factually correct?

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated

Comment thread modules/secure/nav.adoc
@@ -0,0 +1,6 @@
.Secure
* xref:security-best-practices.adoc[]
* xref:managing-identities-and-authorizations.adoc[]

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should it be moved out of security ^ ?

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ibuziuk Just want to confirm when you say we need to move out of security. You mean flattening the strcuture or move it to Admin guide.

The reason why it is in Secure is because for a user Identity management (RBAC, cluster roles, authorization) is kind of a security concern.

gtrivedi88 and others added 14 commits July 2, 2026 20:05
Move security content from Administration Guide into a new
modules/secure/ Antora module, following the CCS 'Secure' category:
'Implement security controls and ensure compliance.'

- Create modules/secure/ with nav and 12 pages
- Move security-best-practices, OAuth provider pages (6), identity
  management, authorization, GDPR compliance from admin-guide
- Add page-aliases for backward-compatible redirects
- Apply JTBD titles from downstream audit:
  "Protect your deployment", "Give developers credential-free Git
  access", "Control who can access {prod-short}", etc.
- Update cross-module xrefs in install, end-user-guide, discover
- Remove security sections from admin-guide nav
- Add modules/secure/nav.adoc to antora.yml

Mirrors downstream devspaces-documentation Secure guide structure.

Co-authored-by: Cursor <cursoragent@cursor.com>
SME feedback: OAuth configuration is a day-1 admin setup task,
not a security hardening concern. Keep it in the Administration
Guide where admins expect to find it.

Moved 7 OAuth pages from modules/secure/pages/ back to
modules/administration-guide/pages/. Updated nav.adoc for both
modules and 3 cross-module xrefs (secure: -> administration-guide:).

Secure module retains: security best practices, identity management,
cluster roles, advanced authorization, GDPR compliance.

Co-authored-by: Cursor <cursoragent@cursor.com>
- Per-page admin persona callout via discover:partial$snip_persona-admin.adoc
  in all 5 secure pages

Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
…onflict)

configuring-cluster-roles-for-users.adoc is a thin wrapper that includes
the full page content from administration-guide example snippet. Adding
a persona partial before that creates two level-0 headings, which breaks
Antora. The guide-level callout in the nav/master provides the persona
signal for this page.

Co-authored-by: Cursor <cursoragent@cursor.com>
SME feedback: JTBD title 'Give developers credential-free Git access'
is inaccurate (OAuth still uses credentials) and not findable for
admins searching for 'OAuth' or 'GitHub configuration'.

Co-authored-by: Cursor <cursoragent@cursor.com>
@gtrivedi88 gtrivedi88 force-pushed the jtbd-secure-category branch from 4ba0069 to d844c49 Compare July 2, 2026 14:36
Change navtitle from "Configuring cluster roles for users" to
"Grant additional permissions to users" to match downstream JTBD title.

Co-authored-by: Cursor <cursoragent@cursor.com>
@gtrivedi88 gtrivedi88 force-pushed the jtbd-secure-category branch from 878ff2c to 6caa91e Compare July 3, 2026 11:20
Co-authored-by: Cursor <cursoragent@cursor.com>
@gtrivedi88 gtrivedi88 force-pushed the jtbd-secure-category branch from 2376582 to 5627d35 Compare July 3, 2026 11:33

@ibuziuk ibuziuk left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@gtrivedi88 gtrivedi88 merged commit 08e76b9 into eclipse-che:main Jul 3, 2026
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants