Add docs for secret management#308
Conversation
|
Naduni Pamudika seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account. You have signed the CLA already but the status is still pending? Let us recheck it. |
📝 WalkthroughAdded a new AI Workspace documentation page for Secrets Management, covering how secrets are created, referenced, updated, listed, and deleted through the documented workflow and API. Also updated the AI Workspace navigation and WalkthroughAdds a new Secrets Management page under AI Workspace and adds it to the Cloud navigation. The page documents secret handles, runtime placeholder resolution, UI auto-encryption, 🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (2)
en/docs/cloud/ai-workspace/secrets-management.md (2)
59-62: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low valueAdd
httplanguage specifier to API endpoint declaration code fences.The endpoint declaration blocks are missing language specifiers, while the example request blocks below them use
http. This inconsistency triggers markdownlint warnings and may cause inconsistent syntax highlighting. Addhttpto the opening fence for each endpoint declaration.- ``` POST /api/v1/secrets Content-Type: multipart/form-data - ``` + ```http + POST /api/v1/secrets + Content-Type: multipart/form-data + ``` - ``` GET /api/v1/secrets - ``` + ```http + GET /api/v1/secrets + ``` - ``` GET /api/v1/secrets/{handle} - ``` + ```http + GET /api/v1/secrets/{handle} + ``` - ``` PUT /api/v1/secrets/{handle} Content-Type: multipart/form-data - ``` + ```http + PUT /api/v1/secrets/{handle} + Content-Type: multipart/form-data + ``` - ``` DELETE /api/v1/secrets/{handle} - ``` + ```http + DELETE /api/v1/secrets/{handle} + ```Also applies to: 134-136, 174-176, 204-207, 268-270
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@en/docs/cloud/ai-workspace/secrets-management.md` around lines 59 - 62, Add the http language specifier to the opening code fences for each API endpoint declaration in the secrets-management docs so the endpoint blocks match the request examples and avoid markdownlint warnings. Update the endpoint fence blocks around the secret API declarations (for POST, GET, PUT, and DELETE in the relevant sections) by changing the plain fenced blocks to http-labeled fences, keeping the existing request lines inside each block.
26-28: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low valueAdd language specifier to placeholder syntax code fences.
The
{{ secret "..." }}placeholder examples are in fenced code blocks without language specifiers. Addtext(ornone) to suppress markdownlint warnings and ensure consistent rendering.- ``` + ```text {{ secret "your-secret-handle" }}Also applies to: 301-303 <details> <summary>🤖 Prompt for AI Agents</summary>Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.In
@en/docs/cloud/ai-workspace/secrets-management.mdaround lines 26 - 28, The
secret placeholder example fences in the documentation are missing a language
specifier, causing markdownlint warnings and inconsistent rendering. Update the
fenced blocks containing the {{ secret "..." }} syntax to use a plain-text
specifier such as text or none, and apply the same change to the other matching
example block referenced in the doc so the markdown is consistent.</details> <!-- cr-comment:v1:23363c0eb8708b86d4dfd491 --> </blockquote></details> </blockquote></details> <details> <summary>🤖 Prompt for all review comments with AI agents</summary>Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.Inline comments:
In@en/docs/cloud/ai-workspace/secrets-management.md:
- Around line 358-362: The Docker Compose secret setup in the secrets management
docs uses shell command substitution inside a .env example, which will be read
literally. Update the guidance near the Docker Compose deployment instructions
to use a two-step flow instead: first show generating a random key with openssl
rand -hex 32, then show copying that generated value into the
PLATFORM_SECRET_ENCRYPTION_KEY entry in the .env file. Keep the fix in the
section that references Docker Compose and .env so readers can find the change
easily.
Nitpick comments:
In@en/docs/cloud/ai-workspace/secrets-management.md:
- Around line 59-62: Add the http language specifier to the opening code fences
for each API endpoint declaration in the secrets-management docs so the endpoint
blocks match the request examples and avoid markdownlint warnings. Update the
endpoint fence blocks around the secret API declarations (for POST, GET, PUT,
and DELETE in the relevant sections) by changing the plain fenced blocks to
http-labeled fences, keeping the existing request lines inside each block.- Around line 26-28: The secret placeholder example fences in the documentation
are missing a language specifier, causing markdownlint warnings and inconsistent
rendering. Update the fenced blocks containing the {{ secret "..." }} syntax to
use a plain-text specifier such as text or none, and apply the same change to
the other matching example block referenced in the doc so the markdown is
consistent.</details> <details> <summary>🪄 Autofix (Beta)</summary> Fix all unresolved CodeRabbit comments on this PR: - [ ] <!-- {"checkboxId": "4b0d0e0a-96d7-4f10-b296-3a18ea78f0b9"} --> Push a commit to this branch (recommended) - [ ] <!-- {"checkboxId": "ff5b1114-7d8c-49e6-8ac1-43f82af23a33"} --> Create a new PR with the fixes </details> --- <details> <summary>ℹ️ Review info</summary> <details> <summary>⚙️ Run configuration</summary> **Configuration used**: Organization UI **Review profile**: CHILL **Plan**: Pro **Run ID**: `13c2fe11-0585-4249-ad73-ea67c5658e25` </details> <details> <summary>📥 Commits</summary> Reviewing files that changed from the base of the PR and between cd2409b6dd907c3f457a62ff63391255268aac8e and 84a80ca95d3a3e6283a5544b301b5b513e85f408. </details> <details> <summary>📒 Files selected for processing (2)</summary> * `en/docs/cloud/ai-workspace/secrets-management.md` * `en/mkdocs.yml` </details> </details> <!-- This is an auto-generated comment by CodeRabbit for review status -->
ea0cc1a to
eb5224a
Compare
|
@npamudika Let's also update the |
@selectiveduplicate Updated. Thanks for the feedback. |
There was a problem hiding this comment.
🧹 Nitpick comments (1)
en/docs/cloud/ai-workspace/secrets-management.md (1)
18-18: 🎯 Functional Correctness | 🔵 Trivial | ⚡ Quick winClarify scope of "never returned in any API response."
The claim that plaintext values are "never returned in any API response" is accurate for the Platform API documented here, but the Gateway Controller Management API (
/api-gateway/gateway-controller-management-api/secrets-management.md) does return decryptedspec.valueon GET. Readers navigating between API docs may be confused by the differing semantics. Consider adding a note clarifying that this restriction applies to the Platform API, or cross-referencing the management API behavior if relevant.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@en/docs/cloud/ai-workspace/secrets-management.md` at line 18, Clarify the “never returned in any API response” statement in the AI Workspace secrets docs by limiting it to the Platform API or adding a cross-reference to the Gateway Controller Management API behavior. Update the wording in the secrets-management documentation so readers can distinguish that plaintext secrets are not returned by the Platform API responses, while the management API’s GET behavior in secrets management differs. Use the existing “AI Workspace” secrets overview wording to anchor the clarification.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Nitpick comments:
In `@en/docs/cloud/ai-workspace/secrets-management.md`:
- Line 18: Clarify the “never returned in any API response” statement in the AI
Workspace secrets docs by limiting it to the Platform API or adding a
cross-reference to the Gateway Controller Management API behavior. Update the
wording in the secrets-management documentation so readers can distinguish that
plaintext secrets are not returned by the Platform API responses, while the
management API’s GET behavior in secrets management differs. Use the existing
“AI Workspace” secrets overview wording to anchor the clarification.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 2f8b9610-32f5-4db5-bfd3-1c4daf22bf4d
📒 Files selected for processing (3)
en/docs/cloud/ai-workspace/secrets-management.mden/docs/llms.txten/mkdocs.yml
✅ Files skipped from review due to trivial changes (1)
- en/mkdocs.yml
Purpose
Add docs for wso2/api-platform#2149