docs: add website categories (#483)

Signed-off-by: Sertac Ozercan <sozercan@gmail.com>
project-copacetic · Jan 23, 2024 · 8d6e4aa · 8d6e4aa
1 parent fc6b96b
commit 8d6e4aa
Show file tree

Hide file tree

Showing 14 changed files with 427 additions and 301 deletions.
diff --git a/README.md b/README.md
@@ -7,6 +7,8 @@
 
 `copa` is a CLI tool written in [Go](https://golang.org) and based on [buildkit](https://github.com/moby/buildkit) that can be used to directly patch container images given the vulnerability scanning results from popular tools like [Trivy](https://github.com/aquasecurity/trivy).
 
+For more details and how to get started, please refer to [full documentation](https://project-copacetic.github.io/copacetic/).
+
 ## Demo
 
 ![intro](demo/copa-demo.gif)
@@ -18,7 +20,7 @@ We needed the ability to patch containers quickly without going upstream for a f
 - inherited from base images several levels deep and waiting on updated releases to percolate through the supply chain is not an option
 - found in 3rd party app images you don't maintain with update cadences that don't meet your security SLAs.
 
-![direct image patching](./docs/imgs/direct-image-patching.png)
+![direct image patching](./website/static/img/direct-image-patching.png)
 
 In addition to filling the operational gap not met by left-shift security practices and tools, the ability of `copa` to patch a container without requiring a rebuild of the container image provides other benefits:
 
@@ -35,7 +37,7 @@ The `copa` tool is an extensible engine that:
 2. Obtains and processes the needed update packages using the appropriate package manager tools such as apt, apk, etc. New adapters can be written to support more package managers.
 3. Applies the resulting update binaries to the container image using buildkit.
 
-![report-driven vulnerability patching](./docs/imgs/vulnerability-patch.png)
+![report-driven vulnerability patching](./website/static/img/vulnerability-patch.png)
 
 This approach is motivated by the core principles of making direct container patching broadly applicable and accessible:
 
@@ -47,8 +49,6 @@ This approach is motivated by the core principles of making direct container pat
 - **Copa reduces the technical expertise needed and waiting on dependencies needed to patch an image**.
   - For OS package vulnerabilities, no specialized knowledge about a specific image is needed to be patch it as Copa relies on the vulnerability remediation knowledge already embedded in the reports produced by popular container scanning tools today.
 
-For more details refer to the [full documentation](https://project-copacetic.github.io/copacetic/).
-
 ## Contributing
 There are several ways to get involved:
 * Join the [mailing list](https://groups.google.com/g/project-copa) to get notifications for releases, security announcements, etc.

diff --git a/docs/imgs/direct-image-patching.png b/docs/imgs/direct-image-patching.png
diff --git a/docs/imgs/graph-execution.png b/docs/imgs/graph-execution.png
diff --git a/docs/imgs/oci-patch.png b/docs/imgs/oci-patch.png
diff --git a/docs/imgs/vulnerability-patch.png b/docs/imgs/vulnerability-patch.png
diff --git a/docs/vulnerability-driven-patching.md b/docs/vulnerability-driven-patching.md
diff --git a/docs/development-tips.md → website/docs/development-tips.md b/docs/development-tips.md → website/docs/development-tips.md
diff --git a/website/docs/github-action.md b/website/docs/github-action.md
@@ -1,98 +1,7 @@
 ---
-title: Copa Github Action
+title: Github Action
 ---
 
-## Overview
+The [Copa Github Action](https://github.com/project-copacetic/copa-action) allows you patch vulnerable containers in your GitHub Actions workflows using Copa.
 
-The [Copa Github Action](https://github.com/project-copacetic/copa-action) allows you patch vulnerable containers in your workflows using Copa. 
-
-## Inputs
-
-## `image`
-
-**Required** The image reference to patch.
-
-## `image-report`
-
-**Required** The trivy json vulnerability report of the image to patch.
-
-## `patched-tag`
-
-**Required** The new patched image tag.
-
-## `buildkit-version`
-
-**Optional** The buildkit version used in the action, default is latest.
-
-## `copa-version`
-
-**Optional** The Copa version used in the action, default is latest.
-
-## Output
-
-## `patched-image`
-
-Image reference of the resulting patched image.
-
-## Example Workflow
-
-```
-on: [push]
-
-jobs:
-    test:
-        runs-on: ubuntu-latest
-
-        strategy:
-          fail-fast: false
-          matrix:
-            # provide relevant list of images to scan on each run
-            images: ['docker.io/library/nginx:1.21.6', 'docker.io/openpolicyagent/opa:0.46.0', 'docker.io/library/hello-world:latest']
-
-        steps:
-        - name: Set up Docker Buildx
-          uses: docker/setup-buildx-action@dedd61cf5d839122591f5027c89bf3ad27691d18
-
-        - name: Generate Trivy Report
-          uses: aquasecurity/trivy-action@69cbbc0cbbf6a2b0bab8dcf0e9f2d7ead08e87e4
-          with:
-            scan-type: 'image'
-            format: 'json'
-            output: 'report.json'
-            ignore-unfixed: true
-            vuln-type: 'os'
-            image-ref: ${{ matrix.images }}
-
-        - name: Check Vuln Count
-          id: vuln_count
-          run: |
-            report_file="report.json"
-            vuln_count=$(jq '.Results | length' "$report_file")
-            echo "vuln_count=$vuln_count" >> $GITHUB_OUTPUT
-
-        - name: Copa Action
-          if: steps.vuln_count.outputs.vuln_count != '0'
-          id: copa
-          uses: project-copacetic/copa-action@v1
-          with:
-            image: ${{ matrix.images }}
-            image-report: 'report.json'
-            patched-tag: 'patched'
-            buildkit-version: 'v0.11.6'
-            # optional, default is latest
-            copa-version: '0.4.1'
-
-        - name: Login to Docker Hub
-          if: steps.copa.conclusion == 'success'
-          id: login
-          uses: docker/login-action@b4bedf8053341df3b5a9f9e0f2cf4e79e27360c6
-          with:
-            username: 'user'
-            password: ${{ secrets.DOCKERHUB_TOKEN }}
-
-        - name: Docker Push Patched Image
-          if: steps.login.conclusion == 'success'
-          run: |
-            docker push ${{ steps.copa.outputs.patched-image }}
-
-```
+Please refer to [Copa Github Action](https://github.com/project-copacetic/copa-action) for more details on how to use it.
diff --git a/docs/maintainer-guidelines.md → website/docs/maintainer-guidelines.md b/docs/maintainer-guidelines.md → website/docs/maintainer-guidelines.md
diff --git a/website/sidebars.js b/website/sidebars.js
@@ -14,20 +14,43 @@
 /** @type {import('@docusaurus/plugin-content-docs').SidebarsConfig} */
 const sidebars = {
   sidebar: [
-    'introduction',
-    'installation',
-    'quick-start',
-    'custom-address',
-    'output',
-    'troubleshooting',
-    'design',
-    'faq',
-    'scanner-plugins',
-    'contributing',
-    'code-of-conduct',
-    'github-action',
-    'release'
-  ]
+    {
+      type: 'category',
+      label: 'Getting Started',
+      collapsed: false,
+      items: [
+        'introduction',
+        'installation',
+        'quick-start',
+        'troubleshooting',
+        'faq',
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Features',
+      collapsed: false,
+      items: [
+        'github-action',
+        'custom-address',
+        'output',
+        'scanner-plugins',
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Contributing',
+      collapsed: false,
+      items: [
+        'contributing',
+        'code-of-conduct',
+        'design',
+        'development-tips',
+        'maintainer-guidelines',
+        'release',
+      ],
+    },
+  ],
 };
 
 module.exports = sidebars;