Merge branch 'main' into newfield-nic-migration-update

Author: ADubhlaoich

.cloudcannon/schemas/default.md

@@ -39,7 +39,7 @@ To do xzy, take the following steps:
 
 2. Format as numbered lists.
 
-    {{< note >}}Add notes like this.{{</note>}}
+    {{< call-out "note" >}}Add notes like this.{{< /call-out >}}
 
 3. If there is only one step, you don't need to format it as a numbered list.
 

.cloudcannon/schemas/nms/policy.md

@@ -81,7 +81,7 @@ The following table lists the configurable settings and their default values for
 
 {{%tab name="API"%}}
 
-{{<see-also>}}{{< include "acm/how-to/access-acm-api.md" >}}{{</see-also>}}
+{{< call-out "note" >}}{{< include "acm/how-to/access-acm-api.md" >}}{{< /call-out >}}
 
 To create an XYZ policy using the REST API, send an HTTP `POST` request to the Add-Endpoint-Name-Here endpoint.
 

.github/pull_request_template.md

@@ -1,35 +1,31 @@
 ### Proposed changes
 
-Write a clear and concise description that helps reviewers understand the purpose and impact of your changes. Use the
-following format:
+[//]: # "Write a clear and concise description of what the pull request changes."
+[//]: # "You can use our Commit messages guidance for this."
+[//]: # "https://github.com/nginx/documentation/blob/main/documentation/git-conventions.md#commit-messages"
 
-Problem: Give a brief overview of the problem or feature being addressed.
+[//]: # "First, explain what was changed, and why. This should be most of the detail."
+[//]: # "Then how the changes were made, such as referring to existing styles and conventions."
+[//]: # "Finish by noting anything beyond the scope of the PR changes that may be affected."
 
-Solution: Explain the approach you took to implement the solution, highlighting any significant design decisions or
-considerations.
+[//]: # "Include information on testing if relevant and non-obvious from the deployment preview."
+[//]: # "For expediency, you can use screenshots to show small before and after examples."
 
-Testing: Describe any testing that you did.
+[//]: # "If the changes were defined by a GitHub issue, reference it using keywords."
+[//]: # "https://docs.github.com/en/get-started/writing-on-github/working-with-advanced-formatting/using-keywords-in-issues-and-pull-requests"
 
-Please focus on (optional): If you any specific areas where you would like reviewers to focus their attention or provide
-specific feedback, add them here.
-
-If this PR addresses an [issue](https://github.com/nginx/documentation/issues) on GitHub, ensure that you link to it here:
-
-Closes #ISSUE
+[//]: # "Do not like to any internal, non-public resources. This includes internal repository issues or anything in an intranet."
+[//]: # "You can make reference to internal discussions without linking to them: see 'Referencing internal information'."
+[//]: # "https://github.com/nginx/documentation/blob/main/documentation/closed-contributions.md#referencing-internal-information"
 
 ### Checklist
 
-Before merging a pull request, run through this checklist and mark each as complete.
+Before sharing this pull request, I completed the following checklist:
 
-- [ ] I have read the [contributing guidelines](https://github.com/nginx/documentation/blob/main/CONTRIBUTING.md)
-- [ ] I have signed the [F5 Contributor License Agreement (CLA)](https://github.com/f5/.github/blob/main/CLA/cla-markdown.md)
-- [ ] I have rebased my branch onto main
-- [ ] I have ensured my PR is targeting the main branch and pulling from my branch from my own fork
-- [ ] I have ensured that the commit messages adhere to [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/#summary)
-- [ ] I have ensured that documentation content adheres to [the style guide](/documentation/style-guide.md)
-- [ ] If the change involves potentially sensitive changes[^1], I have assessed the possible impact
-- [ ] If applicable, I have added tests that prove my fix is effective or that my feature works
-- [ ] I have ensured that existing tests pass after adding my changes
-- [ ] If applicable, I have updated [`README.md`](/README.md)
+- [ ] I read the [Contributing guidelines](https://github.com/nginx/documentation/blob/main/CONTRIBUTING.md)
+- [ ] My branch adheres to the [Git conventions](https://github.com/nginx/documentation/blob/main/documentation/git-conventions.md)
+- [ ] My content changes adhere to the [F5 NGINX Documentation style guide](https://github.com/nginx/documentation/blob/main/documentation/style-guide.md)
+- [ ] If my changes involve potentially sensitive information[^1], I have assessed the possible impact
+- [ ] I have waited to ensure my changes pass tests, and addressed any discovered issues
 
-[^1]: Potentially sensitive changes include anything involving code, personally identify information (PII), live URLs or significant amounts of new or revised documentation. Please refer to [our style guide](/documentation/style-guide.md) for guidance about placeholder content.
+[^1]: Potentially sensitive information includes personally identify information (PII), authentication credentials, and live URLs. Refer to the [style guide](https://github.com/nginx/documentation/blob/main/documentation/style-guide.md) for guidance about placeholder content.

.github/workflows/coveo.yml

@@ -72,7 +72,7 @@ jobs:
     needs: generate-coveo-search-token
     steps:
       - name: Download Coveo search token
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
 
       - name: View files
         run: ls -R

.github/workflows/dot-org-content.yml

@@ -0,0 +1,56 @@
+name: Detect changes in documentation within nginx/nginx.org
+
+on:
+  schedule:
+    - cron: "0 */23 * * *"
+permissions:
+  contents: write
+  pull-requests: write
+  issues: write
+
+jobs:      
+  detect-changes:
+    name: Detect changes in 'en' docs of nginx/nginx.org
+    runs-on: ubuntu-latest
+    outputs:
+      IS_CHANGES_DETECTED: ${{ steps.check_changes.outputs.changed }}
+    steps: 
+      - name: Checkout Repository
+        uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2 # v4.2.2
+        with:
+          fetch-depth: 0
+      - name: Clone the nginx/nginx-org repository
+        run: |
+            git clone --depth=2 https://github.com/nginx/nginx.org.git dot-org-repo
+      - name: Check for changes in xml/en folder
+        id: check_changes
+        run: |
+            cd dot-org-repo
+
+            if git whatchanged --since="1 day ago" -- _xml/en/; then
+              echo "Changes detected in /en"
+              echo "changed=true" >> $GITHUB_OUTPUT
+            else
+              echo "No changes in /en"
+              echo "changed=false" >> $GITHUB_OUTPUT
+            fi
+      - name: Execute make target 'make hugo-md' to generate markdown
+        if: steps.check_changes.outputs.changed == 'true'
+        run: |
+            cd dot-org-repo
+            make module-markdown
+      - name: Create PR 
+        uses: peter-evans/create-pull-request@v7
+        if: steps.check_changes.outputs.changed == 'true'
+        with:
+          commit-message: "chore: Update nginx plus module reference from detected changes in nginx/nginx.org"
+          labels: product/nginx-plus, dependencies, module-reference
+          base: main
+          branch: update-nginx-module-ref
+          title: 'NGINX Plus - Module Ref: Update content for content/nginx due to detected changes'
+          add-paths: |
+            dot-org-repo/libxslt-md/
+            dot-org-repo/yaml/nginx_api.yaml
+          body: |
+            ### Proposed Changes
+            Updated NGINX Plus docs.

.github/workflows/linkchecker.yml

@@ -32,6 +32,7 @@ env:
     --ignore-url ^https://oauth2.googleapis.com --ignore-url ^https://openidconnect.googleapis.com --ignore-url ^https://www.base64url.com/
     --ignore-url ^https://go.googlesource.com/ --ignore-url ^https://go.googlesource.com/sync --ignore-url ^https://linkerd.io/2.13/
     --ignore-url ^http://www.redirectpage.com/ --ignore-url ^https://www.gnu.org/ --ignore-url ^https://insert_your_tenant_name.console.ves.volterra.io/
+    --ignore-url ^https://INSERT_YOUR_TENANT_NAME.console.ves.volterra.io
     --ignore-url ^https://\([a-zA-Z0-9-]+\).nginx.com/nginx-ingress-controller/css
     --ignore-url ^https://\([a-zA-Z0-9-]+\).nginx.com/nginxaas/azure/css
     --ignore-url ^https://\([a-zA-Z0-9-]+\).nginx.com/nginx-gateway-fabric/css

.github/workflows/ossf_scorecard.yml

@@ -56,6 +56,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: Upload SARIF results to code scanning
-        uses: github/codeql-action/upload-sarif@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2
+        uses: github/codeql-action/upload-sarif@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # v3.29.5
         with:
           sarif_file: results.sarif

content/agent/configuration/configuration-overview.md

@@ -9,7 +9,7 @@ nd-content-type: how-to
 
 The following sections explain how to configure NGINX Agent using configuration files, CLI flags, and environment variables.
 
-{{<note>}}
+{{< call-out "note" >}}
 
 - NGINX Agent interprets configuration values set by configuration files, CLI flags, and environment variables in the following priorities:
 
@@ -19,7 +19,7 @@ The following sections explain how to configure NGINX Agent using configuration
 
 - You must open any required firewall ports or add SELinux/AppArmor rules for the ports and IPs you want to use.
 
-{{</note>}}
+{{< /call-out >}}
 
 ## Configure with Config Files
 
@@ -30,9 +30,9 @@ Examples of the configuration files are provided below:
 <details open>
     <summary>example nginx-agent.conf</summary>
 
-{{<note>}}
+{{< call-out "note" >}}
 In the following example `nginx-agent.conf` file, you can change the `server.host` and `server.grpcPort` to connect to the control plane.
-{{</note>}}
+{{< /call-out >}}
 
 ```nginx {hl_lines=[13]}
 #
@@ -118,11 +118,11 @@ nginx_app_protect:
 <details open>
     <summary>example dynamic-agent.conf</summary>
 
-{{<note>}}
+{{< call-out "note" >}}
 Default location in Linux environments: `/var/lib/nginx-agent/agent-dynamic.conf`
 
 Default location in FreeBSD environments: `/var/db/nginx-agent/agent-dynamic.conf`
-{{</note>}}
+{{< /call-out >}}
 
 ```yaml
 # Dynamic configuration file for NGINX Agent.
@@ -169,13 +169,13 @@ nginx-agent
 
 ### CLI Flags and Environment Variables
 
-{{< warning >}}
+{{< call-out "warning" >}}
 
 Before version 2.35.0, the environment variables were prefixed with `NMS_` instead of `NGINX_AGENT_`.
 
 If you are upgrading from an older version, update your configuration accordingly.
 
-{{< /warning >}}
+{{< /call-out >}}
 
 {{<bootstrap-table "table table-responsive table-bordered">}}
 | CLI flag                                    | Environment variable                 | Description                                                                 |
@@ -218,7 +218,7 @@ If you are upgrading from an older version, update your configuration accordingl
 
 <br>
 
-{{<note>}}
+{{< call-out "note" >}}
 Use the `--config-dirs` command-line option, or the `config_dirs` key in the `nginx-agent.conf` file, to identify the directories NGINX Agent can read from or write to. This setting also defines the location to which you can upload config files when using a control plane.
 
 NGINX Agent cannot write to directories outside the specified location when updating a config and cannot upload files to directories outside of the configured location.
@@ -227,15 +227,15 @@ NGINX Agent follows NGINX configuration directives to file paths outside the des
 
 - [`ssl_certificate`](https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_certificate)
 
-{{</note>}}
+{{< /call-out >}}
 
-{{<note>}} Use the `--dynamic-config-path` command-line option to set the location of the dynamic config file. This setting also requires you to move your dynamic config to the new path, or create a new dynamic config file at the specified location.
+{{< call-out "note" >}} Use the `--dynamic-config-path` command-line option to set the location of the dynamic config file. This setting also requires you to move your dynamic config to the new path, or create a new dynamic config file at the specified location.
 
 Default location in Linux environments: `/var/lib/nginx-agent/agent-dynamic.conf`
 
 Default location in FreeBSD environments: `/var/db/nginx-agent/agent-dynamic.conf`
 
-{{</note>}}
+{{< /call-out >}}
 
 ## Log Rotation
 

content/agent/configuration/encrypt-communication.md

@@ -94,7 +94,7 @@ NGINX_AGENT_TLS_ENABLE=true
 
 ## Enable Server-Side TLS With Self-Signed Certificate
 
-{{< warning >}}These steps are not recommended for production environments.{{< /warning >}}
+{{< call-out "warning" >}}These steps are not recommended for production environments.{{< /call-out >}}
 
 To enable server-side TLS with a self-signed certificate, you must have TLS enabled and set `skip_verify` to `true`, which disables hostname validation. Setting `skip_verify` can be done done only by updating the configuration file. See the following example:
 

content/agent/installation-upgrade/container-environments/docker-images.md

@@ -27,7 +27,7 @@ This guide provides instructions on how to build images with NGINX Agent and NGI
 
 You can use [Docker](https://docs.docker.com/engine/install/) or [Podman](https://podman.io/docs/installation) to manage NGINX Agent container images. Follow the installation instructions for your preferred container engine and be sure the service is running before proceeding with the instructions in this document.
 
-{{<note>}}The examples in this document primarily use Docker commands. You can adapt these using the appropriate [Podman commands](https://docs.podman.io/en/latest/Commands.html) if you're not using Docker.{{</note>}}
+{{< call-out "note" >}}The examples in this document primarily use Docker commands. You can adapt these using the appropriate [Podman commands](https://docs.podman.io/en/latest/Commands.html) if you're not using Docker.{{< /call-out >}}
 
 ### Install the GNU Make package
 
@@ -112,7 +112,7 @@ docker tag docker-registry.nginx.com/nginx/agent:mainline nginx-agent
 docker run --name nginx-agent -d nginx-agent
 ```
 
-{{<note>}}To learn more about the configuration options, refer to the NGINX Agent [Configuration Overview]({{< ref "/agent/configuration/configuration-overview" >}}).{{</note>}}
+{{< call-out "note" >}}To learn more about the configuration options, refer to the NGINX Agent [Configuration Overview]({{< ref "/agent/configuration/configuration-overview" >}}).{{< /call-out >}}
 
 ### Enable the gRPC interface
 
@@ -166,7 +166,7 @@ If the REST Interface is configured correctly, then you should see a JSON object
 
 ## Build the NGINX Agent images for specific OS targets
 
-{{<important>}}The only **officially supported** base operating system is **Alpine**. The instructions below for other operating systems are provided for informational and **testing purposes only**.{{</important>}}
+{{< call-out "important" >}}The only **officially supported** base operating system is **Alpine**. The instructions below for other operating systems are provided for informational and **testing purposes only**.{{< /call-out >}}
 
 The NGINX Agent GitHub repo has a set of Make commands that you can use to build a container image for an specific operating system and version:
 
@@ -200,7 +200,7 @@ IMAGE_BUILD_TARGET=install-agent-repo NGINX_AGENT_VERSION=2.37.0~bullseye OS_REL
 
 ### Build NGINX Plus images
 
-{{<important>}}You need a license to use NGINX Agent with NGINX Plus. You must complete the steps in the [Download the certificate and key files from MyF5](#myf5-download) section before proceeding.{{</important>}}
+{{< call-out "important" >}}You need a license to use NGINX Agent with NGINX Plus. You must complete the steps in the [Download the certificate and key files from MyF5](#myf5-download) section before proceeding.{{< /call-out >}}
 
 Run the following `make` command to build the default image, which uses Ubuntu 24.04 (Noble) as the base image.