chore: improve usability of external links

modules/ROOT/pages/export.adoc

@@ -3,15 +3,15 @@
 
 == USA
 
-The USA adopts the https://en.wikipedia.org/wiki/Export_Administration_Regulations[Export Administration Regulations (EAR)] as the primary regulation to control exports.
+The USA adopts the https://en.wikipedia.org/wiki/Export_Administration_Regulations[Export Administration Regulations (EAR){external-link-icon}^] as the primary regulation to control exports.
 
 All of our products are outside of the scope of EAR because they fall under the _publicly available_ exemption and do not contain non-standard cryptography.
 
 NOTE: That means E-Mail notifications to the NSA and BIS are not required and are therefore not published here.
 
 In particular:
 
-* We are exempt under https://www.ecfr.gov/current/title-15/subtitle-B/chapter-VII/subchapter-C/part-734/section-734.3[EAR 734.3(b)] because we publish according to https://www.ecfr.gov/current/title-15/subtitle-B/chapter-VII/subchapter-C/part-734/section-734.7[EAR 734.7]
-* We are exempt under https://www.ecfr.gov/current/title-15/subtitle-B/chapter-VII/subchapter-C/part-742/section-742.15[EAR 742.15(b)] as our software includes only https://ecfr.io/Title-15/Section-772.1[standard encryption]
+* We are exempt under https://www.ecfr.gov/current/title-15/subtitle-B/chapter-VII/subchapter-C/part-734/section-734.3[EAR 734.3(b){external-link-icon}^] because we publish according to https://www.ecfr.gov/current/title-15/subtitle-B/chapter-VII/subchapter-C/part-734/section-734.7[EAR 734.7{external-link-icon}^]
+* We are exempt under https://www.ecfr.gov/current/title-15/subtitle-B/chapter-VII/subchapter-C/part-742/section-742.15[EAR 742.15(b){external-link-icon}^] as our software includes only https://ecfr.io/Title-15/Section-772.1[standard encryption{external-link-icon}^]
 
-The Stackable Data Platform is open source, and the source code of all the components can be found on https://github.com/stackabletech/[GitHub].
+The Stackable Data Platform is open source, and the source code of all the components can be found on https://github.com/stackabletech/[GitHub{external-link-icon}^].

modules/ROOT/pages/kubernetes/aks.adoc

@@ -1,6 +1,6 @@
 = Azure Kubernetes Service (AKS)
 
-https://azure.microsoft.com/en-us/products/kubernetes-service
+https://azure.microsoft.com/en-us/products/kubernetes-service[https://azure.microsoft.com/en-us/products/kubernetes-service{external-link-icon}^]
 
 Automatic Kubernetes clusters are not supported, as the xref:secret-operator:index.adoc[secret-operator] requires special privileges that are not granted in automatic Kubernetes clusters.
 
@@ -47,4 +47,3 @@ image::managed-k8s/aks/6.png[]
 Access your Kubernetes by clicking on the `Connect` button and following the instructions.
 +
 image::managed-k8s/aks/7.png[]
-

modules/ROOT/pages/kubernetes/eks.adoc

@@ -1,6 +1,6 @@
 = Amazon Elastic Kubernetes Service (EKS)
 
-https://aws.amazon.com/eks/
+https://aws.amazon.com/eks/[https://aws.amazon.com/eks/{external-link-icon}^]
 
 Please make sure that you have a default StorageClass in your cluster, so that PVCs will be provisioned.
 

modules/ROOT/pages/kubernetes/gke.adoc

@@ -1,6 +1,6 @@
 = Google Kubernetes Engine (GKE)
 
-https://cloud.google.com/kubernetes-engine
+https://cloud.google.com/kubernetes-engine[https://cloud.google.com/kubernetes-engine{external-link-icon}^]
 
 Autopilot clusters are not suported, as the xref:secret-operator:index.adoc[secret-operator] requires special privileges that are not granted in Autopilot clusters.
 

modules/ROOT/pages/kubernetes/huawei-cloud.adoc

@@ -1,6 +1,6 @@
 = Huawei Cloud Container Engine (CCE)
 
-https://www.huaweicloud.com/intl/en-us/product/cce.html
+https://www.huaweicloud.com/intl/en-us/product/cce.html[https://www.huaweicloud.com/intl/en-us/product/cce.html{external-link-icon}^]
 
 Huawei Cloud uses a non-standard Kubelet state directory.
 For this reason the secret-operator and listener-operator on Huawei Cloud require special handling.

modules/ROOT/pages/kubernetes/ibm-cloud.adoc

@@ -1,6 +1,6 @@
 = IBM Cloud Kubernetes Service
 
-https://www.ibm.com/products/kubernetes-service
+https://www.ibm.com/products/kubernetes-service[https://www.ibm.com/products/kubernetes-service{external-link-icon}^]
 
 IBM Cloud Kubernetes Service uses a non-standard Kubelet state directory.
 For this reason the secret-operator and listener-operator on IBM Cloud Kubernetes Service require special handling.

modules/ROOT/pages/kubernetes/index.adoc

@@ -28,12 +28,12 @@ Stackable's control plane is built around Kubernetes, and we'll give some brief
 
 === Installing kubectl
 
-Stackable operators and their services are managed by applying manifest files to the Kubernetes cluster. For this purpose, you need to have the `kubectl` tool installed. Follow the instructions https://kubernetes.io/docs/tasks/tools/#kubectl[here] for your platform.
+Stackable operators and their services are managed by applying manifest files to the Kubernetes cluster. For this purpose, you need to have the `kubectl` tool installed. Follow the instructions https://kubernetes.io/docs/tasks/tools/#kubectl[here{external-link-icon}^] for your platform.
 
 === Installing Kubernetes using Kind
 Kind offers a very quick and easy way to bootstrap your Kubernetes infrastructure in Docker. The big advantage of this is that you can simply remove the Docker containers when you're finished and clean up easily, making it great for testing and development.
 
-If you don't already have Docker then visit https://docs.docker.com/get-docker/[Docker Website] to find out how to install Docker. Kind is a single executable that performs the tasks of installing and configuring Kubernetes for you within Docker containers. The https://kind.sigs.k8s.io/docs/user/quick-start/[Kind Website] has instructions for installing Kind on your system.
+If you don't already have Docker then visit https://docs.docker.com/get-docker/[Docker Website{external-link-icon}^] to find out how to install Docker. Kind is a single executable that performs the tasks of installing and configuring Kubernetes for you within Docker containers. The https://kind.sigs.k8s.io/docs/user/quick-start/[Kind Website{external-link-icon}^] has instructions for installing Kind on your system.
 
 Once you have both of these installed then you can build a Kubernetes cluster in Docker. We're going to create a simple, single node cluster to test out Stackable, with the one node hosting both the Kubernetes control plane and the Stackable services.
 
@@ -80,5 +80,5 @@ Metrics-server is running at https://127.0.0.1:6443/api/v1/namespaces/kube-syste
 
 === Configuring the cluster domain
 
-In case a non-default cluster domain is used as described in https://kubernetes.io/docs/tasks/administer-cluster/dns-custom-nameservers/[Customizing DNS Service],
+In case a non-default cluster domain is used as described in https://kubernetes.io/docs/tasks/administer-cluster/dns-custom-nameservers/[Customizing DNS Service{external-link-icon}^],
 Stackable operators can be configured accordingly. This is described in detail in the xref:guides:kubernetes-cluster-domain.adoc[Configuring the Kubernetes cluster domain] guide.

modules/ROOT/pages/kubernetes/ionos-managed-k8s.adoc

@@ -1,6 +1,6 @@
 = IONOS managed Kubernetes
 
-https://cloud.ionos.com/managed/kubernetes
+https://cloud.ionos.com/managed/kubernetes[https://cloud.ionos.com/managed/kubernetes{external-link-icon}^]
 
 TIP: IONOS also offers a xref:kubernetes/ionos-managed-stackable.adoc[managed Stackable service], which simplifies the usage of Stackable.
 

modules/ROOT/pages/kubernetes/ionos-managed-stackable.adoc

@@ -1,5 +1,5 @@
 = IONOS managed Stackable
 
-https://cloud.ionos.com/managed/managed-stackable
+https://cloud.ionos.com/managed/managed-stackable[https://cloud.ionos.com/managed/managed-stackable{external-link-icon}^]
 
 > The Managed Stackable Data Platform from IONOS Cloud is designed to enable you to work with maximum efficiency: Simply select the appropriate data management tools for your respective purpose, build individual stacks for yourself or your customers and make all your data productively usable as quickly as possible

modules/ROOT/pages/kubernetes/kind.adoc

@@ -1,3 +1,3 @@
 = kind
 
-https://kind.sigs.k8s.io/
+https://kind.sigs.k8s.io/[https://kind.sigs.k8s.io/{external-link-icon}^]

modules/ROOT/pages/kubernetes/microk8s.adoc

@@ -1,6 +1,6 @@
 = Microk8s
 
-https://microk8s.io/
+https://microk8s.io/[https://microk8s.io/{external-link-icon}^]
 
 Microk8s uses a non-standard Kubelet state directory.
 For this reason the secret-operator and listener-operator on Microk8s require special handling.

modules/ROOT/pages/kubernetes/oke.adoc

@@ -1,3 +1,3 @@
 = Oracle Kubernetes Engine (OKE)
 
-https://www.oracle.com/cloud/cloud-native/kubernetes-engine/
+https://www.oracle.com/cloud/cloud-native/kubernetes-engine/[https://www.oracle.com/cloud/cloud-native/kubernetes-engine/{external-link-icon}^]

modules/ROOT/pages/kubernetes/openshift.adoc

@@ -1,14 +1,14 @@
 = Red Hat OpenShift
 
-https://www.redhat.com/en/technologies/cloud-computing/openshift
+https://www.redhat.com/en/technologies/cloud-computing/openshift[https://www.redhat.com/en/technologies/cloud-computing/openshift{external-link-icon}^]
 
 SDP operators are certified for the OpenShift platform and can be installed from the OperatorHub.
 
 IMPORTANT: OpenShift installations with FIPS mode enabled are not supported. This is because neither the SDP operators, nor the supported Apache products are FIPS-compliant.
 
 == Customizing operator installations
 
-As described in the https://github.com/operator-framework/operator-lifecycle-manager/blob/master/doc/design/subscription-config.md[Openshift Subscription documentation] you can configure the deployed operators.
+As described in the https://github.com/operator-framework/operator-lifecycle-manager/blob/master/doc/design/subscription-config.md[Openshift Subscription documentation{external-link-icon}^] you can configure the deployed operators.
 
 E.g. depending on the cluster size, you may need to customize the resources requested by the SDP operator containers.
 This is possible when installing the operators via a Subscription CustomResource.
@@ -60,4 +60,3 @@ Starting with the release version `24.7.0`, all products run with the `nonroot-v
 
 Operators (with two exceptions) don't request a specific SCC to run with. Usually OpenShift will select the `restricted` or `restricted-v2` SCC unless the cluster admins have specifically assigned a different one to the namespace where the operators are running.
 The two exceptions are the secret and the listener operators. These need additional permissions not available in the `restricted` SCCs to propagate volume mounts to the requesting pods.
-

modules/ROOT/pages/kubernetes/ovh-mks.adoc

@@ -1,6 +1,6 @@
 = OVH Managed Kubernetes Service (MKS)
 
-https://www.ovhcloud.com/en/public-cloud/kubernetes/
+https://www.ovhcloud.com/en/public-cloud/kubernetes/[https://www.ovhcloud.com/en/public-cloud/kubernetes/{external-link-icon}^]
 
 The Stackable Data Platform should install normally on the OVH MKS out of the box.
 

modules/ROOT/pages/kubernetes/plusserver.adoc

@@ -1,3 +1,3 @@
 = plusserver Kubernetes as a Service
 
-https://www.plusserver.com/en/product/managed-kubernetes/
+https://www.plusserver.com/en/product/managed-kubernetes/[https://www.plusserver.com/en/product/managed-kubernetes/{external-link-icon}^]

modules/ROOT/pages/kubernetes/ske.adoc

@@ -1,6 +1,6 @@
 = STACKIT Kubernetes Engine (SKE)
 
-https://www.stackit.de/de/produkt/stackit-kubernetes-engine/
+https://www.stackit.de/de/produkt/stackit-kubernetes-engine/[https://www.stackit.de/de/produkt/stackit-kubernetes-engine/{external-link-icon}^]
 
 SKE clusters by default have no public IPs assigned to the Kubernetes nodes.
 As of 2024-06-13 marking the nodes as public during the Kubernetes cluster creation is not supported.

modules/ROOT/pages/kubernetes/suse-k3s.adoc

@@ -1,3 +1,3 @@
 = SUSE K3S
 
-https://www.suse.com/products/k3s/
+https://www.suse.com/products/k3s/[https://www.suse.com/products/k3s/{external-link-icon}^]

modules/ROOT/pages/kubernetes/suse-rancher.adoc

@@ -1,3 +1,3 @@
 = SUSE Rancher
 
-https://www.rancher.com/products/rancher
+https://www.rancher.com/products/rancher[https://www.rancher.com/products/rancher{external-link-icon}^]

modules/ROOT/pages/kubernetes/vmware_tanzu.adoc

@@ -1,6 +1,6 @@
 = VMware Tanzu
 
-https://www.vmware.com/products/app-platform/tanzu
+https://www.vmware.com/products/app-platform/tanzu[https://www.vmware.com/products/app-platform/tanzu{external-link-icon}^]
 
 VMware Tanzu uses a non-standard Kubelet state directory.
 For this reason the secret-operator and listener-operator on VMware Tanzu require special handling.

modules/ROOT/pages/licenses.adoc

@@ -7,31 +7,31 @@ The Stackable Data Platform is open source, and the source code of all the compo
 
 Product Operators
 
-* https://github.com/stackabletech/airflow-operator/blob/main/LICENSE[License] for the Stackable Operator for Apache Airflow.
-* https://github.com/stackabletech/druid-operator/blob/main/LICENSE[License] for the Stackable Operator for Apache Druid.
-* https://github.com/stackabletech/hbase-operator/blob/main/LICENSE[License] for the Stackable Operator for Apache HBase.
-* https://github.com/stackabletech/hdfs-operator/blob/main/LICENSE[License] for the Stackable Operator for Apache Hadoop HDFS.
-* https://github.com/stackabletech/hive-operator/blob/main/LICENSE[License] for the Stackable Operator for Apache Hive.
-* https://github.com/stackabletech/kafka-operator/blob/main/LICENSE[License] for the Stackable Operator for Apache Kafka.
-* https://github.com/stackabletech/nifi-operator/blob/main/LICENSE[License] for the Stackable Operator for Apache NiFi.
-* https://github.com/stackabletech/spark-k8s-operator/blob/main/LICENSE[License] for the Stackable Operator for Apache Spark.
-* https://github.com/stackabletech/trino-operator/blob/main/LICENSE[License] for the Stackable Operator for Trino.
-* https://github.com/stackabletech/zookeeper-operator/blob/main/LICENSE[License] for the Stackable Operator for Apache ZooKeeper.
-* https://github.com/stackabletech/opa-operator/blob/main/LICENSE[License] for the Stackable Operator for OpenPolicyAgent.
+* https://github.com/stackabletech/airflow-operator/blob/main/LICENSE[License{external-link-icon}^] for the Stackable Operator for Apache Airflow.
+* https://github.com/stackabletech/druid-operator/blob/main/LICENSE[License{external-link-icon}^] for the Stackable Operator for Apache Druid.
+* https://github.com/stackabletech/hbase-operator/blob/main/LICENSE[License{external-link-icon}^] for the Stackable Operator for Apache HBase.
+* https://github.com/stackabletech/hdfs-operator/blob/main/LICENSE[License{external-link-icon}^] for the Stackable Operator for Apache Hadoop HDFS.
+* https://github.com/stackabletech/hive-operator/blob/main/LICENSE[License{external-link-icon}^] for the Stackable Operator for Apache Hive.
+* https://github.com/stackabletech/kafka-operator/blob/main/LICENSE[License{external-link-icon}^] for the Stackable Operator for Apache Kafka.
+* https://github.com/stackabletech/nifi-operator/blob/main/LICENSE[License{external-link-icon}^] for the Stackable Operator for Apache NiFi.
+* https://github.com/stackabletech/spark-k8s-operator/blob/main/LICENSE[License{external-link-icon}^] for the Stackable Operator for Apache Spark.
+* https://github.com/stackabletech/trino-operator/blob/main/LICENSE[License{external-link-icon}^] for the Stackable Operator for Trino.
+* https://github.com/stackabletech/zookeeper-operator/blob/main/LICENSE[License{external-link-icon}^] for the Stackable Operator for Apache ZooKeeper.
+* https://github.com/stackabletech/opa-operator/blob/main/LICENSE[License{external-link-icon}^] for the Stackable Operator for OpenPolicyAgent.
 
 Additional Stackable Operators
 
-* https://github.com/stackabletech/commons-operator/blob/main/LICENSE[License] for the Stackable Commons Operator.
-* https://github.com/stackabletech/secret-operator/blob/main/LICENSE[License] for the Stackable Secret Operator.
-* https://github.com/stackabletech/listener-operator/blob/main/LICENSE[License] for the Stackable Listener Operator.
+* https://github.com/stackabletech/commons-operator/blob/main/LICENSE[License{external-link-icon}^] for the Stackable Commons Operator.
+* https://github.com/stackabletech/secret-operator/blob/main/LICENSE[License{external-link-icon}^] for the Stackable Secret Operator.
+* https://github.com/stackabletech/listener-operator/blob/main/LICENSE[License{external-link-icon}^] for the Stackable Listener Operator.
 
 == stackablectl
 
-https://github.com/stackabletech/stackable-cockpit/blob/main/LICENSE[License] for stackablectl.
+https://github.com/stackabletech/stackable-cockpit/blob/main/LICENSE[License{external-link-icon}^] for stackablectl.
 
 == Product images
 
-https://github.com/stackabletech/docker-images/blob/main/LICENSE[License] for the product Docker images.
+https://github.com/stackabletech/docker-images/blob/main/LICENSE[License{external-link-icon}^] for the product Docker images.
 
-The Docker images are built on the https://catalog.redhat.com/software/containers/ubi9-minimal/61832888c0d15aff4912fe0d[Red Hat ubi9-minimal base image].
-It is https://www.redhat.com/licenses/EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf[licensed seperately].
+The Docker images are built on the https://catalog.redhat.com/software/containers/ubi9-minimal/61832888c0d15aff4912fe0d[Red Hat ubi9-minimal base image{external-link-icon}^].
+It is https://www.redhat.com/licenses/EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf[licensed seperately{external-link-icon}^].

modules/ROOT/pages/policies.adoc

@@ -25,13 +25,13 @@ These policies are from *July 2023*.
 NOTE: This policy concerns releases of our platform as a whole and how long and to which extent we support each version.
 
 We do releases of our Stackable Data Platform.
-These releases get a name based on the year and month they have been released in (e.g. `23.4`, `23.7`, also called https://calver.org/[CalVer]). This name does not follow Semantic Versioning (https://semver.org/[SemVer]). We may release patches for a release, which then follow the PATCH naming semantics of SemVer (e.g. `23.4.1`) or the _Micro_ name from CalVer. See below for our policy on patches for the SDP.
+These releases get a name based on the year and month they have been released in (e.g. `23.4`, `23.7`, also called https://calver.org/[CalVer{external-link-icon}^]). This name does not follow Semantic Versioning (https://semver.org/[SemVer{external-link-icon}^]). We may release patches for a release, which then follow the PATCH naming semantics of SemVer (e.g. `23.4.1`) or the _Micro_ name from CalVer. See below for our policy on patches for the SDP.
 
 We support an SDP release for a specific amount of time after its initial release.
 
 An SDP release contains our operators and other code developed at Stackable as well as the product docker images.
 
-TIP: Our policy is inspired by the https://kubernetes.io/releases/patch-releases/[Kubernetes] and the https://access.redhat.com/support/policy/updates/openshift#ocp4[OpenShift] policies.
+TIP: Our policy is inspired by the https://kubernetes.io/releases/patch-releases/[Kubernetes{external-link-icon}^] and the https://access.redhat.com/support/policy/updates/openshift#ocp4[OpenShift{external-link-icon}^] policies.
 
 === Full support phase
 
@@ -67,7 +67,7 @@ IMPORTANT: As of January 2024 all our CRDs are versioned as `alpha1`. We will st
 
 CustomResourceDefinitions at Stackable are versioned.
 
-Our policies around CRD versioning are inspired by the https://kubernetes.io/docs/reference/using-api/deprecation-policy/[Kubernetes Deprecation Policy].
+Our policies around CRD versioning are inspired by the https://kubernetes.io/docs/reference/using-api/deprecation-policy/[Kubernetes Deprecation Policy{external-link-icon}^].
 
 Specifically we try to follow these rules:
 
@@ -141,7 +141,7 @@ Stackable will analyze published security vulnerabilities (e.g. CVEs but other s
 We take various sources into account when assigning a criticality.
 Among those sources is the NVD database, but we place higher value on the self-assessments by the projects themselves, and we will additionally evaluate vulnerabilities in the context of how they are used in the Stackable Data Platform.
 
-We will then assign a criticality to each vulnerability according to similar rating categories that https://access.redhat.com/security/updates/classification[RedHat has established]:
+We will then assign a criticality to each vulnerability according to similar rating categories that https://access.redhat.com/security/updates/classification[RedHat has established{external-link-icon}^]:
 
 Critical::
 This rating is given to flaws that could be easily exploited by a remote unauthenticated attacker and lead to system compromise (arbitrary code execution) without requiring user interaction. Flaws that require authentication, local or physical access to a system, or an unlikely configuration are not classified as Critical impact. These are the types of vulnerabilities that can be exploited by worms.