From 5e4367459b95835664ac7ac59def0cfce371a1e9 Mon Sep 17 00:00:00 2001
From: Justin Ross <jross@apache.org>
Date: Sun, 8 Dec 2024 11:02:37 -0500
Subject: [PATCH] WIP

---
 config/commands/debug.yaml            |  3 +++
 config/commands/index.yaml            |  2 +-
 config/resources/link.yaml            |  8 ++++----
 config/resources/listener.yaml        | 11 ++++++-----
 config/resources/properties.yaml      |  8 ++++----
 config/resources/router-access.yaml   |  8 ++++----
 input/commands/debug/index.md         |  2 ++
 input/commands/index.md               |  4 +++-
 input/resources/attached-connector.md |  8 ++++----
 input/resources/connector.md          |  8 ++++----
 input/resources/link.md               |  8 ++++----
 input/resources/listener.md           | 11 ++++++-----
 input/resources/router-access.md      |  8 ++++----
 input/topics/debug-dumps.md           |  9 +++++++--
 14 files changed, 56 insertions(+), 42 deletions(-)

diff --git a/config/commands/debug.yaml b/config/commands/debug.yaml
index 210c933..af8748f 100644
--- a/config/commands/debug.yaml
+++ b/config/commands/debug.yaml
@@ -3,6 +3,9 @@ description: |
   Display help for debug commands and exit.
 include_options: [global/*]
 subcommands:
+  - name: diagnose
+    description: |
+      XXX
   - name: dump
     links: [skupper/debug_dumps]
     description: |
diff --git a/config/commands/index.yaml b/config/commands/index.yaml
index b80291b..0340d7c 100644
--- a/config/commands/index.yaml
+++ b/config/commands/index.yaml
@@ -13,7 +13,7 @@ groups:
   - title: System operations
     commands:
       - system
-  - title: Debug operations
+  - title: Debugging operations
     commands:
       - debug
   - title: Other operations
diff --git a/config/resources/link.yaml b/config/resources/link.yaml
index 6e0db43..cdc4aaa 100644
--- a/config/resources/link.yaml
+++ b/config/resources/link.yaml
@@ -26,10 +26,10 @@ spec:
     - name: tlsCredentials
       links: [skupper/router_tls, kubernetes/tls_secrets, skupper/system_tls_credentials]
       description: |
-        The name of a bundle of TLS certificates and keys used for
-        secure router-to-router communication.  The bundle
-        contains the trusted server certificate.  It optionally
-        includes a client certificate and key for mutual TLS.
+        The name of a bundle of certificates used for mutual TLS
+        router-to-router communication.  The bundle contains the
+        client certificate and key and the trusted server certificate
+        (usually a CA).
 
         On Kubernetes, the value is the name of a Secret in the
         current namespace.
diff --git a/config/resources/listener.yaml b/config/resources/listener.yaml
index ca6efa7..c761dc2 100644
--- a/config/resources/listener.yaml
+++ b/config/resources/listener.yaml
@@ -56,12 +56,13 @@ spec:
       group: advanced
       links: [skupper/application_tls, kubernetes/tls_secrets, skupper/system_tls_credentials]
       description: |
-        The name of a bundle of TLS certificates and keys used for
-        secure client-to-router communication.  The bundle contains
-        the trusted server certificate.
+        The name of a bundle of TLS certificates used for secure
+        client-to-router communication.  The bundle contains the
+        server certificate and key.  It optionally includes the
+        trusted client certificate (usually a CA) for mutual TLS.
 
-        On Kubernetes, the value is the name of a Secret in the current
-        namespace.
+        On Kubernetes, the value is the name of a Secret in the
+        current namespace.
 
         On Docker, Podman, and Linux, the value is the name of a
         directory under `input/certs/` in the current namespace.
diff --git a/config/resources/properties.yaml b/config/resources/properties.yaml
index 788b368..3a7ecd2 100644
--- a/config/resources/properties.yaml
+++ b/config/resources/properties.yaml
@@ -106,10 +106,10 @@ connector/spec/tlsCredentials:
   group: advanced
   links: [skupper/application_tls, kubernetes/tls_secrets, skupper/system_tls_credentials]
   description: |
-    The name of a bundle of TLS certificates and keys used for
-    secure router-to-server communication.  The bundle contains the
-    trusted server certificate.  It optionally includes a client
-    certificate and key for mutual TLS.
+    The name of a bundle of TLS certificates used for secure
+    router-to-server communication.  The bundle contains the trusted
+    server certificate (usually a CA).  It optionally includes a
+    client certificate and key for mutual TLS.
 
     On Kubernetes, the value is the name of a Secret in the current
     namespace.
diff --git a/config/resources/router-access.yaml b/config/resources/router-access.yaml
index 5e52f5c..2286aa0 100644
--- a/config/resources/router-access.yaml
+++ b/config/resources/router-access.yaml
@@ -17,10 +17,10 @@ spec:
     - name: tlsCredentials
       links: [skupper/router_tls, kubernetes/tls_secrets, skupper/system_tls_credentials]
       description: |
-        The name of a bundle of TLS certificates and keys used for
-        secure router-to-router communication.  The bundle
-        contains the trusted server certificate.  It optionally
-        includes a client certificate and key for mutual TLS.
+        The name of a bundle of TLS certificates used for mutual TLS
+        router-to-router communication.  The bundle contains the
+        server certificate and key and the trusted client certificate
+        (usually a CA).
 
         On Kubernetes, the value is the name of a Secret in the
         current namespace.
diff --git a/input/commands/debug/index.md b/input/commands/debug/index.md
index 3d1c098..209d958 100644
--- a/input/commands/debug/index.md
+++ b/input/commands/debug/index.md
@@ -38,6 +38,8 @@ skupper debug [subcommand] [options]
 ## Subcommands
 
 <table class="objects">
+<tr><th><a href="diagnose.html">Debug diagnose</a></th><td><p>XXX</p>
+</td></tr>
 <tr><th><a href="dump.html">Debug dump</a></th><td><p>Generate a debug dump file</p>
 </td></tr>
 </table>
diff --git a/input/commands/index.md b/input/commands/index.md
index 57c9d41..104bccf 100644
--- a/input/commands/index.md
+++ b/input/commands/index.md
@@ -102,10 +102,12 @@ refdog_object_links:
 </table>
 
 
-#### Debug operations
+#### Debugging operations
 
 <table class="objects">
 <tr><th><a href="{{site_prefix}}/commands/debug/index.html">Debug</a></th><td>Overview of debug commands</td></tr>
+<tr><th><a href="{{site_prefix}}/commands/debug/diagnose.html">Debug diagnose</a></th><td><p>XXX</p>
+</td></tr>
 <tr><th><a href="{{site_prefix}}/commands/debug/dump.html">Debug dump</a></th><td><p>Generate a debug dump file</p>
 </td></tr>
 </table>
diff --git a/input/resources/attached-connector.md b/input/resources/attached-connector.md
index 9da4e2e..41a98d3 100644
--- a/input/resources/attached-connector.md
+++ b/input/resources/attached-connector.md
@@ -166,10 +166,10 @@ If true, expose each pod as an individual service.
 </div>
 <div class="attribute-body">
 
-The name of a bundle of TLS certificates and keys used for
-secure router-to-server communication.  The bundle contains the
-trusted server certificate.  It optionally includes a client
-certificate and key for mutual TLS.
+The name of a bundle of TLS certificates used for secure
+router-to-server communication.  The bundle contains the trusted
+server certificate (usually a CA).  It optionally includes a
+client certificate and key for mutual TLS.
 
 On Kubernetes, the value is the name of a Secret in the current
 namespace.
diff --git a/input/resources/connector.md b/input/resources/connector.md
index bf24836..849e193 100644
--- a/input/resources/connector.md
+++ b/input/resources/connector.md
@@ -207,10 +207,10 @@ If true, expose each pod as an individual service.
 </div>
 <div class="attribute-body">
 
-The name of a bundle of TLS certificates and keys used for
-secure router-to-server communication.  The bundle contains the
-trusted server certificate.  It optionally includes a client
-certificate and key for mutual TLS.
+The name of a bundle of TLS certificates used for secure
+router-to-server communication.  The bundle contains the trusted
+server certificate (usually a CA).  It optionally includes a
+client certificate and key for mutual TLS.
 
 On Kubernetes, the value is the name of a Secret in the current
 namespace.
diff --git a/input/resources/link.md b/input/resources/link.md
index 84e7b2f..c0c7ff5 100644
--- a/input/resources/link.md
+++ b/input/resources/link.md
@@ -115,10 +115,10 @@ the link.
 </div>
 <div class="attribute-body">
 
-The name of a bundle of TLS certificates and keys used for
-secure router-to-router communication.  The bundle
-contains the trusted server certificate.  It optionally
-includes a client certificate and key for mutual TLS.
+The name of a bundle of certificates used for mutual TLS
+router-to-router communication.  The bundle contains the
+client certificate and key and the trusted server certificate
+(usually a CA).
 
 On Kubernetes, the value is the name of a Secret in the
 current namespace.
diff --git a/input/resources/listener.md b/input/resources/listener.md
index c4f5116..ba9c580 100644
--- a/input/resources/listener.md
+++ b/input/resources/listener.md
@@ -174,12 +174,13 @@ If true, expose each pod as an individual service.
 </div>
 <div class="attribute-body">
 
-The name of a bundle of TLS certificates and keys used for
-secure client-to-router communication.  The bundle contains
-the trusted server certificate.
+The name of a bundle of TLS certificates used for secure
+client-to-router communication.  The bundle contains the
+server certificate and key.  It optionally includes the
+trusted client certificate (usually a CA) for mutual TLS.
 
-On Kubernetes, the value is the name of a Secret in the current
-namespace.
+On Kubernetes, the value is the name of a Secret in the
+current namespace.
 
 On Docker, Podman, and Linux, the value is the name of a
 directory under `input/certs/` in the current namespace.
diff --git a/input/resources/router-access.md b/input/resources/router-access.md
index ef7daca..23ff0e6 100644
--- a/input/resources/router-access.md
+++ b/input/resources/router-access.md
@@ -97,10 +97,10 @@ include "inter-router" for links between interior routers and
 </div>
 <div class="attribute-body">
 
-The name of a bundle of TLS certificates and keys used for
-secure router-to-router communication.  The bundle
-contains the trusted server certificate.  It optionally
-includes a client certificate and key for mutual TLS.
+The name of a bundle of TLS certificates used for mutual TLS
+router-to-router communication.  The bundle contains the
+server certificate and key and the trusted client certificate
+(usually a CA).
 
 On Kubernetes, the value is the name of a Secret in the
 current namespace.
diff --git a/input/topics/debug-dumps.md b/input/topics/debug-dumps.md
index 49a5fc1..6905b3f 100644
--- a/input/topics/debug-dumps.md
+++ b/input/topics/debug-dumps.md
@@ -1,12 +1,17 @@
 # Debug dumps
 
-- The purpose of a debug dump is to package up details of a site so
-  another party can identify and fix a problem.
+- The purpose of a debug dump is to package up the details of a site
+  so another party can identify and fix a problem.
 - A dump is a tarball containing various files with the site details.
 - Key elements include site resources and status; component versions,
   config files, and logs; and info about the environment where Skupper
   is running.
 
+- Should we include workloads in the namespace?  Services, deployments, pods?
+- .txt file summaries for some things?
+- What details about the overall network should we get?
+  - Links from other sites?
+
 ~~~
 versions.yaml  # Same as the output of 'skupper version --output yaml'
 platform.yaml  # Info about the platform and namespace hosting the site