From 2d6d4b79973686a4b861a7a5d9ed0a46a068050c Mon Sep 17 00:00:00 2001
From: Blake Covarrubias <blake@covarrubi.as>
Date: Mon, 18 Sep 2023 15:31:26 -0700
Subject: [PATCH 1/2] docs: Fix Kubernetes CRD example configs

Fixes configuration examples for several Consul Kubernetes CRDs. The
CRDs were missing required fields such as `apiVersion`, `metadata`,
and `spec`.
---
 .../control-plane-request-limit.mdx           | 33 +++++++-----
 .../connect/config-entries/jwt-provider.mdx   |  4 +-
 .../connect/gateways/mesh-gateway/index.mdx   | 24 +++++----
 .../peering-via-mesh-gateways.mdx             | 10 ++--
 .../service-to-service-traffic-partitions.mdx | 24 +++++----
 ...ice-to-service-traffic-wan-datacenters.mdx | 24 +++++----
 .../envoy-extensions/usage/ext-authz.mdx      |  2 +-
 .../proxies/envoy-extensions/usage/lua.mdx    |  2 +-
 .../proxies/envoy-extensions/usage/wasm.mdx   | 51 ++++++++++---------
 9 files changed, 102 insertions(+), 72 deletions(-)

diff --git a/website/content/docs/connect/config-entries/control-plane-request-limit.mdx b/website/content/docs/connect/config-entries/control-plane-request-limit.mdx
index 8eb00d66d11..6b115756425 100644
--- a/website/content/docs/connect/config-entries/control-plane-request-limit.mdx
+++ b/website/content/docs/connect/config-entries/control-plane-request-limit.mdx
@@ -83,20 +83,25 @@ catalog = {
 ```
 
 ```yaml
-kind: control-plane-request-limit
-mode: permissive
-name: <name-for-the-entry>
-read_rate: 100
-write_rate: 100
-kv:
-  read_rate: 100
-  write_rate: 100
-acl:
-  read_rate: 100
-  write_rate: 100
-catalog:
-  read_rate: 100
-  write_rate: 100
+apiVersion: consul.hashicorp.com/v1alpha1
+kind: ControlPlaneRequestLimit
+metadata:
+  name: <name-for-the-entry>
+spec:
+  mode: permissive
+  # the maximum number of read requests per second that the agent allows.
+  readRate: 100
+  # the maximum number of write requests per second that the agent allows.
+  writeRate: 100
+  kv:
+    readRate: 100
+    writeRate: 100
+  acl:
+    readRate: 100
+    writeRate: 100
+  catalog:
+    readRate: 100
+    writeRate: 100
 ```
 
 </CodeTabs>
diff --git a/website/content/docs/connect/config-entries/jwt-provider.mdx b/website/content/docs/connect/config-entries/jwt-provider.mdx
index 9ab8214cce6..30ba3e2698b 100644
--- a/website/content/docs/connect/config-entries/jwt-provider.mdx
+++ b/website/content/docs/connect/config-entries/jwt-provider.mdx
@@ -1280,12 +1280,12 @@ Forwarding = {
 
 ```yaml
 apiVersion: consul.hashicorp.com/v1alpha1
-kind: jwtProvider
+kind: JWTProvider
 metadata:
   name: okta
 spec:
   issuer: okta
-  jsonwebkeyset:
+  jsonWebKeySet:
     remote:
       uri: https://<org>.okta.com/oauth2/default/v1/keys
       cacheDuration: 30m
diff --git a/website/content/docs/connect/gateways/mesh-gateway/index.mdx b/website/content/docs/connect/gateways/mesh-gateway/index.mdx
index 17821edf531..fa9ce7409de 100644
--- a/website/content/docs/connect/gateways/mesh-gateway/index.mdx
+++ b/website/content/docs/connect/gateways/mesh-gateway/index.mdx
@@ -84,7 +84,7 @@ Use the following example configurations to help you understand some of the comm
 
 The following `proxy-defaults` configuration will enable gateways for all mesh services in the `local` mode.
 
-<CodeTabs heading="Example: Enabling gateways globally.">
+<CodeTabs heading="Example: Enabling gateways globally">
 
 ```hcl
 Kind = "proxy-defaults"
@@ -95,10 +95,13 @@ MeshGateway {
 ```
 
 ```yaml
-Kind: proxy-defaults
-MeshGateway:
-- Mode: local
-Name: global
+apiVersion: consul.hashicorp.com/v1alpha1
+kind: ProxyDefaults
+metadata:
+  name: global
+spec:
+  meshGateway:
+    mode: local
 ```
 </CodeTabs>
 
@@ -117,10 +120,13 @@ MeshGateway {
 ```
 
 ```yaml
-Kind: service-defaults
-MeshGateway:
-- Mode: local
-Name: web
+apiVersion: consul.hashicorp.com/v1alpha1
+kind: ServiceDefaults
+metadata:
+  name: web
+spec:
+  meshGateway:
+    mode: local
 ```
 
 </CodeTabs>
diff --git a/website/content/docs/connect/gateways/mesh-gateway/peering-via-mesh-gateways.mdx b/website/content/docs/connect/gateways/mesh-gateway/peering-via-mesh-gateways.mdx
index 7fa47f215a1..a7fae5c2820 100644
--- a/website/content/docs/connect/gateways/mesh-gateway/peering-via-mesh-gateways.mdx
+++ b/website/content/docs/connect/gateways/mesh-gateway/peering-via-mesh-gateways.mdx
@@ -121,9 +121,13 @@ Peering {
 ```
 
 ```yaml
-Kind: mesh
-Peering:
-  PeerThroughMeshGateways: true
+apiVersion: consul.hashicorp.com/v1alpha1
+kind: Mesh
+metadata:
+  name: mesh
+spec:
+  peering:
+    peerThroughMeshGateways: true
 ```
 </CodeTabs>
 
diff --git a/website/content/docs/connect/gateways/mesh-gateway/service-to-service-traffic-partitions.mdx b/website/content/docs/connect/gateways/mesh-gateway/service-to-service-traffic-partitions.mdx
index 22a4e9d9b8f..ccb51e090f7 100644
--- a/website/content/docs/connect/gateways/mesh-gateway/service-to-service-traffic-partitions.mdx
+++ b/website/content/docs/connect/gateways/mesh-gateway/service-to-service-traffic-partitions.mdx
@@ -78,7 +78,7 @@ Use the following example configurations to help you understand some of the comm
 
 The following `proxy-defaults` configuration will enable gateways for all mesh services in the `local` mode.
 
-<CodeTabs heading="Example: Enabling gateways globally.">
+<CodeTabs heading="Example: Enabling gateways globally">
 
 ```hcl
 Kind = "proxy-defaults"
@@ -89,10 +89,13 @@ MeshGateway {
 ```
 
 ```yaml
-Kind: proxy-defaults
-MeshGateway:
-- Mode: local
-Name: global
+apiVersion: consul.hashicorp.com/v1alpha1
+kind: ProxyDefaults
+metadata:
+  name: global
+spec:
+  meshGateway:
+    mode: local
 ```
 
 </CodeTabs>
@@ -112,10 +115,13 @@ MeshGateway {
 ```
 
 ```yaml
-Kind: service-defaults
-MeshGateway:
-- Mode: local
-Name: web
+apiVersion: consul.hashicorp.com/v1alpha1
+kind: ServiceDefaults
+metadata:
+  name: web
+spec:
+  meshGateway:
+    mode: local
 ```
 </CodeTabs>
 
diff --git a/website/content/docs/connect/gateways/mesh-gateway/service-to-service-traffic-wan-datacenters.mdx b/website/content/docs/connect/gateways/mesh-gateway/service-to-service-traffic-wan-datacenters.mdx
index dc017e0af23..958b8dfa8b9 100644
--- a/website/content/docs/connect/gateways/mesh-gateway/service-to-service-traffic-wan-datacenters.mdx
+++ b/website/content/docs/connect/gateways/mesh-gateway/service-to-service-traffic-wan-datacenters.mdx
@@ -94,7 +94,7 @@ Use the following example configurations to help you understand some of the comm
 
 The following `proxy-defaults` configuration will enable gateways for all mesh services in the `local` mode.
 
-<CodeTabs heading="Example: Enabling gateways globally.">
+<CodeTabs heading="Example: Enabling gateways globally">
 
 ```hcl
 Kind = "proxy-defaults"
@@ -105,10 +105,13 @@ MeshGateway {
 ```
 
 ```yaml
-Kind: proxy-defaults
-MeshGateway:
-- Mode: local
-Name: global
+apiVersion: consul.hashicorp.com/v1alpha1
+kind: ProxyDefaults
+metadata:
+  name: global
+spec:
+  meshGateway:
+    mode: local
 ```
 </CodeTabs>
 
@@ -127,10 +130,13 @@ MeshGateway {
 ```
 
 ```yaml
-Kind: service-defaults
-MeshGateway:
-- Mode: local
-Name: web
+apiVersion: consul.hashicorp.com/v1alpha1
+kind: ServiceDefaults
+metadata:
+  name: web
+spec:
+  meshGateway:
+    mode: local
 ```
 
 </CodeTabs>
diff --git a/website/content/docs/connect/proxies/envoy-extensions/usage/ext-authz.mdx b/website/content/docs/connect/proxies/envoy-extensions/usage/ext-authz.mdx
index a0e6630b74d..51a004c17b3 100644
--- a/website/content/docs/connect/proxies/envoy-extensions/usage/ext-authz.mdx
+++ b/website/content/docs/connect/proxies/envoy-extensions/usage/ext-authz.mdx
@@ -82,7 +82,7 @@ EnvoyExtensions = [
 </CodeBlockConfig>
 </Tab>
 <Tab heading="Kubernetes" group="yaml">
-<CodeBlockConfig filename="api-auth-service-defaults">
+<CodeBlockConfig filename="api-auth-service-defaults.yaml">
 
 ```yaml
 apiVersion: consul.hashicorp.com/v1alpha1
diff --git a/website/content/docs/connect/proxies/envoy-extensions/usage/lua.mdx b/website/content/docs/connect/proxies/envoy-extensions/usage/lua.mdx
index 08fb6b05d0b..5bac9081360 100644
--- a/website/content/docs/connect/proxies/envoy-extensions/usage/lua.mdx
+++ b/website/content/docs/connect/proxies/envoy-extensions/usage/lua.mdx
@@ -224,4 +224,4 @@ end
 ]
 ```
 
-</CodeBlockConfig>
\ No newline at end of file
+</CodeBlockConfig>
diff --git a/website/content/docs/connect/proxies/envoy-extensions/usage/wasm.mdx b/website/content/docs/connect/proxies/envoy-extensions/usage/wasm.mdx
index de899efe48c..5f5b371e736 100644
--- a/website/content/docs/connect/proxies/envoy-extensions/usage/wasm.mdx
+++ b/website/content/docs/connect/proxies/envoy-extensions/usage/wasm.mdx
@@ -125,30 +125,33 @@ EOF
 <CodeBlockConfig filename="wasm-extension-serve-waf.yaml">
 
 ```yaml
-kind: service-defaults
-name: api
-protocol: http
-envoyExtensions:
-  - name: builtin/wasm
-    required: true
-    arguments:
-      protocol: http
-      listenerType: inbound
-      pluginConfig:
-        VmConfig:
-          Code:
-            Remote:
-              HttpURI:
-                Service:
-                  Name: file-server
-                  URI: https://file-server/waf.wasm
-         Configuration:
-           rules:
-           - Include @demo-conf
-           - Include @crs-setup-demo-conf
-           - SecDebugLogLevel 9
-           - SecRuleEngine On
-           - Include @owasp_crs/*.conf
+apiVersion: consul.hashicorp.com/v1alpha1
+kind: ServiceDefaults
+metadata:
+  name: api
+spec:
+  protocol: http
+  envoyExtensions:
+    - name: builtin/wasm
+      required: true
+      arguments:
+        protocol: http
+        listenerType: inbound
+        pluginConfig:
+          VmConfig:
+            Code:
+              Remote:
+                HttpURI:
+                  Service:
+                    Name: file-server
+                    URI: https://file-server/waf.wasm
+          Configuration:
+            rules:
+            - Include @demo-conf
+            - Include @crs-setup-demo-conf
+            - SecDebugLogLevel 9
+            - SecRuleEngine On
+            - Include @owasp_crs/*.conf
 ```
 
 </CodeBlockConfig>

From e7209f04952c1e6427353f1a020048cb343514a2 Mon Sep 17 00:00:00 2001
From: Tu Nguyen <im2nguyen@gmail.com>
Date: Tue, 19 Sep 2023 07:47:50 -0700
Subject: [PATCH 2/2] fix hcl formatting for mesh gateways page, fix list
 rendering

---
 .../connect/gateways/mesh-gateway/index.mdx   | 108 +++++++++---------
 1 file changed, 54 insertions(+), 54 deletions(-)

diff --git a/website/content/docs/connect/gateways/mesh-gateway/index.mdx b/website/content/docs/connect/gateways/mesh-gateway/index.mdx
index fa9ce7409de..dc324a67c0b 100644
--- a/website/content/docs/connect/gateways/mesh-gateway/index.mdx
+++ b/website/content/docs/connect/gateways/mesh-gateway/index.mdx
@@ -15,13 +15,13 @@ Datacenters can reside in different clouds or runtime environments where general
 Mesh gateways can be used with any of the following Consul configurations for managing separate datacenters or partitions.
 
 1. WAN Federation
-  * [Mesh gateways can be used to route service-to-service traffic between datacenters](/consul/docs/connect/gateways/mesh-gateway/service-to-service-traffic-wan-datacenters)
-  * [Mesh gateways can be used to route all WAN traffic, including from Consul servers](/consul/docs/connect/gateways/mesh-gateway/wan-federation-via-mesh-gateways)
+    * [Mesh gateways can be used to route service-to-service traffic between datacenters](/consul/docs/connect/gateways/mesh-gateway/service-to-service-traffic-wan-datacenters)
+    * [Mesh gateways can be used to route all WAN traffic, including from Consul servers](/consul/docs/connect/gateways/mesh-gateway/wan-federation-via-mesh-gateways)
 2. Cluster Peering
-  * [Mesh gateways can be used to route service-to-service traffic between datacenters](/consul/docs/connect/cluster-peering/usage/establish-cluster-peering)
-  * [Mesh gateways can be used to route control-plane traffic from Consul servers](/consul/docs/connect/gateways/mesh-gateway/peering-via-mesh-gateways)
+    * [Mesh gateways can be used to route service-to-service traffic between datacenters](/consul/docs/connect/cluster-peering/usage/establish-cluster-peering)
+    * [Mesh gateways can be used to route control-plane traffic from Consul servers](/consul/docs/connect/gateways/mesh-gateway/peering-via-mesh-gateways)
 3. Admin Partitions
-  * [Mesh gateways can be used to route service-to-service traffic between admin partitions in the same Consul datacenter](/consul/docs/connect/gateways/mesh-gateway/service-to-service-traffic-partitions)
+    * [Mesh gateways can be used to route service-to-service traffic between admin partitions in the same Consul datacenter](/consul/docs/connect/gateways/mesh-gateway/service-to-service-traffic-partitions)
 
 ### Consul
 
@@ -90,7 +90,7 @@ The following `proxy-defaults` configuration will enable gateways for all mesh s
 Kind = "proxy-defaults"
 Name = "global"
 MeshGateway {
-   Mode = "local"
+  Mode = "local"
 }
 ```
 
@@ -115,7 +115,7 @@ The following `service-defaults` configuration will enable gateways for all mesh
 Kind = "service-defaults"
 Name = "web"
 MeshGateway {
-   Mode = "local"
+  Mode = "local"
 }
 ```
 
@@ -140,22 +140,22 @@ The following [proxy service configuration](/consul/docs/connect/proxies/deploy-
 
 ```hcl
 service {
-   name = "web-sidecar-proxy"
-   kind = "connect-proxy"
-   port = 8181
-   proxy {
-      destination_service_name = "web"
-      mesh_gateway {
-         mode = "remote"
+  name = "web-sidecar-proxy"
+  kind = "connect-proxy"
+  port = 8181
+  proxy {
+    destination_service_name = "web"
+    mesh_gateway {
+      mode = "remote"
+    }
+    upstreams = [
+      {
+        destination_name = "api"
+        datacenter = "secondary"
+        local_bind_port = 10000
       }
-      upstreams = [
-         {
-            destination_name = "api"
-            datacenter = "secondary"
-            local_bind_port = 10000
-         }
-      ]
-   }
+    ]
+  }
 }
 
 # Or alternatively inline with the service definition:
@@ -207,38 +207,38 @@ The following service definition will enable gateways in the `local` mode for on
 
 ```hcl
 service {
-   name = "web-sidecar-proxy"
-   kind = "connect-proxy"
-   port = 8181
-   proxy {
-      destination_service_name = "web"
-      upstreams = [
-         {
-            destination_name = "api"
-            destination_peer = "cluster-01"
-            local_bind_port = 10000
-            mesh_gateway {
-               mode = "remote"
-            }
-         },
-         {
-            destination_name = "db"
-            datacenter = "secondary"
-            local_bind_port = 10001
-            mesh_gateway {
-               mode = "local"
-            }
-         },
-         {
-            destination_name = "logging"
-            datacenter = "secondary"
-            local_bind_port = 10002
-            mesh_gateway {
-               mode = "none"
-            }
-         },
-      ]
-   }
+  name = "web-sidecar-proxy"
+  kind = "connect-proxy"
+  port = 8181
+  proxy {
+    destination_service_name = "web"
+    upstreams = [
+      {
+        destination_name = "api"
+        destination_peer = "cluster-01"
+        local_bind_port = 10000
+        mesh_gateway {
+          mode = "remote"
+        }
+      },
+      {
+        destination_name = "db"
+        datacenter = "secondary"
+        local_bind_port = 10001
+        mesh_gateway {
+          mode = "local"
+        }
+      },
+      {
+        destination_name = "logging"
+        datacenter = "secondary"
+        local_bind_port = 10002
+        mesh_gateway {
+          mode = "none"
+        }
+      },
+    ]
+  }
 }
 ```
 ```yaml