summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorAdin Scannell <ascannell@google.com>2020-04-29 18:54:48 -0700
committerAdin Scannell <ascannell@google.com>2020-05-06 14:15:19 -0700
commit5f3a256425f4fa99fd3e5363418c5978659cecf3 (patch)
tree625571ad6a416ab369c8c49719399f888a627ef4
parenta10d5ed9691d341c60dc8590d19302332120d365 (diff)
Add support for kramdown TOC.
-rw-r--r--g3doc/architecture_guide/performance.md2
-rw-r--r--g3doc/architecture_guide/resources.md2
-rw-r--r--g3doc/architecture_guide/security.md2
-rw-r--r--g3doc/user_guide/FAQ.md2
-rw-r--r--g3doc/user_guide/checkpoint_restore.md2
-rw-r--r--g3doc/user_guide/compatibility.md2
-rw-r--r--g3doc/user_guide/debugging.md2
-rw-r--r--g3doc/user_guide/filesystem.md2
-rw-r--r--g3doc/user_guide/install.md6
-rw-r--r--g3doc/user_guide/networking.md2
-rw-r--r--g3doc/user_guide/platforms.md2
-rw-r--r--website/defs.bzl9
12 files changed, 32 insertions, 3 deletions
diff --git a/g3doc/architecture_guide/performance.md b/g3doc/architecture_guide/performance.md
index fd219be5e..2f83c0d20 100644
--- a/g3doc/architecture_guide/performance.md
+++ b/g3doc/architecture_guide/performance.md
@@ -1,5 +1,7 @@
# Performance Guide
+[TOC]
+
gVisor is designed to provide a secure, virtualized environment while preserving
key benefits of containerization, such as small fixed overheads and a dynamic
resource footprint. For containerized infrastructure, this can provide a
diff --git a/g3doc/architecture_guide/resources.md b/g3doc/architecture_guide/resources.md
index 3ed5d6355..4580bf9f4 100644
--- a/g3doc/architecture_guide/resources.md
+++ b/g3doc/architecture_guide/resources.md
@@ -1,5 +1,7 @@
# Resource Model
+[TOC]
+
The resource model for gVisor does not assume a fixed number of threads of
execution (i.e. vCPUs) or amount of physical memory. Where possible, decisions
about underlying physical resources are delegated to the host system, where
diff --git a/g3doc/architecture_guide/security.md b/g3doc/architecture_guide/security.md
index 59003f0a8..afafe5c05 100644
--- a/g3doc/architecture_guide/security.md
+++ b/g3doc/architecture_guide/security.md
@@ -1,5 +1,7 @@
# Security Model
+[TOC]
+
gVisor was created in order to provide additional defense against the
exploitation of kernel bugs by untrusted userspace code. In order to understand
how gVisor achieves this goal, it is first necessary to understand the basic
diff --git a/g3doc/user_guide/FAQ.md b/g3doc/user_guide/FAQ.md
index 7707217fb..9eb9f4501 100644
--- a/g3doc/user_guide/FAQ.md
+++ b/g3doc/user_guide/FAQ.md
@@ -1,5 +1,7 @@
# FAQ
+[TOC]
+
### What operating systems are supported? {#supported-os}
Today, gVisor requires Linux.
diff --git a/g3doc/user_guide/checkpoint_restore.md b/g3doc/user_guide/checkpoint_restore.md
index 1814a2799..b0aa308f3 100644
--- a/g3doc/user_guide/checkpoint_restore.md
+++ b/g3doc/user_guide/checkpoint_restore.md
@@ -1,5 +1,7 @@
# Checkpoint/Restore
+[TOC]
+
gVisor has the ability to checkpoint a process, save its current state in a
state file, and restore into a new container using the state file.
diff --git a/g3doc/user_guide/compatibility.md b/g3doc/user_guide/compatibility.md
index 5fe9fc1e8..30c787e75 100644
--- a/g3doc/user_guide/compatibility.md
+++ b/g3doc/user_guide/compatibility.md
@@ -1,5 +1,7 @@
# Applications
+[TOC]
+
gVisor implements a large portion of the Linux surface and while we strive to
make it broadly compatible, there are (and always will be) unimplemented
features and bugs. The only real way to know if it will work is to try. If you
diff --git a/g3doc/user_guide/debugging.md b/g3doc/user_guide/debugging.md
index a7c3138d7..38e26db76 100644
--- a/g3doc/user_guide/debugging.md
+++ b/g3doc/user_guide/debugging.md
@@ -1,5 +1,7 @@
# Debugging
+[TOC]
+
To enable debug and system call logging, add the `runtimeArgs` below to your
[Docker](../quick_start/docker/) configuration (`/etc/docker/daemon.json`):
diff --git a/g3doc/user_guide/filesystem.md b/g3doc/user_guide/filesystem.md
index 13bc07ab1..50a1c0020 100644
--- a/g3doc/user_guide/filesystem.md
+++ b/g3doc/user_guide/filesystem.md
@@ -1,5 +1,7 @@
# Filesystem
+[TOC]
+
gVisor accesses the filesystem through a file proxy, called the Gofer. The gofer
runs as a separate process, that is isolated from the sandbox. Gofer instances
communicate with their respective sentry using the 9P protocol. For a more detailed
diff --git a/g3doc/user_guide/install.md b/g3doc/user_guide/install.md
index 28422612e..a4cb926f5 100644
--- a/g3doc/user_guide/install.md
+++ b/g3doc/user_guide/install.md
@@ -1,7 +1,9 @@
# Installation
--> Note: gVisor supports only x86\_64 and requires Linux 4.14.77+
--> ([older Linux](./networking.md#gso)).
+[TOC]
+
+> Note: gVisor supports only x86\_64 and requires Linux 4.14.77+
+> ([older Linux](./networking.md#gso)).
## Versions
diff --git a/g3doc/user_guide/networking.md b/g3doc/user_guide/networking.md
index 26c76e8aa..348b66bfd 100644
--- a/g3doc/user_guide/networking.md
+++ b/g3doc/user_guide/networking.md
@@ -1,5 +1,7 @@
# Networking
+[TOC]
+
gVisor implements its own network stack called [netstack][netstack]. All aspects
of the network stack are handled inside the Sentry — including TCP connection
state, control messages, and packet assembly — keeping it isolated from the host
diff --git a/g3doc/user_guide/platforms.md b/g3doc/user_guide/platforms.md
index fb48db34f..f13092016 100644
--- a/g3doc/user_guide/platforms.md
+++ b/g3doc/user_guide/platforms.md
@@ -1,5 +1,7 @@
# Platforms (KVM)
+[TOC]
+
This document will help you set up your system to use a different gVisor
platform.
diff --git a/website/defs.bzl b/website/defs.bzl
index fe711d5d1..64a9d43e3 100644
--- a/website/defs.bzl
+++ b/website/defs.bzl
@@ -130,7 +130,14 @@ layout: {layout}"""
builder_content += [header.format(**args)]
builder_content += ["---"]
builder_content += ["EOF"]
- builder_content += ["grep -v -E '^# ' %s >>$T/%s || true" % (f.path, f.short_path)]
+
+ # To generate the final page, we need to strip out the title (which
+ # was pulled above to generate the annotation in the frontmatter,
+ # and substitute the [TOC] tag with the {% toc %} plugin tag. Note
+ # that the pipeline here is almost important, as the grep will
+ # return non-zero if the file is empty, but we ignore that within
+ # the pipeline.
+ builder_content += ["grep -v -E '^# ' %s | sed -e 's|^\\[TOC\\]$|- TOC\\n{:toc}|' >>$T/%s" % (f.path, f.short_path)]
builder_content += ["declare -r filename=$(readlink -m %s)" % tarball.path]
builder_content += ["(cd $T && tar -zcf \"${filename}\" .)\n"]