Conversation
✅ Deploy Preview for docsdocker ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
…ts in their respective home directories
…ce it contained two topics; moved domain management into provision since sso has its own instructions in setup
|
/review |
|
❌ PR Review Failed — The review agent encountered an error and could not complete the review. View logs. |
content/manuals/enterprise/security/single-sign-on/FAQs/troubleshoot-sso.md
Outdated
Show resolved
Hide resolved
| > [!NOTE] | ||
| > | ||
| > SCIM only manages users provisioned through your identity provider after | ||
| > SCIM is enabled. It cannot remove users who were manually added to your Docker | ||
| > organization before SCIM was set up. | ||
| > | ||
| > To remove those users, delete them manually from your Docker organization. | ||
| > For more information, see | ||
| > [Manage organization members](/manuals/admin/organization/members.md). |
There was a problem hiding this comment.
question: I am not really familiar with SCIM at all, but, does this also apply if you (for whatever reason) manually add a user to an organization (they are not provisioned through SCIM). Or only if they were manually added "before SCIM was set up"?
| > [!NOTE] | |
| > | |
| > SCIM only manages users provisioned through your identity provider after | |
| > SCIM is enabled. It cannot remove users who were manually added to your Docker | |
| > organization before SCIM was set up. | |
| > | |
| > To remove those users, delete them manually from your Docker organization. | |
| > For more information, see | |
| > [Manage organization members](/manuals/admin/organization/members.md). | |
| > [!NOTE] | |
| > | |
| > SCIM only manages users provisioned through your identity provider. | |
| > It cannot remove users who were manually added to your Docker organization. | |
| > | |
| > To remove manually added users, delete them manually from your Docker | |
| > organization. For more information, see | |
| > [Manage organization members](/manuals/admin/organization/members.md). |
There was a problem hiding this comment.
Good question. Do you mean users who are manually added after some method of provisioning is enabled in an org (auto/jit/scim)? Let me loop into @madisonsilva for a for sure answer -- i don't want to make assumptions, since the differences between the 3 provisioning methods are a bit subtle.
|
/review |
![docker-agent[bot]](https://avatars.githubusercontent.com/in/2787757?s=60&v=4){kind=small}
content/manuals/enterprise/security/single-sign-on/FAQs/troubleshoot-sso.md
Show resolved
Hide resolved
|
/review |
content/manuals/enterprise/security/provisioning/troubleshoot-provisioning.md
Outdated
Show resolved
Hide resolved
|
/review |
There was a problem hiding this comment.
Assessment: 🔴 CRITICAL
This PR reorganizes SCIM and provisioning documentation but introduces multiple broken internal links that will cause 404 errors for users.
Critical issues found:
- 10 HIGH severity: Internal links missing required
/manuals/prefix - 2 HIGH severity: Broken relative links after file reorganization
- 8 MEDIUM severity: Broken links to reorganized files and deprecated paths
All issues are in the changed code and must be fixed before merging.
HIGH Severity Issues
1. Broken relative link in provision-scim.md (line 41)
The link [Just-in-Time](just-in-time.md) is broken. The just-in-time.md file is in the parent directory, not in the scim/ subdirectory.
Fix: Change to ../just-in-time.md or /manuals/enterprise/security/provisioning/just-in-time.md
2. Missing /manuals/ prefix in just-in-time.md (lines 87-89)
Three links are missing the required /manuals/ prefix:
- Line 87:
/enterprise/security/provisioning/scim/ - Line 88:
/enterprise/security/provisioning/scim/group-mapping - Line 89:
/enterprise/security/provisioning/troubleshoot-provisioning/
According to AGENTS.md, internal links must use full source paths with /manuals/ prefix (Hugo requirement).
3. Missing /manuals/ prefix in onboard.md (line 70)
/enterprise/security/provisioning/scim/group-mapping → /manuals/enterprise/security/provisioning/scim/group-mapping
4. Missing /manuals/ prefix in provision-scim.md (lines 371-372)
- Line 371:
/enterprise/security/provisioning/scim/group-mapping/ - Line 372:
/enterprise/security/provisioning/troubleshoot-provisioning/
5. Missing /manuals/ prefix in settings-management/_index.md (line 65)
/enterprise/security/domain-management/#add-and-verify-a-domain → /manuals/enterprise/security/domain-management/#add-and-verify-a-domain
6. Potentially broken relative link in just-in-time.md (line 60)
The link [SCIM enabled](scim/#enable-scim-in-docker) may be broken. Verify the anchor exists in scim/_index.md or update to scim/provision-scim.md#enable-scim-in-docker.
MEDIUM Severity Issues
7. Deprecated paths in grid links
content/manuals/admin/company/_index.md(line 33): Uses/security/for-admins/provisioning/scim/content/manuals/admin/organization/_index.md(line 33): Uses/security/for-admins/provisioning/scim/
Fix: Update to /manuals/enterprise/security/provisioning/scim/
8. Duplicate alias in auto-provisioning.md (line 8)
The alias /security/for-admins/provisioning/just-in-time/ is also used in just-in-time.md, creating a redirect conflict.
Fix: Change to /security/for-admins/provisioning/auto-provisioning/
9. Broken links in troubleshoot-sso.md (line 130)
Two links point to the old scim.md location:
/manuals/enterprise/security/provisioning/scim.md#supported-attributes/manuals/enterprise/security/provisioning/scim.md
Fix: Update to scim/provision-scim.md
10. Incorrect case and missing prefix in connect.md (line 262)
/enterprise/security/single-sign-on/faqs/troubleshoot-sso/ should be /manuals/enterprise/security/single-sign-on/FAQs/troubleshoot-sso/ (note capital FAQs)
11. Broken relative links in just-in-time.md (lines 57, 74)
Both lines have ./scim.md which no longer exists.
Fix: Update to ./scim/ or ./scim/provision-scim.md
Summary
Root cause: According to AGENTS.md, internal links in source files must use the full source path with /manuals/ prefix. The /manuals prefix is stripped only in published URLs, not in source files (Hugo requirement).
All /enterprise/ links without /manuals/ prefix will break.
There was a problem hiding this comment.
Assessment: 🔴 CRITICAL
This PR reorganizes provisioning documentation but has critical redirect issues that will confuse users.
Critical Issues (1)
1. Incorrect redirect alias in auto-provisioning.md (line 8)
File: content/manuals/enterprise/security/provisioning/auto-provisioning.md
The alias /security/for-admins/provisioning/just-in-time/ redirects the old JIT URL to auto-provisioning.md. However:
- JIT (Just-in-Time) is SSO-based provisioning that happens during SSO login
- Auto-provisioning is domain-based provisioning for existing users with matching email domains
These are different features. Users looking for JIT documentation will be confused when redirected to auto-provisioning instead.
Recommendation: Remove the /security/for-admins/provisioning/just-in-time/ alias from auto-provisioning.md.
Notable Issues (7)
2. Alias conceptually misplaces domain management (domain-management.md, line 9)
File: content/manuals/enterprise/security/domain-management.md
The alias /enterprise/security/provisioning/domain-management/ suggests domain management is a provisioning feature. However, domain management is a foundational security feature, not specifically a provisioning method. This creates conceptual confusion about the information architecture.
Recommendation: Consider whether this alias creates the right mental model for users.
3. Missing redirect for extracted content (migrate-scim.md)
File: content/manuals/enterprise/security/provisioning/scim/migrate-scim.md
This file was created by extracting migration content from the larger scim.md file. If users had bookmarked or linked to the migration section (e.g., /security/for-admins/provisioning/scim/#migrate-existing-jit-users-to-scim), those deep links will now break.
Recommendation: Consider adding an alias to preserve the old section anchor.
4. Navigation weight may cause confusing order (general.md, line 6)
File: content/manuals/enterprise/security/single-sign-on/FAQs/general.md
The weight changed from 10 to 20, while troubleshoot-sso.md was given weight 10. This means troubleshooting will appear BEFORE general FAQs in navigation. Users typically expect general FAQs before troubleshooting.
Recommendation: Verify this ordering is intentional.
5-7. Links missing /manuals/ prefix
Files:
content/manuals/enterprise/security/single-sign-on/_index.md(lines 58, 59)content/manuals/enterprise/security/single-sign-on/connect.md(line 262)
These links use /enterprise/ prefix without the /manuals/ prefix. According to AGENTS.md: "When writing internal cross-references, keep the /manuals/ prefix in source files - Hugo requires the full source path."
Examples:
- Line 58:
/enterprise/security/single-sign-on/faqs/general→ should be/manuals/enterprise/security/single-sign-on/faqs/general - Line 59:
/enterprise/security/single-sign-on/faqs/troubleshoot-sso/→ should be/manuals/enterprise/security/single-sign-on/faqs/troubleshoot-sso/ - Line 262 (connect.md): Inconsistent with line 261 which uses
/manuals/prefix
8. Typo in example (group-mapping.md, line 59)
File: content/manuals/enterprise/security/provisioning/scim/group-mapping.md
The text says 'For the "developers" team in the "moby" organization' but the example shows mobdy:developers (typo: mobdy instead of moby).
Recommendation: Change mobdy:developers to moby:developers
Summary
Please address the critical redirect issue (#1) before merging. The other issues should also be fixed to maintain documentation quality and consistency.
2 participants
Updating Provision section, part of freshness updates. Will add details later. 🖖