b/319025883 Create mkdocs-based site (#243)

Add mkdocs-based site and port all Wiki pages

.github/workflows/deploy-site.yml

@@ -0,0 +1,86 @@
+#
+# Copyright 2024 Google LLC
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+# 
+#   http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+name: Deploy documentation to GitHub Pages
+
+on:
+  #
+  # Only run when there are changes in the doc/ directory of the
+  # master branch.
+  #
+  push:
+    branches: ["master"]
+    paths: ["doc/site/**"]
+
+  pull_request:
+    branches: ["master"]
+    paths: ["doc/site/**"]
+
+  #
+  # Allows to run this workflow manually from the Actions tab
+  #
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+concurrency:
+  #
+  # Allow only one concurrent deployment, skipping runs queued between the run 
+  # in-progress and latest queued. However, do NOT cancel in-progress runs as 
+  # we want to allow these production deployments to complete.
+  #
+  group: "pages"
+  cancel-in-progress: false
+
+jobs:
+  deploy-site:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: 3.x
+
+      - name: Build site
+        working-directory: doc/site/sources
+        run: |
+          python -m pip install mkdocs-material
+          python -m mkdocs build --site-dir ../public
+          
+      - name: Set up Pages
+        if: github.ref == 'refs/heads/master'
+        uses: actions/configure-pages@v3
+
+      - name: Upload artifact
+        uses: actions/upload-pages-artifact@v2
+        if: github.ref == 'refs/heads/master'
+        with:
+          path: 'doc/site/public'
+
+      - name: Deploy to GitHub Pages
+        if: github.ref == 'refs/heads/master'
+        uses: actions/deploy-pages@v2

README.md

@@ -2,6 +2,8 @@
 
 Just-In-Time Access is an open source application that lets you implement just-in-time privileged access to Google Cloud resources. 
 
+[<img src="doc/documentation.png">](https://googlecloudplatform.github.io/jit-access/)
+
 Just-In-Time Access works by introducing the notion of _eligible role bindings_ to Cloud IAM. Unlike a [regular
 IAM role binding](https://cloud.google.com/iam/docs/overview#cloud-iam-policy), 
 an eligible role binding doesn't grant the user access to a project yet:
@@ -34,7 +36,7 @@ to the project.
 
 
 
-<img src='doc/images/pix.gif' width='100%' height='1'>
+<img src='doc/pix.gif' width='100%' height='1'>
 
 
 ## Request approval to activate a role
@@ -57,7 +59,7 @@ and notifies you via email.
 
 
 
-<img src='doc/images/pix.gif' width='100%' height='1'>
+<img src='doc/pix.gif' width='100%' height='1'>
 
 
 ## Grant access
@@ -75,7 +77,7 @@ You can create the binding for a specific project, or for an entire folder. Inst
 access to individual users, you can also use groups.
 
 
-<img src='doc/images/pix.gif' width='100%' height='1'>
+<img src='doc/pix.gif' width='100%' height='1'>
 
 
 ## Audit access
@@ -92,13 +94,15 @@ For each activation, the Just-In-Time application writes an audit log entry that
 * the project and role for which access was requested
 * the justification provided by the user
 
-<img src='doc/images/pix.gif' width='100%' height='1'>
+<img src='doc/pix.gif' width='100%' height='1'>
 
 
-## Deploying the application
+## Deploy the application
 
 Just-In-Time Access runs on App Engine (standard) and Cloud Run. The application
-is stateless and uses [Identity-Aware-Proxy](https://cloud.google.com/iap/docs/concepts-overview) for authentication and authorization, and the [Policy Analyzer API](https://cloud.google.com/policy-intelligence/docs/analyze-iam-policies) and [IAM API](https://cloud.google.com/iam/docs/reference/rest) to manage access.
+is stateless and uses [Identity-Aware-Proxy](https://cloud.google.com/iap/docs/concepts-overview) for authentication and authorization, 
+and the [Cloud Asset API](https://cloud.google.com/asset-inventory/docs/reference/rest) and 
+[IAM API](https://cloud.google.com/iam/docs/reference/rest) to manage access.
 
 For detailed instructions on deploying Just-In-Time Access, see [Manage just-in-time privileged access to projects ](https://cloud.google.com/architecture/manage-just-in-time-privileged-access-to-project) on the Google Cloud website.
 

doc/site/.gitignore

@@ -0,0 +1,22 @@
+#
+# Copyright 2023 Google LLC
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+# 
+#   http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+public/

doc/site/makefile

@@ -0,0 +1,36 @@
+#
+# Copyright 2024 Google LLC
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+# 
+#   http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+serve:
+	@echo "========================================================"
+	@echo "=== Serving site                                     ==="
+	@echo "========================================================"
+
+    cd $(MAKEDIR)\sources
+    python -m mkdocs serve
+    cd $(MAKEDIR)
+
+install:
+	@echo "========================================================"
+	@echo "=== Install mkdocs                                   ==="
+	@echo "========================================================"
+
+    python -m pip install mkdocs-material