fix(cicd): fixed linting errors

.github/workflows/check-links.yml

@@ -12,12 +12,16 @@ on:
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
-      
+
 jobs:
   linkChecker:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+    - name: Copy images to content folder for lychee # Hugo serves images from /static, lychee needs them in content/en/images
+      run: |
+        mkdir -p content/en/images
+        cp -R static/images/. content/en/images/
     - name: Check unrendered links
       id: lychee_unrendered
       uses: lycheeverse/lychee-action@82202e5e9c2f4ef1a55a3d02563e1cb6041e5332 # v2.4.1
@@ -26,4 +30,4 @@ jobs:
       with:
         fail: true
         debug: false
-        args: --github-token ${{secrets.GITHUB_TOKEN}} --config config/lychee.toml --max-concurrency 2 --max-retries 3 --retry-wait-time 5 --accept 200,429 --timeout 60 -E ./content
+        args: --github-token ${{secrets.GITHUB_TOKEN}} --config config/lychee.toml --max-concurrency 2 --max-retries 3 --retry-wait-time 5 --accept 200,429 --timeout 60 -E ./content

config/lychee.toml

@@ -1 +1,4 @@
+root_dir = "content/en"
+fallback_extensions = ["md", "html"]
+exclude = ["https://goteleport.com/"] # Teleport always returns 403, even it is available
 exclude_path = ["public/docs/reference/"]

content/en/_index.md

@@ -78,7 +78,7 @@ Capsule is completely declarative and GitOps ready.
 <br/>
 
 <div class="mt-8 mx-auto">
-	<small class="text-white">The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage</a>.</small>
+	<small class="text-white">The Linux Foundation® (TLF) has registered trademarks and uses trademarks. For a list of TLF trademarks, see <a href="https://www.linuxfoundation.org/legal/trademark-usage">Trademark Usage</a>.</small>
 </div>
 
 {{% /blocks/lead %}}

content/en/docs/operating/monitoring.md

@@ -232,7 +232,7 @@ capsule_tenant_resource_usage{resource="requests.memory",resourcequotaindex="0",
 
 ## Custom Metrics
 
-You can gather more information based on the status of the tenants. These can be scrapped via [Kube-State-Metrics CustomResourcesState Metrics](https://github.com/kubernetes/kube-state-metrics/blob/main/docs/customresourcestate-metrics.md). With these you have the possibility to create custom metrics based on the status of the tenants.
+You can gather more information based on the status of the tenants. These can be scrapped via [Kube-State-Metrics CustomResourcesState Metrics](https://github.com/kubernetes/kube-state-metrics/blob/main/docs/metrics/extend/customresourcestate-metrics.md). With these you have the possibility to create custom metrics based on the status of the tenants.
 
 Here as an example with the [kube-prometheus-stack chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack), set the following values:
 

content/en/docs/operating/setup/installation.md

@@ -323,7 +323,7 @@ spec:
 
 ### Signature
 
-To verify artifacts you need to have [cosign installed](https://github.com/sigstore/cosign#installation). This guide assumes you are using v2.x of cosign. All of the signatures are created using [keyless signing](https://docs.sigstore.dev/verifying/verify/#keyless-verification-using-openid-connect). You can set the environment variable `COSIGN_REPOSITORY` to point to this repository. For example:
+To verify artifacts you need to have [cosign installed](https://github.com/sigstore/cosign#installation). This guide assumes you are using v2.x of cosign. All of the signatures are created using [keyless signing](https://docs.sigstore.dev/cosign/verifying/verify/#keyless-verification-using-openid-connect). You can set the environment variable `COSIGN_REPOSITORY` to point to this repository. For example:
 
     # Docker Image
     export COSIGN_REPOSITORY=ghcr.io/projectcapsule/capsule

content/en/docs/operating/setup/managed-kubernetes.md

@@ -133,7 +133,7 @@ Export "admin" kubeconfig to be able to install Capsule:
 export KUBECONFIG=kubeconfig.conf
 ```
 
-[Install Capsule](/docs/getting-started#install) and create a tenant where alice has ownership. Use the default Tenant example:
+[Install Capsule](./installation#installation) and create a tenant where alice has ownership. Use the default Tenant example:
 
 ```bash
 kubectl apply -f https://raw.githubusercontent.com/clastix/capsule/master/config/samples/capsule_v1beta1_tenant.yaml

content/en/docs/operating/setup/rancher.md

@@ -17,7 +17,7 @@ Tenant users will have the ability to access Kubernetes resources through:
 * Rancher UI
 * Rancher Shell
 * Kubernetes CLI
-  
+
 On the other side, administrators need to manage the Kubernetes clusters through Rancher.
 
 Rancher provides a feature called Projects to segregate resources inside a common domain. At the same time Projects doesn't provide way to segregate Kubernetes cluster-scope resources.
@@ -154,7 +154,7 @@ the `Namespace` is now part of both the Tenant and the Project.
 
 #### Project monitoring
 
-Before proceeding is recommended to read the official Rancher documentation about [Project Monitors](https://ranchermanager.docs.rancher.com/v2.6/how-to-guides/advanced-user-guides/monitoring-alerting-guides/prometheus-federator-guides/project-monitors).
+Before proceeding is recommended to read the official Rancher documentation about [Project Monitors](https://ranchermanager.docs.rancher.com/how-to-guides/advanced-user-guides/monitoring-alerting-guides/prometheus-federator-guides/project-monitors).
 
 In summary, the setup is composed by a cluster-level Prometheus, Prometheus Federator via which single Project-level Prometheus federate to.
 
@@ -261,7 +261,7 @@ Install keeping attention to the following Helm values:
 
 ### Rancher Cluster Agent
 
-In both CLI and dashboard use cases, the [Cluster Agent](https://ranchermanager.docs.rancher.com/v2.5/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/launch-kubernetes-with-rancher/about-rancher-agents) is responsible for the two-way communication between Rancher and the downstream cluster.
+In both CLI and dashboard use cases, the [Cluster Agent](https://ranchermanager.docs.rancher.com/reference-guides/rancher-manager-architecture/communicating-with-downstream-user-clusters#2-cluster-controllers-and-cluster-agents) is responsible for the two-way communication between Rancher and the downstream cluster.
 
 In a standard setup, the Cluster Agents communicates to the API server. In this setup it will communicate with Capsule Proxy to ensure filtering of cluster-scope resources, for Tenants.
 

content/en/docs/proxy/options.md

@@ -19,6 +19,6 @@ Feature Gates are a set of key/value pairs that can be used to enable or disable
 
 | **Feature Gate** | **Default Value** | **Description** |
 | :--- | :--- | :--- |
-| `ProxyAllNamespaced` | `false` | `ProxyAllNamespaced` allows to proxy all the Namespaced objects. When enabled, it will discover apis and ensure labels are set for resources in all tenant namespaces resulting in increased memory. However this feature helps with user experience. |
+| `ProxyAllNamespaced` | `true` | `ProxyAllNamespaced` allows to proxy all the Namespaced objects. When enabled, it will discover apis and ensure labels are set for resources in all tenant namespaces resulting in increased memory. However this feature helps with user experience. |
 | `SkipImpersonationReview` | `false` | `SkipImpersonationReview` allows to skip the impersonation review for all requests containing impersonation headers (user and groups). **DANGER:** Enabling this flag allows any user to impersonate as any user or group essentially bypassing any authorization. Only use this option in trusted environments where authorization/authentication is offloaded to external systems. |
-| `ProxyClusterScoped` | `false` | `ProxyClusterScoped` allows to proxy all clusterScoped objects for all tenant users. These can be defined via [ProxySettings](/docs/integrations/capsule-proxy/proxysettings/#cluster-resources) |
+| `ProxyClusterScoped` | `false` | `ProxyClusterScoped` allows to proxy all clusterScoped objects for all tenant users. These can be defined via [ProxySettings](./proxysettings) |