Auto-merged master into refs/heads/fix-code-blocks on deployment.

Author: github-actions[bot]

.all-contributorsrc

@@ -168,13 +168,34 @@
       ]
     },
     {
-      "login": "imgbot[bot]",
-      "name": "imgbot[bot]",
-      "avatar_url": "https://avatars.githubusercontent.com/in/4706?v=4",
-      "profile": "https://github.com/apps/imgbot",
+      "login": "mterhar",
+      "name": "Mike Terhar",
+      "avatar_url": "https://avatars.githubusercontent.com/u/938684?v=4",
+      "profile": "https://brownfield.dev/",
       "contributions": [
+        "content",
+        "ideas",
         "maintenance"
       ]
+    },
+    {
+      "login": "deansheather",
+      "name": "Dean Sheather",
+      "avatar_url": "https://avatars.githubusercontent.com/u/11241812?v=4",
+      "profile": "https://github.com/deansheather",
+      "contributions": [
+        "content",
+        "maintenance"
+      ]
+    },
+    {
+      "login": "fuskovic",
+      "name": "Faris Huskovic",
+      "avatar_url": "https://avatars.githubusercontent.com/u/34631293?v=4",
+      "profile": "https://github.com/fuskovic",
+      "contributions": [
+        "content"
+      ]
     }
   ],
   "contributorsPerLine": 7,

README.md

@@ -1,7 +1,7 @@
 # Coder Docs
 
 <!-- ALL-CONTRIBUTORS-BADGE:START - Do not remove or modify this section -->
-[![All Contributors](https://img.shields.io/badge/all_contributors-17-orange.svg?style=flat-square)](#contributors-)
+[![All Contributors](https://img.shields.io/badge/all_contributors-19-orange.svg?style=flat-square)](#contributors-)
 <!-- ALL-CONTRIBUTORS-BADGE:END -->
 
 This repository contains the documentation source files for
@@ -51,7 +51,9 @@ Thanks goes to these wonderful people:
   <tr>
     <td align="center"><a href="https://iamhughes.com/"><img src="https://avatars.githubusercontent.com/u/2894107?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Thomas Hughes</b></sub></a><br /><a href="#maintenance-IAmHughes" title="Maintenance">🚧</a></td>
     <td align="center"><a href="https://www.linkedin.com/in/blorette/"><img src="https://avatars.githubusercontent.com/u/67381492?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Bryan Lorette</b></sub></a><br /><a href="https://github.com/cdr/docs/issues?q=author%3Abalorette" title="Bug reports">🐛</a></td>
-    <td align="center"><a href="https://github.com/apps/imgbot"><img src="https://avatars.githubusercontent.com/in/4706?v=4?s=100" width="100px;" alt=""/><br /><sub><b>imgbot[bot]</b></sub></a><br /><a href="#maintenance-imgbot[bot]" title="Maintenance">🚧</a></td>
+    <td align="center"><a href="https://brownfield.dev/"><img src="https://avatars.githubusercontent.com/u/938684?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Mike Terhar</b></sub></a><br /><a href="#content-mterhar" title="Content">🖋</a> <a href="#ideas-mterhar" title="Ideas, Planning, & Feedback">🤔</a> <a href="#maintenance-mterhar" title="Maintenance">🚧</a></td>
+    <td align="center"><a href="https://github.com/deansheather"><img src="https://avatars.githubusercontent.com/u/11241812?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Dean Sheather</b></sub></a><br /><a href="#content-deansheather" title="Content">🖋</a> <a href="#maintenance-deansheather" title="Maintenance">🚧</a></td>
+    <td align="center"><a href="https://github.com/fuskovic"><img src="https://avatars.githubusercontent.com/u/34631293?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Faris Huskovic</b></sub></a><br /><a href="#content-fuskovic" title="Content">🖋</a></td>
   </tr>
 </table>
 

admin/access-control/organizations.md

@@ -312,13 +312,23 @@ organization.
 
 ## Namespaces
 
-Coder's helm chart includes `namespaceWhitelist`. This value takes a list of the
-namespaces that are in your cluster and are available to Coder. If you don't set
-`namespaceWhitelist`, the only available namespace is the one Coder has deployed
-to (this is also the default namespace).
+**Deprecation Notice**: The `namespaceWhitelist` field has been deprecated in
+[Coder version 1.17](../../changelog/1.17.0.md).
 
-If you're a site manager, you can assign a namespace to an organization; all
-resources for that organization now reside in that namespace. **Please note that
-this field is not editable once set.**
+Coder's Helm chart previously included a `namespaceWhitelist` field that accepted
+a list of cluster namespaces and made them available to Coder. The
+[Workspace Provider feature](../workspace-providers/index.md) supersedes this field.
+You will not be able to make any changes *unless* you are removing namespaces that
+no longer contain environments with Coder deployments v1.17.0 or later (if you
+remove namespaces from the `namespaceWhitelist` field, the environments in the
+namespaces are no longer accessible). For older Coder deployments, you can continue
+using existing environments in whitelisted namespaces, though you cannot create new
+environments in those namespaces.
 
-![Organization Resources](../../assets/org-resources.png)
+If you want to separate Coder environments by namespaces in a Kubernetes
+cluster, you can do so by [deploying a new workspace
+provider](../workspace-providers/deployment.md) to each
+additional namespace in the cluster. The workspace provider provisions
+environments to the namespace it has been deployed to, and you can control
+access to each workspace provider via an organization allowlist to replace the
+previous organization namespace behaviors.

admin/environment-management/workspace-providers.md

@@ -0,0 +1,180 @@
+---
+title: Workspace Provider Deployment
+description: Learn how to deploy a workspace provider.
+state: beta
+---
+
+This article walks you through the process of deploying a workspace provider to
+a [Kubernetes cluster](../../setup/kubernetes/index.md).
+
+[Workspace Providers](index.md) are logical groups of resources to which
+developers can deploy environments. As with the Coder installation, Helm manages
+the deployment of workspace providers into the Kubernetes cluster that will contain
+your environments.
+
+## Dependencies
+
+Install the following dependencies if you haven't already:
+
+- [Coder CLI](../../cli/installation.md)
+- [Helm](https://helm.sh/docs/intro/install/)
+- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/)
+
+## Requirements
+
+1. Workspace providers **must have a hostname set** that is a subdomain of the
+   Coder deployment. For example, if the Coder deployment's hostname is
+   `coder.example.com`, the workspace provider's hostname must match the format
+   `*.coder.example.com`.
+1. The main Coder deployment and the workspace provider must be able to
+   communicate bi-directionally via their respective hostnames.
+1. The workspace provider scheme (HTTP or HTTPS) must match that of the Coder
+   deployment Access URL.
+1. The Kubernetes cluster address must be reachable from the Coder deployment.
+
+## Connecting to the Cluster
+
+To add a Kubernetes cluster as a workspace provider, you must first make sure
+that you're connected to the cluster you want to expand into. Run the following
+command:
+
+```bash
+kubectl config current-context
+```
+
+Confirm that your current kubectl context correct before continuing; otherwise,
+connect to the correct context.
+
+## Creating the Coder Namespace (Optional)
+
+We recommend running workspace providers in a separate
+[namespace](https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/);
+to do so, run:
+
+```bash
+kubectl create namespace coder
+```
+
+Next, change the kubectl context to point to your newly created namespace:
+
+```bash
+kubectl config set-context --current --namespace=coder
+```
+
+## Creating the New Workspace Provider
+
+Using the Coder CLI, create a new workspace provider in the `pending` state.
+
+```bash
+coder providers create [NAME] \
+    --hostname=[HOSTNAME] \
+    --cluster-address=[CLUSTER_ADDRESS]
+```
+
+You must provide the following arguments:
+
+- `name`: A unique name of the workspace provider
+- `hostname`: The hostname of the workspace provider
+- `cluster-address`: The address of your Kubernetes cluster. You can retrieve this
+  using:
+
+  ```bash
+  kubectl config view -o jsonpath='{.clusters[?(@.name == "'"$(kubectl config current-context)"'")].cluster.server}{"\n"}'
+  ```
+
+The `coder providers create` command will generate a Helm command you will use
+for the next steps, so make sure to save the output.
+
+The returned `REMOTE_ENVPROXY_TOKEN` is a shared secret between the two
+deployments and is what the workspace provider will use to authenticate itself
+when communicating with the Coder deployment.
+
+## Installing a Workspace Provider
+
+1. If you haven't already, add the Coder helm repo:
+
+   ```bash
+   helm repo add coder https://helm.coder.com
+   ```
+
+1. Install the helm chart onto your cluster using helm command you generated in
+   the previous step where you created the workspace provider. The helm command
+   will follow this pattern:
+
+   ```bash
+   helm upgrade coder-workspace-provider coder/workspace-provider \
+      --version=[CODER_VERSION] \
+      --atomic \
+      --install \
+      --set envproxy.token=[REMOTE_ENVPROXY_TOKEN] \
+      --set envproxy.accessURL=[HOSTNAME] \
+      --set ingress.host=[HOSTNAME_WITH_NO_PROTOCOL] \
+      --set envproxy.clusterAddress=[CLUSTER_ADDRESS] \
+      --set cemanager.accessURL=[CEMANAGER_ACCESS_URL]
+   ```
+
+   Optionally, you can provide additional helm configuration values by providing
+   a `values.yaml` file and adding the argument `-f my-values.yaml` to the
+   generated command. Helm values control attributes of the workspace provider,
+   including DevURLs, Kubernetes storage classes, SSH, and more. See the
+   [Workspace Provider Helm Chart
+   Values]("https://github.com/cdr/enterprise-helm/blob/workspace-providers-envproxy-only/README.md")
+   for more details.
+
+   For installations using HTTPS, you must [ensure the deployment has a valid certificate](../../guides/ssl-certificates/index.md).
+
+   If you're unfamiliar with the helm configuration values file, see our doc on
+   [updating a helm chart](../../guides/helm-charts.md)
+
+1. Once the helm chart is successfully deployed, fetch the ingress address:
+
+   ```bash
+   kubectl get ingress web-ingress
+   ```
+
+   Use this IP to create a DNS record for the provided hostname of the workspace
+   provider.
+
+1. Once the Helm chart has deployed successfully, you should see the workspace
+   provider in a `ready` state on the Workspace Provider Admin page.
+
+   ![Workspace Providers Admin](../../assets/workspace-providers-admin.png)
+
+1. From the Workspace Provider Admin page, add the desired organizations to its
+   allowlist.
+
+Users in the allowed organizations can now choose to deploy into the newly set
+up workspace provider.
+
+## Upgrading the Workspace Provider
+
+We strongly recommend that you upgrade your workspace providers in lockstep with
+your Coder deployment.
+
+You only need to update the `--version` flag if you want to make no other helm
+values changes; you can do this with
+
+```bash
+helm upgrade coder-workspace-provider coder/workspace-provider \
+    --version=[CODER_VERSION] \
+    --atomic \
+    --install \
+    --force
+```
+
+If you want to update any of the helm chart's values, you can do so by supplying
+a values file (`-f myvalues.yaml`) or using with the `--set` flag. Any existing
+values that were set during installation will persist unless you explicitly
+write over them.
+
+## Deleting a Workspace Provider
+
+You can only remove a workspace provider if it no longer contains any
+environments, so you must remove all environments before deleting the workspace
+provider.
+
+To remove a workspace provider, run the following command using the Coder CLI:
+
+```bash
+coder providers rm [NAME]
+```