►
From YouTube: [Online Meetup] Okta Plugin & Docs Contribution
Description
This month Tom Smith of Okta showed us how to secure APIs with Kong and Okta, and Cooper Marcus gave us a great primer on how to contribute to the documentation (in honor of Hacktoberfest).
Resources:
Okta plugin for Kong - https://docs.konghq.com/hub/okta/okta/
Docs contribution guidelines - https://github.com/Kong/docs.konghq.com/blob/master/CONTRIBUTING.md#contributing-to-docskonghqcom--
Good first issues for docs contribution - https://github.com/Kong/docs.konghq.com/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22
Join our next Online Meetup: https://konghq.com/online-meetups/
A
B
So,
thank
you
just
really
appreciate
it,
and
thank
you
everybody
for
attending
today.
My
name
is
Tom
Smith
I
am
a
partner
Solutions
Architect
at
octa
I'm
also
joined
by
Eric
Sauter
who's
on
the
business
development
team.
With
me,
a
doctor,
so
we're
here
today
to
talk
about
how
to
secure
your
API
is
using
Kong
and
octa
I'm
actually
going
to
be
touching
on
two
main
use.
B
Cases
between
octa
and
Kong
and
I'll
go
into
these
in
a
little
bit
more
detail,
but
there's
there's
a
little
bit
of
it
if
it's
between
securing
API
is
and
securing
applications.
I'll
touch
on
both
of
those
use
cases
I'll
go
into
a
little
bit
more
depth
and
actually
do
a
demo
on
the
securing
your
api's
scenario,
but
I
just
want
to
make
sure
that
everybody
there's
just
kind
of
two
different
use
cases
that
are
available
here
between
the
two
solutions.
B
So
in
terms
of
an
agenda
you
already
know
who
I
am
so
for
to
start
with.
I'll
give
a
brief
overview
of
the
problem
and
the
solution.
Other
than
give
a
brief
overview
of
octa
I
realize
that
some,
you
may
not
be
familiar
with
Octus
and
maybe
of
course,
and
then
I
will
actually
go
into
an
example
solution.
So
I
have
a
a
live
demo.
It'll
go
through.
B
So
the
problem
and
opportunity
so
I
mean
the
the
big
opportunity
for
us
is
that
API
applications
are
proliferating,
especially
as
we're
getting
into
things
like
micro
services,
which
you
know
Kong
is
of
course
great
great
at
managing.
So
you
know,
as
these
API
is
an
application
for
free,
but
the
question
becomes:
how
do
we
manage
all
of
these?
How
do
we
manage
access
to
them
and
how
can
we
manage
access
so
that
it's
both
secure
and
easy
to
use,
because
we
don't
want
to
slow
down
the
rate
of
innovation?
B
B
B
B
We
have
four
core
services
in
the
octa
identity
cloud,
so
you
can
see.
We
have
single
sign-on,
that's
kind
of
where
we
started,
especially
in
the
enterprise
space
and
single
sign-on,
as
its
name
implies,
gives
your
users,
whether
their
employees
or
external
users,
single
sign-on,
access
to
applications,
so
typical
use
cases
for
employees
who
are
getting
single
sign-on
access
to
whatever
you
know,
the
20
or
50
applications
that
they
need
access
to
Universal
directory.
Is
our
user
store?
B
We
call
it
Universal
directory
because
those
users
can
come
from
almost
anywhere,
so
they
can,
of
course
be
native
octa
users.
So
you
can
master
users
in
octa,
but
those
users
can
also
come
in
from
an
HR
system
or
an
external
directory
like
Active
Directory
Salesforce,
again
your
HR
systems
or
in
LDAP
directory,
and
we
can
take
users
from
all
of
those
different
sources
put
them
under
one
roof.
So
to
speak
and
give
you
one
view
so
that
you
can
manage
all
of
those
users
in
one
space.
B
Lifecycle
management
is
about
how
those
users
get
created,
and
perhaps,
more
importantly,
how
about
you
just
get
deactivated
and
eventually
just
plain
deleted.
So
we
consider
ourselves
a
security
company
and
one
of
the
the
big
problems
that
we
solve
is
when
an
employee
leaves
a
company
or
changes
into
a
new
role.
How
do
you
make
sure
that
they
don't
have
access
to
anything
that
they
shouldn't
have
access
to,
and
that
goes
for
end
users
as
well
consumers
as
well?
B
So
when
a
user
gets
deactivated
nakta,
we
can
deep
revision
them
from
all
the
applications
that
they've
been
assigned
to
adaptive
mfa
is,
you
know
where
we
really
kind
of
enhance
the
security
of
your
environment?
We
have
a
our
own
NFA
solution
octa
verify
with
push,
but
we
have
really
Switzerland
when
it
comes
to
NFA
solutions,
so
you
can
bring
almost
any
MFA
solution
that
you
want
to
the
table
and
we
can
incorporate
it
into
our
sign-on
policy.
B
So,
with
this
Google,
Authenticator
or
even
RSA,
SMS
email,
all
different
kinds
of
way
that
you
can
use
MFA
with
octa
and
again
we
have
very
sophisticated
policies
to
control,
or
so
you
can
implement
when
those
are
presented
to
the
user
and
then
finally
API
access
management.
This
is
our
most
recent
product.
B
We've
had
it
up
and
running
for
about
a
year
and
a
half
now
I've,
gotten
very
good
I'll,
take
on
it
and
that's
what
I'll
be
talking
about
mostly
today
and
what
that
does
is.
We
are
a
os/2
certified
provider,
so
we
can
help
you
secure
your
api's
by
men
taking
access
tokens
that
are
tied
to
users,
rights.
B
So
these
services
really
make
up
to
service
two
product
lines
at
octa.
There's
the
IT
products-
and
this
is
really
kind
of
where
we
started,
providing
that
Identity
and
Access
Management
to
employees
and
that's
continued
to
grow
as
enterprises
are
kind
of
you
know,
going
all-in
on
digital
and
then
there's
our
API
products
service,
which
is
really
our
more
consumer
developer,
focused
products
and
that's
what
I'll
be
talking
about
today,
and
that
is
really
about
transforming
the
customer
experience.
B
Now,
in
terms
of
API
management,
I,
just
want
to
you
know,
make
one
quick
clarification.
Kind
of
from
the
start
here
is
that
octa
does
not
do
API
management,
we're
not
an
API
gateway,
we're
not
in
the
API
management
space
and
I
have
there
on
the
slide
some
of
the
calling
the
the
pillars
of
API
management.
So
you'll
see
familiar
terms
there
like
the
lifecycle,
interface,
consumption
and
business.
Those
are
all
about.
You
know,
managing
the
lifecycle
of
your
API
doing
things
like
load.
B
Balancing
that's
docked
is
not
in
that
space
about
where
we
are
and
API
management
is
in
the
access
space.
So
what
we
do
the
particular
skills
and
services
that
we
bring
to
the
table
are
the
ability
to
ensure
that
only
the
users
who
should
be
getting
access
to
your
API
or
application
are
getting
access
to
that
that
API,
so
I,
just
kind
of
want
to
clarify
where
we
fit
in
that
API
space.
B
B
It's
very
simple,
but
it's
basically
about
two
different
kinds
of
users:
getting
two
different
access
tokens
based
on
their
group
membership
and
octa
I'll
talk
about
what
that
looks
like
from
an
architecture
perspective
and
then,
when
I
go
into
opt
itself,
I'll
show
you
how
this
is
actually
set
up
an
octave,
but
you've
got
your
octave
Universal
directory.
You've
got
users
and
groups.
B
You
have
many
other
things
in
Universal
directory
as
well,
but
for
the
sake
of
this
demo,
we're
just
going
to
talk
about
users
and
groups
in
Universal
directory,
so
I
have
to
sample
users
Carl
Sagan
and
Jodie
Foster.
Those
two
nusers
belong
to
two
different
groups,
so
Carl
Sagan
is
in
the
solar
system.
Silver
group
and
Jodie
Foster
is
in
the
solar
system,
gold
group
and
basically,
what
that
gives
them
at
the
end
of
the
day,
is
different
levels
of
access
to
our
solar
system
API.
B
So
that's
just
a
an
API
that
I
made
up
it's
being
protected
by
calling,
of
course,
but
that's
the
example
that
we're
using
today.
So
the
idea
is
that
these
users
are
in
groups
and
using
octa
policies
in
an
octa
authorization
server.
You
can
manage.
You
can
map
those
group,
memberships
to
rights
authorizations
and
an
access
token.
So
I've
set
up
a
policy.
Noctus
says:
if
a
user
is
a
member
of
the
silver
group,
then
they're
gonna
get
this
scope,
the
silver
scope.
B
If
they're
a
member
of
the
gold
group,
then
they're
gonna
get
this
scope
and
when
I
say
scope,
that's
a
scope,
that's
embedded
in
the
actions
to
open
after
the
user,
authenticates
I
can
assign
this.
This
policy
to
just
certain
clients
and
octa
or
I
can
span
it
to
all
clients.
I
had
this
map
to
all
clients,
but
I
think
in
the
actual
demonstration
I've
I've
mapped
it
to
just
a
specific
client
and
I'll
show
you
entry.
What
that
looks
like
an
octa.
B
There's
also
claims
you
can
do
custom
claims,
you
can
control
what
claims
about
a
user
appear
and
an
ID
token,
or
an
access
to
I
just
want
to
kind
of
emphasize
again
here
that,
in
terms
of
this,
this
Universal
directory,
these
users
can
be
made
of
opting
users
for
external
use,
cases,
consumerist
and
developers,
and
most
often
just
native
octa
users
to
authenticate
incorrectly
against
octa.
But
those
users
can
also
be
introduced
warrants
getting
against
Active
Directory
or
they
can
be.
B
You
know
federated
from
some
other
external
identity
provider
and
coming
in
via
sam'l
or
OID
C,
as
well
and
again
just
kind
of
a
another
sneak
preview
of
what
we'll
be
showing
you.
This
is
all
done
by
the
GUI
and
octa
can
all
be
done
by
a
API
as
well
in
dr.
But
it's
very
simple
to
do
you
through
the
GUI
and
öktem.
B
B
B
But
this
is
really
about
that
authentication
use
case
and
the
authentication
use
case
is
quite
simply
basically
having
calling
here
in
the
middle
and
then
having
your
end,
users
authenticate
against
octa,
and
what
that
allows
is
all
of
these
downstream
services
here
that
are
being
secured
by
Kong.
None
of
these
services
need
to
worry
about
all
IDC
or
authentication
at
all,
that's
happening
through
Kong
and
octa,
so
that
handshake
is
happening
between
Kong
and
octa
and
then
any
user
info
that
you
want
to
pass
to
those
downstream
applications.
B
Api
access
management
is
a
little
bit
different
and
again
that's
what
up
to
be
going
into
a
little
bit
more
depth
today.
So
the
way
that
flow
works
is
that
in
this
case,
unlike
the
one
that
I
just
showed
you
in
this
case,
the
application
is
sitting
outside
of
Kong.
So
in
again
that
previous
example
Kong
was
in
front
of
the
application.
In
this
case,
the
applications
outside
of
Kong
the
users
gonna
authenticate
against
octa
octa
is
gonna,
apply
all
of
the
access
policies,
MFA
make
sure
the
username.
B
So
now
that
the
access
token
I'm,
sorry
for
now
that
the
application
has
that
access
token,
it
can
pass
it
and
it
wants
to
request
information
or
data
from
the
API
passes
that
access
token
into
kong-kong
evaluates
the
access.
Token
decides
whether
the
access
token
is
still
valid,
also
looks
at
whether
the
spokes,
the
access
token,
are
appropriate
for
the
endpoint
that's
being
requested,
and
if
so,
sends
that
payload
back
down
onto
the
application,
which
then
can
present
it
to
the
the
end
user.
B
And
this
is
just
kind
of
a
macro
view
of
what
that
process
looks
like
in
Kong,
so
here's
my
application,
I'm
looking
for
a
specific
endpoint
in
an
API
or
I'm
querying
a
specific
endpoint
in
an
API
I'm
passing
in
that
access
token
Kong
is
going
to
look
at
that
access
this
token,
validate
it
against
Octus
keys
and
also
look
at
the
scopes.
That's
thinking
whether
they're
appropriate
for
the
access
point
that's
being
requested.
B
B
Okay,
so
I've
been
alluding
to
in
this
example,
I've
got
to
end
users,
I've
got
Carl
Sagan
and
I've
got
Jodie.
Foster
and
I've
got
to
end
points.
So
there's
a
planets
end
points,
and
this
is
the
the
URL
that
I'm
hitting-
and
this
is
my
this
is
a
box.
Obviously
out
on
AWS,
it's
running,
calm
and
I've
got
two
end
points
defiant
enter
this
API
I've
got
planets
and
I've
got
moves
so
right
now,
I'm
gonna,
totally
on/off,
essentially
getting
States.
B
B
Okay,
now
I
get
an
access
token,
and
just
you
know
this
is
just
for
demo
purposes.
Ordinarily,
you
would
not
show
an
access
token
in
the
browser
like
this.
It
would
be
kept
on
the
application
side,
but
I'm
just
showing
it
for
for
demo
purposes.
So
the
important
thing
here
is
that
I've
got
the
scope,
and
this
has
been
issued
by
octa
that
I
that
I
need
to
get
access
to
that
plan
at
some
point.
B
B
So
that
that's
you
know,
I
got
very
simplistic,
but
that's
the
basic
idea
behind
API
access
management,
so
I'm
gonna
hop
out
of
the
demo
now
and
go
into
what
that
looks
like
an
octave,
I'm
gonna
show
you
first
what
it
looks
like
in
common
I.
Do
that
so
I've
got
this
documented
out
on
github,
and
this
is
publicly
available.
Anybody
can
look
at
this
and
download
its.
B
You
can
set
up
something
very
similar
to
what
I've
set
up
here,
using
the
instructions
that
I
have
here
online,
but
I'll
show
you
what
the
key
bits
in
are
so
in
Kong
and
I.
Did
this
all
by
the
the
command
line.
The
these
are
the
commands
that
I
used
so
first
I
just
created
a
service
I
added
a
resource
to
the
service,
I'm
sure
you're,
all
pretty
familiar
with
how
this
works
and
then
I
added
the
OID
C
plug-in
to
that
planets
route.
B
Okay,
so
I
first
created
the
planets
routes
and
then
I
added
the
OID
C
plug
into
the
planet
room.
Now,
when
I
added
the
OEC
plug-in
I've
got
the
route
ID
there,
and
this
is
all
documented
on
on
Colin's
website.
Well,
the
key
part
here
is
that
I've
added
octa
as
the
the
issuer
and
I've
also
have
a
a
client
ID.
B
Okay,
so
those
are
two
of
the
key
key
values
and
I'll
show
you
where
you
can
get
those
in
the
occupant
when
I
jump
back
over
to
to
octa
and
then
in
my
API
I,
just
added
another
route
to
the
API,
the
moon
route
and
I
should
point
out.
Yes,
this
is
the
key.
That
here
is
that,
when
I
defined
the
the
route
I'm
sorry
when
I
define
the
the
open,
ID
connect,
plug-in
I
said
the
scope
required.
Is
that
gold
scope?
Okay?
B
B
So
this
is
my
octave
tenants
and
just
for
those
of
you
again
who
are
not
familiar
with
octa,
you
can
go
online
right
now,
go
to
developer
calm
and
you
can
sign
up
for
free
tenants,
which
has
you
know
virtually
no
limits
on
its
in
terms
of
either
time
or
applications
of
users.
There's
there
some
some,
but
you
won't
run
into
any
as
you're
doing
this
kind
of
stuff.
So
this
is
my
authorization
server
that
I've
set
up
I
can
set
up.
B
You
can
set
up
as
many
authorization
servers
in
a
catana
tenants
as
you
want.
You
can
see
my
up
in
this
authorization
server
I've
set
up,
though
these
are
my
scopes
that
I've
set
up
okay,
so
I
created
those
costume
scopes
of
my
Anka
tenants
and
then
in
my
access
policies.
I
have
the
solar
system,
access
policy
and,
in
this
case,
I'm
assigned
it
just
to
the
solar
system,
IDC
application
and
then
I
have
two
rules
in
the
policy
one
for
silver
access
and
one
for
gold
access.
B
So
again,
this
is
all
done
through
the
admin
UI.
You
can
do
it
through
the
API
Oktay
P
I
as
well.
But
all
of
this
stuff
is
very,
very
configurable
in
terms
of
policy
based
on
groups,
you
can
base
it
on
network
location,
a
real
variety
of
things
in
terms
of
controlling
how
users
get
access
tokens
and
then
the
ones
for
gold
access
is
very,
very
simple
I'm.
Just
you
know
adding
to
two
scopes
to
that.
B
If
users,
members
of
that,
so
let's
look
at
what
that
looks
like
in
terms
of
this
is
Universal
directory,
so
I
go
to
people
here.
I
can
see
it's
Jane
Foster.
She
was
in
the
gold
group.
So
this
is
what
her
profile
looks
like
I
can
see
that
her
group
membership
she's
in
that
gold
subscribers
group
and
summer
subscribers
group.
B
B
B
A
So
I
did
have
a
question
tom,
which
is
that
it
sounded
like
you,
define
somebody
scope
in
octa
and
then
when,
when
Kong
checks
with
octa,
when
that
user
authenticates,
they
Kong
also
checks
on
the
scope,
in
addition
to
the
user,
authenticating
and
I
was
wondering.
What's
why,
like
is
that
redundant,
and
why
is
it
designed
like
that?.
B
B
But
if
you
want
to
control
what
API
endpoints
a
specific
user
or
as
a
group
of
users
has
access
to,
then
you
want
to
make
sure
that
in
that
token
you
have
specific
scope.
So
not
only
who
the
user
is,
but
what
rights
they
have
to
the
API
endpoints,
so
kind
of
a
more
classic
example
is.
If
it's
user
is
a
member
of
the
admin
group,
then
they
might
have
right
access
to
certain
certain
API
endpoints,
rather
than
having
just
read
access
to
certain
main
guy.
A
B
A
A
There
we
go
well,
so
the
next
thing
that
we
have
is
Cooper
Marcus
is
going
to
tell
us
about
contributing
to
the
kong
documentation.
And
the
reason
for
this
is
that
it's
Oktoberfest
right
now
so
hoc
tober
fest,
is
in
october,
digitalocean
very
generously
offers
to
give
out
t-shirts
for
people
who
open
5p
ours
in
the
month
of
October,
and
these
PRS
can
be
to
any
open
source
project.
A
So
of
course,
Kong
and
it's
documentation
or
both
open
source
and
contributing
to
the
docs
is
a
really
great
way
to
get
started,
contributing
to
open
source
and
also
to
us
start
understanding
Kong
a
little
bit
better.
So
we
figured
that
every
open
source
repo
basically
has
its
own
interesting
little
quirks
about
how
we
prefer
to
get
PRS
and
how
we
prefer
to
do
things.
A
And
so
what's
gonna
happen
is
Cooper's
gonna
just
introduce
how
to
contribute
to
the
docks,
and
then
I
would
love
to
hear
from
you
guys
where
you've
run
into
trouble
in
the
past
or
any
confusing
things
about
contributing,
because
we're
always
looking
to
have
fresh
eyes
on
the
process
and
make
sure
that
it's
as
smooth
as
possible
for
the
things
that
we
need
to
guarantee
get
done.
So
with
that
I'm
going
to
hand
it
over
to
Cooper
Cooper.
Thanks
for
doing
this,
thanks.
C
Here
we
go
all
right:
sharing,
okay,
so
hi
I'm,
Cooper
I'm,
the
director
of
ecosystem
here
at
Kong,
and
one
of
the
things
I
do
around
here
is
help
with
our
documentation
site.
Doc's
are
important,
they're
how
you
get
introduced
to
things,
how
you
learn
to
use
them,
how
you
have
a
helping
hand
as
you
grow,
in
your
expertise
and
notably
for
Oktoberfest,
there
also
can
be
actual
profess.
They
can
be
a
great
easy
way
to
get
started
with
contributing
to
a
open
source
project.
C
Now
our
Doc's
are
open
source
on
github
and
I'm,
going
to
go
through
a
demo
here
of
getting
started
with
the
docs,
the
contributing
process
and
I'm
starting
from
the
very
beginning.
So
let's
say
I've
been
browsing.
The
docs
and
I'm
interested
in
making
a
contribution.
Well,
wow.
You
can
make
APR
on
the
doc
site
by
directly
editing
in
a
fork
and
not
running
the
doc
site
locally.
C
We're
appreciative
if
you
do
run
the
doc
site
locally
as
part
of
your
contribution
process,
because
it
lets
you
preview
your
contributions,
so
I'm
going
to
go
through
the
process
of
actually
getting
the
dog
side
and
running
it
locally.
So
first
I'm
going
to
clone
a
repository
here
in
my
kit
hub
desktop,
and
hopefully
this
is
all
going
to
be
quick
enough.
That.
C
C
Judis
keeping
me
on
their
straight
and
narrow
now
the
dock
site
is.
It
follows
the
docks
as
code
principle.
It's
a
static
site
built
with
jekyll
and
liquid.
Luckily
much
of
the
sort
of
complexity
of
working
with
a
static
site
generator
is,
if
not
hidden
from
you.
At
least
you
don't
really
have
to
understand
it,
to
make
contributions,
particularly
those
that
are
related
purely
to
the
content
of
the
site,
because
we've
got
these
nice
commands
here
on
the
readme
for
installing
and
running
it
now.
I
already
have
the
prerequisites
here:
NPM,
bundler,
Ruby
and
Python.
C
Installing
those-
if
you
don't
have
them
or
you
have
different
versions-
can
be
a
little
involved.
So
we've
been
making
some
progress
recently
on
a
darker
based
local
development,
environment
and
you'll,
see
here
those
have
developed
locally
with
docker
and
develop
locally
without
darker
option.
I'm
demoing
me
without
darker
option,
but
you
could
try
the
width
talker
option
and
we're
working
on
a
PR
that
should
make
this
darker
option
even
better
and
will
hopefully
be
merging
that
in
soon
okay.
C
Now
this
running
locally,
as
I
mentioned,
is
nice
to
have
or
when
you're,
making
contributions,
because
it
lets
you
see
them
before
you
submit
them
on
now.
Do
an
NPM
install
someday
we'd
like
to
have
a
way
of
you
seeing
your
PR
preview
without
having
to
run
locally.
We
hope
to
add
that
someday
soon,
but
until
then
this
approach
seems
to
work
well,
so
it's
now
installing
some
and
p.m.
packages
we'll
need
this
should
hopefully
go
smoothly
and
then
we'll
be
about
to
start
the
site.
C
There
we
go,
and
let
me
view
this
repository
in
the
finder.
What
happens
when
you
run
the
site
locally?
Is
the
Jekyll
build
process
effectively,
renders
the
site
to
a
dist
folder
from
which
it's
served?
This
is
a
similar
process
to
what
happens
when
we
actually
deploy
the
site
to
production.
The
site
is
rendered
into
a
bunch
of
HTML
and
CSS
and
JavaScript,
which
is
put
in
the
dist
folder
and
then
served
up
by
github
pages.
C
The
build
process
is
the
same,
whether
you're
running
locally
or
whether
me
or
fellow
Kong
employee,
is
deploying
the
master
branch
to
production,
which
is
part
of
why
running
this
locally
and
getting
a
preview
worked
so
well,
because
what
you
see
locally
is
what
everybody
will
see
if
your
PR
gets
merged
and
deployed.
So,
let's
see
how
we're
doing
here
with
our
npm
install,
looks
like
it's
moving
along
shouldn't.
Take
too
much
longer.
C
And
very
close,
so
just
for
a
little
preview
of
the
documentation
site
folders
here
all
the
fun
stuff
is
here
in
the
app
folder.
The
documentation
about
Kong
itself
is
either
in
these
version.
Folders,
so
Kong,
Community,
Edition
0.14,
is
documented
here
in
the
0.14
folder
calling
Enterprise
Edition
is
documented
within
the
enterprise
folder
there's
some
version
folders
as
well
and
I'm
most
excited
about
a
recent
addition
of
the
Hubb,
and
let's
just
look
at
these
on
the
dockside
of
themselves.
C
Just
to
line
things
up
here
is
the
Community
Edition
Docs
I'll
click
on
in
a
president
now
I'm
looking
at
the
Enterprise
Edition
Docs
and
I'll
click
on
the
hub
now
I'm
looking
at
docs
for
hub
listings,
which
include
as
of
recently
third-party
listings,
and
here
is
octaves
integration
that
we
just
saw
demoed
earlier
in
the
call
all
of
these
pages
we've
just
looked
at
community
enterprise
and
the
hub
are
all
in
the
app
folder
here
in
different
subfolders.
We
also
have
some
assets
in
terms
of
some
icons.
C
Some
includes
that
get
substituted
in
on
pages,
where
they're
called
for
some
layouts
that
control
how
things
look
in
general
and
I
will
call
out
there's
a
little
bit
of
dead
code
in
here.
We've
moved
from
the
hub
from
our
old
plugins
to
the
new
hub
structure,
and
so
this
sorry
not
that
plugins
folder,
but
a
different
one.
This
one
there
is
some
code
in
here.
That's
marked
as
dead
code.
You'll
see
here
fix
me.
This
is
dead
code,
so
be
aware
of
those
we'll
be
cleaning
this
up
soon.
Okay,
did
we
finish?
C
We
did
all
right
last
step
for
running
it
locally
is
NPM
start
sta
or
T.
I
can
spell
alright,
so
this
is
now
going
to
run
through
the
Jekyll
build
process.
It
also
runs
through
the
test
process.
Assuming
all
the
tests
pass,
everything
will
get
rendered
into
the
dist
folder
and,
let's
see,
has
it
there.
It
is
it's
appeared
and
it's
gonna
start
getting
populated.
So
you
can
see
the
build
running
over
here
on
the
left.
C
Now
the
dark
site,
as
we
mentioned,
is
all
open
source
on
github
contributions
can
be
fun
and
easy,
particularly
when
you're
just
working
with
the
content
itself.
We
had
a
gate,
great
contribution,
a
very
timely
one
from
a
community
member
overnight,
correcting
finding
and
correcting
embarassingly
what
appears
to
be
hundreds
of
spelling
mistakes
across
the
dog
site.
C
We
greatly
appreciate
that
and
in
this
demo,
I'm
going
to
actually
go
all
the
way
through
the
process
of
reviewing
that
particular
PR
merging
it
in
and
deploying
the
doc
site
now
at
the
point
and
the
site
is
not
something
the
community
does
it's
only
accessible
via
github
permissions
to
members
of
two
employees
of
calm?
So
don't
worry
when
you
see
the
documentation
here
in
the
readme
deploying
this
deploys
to
get
hub
pages.
You
can't
do
that.
So
don't
worry!
C
You
won't
screw
things
up,
I
worried
about
that
at
first
and
then
became
reassured
all
right,
so
you
can
see
that
the
build
process
is
continuing
here
and
let's
see
what
we've
done
in
the
finder
there,
the
dist
folder
is
getting
populated
with
all
sorts
of
folders
or
content,
and
it's
any
of
that
chat.
Anything
I
need
to
see
Judith
I'm,
not
watching
it
right
now.
I
know,
okay,
great
all
right!
So
look
at
that.
We
now
see
here
that
we've
got
URLs
for
browsing
the
site
locally.
C
Tada,
there's
a
doc
site
looks
a
lot
like
the
one
we
were
just
looking
at.
In
fact,
it
should
be
a
precise
copy
because
I'm
running
from
master-
and
you
can
see
I-
can
browse
different
parts
here,
but
this
is
all
getting
served
locally.
So
if
I
made
a
change
locally,
what
will
happen
and
let's
go
ahead
and
do
that
open
up
the
site
in
my
text?
Editor?
Oh.
C
C
Now,
as
soon
as
I
made
this
new
branch,
nothing
has
changed.
So
there's
no
rebuild
here
in
Jekyll,
but
as
soon
as
I
make
a
change
and
save
it
and
I'm
gonna
be
so
bold
as
to
make
a
change
to
see.
Why
should
I?
Do
it?
Let's
go
on
cons,
0.14
getting
started,
quick
start
start,
calling
that's
not
where
I
want
to
do
it
do.
C
Do
and
the
guidelines
are
here
and
our
hub
repo
with
in
contributing,
will
find
some
information
here
about
naming
branches
what
they
should
be
called
having
good
at
Ramoji,
City
I'm
sure
I
said
that
wrong
on
your
commits
and
putting
in
good
commit
messages
to
help
us
stay
organized
and
have
things
be
clear.
Hopefully,
this
information
is
clear
enough.
We
appreciate
you
attempting
to
follow
it.
C
C
So
I'm
gonna
save
that
we
see
here
and
github
desktop
that
there's
been
a
save
also.
My
text
editor
stripped
off
an
extraneous
end
of
line
space
and
we'll
see
here
that
our
local
environment
has
restarted
the
Jekyll
build
process.
It
noticed
that
there
was
a
change
in
one
of
the
local
Doc's
site
files
and
it's
now
rebuilding
the
doc
site
so
that
we
can
see
our
changes.
So,
let's
see
what
am
I
on
the
ACL
plugin.
So
here
I
am
on
my
local
version.
I'll
go
into
the
ACO
plugin.
C
C
Right,
I'm
not
seeing
my
change
yet
because
the
doc
site
is
still
rebuilding
its
content,
but
in
a
moment
what
should
happen
is
this
page
will
get
automatically
refreshed
it's
a
handy
little
helper
in
our
local
development
environment
that
will
force
the
refresh
of
local
Doc's
site
pages
so
that
your
local
changes
there
we
go
it
just
refreshed,
get
reflected
without
you
even
having
to
go
to
the
trouble
of
refreshing
and
look
there.
It
is
Cooper,
says
I
now.
Is
it
terrible
addition
to
the
website?
So
in
this
case,
I'm
gonna
delete
this
change.
C
There
we
go
discard
those
changes
so
and
just
to
clean
up
I
don't
need
this
branch,
so
I'm
gonna
delete.
This
branch
is
local,
alright.
So
what
I
did
just
to
review?
I
came
to
the
dock
site.
I
visited
the
readme
I
used
the
documented
process
here.
I
had
previously
installed
the
prerequisites.
I
ran
gem,
install
bundler,
npm,
install
and
npm
start,
and
what
I
got
from
that
was
a
local
version
of
the
dock
site,
where
I
can
preview
the
changes
as
I'm
make
them
prior
to
submitting
a
PR.
C
C
Now,
because
I
was
already
running
the
doc
site
locally
and
I
switch
branches,
the
Jekyll
bill
process
just
kicks
off
automatically
it
notices.
It's
been
changes
a
lot
of
changes,
168
changes,
change
files
in
my
local
doc
site,
and
so
it's
rebuilding
the
local
version,
and
in
a
moment
this
should
refresh
now
for
the
purposes
of
this
demo.
I
went
ahead
and
reviewed
this
ahead
of
time.
C
168
changes
is
a
lot
to
review,
live
so
I'm,
not
gonna
bore
you
with
that,
but
they
look
good
I'm
running
the
site
locally,
though
just
to
make
sure
that
it
actually
runs
right.
It
passes
tests,
it
builds
correctly
and
I.
Do
a
quick
smoke
test?
Can
I
navigate
just
some
pages,
yep
looks
good.
Do
I,
see
anything
weird
nope
all
looks
just
as
normal
as
it
used
to
so
I'm
going
to
go
over
to
this
PR.
A
B
A
C
C
Now,
in
this
case
the
type
is
Doc's,
because
it's
changed
to
the
content
and
the
scope
is
our
changes,
many
parts
of
the
code
base
at
once,
because,
even
though
they
said
it's
rare
should
be
avoided
in
this
case.
Actually,
it's
great
we're
updating,
spelling
in
a
bunch
of
places
all
at
once.
So
that's
just
fine,
so
I've
added
that
Doc's
parentheses
star
notation
here
to
the
beginning
of
the
commit
message:
okay,.
C
C
Okay,
now
I
have
locally
the
same
master
that
exists
on
github.com,
and
so
my
last
step
is
to
deploy
it
now,
as
I
mentioned
before,
don't
worry
about
it.
If
you
try
to
run
the
deploy
code,
you
won't
be
able
to,
but
I
have
the
necessary
permissions.
Npm
run,
deploy.
That's
what
I
want
now
I'm
already
running
the
doc
site
locally,
so
I'm
gonna
quit
out
of
that
there
we
go
and
I'm
gonna
npm
roam
deploy
this
one.
C
I
did
not
practice
ahead
of
time,
but
I
have
no
reason
to
believe
that
it
won't
work
so
I
believe
it
will
work
effectively.
What
this
does
is.
It
runs
the
Jekyll
bill
process.
Again
it
builds
the
site
locally
and
then
it
pushes
to
get
hub
pages
that
built
site
and
in
github
pages
it
will
end
up
on
a
special
branch,
which
is
this
github
pages
branch,
and
is
this
this
gh-pages?
It's
a
special
branch
that
serves
up
our
doc
site
via
github
pages
serving
web
serving
capability.
C
We
can
see
here
on
this
particular
github
pages
branch
deployments
from
master
to
production,
so
the
last
time
the
dock
site
was
deployed
was
on
October,
12th
and
I
deployed.
It
was
four
days
ago
and
what
we
should
get
when
this
process
finishes
is
a
new
deployment
here
in
the
github
pages
branch,
which
indicates
that
all
of
the
commits
that
were
merged
to
master
since
October
12th
are
now
going
to
be
live
on
our
production
website.
C
Now,
as
a
community
contributor,
there
can
be
a
little
bit
of
a
delay
between
your
PR
getting
made
first
of
all
reviewed
second
of
all
merged
third
of
all
and
deployed.
Fourth
of
all,
we
try
to
have
that
review,
merge
and
deploy
process
be
short,
but
it
isn't
always
precisely
short,
so
there
may
be
a
day
or
two
or
three
of
waiting
in
between
now.
Let's
see
how's
our
build
process
going
everything's
looking
good.
So
far,
I'm
not
gonna,
see
the
new
commit
here.
A
C
I'm
always
happy
to
hear
questions
from
the
community
about
contributing
or
issues
with
the
dock
site.
We
welcome
issues
to
be
opened
right
on
the
docks,
github
issues,
tracker
pull
requests
of
course
also
always
welcome,
and
in
the
spirit
of
October
October
fest,
we've
labeled
a
number
of
issues
here
as
good
first
issues.
Some
of
them
are
more
kind
of
Jekyll
build
oriented.
C
Some
of
them
are
more
content
or
code
oriented
and
just
because
they
don't
say
good
first
issue
doesn't
mean
they're,
not
they
might
be
good
for
you,
because
you
have
the
skill
and
knowledge
or
the
wherewithal
to
teach
yourself
how
to
fix
them.
So
we're
starting
that
you
github
pages
deployment
here
and
I
should
finish
briefly
and
then
we'll
see
a
new
commit
and
we'll
have
a
new
version
of
the
site
running.
A
C
The
docks
has
code
process
we
have
here
is
a
not
uncommon,
one
in
open
source
projects
and
I'm
pretty
excited
to
have
gotten
involved
with
it
here
at
Kong,
compared
to
how
docks
were
created
and
maintained
at
other
companies.
That
work
for
this
is
very
democratic
and
accessible
and
I.
Think
that's
really
terrific
for
an
open
source
project
to
make
things
so
easy
to
contribute
to
see.
A
So
everyone
this
is
being
recorded,
so
if
you
do
have
to
drop,
you
can
find
the
recording
later
for
the
end
of
the
process.
We
do
have
a
question
from
Jeremy
I'm,
not
sure
if
anybody
from
the
core
team
is
online
but
Jeremy
I
can
try
and
answer
it.
Also.
We
do
not
have
a
timeline
for
one
Oda,
but
all
of
the
all
of
the
development
for
one
dato
is
going
on
to
the
next
branch.
A
A
Believe
we
have
nightly
builds
now,
so
you
can
check
on
how
things
are
going
and
help
test
along
the
way.
If
you
run
into
problems,
but
unfortunately
we
can't
have,
we
don't
have
a
eight
fur.
When
things
are
coming
out,
it's
just
whenever
it's
stable,
we
will
be
updating
the
100
branch
soon
before
our
VA,
but
I'm
not
sure
when
that's
going
to
be
I
hope
that
answers
your
question
all.
C
Right
the
build
and
deploy
has
finished
we
see
here,
took
about
five
minutes,
I
think
that's
because
my
computer's
also
working
on
serving
up
the
zoom
screen
sharing
and
there
we
go
commits
on
October
16th,
that's
today
just
a
minute
ago,
and
we
got
a
deploy
and
just
to
be
sure,
let's
visit
the
TOC
site
and
make
sure
it
appears
to
be
running
correctly.
Now
we
have
noticed
sometimes
that
when
we
deploy
to
github
pages,
we
see
briefly
some
CSS
issues
on
the
doc
site.
C
Wow
github
updates
its
caches,
and
this
is
a
page
that
sometimes
shows
them,
but
not
today,
all
right
demo
gods
are
smiling
on
us,
so
that's
it
clone
install
and
run
the
docs
I'd
make
a
contribution
PR.
It
gets
reviewed
on
my
side
merged
and
then
we
deploy
to
production
and
we
Thank
You
profusely
community
members
for
helping
us
build
a
better
Kong
and.
A
C
A
A
It
is
yeah
Hernandez
modeling,
it
cool,
alright,
so
I
think
we
are
going
to
call
it
a
day
for
this
meeting.
I'm
gonna
stick
around
for
a
couple
more
minutes,
just
in
case
anyone
has
any
questions,
but
if
you
don't
thank
you
so
much
for
joining
us
and
have
a
great
rest
of
your
week,
the
next
meeting
will
be
in
November
I
forget
the
date,
but
I
will
update
the
agenda
document
with
it
when
we've
got
it
and
if
you
have
any
topic
suggestions,
please
add
those
there
too
thanks
guys
thanks.