Linkchecker

.github/workflows/check-links.yml

@@ -1,25 +1,16 @@
-name: Check Markdown links
 
-#on:
-#  push:
-#    branches:
-#      - master
-#  pull_request:
-#    branches: [master]
+name: 'Check Markdown Links with linkspector'
 on: push
 jobs:
-  markdown-link-check:
+  check-links:
+    name: runner / linkspector
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: technote-space/get-diff-action@v6
+      - name: Run linkspector
+        uses: umbrelladocs/action-linkspector@v1
         with:
-          PATTERNS: |
-            **/**.md
-
-      - uses: gaurav-nelson/github-action-markdown-link-check@v1
-        with:
-          use-quiet-mode: 'yes'
-          use-verbose-mode: 'yes'
-          config-file: '.md_check_config.json'
+          fail_on_error: true
+          filter_mode: nofilter
+          show_stats: true
 

.linkspector.yml

@@ -0,0 +1,18 @@
+files:
+  - README.md
+dirs:
+  - ./
+ignorePatterns:
+  - pattern: '^https://mynicecompany.com/.*$'
+  - pattern: '^https://odm.*$'
+  - pattern: '^https://localhost*$'
+  - pattern: '^https://dummyUrl$'
+  - pattern: '^https://cognito-idp.COGNITO_REGION.amazonaws.com/COGNITO_USER_POOL_ID/.*$'
+replacementPatterns:
+  - pattern: "https://www.ibm.com/docs"
+    replacement: 'https://ibmdocs-test.dcs.ibm.com/docs'
+aliveStatusCodes:
+  - 200
+  - 206
+  - 429
+useGitIgnore: true

.md_check_config.json

@@ -1,14 +1,23 @@
 {
   "ignorePatterns": [
     {
-      "pattern": "^http://localhost"
+      "pattern": "^http://localhost",
+      "pattern": "^https://jwt.io"
     }
   ],
   "replacementPatterns": [
       {
         "pattern": "^/LICENSE",
         "replacement": "{{BASEURL}}/LICENSE"
+      },
+      {
+        "pattern": "https://www.ibm.com/docs",
+        "replacement": "https://ibmdocs-test.dcs.ibm.com/docs"
       }
     ],
-    "timeout": "20s"
-  }
+
+    "timeout": "20s",
+    "retryOn429": true,
+    "retryCount": 5,
+    "fallbackRetryDelay": "30s"
+  }

.secrets.baseline

@@ -3,7 +3,7 @@
     "files": "^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2025-03-14T10:15:47Z",
+  "generated_at": "2025-05-06T15:44:53Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -776,15 +776,15 @@
         "hashed_secret": "b11974a9da0d56698df935ab86e19b127804d6d4",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 69,
+        "line_number": 67,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "fd1daf2e350a06b865f4a1e17bb39183b806c1e9",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 133,
+        "line_number": 131,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -1116,31 +1116,31 @@
         "hashed_secret": "07596f183f5e91b1778d5e47b2752b8d42aa763d",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 174,
+        "line_number": 181,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "3ea3f9802accf8817bacd6f3df46a73b93ccddec",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 175,
+        "line_number": 182,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "12d57965bd88277e9e9d69dc2b36aae2c0b7e316",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 274,
+        "line_number": 281,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "41b864c967d31ed0bf10562e22faa36324405048",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 292,
+        "line_number": 299,
         "type": "Secret Keyword",
         "verified_result": null
       }

README.md

@@ -9,7 +9,7 @@ IBM Operational Decision Manager on Certified Kubernetes
 
 ##  Deploying IBM Operational Decision Manager on a Certified Kubernetes Cluster
 
-This repository centralizes materials to deploy [IBM® Operational Decision Manager](https://www.ibm.com/docs/en/odm/9.0.0) ODM on Certified Kubernetes. It is deployed in a clustered topology that uses WebSphere® Application Server Liberty on a Kubernetes cluster.
+This repository centralizes materials to deploy [IBM® Operational Decision Manager](https://www.ibm.com/docs/en/odm/9.5.0) ODM on Certified Kubernetes. It is deployed in a clustered topology that uses WebSphere® Application Server Liberty on a Kubernetes cluster.
 
 ODM is a decisioning platform to automate your business policies. Business rules are used at the heart of the platform to implement decision logic on a business vocabulary and run it as web decision services.
 

authentication/AzureAD/README_WITH_CLIENT_SECRET.md

@@ -2,7 +2,7 @@
 
 <!-- TOC -->
 
-- [Set up a Microsoft Entra ID application using a client secret](#set-up-an-microsoft-entra-id-application-using-a-client-secret)
+- [Set up a Microsoft Entra ID application using a client secret](#set-up-a-microsoft-entra-id-application-using-a-client-secret)
 - [Deploy ODM on a container configured with Microsoft Entra ID Part 2](#deploy-odm-on-a-container-configured-with-microsoft-entra-id-part-2)
     - [Prepare your environment for the ODM installation](#prepare-your-environment-for-the-odm-installation)
         - [Create a secret to use the Entitled Registry](#create-a-secret-to-use-the-entitled-registry)
@@ -24,7 +24,7 @@
 
 <!-- /TOC -->
 
-1. Create the *ODM application*.
+## 1. Create the *ODM application*.
 
     In **Microsoft Entra Id** / **Manage** / **App registration**, click **New Registration**:
 
@@ -34,7 +34,7 @@
 
     ![New Web Application](images/RegisterApp.png)
 
-2. Retrieve Tenant and Client information.
+## 2. Retrieve Tenant and Client information
 
     In **Microsoft Entra Id** / **Manage** / **App Registration**, select **ODM Application** and click **Overview**:
 
@@ -43,7 +43,7 @@
 
     ![Tenant ID](images/GetTenantID.png)
 
-3. Generate an OpenID client secret.
+## 3. Generate an OpenID client secret.
 
     In **Microsoft Entra Id** / **Manage** / **App registrations**, select **ODM Application**:
 
@@ -56,7 +56,7 @@
 
    >Important: This client secret can not be revealed later. If you forgot to take note of it, you'll have to create another one.
 
-4. Add Claims.
+## 4. Add Claims.
 
     In **Microsoft Entra Id** / **Manage** / **App registrations**, select **ODM Application**, and in **Manage / Token Configuration**:
 
@@ -81,7 +81,7 @@
     * Check Security Groups
     * Click Add
 
-5. Create a custom claim named "identity"
+## 5. Create a custom claim named "identity"
 
    To allow ODM rest-api to use the password flow with email as user identifier and the client-credentials flow with client_id as user identifier, we need to create a new claim named "identity" that will take the relevant value according to the flow:
 
@@ -95,7 +95,7 @@
         2. User Type: Members / Scoped Groups: 0 / Source: Attribute / Value: user.mail
     * Click Save
 
-6. API Permissions.
+## 6. API Permissions.
 
     In **Microsoft Entra Id** / **Manage** / **App Registration**, select **ODM Application**, and then click **API Permissions**.
 
@@ -107,7 +107,7 @@
     * Don't forget to **Grant Admin Consent for Default Directory** on these API permissions 
 
 
-7. Manifest change.
+## 7. Manifest change.
 
     In **Microsoft Entra Id** / **Manage** / **App Registration**, select **ODM Application**, and then click **Manifest**.
 
@@ -126,7 +126,7 @@
 
    Then, click Save.
 
-8. Check the configuration.
+## 8. Check the configuration.
 
     Download the [azuread-odm-script.zip](azuread-odm-script.zip) file to your machine and unzip it in your working directory. This .zip file contains scripts and templates to verify and set up ODM.
 
@@ -277,9 +277,9 @@
     ```
 
     Where:
-    - *TENANT_ID* and *CLIENT_ID* have been obtained from [previous step](#retrieve-tenant-and-client-information)
+    - *TENANT_ID* and *CLIENT_ID* have been obtained from [previous step](#2-retrieve-tenant-and-client-information)
     - *CLIENT_SECRET* is listed in your ODM Application, section **General** / **Client Credentials**
-    - *GROUP_ID* is the identifier of the ODM Admin group created in a [previous step](#manage-group-and-user) (ID of the group named *odm-admin*)
+    - *GROUP_ID* is the identifier of the ODM Admin group created in a [previous step](README.md#manage-groups-and-users) (ID of the group named *odm-admin*)
     - *SSO_DOMAIN* is the domain name of your SSO. If your AzureAD is connected to another SSO, you should add the SSO domain name in this parameter. If your user has been declared as explained in step **Create at least one user that belongs to this new group**, you can omit this parameter.
 
     The following four files are generated into the `output` directory:
@@ -307,7 +307,7 @@
 
     This section is optional.
 
-    ODM Decision Center allows to [manage users and groups from the Business console](https://www.ibm.com/docs/en/odm/9.0.0?topic=center-enabling-users-groups) in order to set access security on specific projects.
+    ODM Decision Center allows to [manage users and groups from the Business console](https://www.ibm.com/docs/en/odm/9.5.0?topic=center-enabling-users-groups) in order to set access security on specific projects.
     The Groups and Users import can be done using an LDAP connection.
     But, if the openId server also provides a SCIM server, then it can also be managed using a SCIM connection.
 
@@ -318,7 +318,7 @@
     - [for users](https://learn.microsoft.com/en-us/graph/api/resources/users?view=graph-rest-1.0&preserve-view=true)
     - [for groups](https://learn.microsoft.com/en-us/graph/api/resources/groups-overview?view=graph-rest-1.0&tabs=http)
 
-    Then, it will generate a [group-security-configurations.xml](https://www.ibm.com/docs/en/odm/9.0.0?topic=access-optional-user-liberty-configurations#reference_w1b_xhq_2rb__title__3) file that will be consumed using the [Decision Center rest-api](https://www.ibm.com/docs/en/odm/9.0.0?topic=mufdc-creating-users-groups-roles-by-using-rest-api) to populate Groups and Users in the Administration Tab.
+    Then, it will generate a [group-security-configurations.xml](https://www.ibm.com/docs/en/odm/9.5.0?topic=access-optional-user-liberty-configurations#reference_w1b_xhq_2rb__title__3) file that will be consumed using the [Decision Center rest-api](https://www.ibm.com/docs/en/odm/9.5.0?topic=mufdc-creating-users-groups-roles-by-using-rest-api) to populate Groups and Users in the Administration Tab.
 
     In a kubernetes context, this script can be called by a CRON job.
     Using the new ODM sidecar container mechanism, it can also be managed by the Decision Center pod himself.
@@ -356,7 +356,7 @@ You can now install the product. We will use the PostgreSQL internal database an
 
 #### a. Installation on OpenShift using Routes
 
-  See the [Preparing to install](https://www.ibm.com/docs/en/odm/9.0.0?topic=production-preparing-install-operational-decision-manager) documentation for additional information.
+  See the [Preparing to install](https://www.ibm.com/docs/en/odm/9.5.0?topic=production-preparing-install-operational-decision-manager) documentation for additional information.
 
   ```shell
   helm install my-odm-release ibm-helm/ibm-odm-prod --version 24.1.0 \
@@ -377,7 +377,7 @@ You can now install the product. We will use the PostgreSQL internal database an
 #### b. Installation using Ingress
 
   Refer to the following documentation to install an NGINX Ingress Controller on:
-  - [Microsoft Azure Kubernetes Service](../../platform/azure/README.md#create-a-nginx-ingress-controller)
+  - [Microsoft Azure Kubernetes Service](../../platform/azure/README-NGINX.md)
   - [Amazon Elastic Kubernetes Service](../../platform/eks/README-NGINX.md)
   - [Google Kubernetes Engine](../../platform/gcloud/README_NGINX.md)
 
@@ -409,7 +409,7 @@ You can now install the product. We will use the PostgreSQL internal database an
 
 1. Get the ODM endpoints.
 
-    Refer to the [documentation](https://www.ibm.com/docs/en/odm/9.0.0?topic=tasks-configuring-external-access) to retrieve the endpoints.
+    Refer to the [documentation](https://www.ibm.com/docs/en/odm/9.5.0?topic=tasks-configuring-external-access) to retrieve the endpoints.
     For example, on OpenShift you can get the route names and hosts with:
 
     ```shell
@@ -472,7 +472,7 @@ You can now install the product. We will use the PostgreSQL internal database an
 
 ### Access the ODM services
 
-Well done!  You can now connect to ODM using the endpoints you got [earlier](#register-the-odm-redirect-url) and log in as an ODM admin with the account you created in [the first step](#manage-group-and-user).
+Well done!  You can now connect to ODM using the endpoints you got [earlier](#register-the-odm-redirect-urls) and log in as an ODM admin with the account you created in [the first step](README.md#manage-groups-and-users).
 
 ### Set up Rule Designer
 
@@ -502,7 +502,7 @@ To be able to securely connect your Rule Designer to the Decision Server and Dec
 
 4. Restart Rule Designer.
 
-For more information, refer to the [documentation](https://www.ibm.com/docs/en/odm/9.0.0?topic=designer-importing-security-certificate-in-rule).
+For more information, refer to the [documentation](https://www.ibm.com/docs/en/odm/9.5.0?topic=designer-importing-security-certificate-in-rule).
 
 ### Getting Started with IBM Operational Decision Manager for Containers
 
@@ -522,7 +522,7 @@ Deploy the **Loan Validation Service** production_deployment ruleapps using the
 
 You can retrieve the payload.json from the ODM Decision Server Console or use [the provided payload](payload.json).
 
-As explained in the ODM on Certified Kubernetes documentation [Configuring user access with OpenID](https://www.ibm.com/docs/en/odm/9.0.0?topic=access-configuring-user-openid), we advise to use basic authentication for the ODM runtime call for performance reasons and to avoid the issue of token expiration and revocation.
+As explained in the ODM on Certified Kubernetes documentation [Configuring user access with OpenID](https://www.ibm.com/docs/en/odm/9.5.0?topic=access-configuring-user-openid), we advise to use basic authentication for the ODM runtime call for performance reasons and to avoid the issue of token expiration and revocation.
 
 You can realize a basic authentication ODM runtime call the following way:
 
@@ -552,7 +552,7 @@ curl -H "Content-Type: application/json" -k --data @payload.json \
 
 # Troubleshooting
 
-If you encounter any issue, have a look at the [common troubleshooting explanation](../README.md#Troubleshooting)
+If you encounter any issue, have a look at the [common troubleshooting explanation](../README.md#troubleshooting)
 
 # License