🔄 Preview: docs: comprehensive FIPS 140-3 compliance page#1844
Draft
buger wants to merge 317 commits intoproductionfrom
Draft
🔄 Preview: docs: comprehensive FIPS 140-3 compliance page#1844buger wants to merge 317 commits intoproductionfrom
buger wants to merge 317 commits intoproductionfrom
Conversation
* add version * change the folder name --------- Co-authored-by: itachi sasuke <8012032+Keithwachira@users.noreply.github.com>
Co-authored-by: itachi sasuke <8012032+Keithwachira@users.noreply.github.com>
* fix-description * remove empty descriptions --------- Co-authored-by: itachi sasuke <8012032+Keithwachira@users.noreply.github.com>
Co-authored-by: itachi sasuke <8012032+Keithwachira@users.noreply.github.com>
Co-authored-by: itachi sasuke <8012032+Keithwachira@users.noreply.github.com>
* add sidebar * add contexual * return sidebar to top * add tag above sidetitle * addtags below front matter * add title --------- Co-authored-by: itachi sasuke <8012032+Keithwachira@users.noreply.github.com>
* add change text color to white * remove reduddant * remove reduddant --------- Co-authored-by: itachi sasuke <8012032+Keithwachira@users.noreply.github.com>
Co-authored-by: itachi sasuke <8012032+Keithwachira@users.noreply.github.com>
Co-authored-by: itachi sasuke <8012032+Keithwachira@users.noreply.github.com>
Co-authored-by: itachi sasuke <8012032+Keithwachira@users.noreply.github.com>
buger
force-pushed
the
feat/fips-compliance-docs
branch
from
7085b38 to
d1b2931
Compare
buger
force-pushed
the
feat/fips-compliance-docs
branch
from
3244d37 to
de0f5c7
Compare
buger
force-pushed
the
feat/fips-compliance-docs
branch
from
de0f5c7 to
b55e86c
Compare
* docs: add TYK_DB_LOGLEVEL and log_level config support * DX-2357: Update to use TYK_LOGLEVEL instead of TYK_DB_LOGLEVEL * docs: add note about TYK_LOGLEVEL priority * docs: add note about TYK_DB_ prefix for TYK_LOGLEVEL * docs: add note about TYK_LOGFORMAT priority * ci: remove --no-deps from pip install requests * Apply suggestions from code review Co-authored-by: Master <sharadregoti15@gmail.com> * Update upgrade recommendations for production environments Removed reference to Tyk Operator for production upgrades. --------- Co-authored-by: Leonid Bugaev <leonsbox@gmail.com> Co-authored-by: Master <sharadregoti15@gmail.com>
…chor fragments (#1865) * DX-2361: Add GitHub Actions to validate external URLs and internal anchors - Extend validate_mintlify_docs.py with --check-anchors flag that extracts GFM-slugified heading anchors, {#custom-id} syntax, and <a id/name> elements from target MDX files and verifies every internal #fragment resolves - Update validate-docs.yml to run anchor check on every PR - Add check-external-links.yml workflow: weekly scheduled (Mon 07:00 UTC) and manual-trigger run that HEAD-checks all external HTTP/HTTPS URLs Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * DX-2361: Run external link check on every pull request Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * DX-2361: Fix exit code not failing on broken external links External link failures were reported but never factored into the exit code, so CI was passing despite 404s. Added has_broken_external check and a summary line for external link results. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * DX-2361: Switch external link checker to lychee Replace sequential Python/requests approach with lycheeverse/lychee-action. Lychee runs checks in parallel, has built-in retry logic, and is purpose-built for link checking — much faster on a repo with 1500+ external URLs. Add lychee.toml to exclude tyk-owned domains, localhost, placeholder URLs, and sites known to block bots (LinkedIn, Facebook). Accept 429 as non-broken to handle rate-limited responses gracefully. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Fix mirror-pr workflow failing on PR bodies with special characters GitHub Actions expands ${{ }} expressions before the shell runs, so backticks and $ signs in PR bodies were injected raw into the script and interpreted as shell command substitution. Fix: write static content via a single-quoted heredoc (no shell expansion), then append the PR body via printf with an env var ($PR_BODY). Shell variables accessed as "$VAR" are never re-interpreted, making any PR body content safe. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Fix lychee checking internal/relative links Add scheme = ["https", "http"] to lychee.toml so lychee only attempts to check http/https URLs. Without this, lychee tries to resolve root-relative paths (/img/..., /page/...) as file URIs and fails. Internal links are already validated by validate-docs.yml. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Fix lychee erroring on root-relative paths scheme = ["https", "http"] didn't help because lychee fails to build the URL before the scheme filter runs. Set base = "https://tyk.io" so root-relative paths (/img/..., /page/...) are resolved to https://tyk.io/... and then silently skipped by the existing tyk.io exclude rule, rather than producing "cannot convert path to URI" errors. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Fix lychee config: base -> base_url Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
#1872) * docs: add container support guide (Podman, containerd, CRI-O) * docs(DX-2363): restructure container runtimes guide and add cross-references - Rewrite containers.mdx as a proper Tyk docs page: clean frontmatter, active voice, no numbered headings, FAQ as AccordionGroup, no em dashes - Move page from tyk-self-managed/install/containers to deployment-and-operations/container-runtimes - Update docs.json: remove old nav entry, add new entry under Configuration group after planning-for-production - Add Container Runtimes cross-reference Note (after Prerequisites) to 7 install pages: tyk-self-managed docker/k8s, portal docker/k8s, ai-studio docker/k8s, tyk-governance installation Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> --------- Co-authored-by: Leonid Bugaev <leonsbox@gmail.com> Co-authored-by: Sharad Regoti <sharadregoti15@gmail.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Rewrite the FIPS documentation to cover: - Migration from GOEXPERIMENT=boringcrypto (FIPS 140-2) to GOFIPS140=v1.0.0 (FIPS 140-3, Go 1.24+ native) - Docker Hardened Images (DHI) base with FIPS attestation - Full product matrix (Gateway, Dashboard, Pump, MDCB) - Step-by-step binary and image verification guide - VEX vulnerability management (Docker Scout, trivy OCI, trivy repo) - Base image transparency and attestation inspection - Clear compliance scope, limitations, and legal disclaimers - Configuration guide for FIPS mode - References to Go, Docker, and NIST documentation Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
sharadregoti
force-pushed
the
feat/fips-compliance-docs
branch
from
00c53c2 to
45e27ac
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
13 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🔗 Auto-generated mirror PR for Mintlify preview
Original PR: #1843
Author: @buger
Purpose
This PR provides a Mintlify preview link for reviewing documentation changes.
Preview Link
The Mintlify preview will be available once this PR is processed.
Changes
Summary
Complete rewrite of the FIPS compliance documentation page at to reflect the migration to Go 1.24+ native FIPS 140-3 and Docker Hardened Images.
Key changes from the previous version:
Related PRs
🤖 Generated with Claude Code