Format markdown (#1235)

docs/setup.md

@@ -10,7 +10,6 @@ Let's see the following steps:
 1. Set up the kubeconfig
 1. Verify cluster access
 
-
 ## 1. Set up the OIDC provider
 
 ### Google Identity Platform
@@ -24,11 +23,11 @@ Open [Google APIs Console](https://console.developers.google.com/apis/credential
 Check the client ID and secret.
 Replace the following variables in the later sections.
 
-Variable                | Value
-------------------------|------
-`ISSUER_URL`            | `https://accounts.google.com`
-`YOUR_CLIENT_ID`        | `xxx.apps.googleusercontent.com`
-`YOUR_CLIENT_SECRET`    | random string
+| Variable             | Value                            |
+| -------------------- | -------------------------------- |
+| `ISSUER_URL`         | `https://accounts.google.com`    |
+| `YOUR_CLIENT_ID`     | `xxx.apps.googleusercontent.com` |
+| `YOUR_CLIENT_SECRET` | random string                    |
 
 ### Keycloak
 
@@ -39,8 +38,8 @@ Open Keycloak and create an OIDC client as follows:
 
 - Client ID: `YOUR_CLIENT_ID`
 - Valid Redirect URLs:
-    - `http://localhost:8000`
-    - `http://localhost:18000` (used if the port 8000 is already in use)
+  - `http://localhost:8000`
+  - `http://localhost:18000` (used if the port 8000 is already in use)
 - Issuer URL: `https://keycloak.example.com/auth/realms/YOUR_REALM`
 
 You can associate client roles by adding the following mapper:
@@ -56,11 +55,11 @@ For example, if you have `admin` role of the client, you will get a JWT with the
 
 Replace the following variables in the later sections.
 
-Variable                | Value
-------------------------|------
-`ISSUER_URL`            | `https://keycloak.example.com/auth/realms/YOUR_REALM`
-`YOUR_CLIENT_ID`        | `YOUR_CLIENT_ID`
-`YOUR_CLIENT_SECRET`    | random string
+| Variable             | Value                                                 |
+| -------------------- | ----------------------------------------------------- |
+| `ISSUER_URL`         | `https://keycloak.example.com/auth/realms/YOUR_REALM` |
+| `YOUR_CLIENT_ID`     | `YOUR_CLIENT_ID`                                      |
+| `YOUR_CLIENT_SECRET` | random string                                         |
 
 ### Dex with GitHub
 
@@ -77,29 +76,29 @@ Deploy [Dex](https://github.com/dexidp/dex) with the following config:
 ```yaml
 issuer: https://dex.example.com
 connectors:
-- type: github
-  id: github
-  name: GitHub
-  config:
-    clientID: YOUR_GITHUB_CLIENT_ID
-    clientSecret: YOUR_GITHUB_CLIENT_SECRET
-    redirectURI: https://dex.example.com/callback
+  - type: github
+    id: github
+    name: GitHub
+    config:
+      clientID: YOUR_GITHUB_CLIENT_ID
+      clientSecret: YOUR_GITHUB_CLIENT_SECRET
+      redirectURI: https://dex.example.com/callback
 staticClients:
-- id: YOUR_CLIENT_ID
-  name: Kubernetes
-  redirectURIs:
-  - http://localhost:8000
-  - http://localhost:18000
-  secret: YOUR_DEX_CLIENT_SECRET
+  - id: YOUR_CLIENT_ID
+    name: Kubernetes
+    redirectURIs:
+      - http://localhost:8000
+      - http://localhost:18000
+    secret: YOUR_DEX_CLIENT_SECRET
 ```
 
 Replace the following variables in the later sections.
 
-Variable                | Value
-------------------------|------
-`ISSUER_URL`            | `https://dex.example.com`
-`YOUR_CLIENT_ID`        | `YOUR_CLIENT_ID`
-`YOUR_CLIENT_SECRET`    | `YOUR_DEX_CLIENT_SECRET`
+| Variable             | Value                     |
+| -------------------- | ------------------------- |
+| `ISSUER_URL`         | `https://dex.example.com` |
+| `YOUR_CLIENT_ID`     | `YOUR_CLIENT_ID`          |
+| `YOUR_CLIENT_SECRET` | `YOUR_DEX_CLIENT_SECRET`  |
 
 ### Okta
 
@@ -112,17 +111,17 @@ Open your Okta organization and create an application with the following options
 - Application type: Native
 - Initiate login URI: `http://localhost:8000`
 - Login redirect URIs:
-    - `http://localhost:8000`
-    - `http://localhost:18000` (used if the port 8000 is already in use)
+  - `http://localhost:8000`
+  - `http://localhost:18000` (used if the port 8000 is already in use)
 - Allowed grant types: Authorization Code
 - Client authentication: Use PKCE (for public clients)
 
 Replace the following variables in the later sections.
 
-Variable                | Value
-------------------------|------
-`ISSUER_URL`            | `https://YOUR_ORGANIZATION.okta.com`
-`YOUR_CLIENT_ID`        | random string
+| Variable         | Value                                |
+| ---------------- | ------------------------------------ |
+| `ISSUER_URL`     | `https://YOUR_ORGANIZATION.okta.com` |
+| `YOUR_CLIENT_ID` | random string                        |
 
 You do not need to set `YOUR_CLIENT_SECRET`.
 
@@ -135,17 +134,17 @@ Login with an account that has permissions to create applications.
 Create an OIDC application with the following configuration:
 
 - Redirect URIs:
-    - `http://localhost:8000`
-    - `http://localhost:18000` (used if the port 8000 is already in use)
+  - `http://localhost:8000`
+  - `http://localhost:18000` (used if the port 8000 is already in use)
 - Grant type: Authorization Code
 - PKCE Enforcement: Required
 
 Leverage the following variables in the next steps.
 
-Variable                | Value
-------------------------|------
-`ISSUER_URL`            | `https://auth.pingone.com/<PingOne Tenant Id>/as`
-`YOUR_CLIENT_ID`        |  random string
+| Variable         | Value                                             |
+| ---------------- | ------------------------------------------------- |
+| `ISSUER_URL`     | `https://auth.pingone.com/<PingOne Tenant Id>/as` |
+| `YOUR_CLIENT_ID` | random string                                     |
 
 `YOUR_CLIENT_SECRET` is not required for this configuration.
 
@@ -170,7 +169,6 @@ See also the full options.
 kubectl oidc-login setup --help
 ```
 
-
 ## 3. Bind a cluster role
 
 Here bind `cluster-admin` role to you.
@@ -181,7 +179,6 @@ kubectl create clusterrolebinding oidc-cluster-admin --clusterrole=cluster-admin
 
 As well as you can create a custom cluster role and bind it.
 
-
 ## 4. Set up the Kubernetes API server
 
 Add the following flags to kube-apiserver:
@@ -205,13 +202,12 @@ spec:
 If you are using [kube-aws](https://github.com/kubernetes-incubator/kube-aws), append the following settings to the `cluster.yaml`:
 
 ```yaml
-       oidc:
-         enabled: true
-         issuerUrl: ISSUER_URL
-         clientId: YOUR_CLIENT_ID
+oidc:
+  enabled: true
+  issuerUrl: ISSUER_URL
+  clientId: YOUR_CLIENT_ID
 ```
 
-
 ## 5. Set up the kubeconfig
 
 Add `oidc` user to the kubeconfig.
@@ -227,7 +223,6 @@ kubectl config set-credentials oidc \
   --exec-arg=--oidc-client-secret=YOUR_CLIENT_SECRET
 ```
 
-
 ## 6. Verify cluster access
 
 Make sure you can access the Kubernetes cluster.