feat: merge from main

docker/Dockerfile.dev.ui

@@ -16,7 +16,7 @@ COPY keep-ui/package*.json /app/
 COPY ./keep-ui/ /app
 
 # Install dependencies in /app
-RUN npm install --legacy-peer-deps
+RUN npm install
 
 # Ensure port 3000 is accessible to our system
 EXPOSE 3000

docker/Dockerfile.ui

@@ -10,7 +10,7 @@ WORKDIR /app
 
 # Install dependencies based on the preferred package manager
 COPY package.json package-lock.json ./
-RUN npm ci --legacy-peer-deps
+RUN npm ci
 
 
 # Rebuild the source code only when needed

docs/deployment/docker.mdx

@@ -0,0 +1,31 @@
+---
+title: "Docker"
+sidebarTitle: "Docker"
+---
+
+### Spin up Keep with docker-compose latest images
+The easiest way to start keep is is with docker-compose:
+```shell
+curl https://raw.githubusercontent.com/keephq/keep/main/start.sh | sh
+```
+
+```bash start.sh
+#!/bin/bash
+# Keep install script for docker compose
+
+echo "Creating state directory."
+mkdir -p state
+test -e state
+echo "Changing directory ownership to non-privileged user."
+chown -R 999:999 state || echo "Unable to change directory ownership, changing permissions instead." && chmod -R 0777 state
+which curl &> /dev/null || echo "curl not installed"
+curl https://raw.githubusercontent.com/keephq/keep/main/docker-compose.yml --output docker-compose.yml
+curl https://raw.githubusercontent.com/keephq/keep/main/docker-compose.common.yml --output docker-compose.common.yml
+
+docker compose up -d
+```
+
+The docker-compose.yml contains 3 services:
+- [keep-backend](https://console.cloud.google.com/artifacts/docker/keephq/us-central1/keep/keep-api?project=keephq) - a fastapi service that as the API server.
+- [keep-frontend](https://console.cloud.google.com/artifacts/docker/keephq/us-central1/keep/keep-ui?project=keephq) - a nextjs app that serves as Keep UI interface.
+- [keep-websocket-server](https://docs.soketi.app/getting-started/installation/docker) - Soketi (a pusher compatible websocket server) for real time alerting.

docs/deployment/kubernetes.mdx

@@ -0,0 +1,23 @@
+---
+title: "Kubernetes"
+sidebarTitle: "Kubernetes"
+---
+
+Keep can be installed via Helm Chart.
+
+First, clone Keep:
+```
+git clone https://github.com/keephq/keep.git && cd keep
+```
+
+Next, install using:
+```
+helm install -f chart/keep/values.yaml keep chart/keep/
+```
+
+Notice for it to work locally, you'll need this port forwarding:
+```
+kubectl port-forward svc/keep-frontend 3000:3000
+```
+
+To learn more about Keep's helm chart, see https://github.com/keephq/keep/blob/main/chart/keep/README.md

docs/deployment/openshift.mdx

@@ -0,0 +1,15 @@
+---
+title: "Openshift"
+sidebarTitle: "Openshift"
+---
+
+Keep's Helm Chart also supports Openshift installation.
+
+Simply follow the Kubernetes set-up guide, but make sure to modify the following lines under frontend(/backend).route in the values.yaml file as follows:
+```
+enabled: true
+host: <desired-hostname>
+path: <desired-path> # should be / for default
+tls: <desired-tls-configs>
+wildcardPolicy: <desired-wildcardPolicy>
+```

docs/deployment/secret-manager.mdx

@@ -0,0 +1,84 @@
+---
+title: "Secret Manager"
+sidebarTitle: "Secret Manager"
+---
+
+## Overview
+
+<Tip>Secret Manager selection is crucial for securing your application. Different modes can be set up depending on the deployment type. Our system supports four primary secret manager types.</Tip>
+
+## Secret Manager Factory
+
+The `SecretManagerFactory` is a utility class used to create instances of different types of secret managers. It leverages the Factory design pattern to abstract the creation logic based on the type of secret manager required. The factory supports creating instances of File, GCP, Kubernetes, and Vault Secret Managers.
+
+The `SECRET_MANAGER_TYPE` environment variable plays a crucial role in the SecretManagerFactory for determining the default type of secret manager to be instantiated when no specific type is provided in the method call.
+
+**Functionality**:
+
+**Default Secret Manager**: If the `SECRET_MANAGER_TYPE` environment variable is set, its value dictates the default type of secret manager that the factory will create.
+The value of this variable should correspond to one of the types defined in SecretManagerTypes enum (`FILE`, `GCP`, `K8S`, `VAULT`).
+
+**Example Configuration**:
+
+Setting `SECRET_MANAGER_TYPE=GCP` in the environment will make the factory create instances of GcpSecretManager by default.
+If `SECRET_MANAGER_TYPE` is not set or is set to `FILE`, the factory defaults to creating instances of FileSecretManager.
+This environment variable provides flexibility and ease of configuration, allowing different secret managers to be used in different environments or scenarios without code changes.
+
+## File Secert Manager
+
+The `FileSecretManager` is a concrete implementation of the BaseSecretManager for managing secrets stored in the file system. It uses a specified directory (defaulting to ./) to read, write, and delete secret files.
+
+Configuration:
+
+Set the environment variable `SECRET_MANAGER_DIRECTORY` to specify the directory where secrets are stored. If not set, defaults to the current directory (./).
+
+Usage:
+
+- Secrets are stored as files in the specified directory.
+- Reading a secret involves fetching content from a file.
+- Writing a secret creates or updates a file with the given content.
+- Deleting a secret removes the corresponding file.
+
+## Kubernetes Secret Manager
+
+The `KubernetesSecretManager` interfaces with Kubernetes' native secrets system. It manages secrets within a specified Kubernetes namespace and is designed to operate within a Kubernetes cluster.
+
+Configuration:
+
+Set `K8S_NAMESPACE` environment variable to specify the Kubernetes namespace. Defaults to default if not set. Assumes Kubernetes configurations (like service account tokens) are properly set up when running within a cluster.
+
+Usage:
+
+- Secrets are stored as Kubernetes Secret objects.
+- Provides functionalities to create, retrieve, and delete Kubernetes secrets.
+- Handles base64 encoding and decoding as required by Kubernetes.
+
+## GCP Secret Manager
+
+The `GcpSecretManager` utilizes Google Cloud's Secret Manager service for secret management. It requires setting up with Google Cloud credentials and a project ID.
+
+Configuration:
+
+Ensure the environment variable `GOOGLE_CLOUD_PROJECT` is set with your Google Cloud project ID.
+
+Usage:
+
+- Secrets are managed using Google Cloud's Secret Manager.
+- Supports operations to create, access, and delete secrets in the cloud.
+- Integrates with OpenTelemetry for tracing secret management operations.
+
+## Hashicorp Vault Secret Manager
+
+The `VaultSecretManager` is tailored for Hashicorp Vault, a tool for managing sensitive data. It supports token-based authentication as well as Kubernetes-based authentication for Vault.
+
+Configuration:
+
+- Set `HASHICORP_VAULT_ADDR` to the Vault server address. Defaults to http://localhost:8200.
+- Use `HASHICORP_VAULT_TOKEN` for token-based authentication.
+- Set `HASHICORP_VAULT_USE_K8S` to True and provide `HASHICORP_VAULT_K8S_ROLE` for Kubernetes-based authentication.
+
+Usage:
+
+- Manages secrets in a Hashicorp Vault server.
+- Provides methods to write, read, and delete secrets from Vault.
+- Supports different Vault authentication methods including static tokens and Kubernetes service account tokens.

docs/development/external-url.mdx

@@ -1,6 +1,6 @@
 ---
-title: "Keep with External URL"
-sidebarTitle: "Keep with External URL"
+title: "Keep with Internet URL"
+sidebarTitle: "Keep with Internet URL"
 ---
 
 ## Introduction