Update docs

[aramprice]

• move ci/docs/ => docs/
  • add details to publish.md
• remove outdated develop.md
• update new stemcell line doc

[coderabbitai]

Warning

Rate limit exceeded

@aramprice has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 24 minutes and 57 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 24 minutes and 57 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: fe38100d-2924-4be1-9c21-426f5e2eec34

📥 Commits

Reviewing files that changed from the base of the PR and between ea8f6ca and 4762d7a.

📒 Files selected for processing (5)

• ci/docs/publish.md
• docs/develop.md
• docs/fips.md
• docs/new_stemcell_line.md
• docs/publish.md

Walkthrough

This pull request removes ci/docs/publish.md and docs/develop.md, adds docs/publish.md, updates docs/new_stemcell_line.md to use the ubuntu-${short_name} branch naming, simplified git commands, and adjusted CI configuration steps, and applies formatting and minor field/name corrections to docs/fips.md. The changes are documentation-only and include additions, deletions, and editorial updates across the repository's docs.

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (2 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'Update docs' is vague and generic, using non-descriptive language that fails to convey the specific nature of the documentation changes.	Use a more descriptive title that captures the main changes, such as 'Refactor stemcell publishing and development docs' or 'Update docs with new branch naming and publishing workflow'.
Description check	❓ Inconclusive	No pull request description was provided, making it impossible to verify whether the author's intent aligns with the substantial documentation changes made.	Add a description explaining the documentation updates, including the motivation for restructuring publish/develop docs and the new branch naming conventions.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch update-docs

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 4

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@docs/fips.md`:
- Line 43: The documented gsutil command is missing the required permission
suffix on the principal; update the line containing "gsutil defacl ch -u
PLACEHOLDER gs://bosh-core-stemcells-fips" to include a permission suffix (for
example ":READER" or ":OWNER") on PLACEHOLDER (e.g., "PLACEHOLDER:READER") so
the command uses the correct principal format and will succeed when run.

In `@docs/new_stemcell_line.md`:
- Around line 11-35: The step "Add, commit, and push the new branch" (the line
with git push --set-upstream origin HEAD) must be moved so it occurs after the
documented edits to ci/pipelines/vars.yml, the update of STEMCELL_LINE in
ci/configure.sh, and after running ./ci/configure.sh; reorder the numbered steps
so editing ci/pipelines/vars.yml, updating STEMCELL_LINE="ubuntu-${short_name}"
in ci/configure.sh and running ./ci/configure.sh come before the add/commit/push
step to keep the workflow consistent.
- Line 8: Remove the stray trailing backtick in the branch creation command
string "git switch -c ubuntu-${short_name} {commit}`" so the line reads without
the backtick; update the command in the docs/new_stemcell_line.md to "git switch
-c ubuntu-${short_name} {commit}" ensuring no extra punctuation remains that
would break copy-paste execution.

In `@docs/publish.md`:
- Around line 11-13: The docs text references the wrong job name; replace the
string "aggregate-candidate-stemcells-1.x" with the actual builder pipeline job
name "aggregate-candidate-stemcells" in the publish.md content so the doc points
to the real job; search for the literal "aggregate-candidate-stemcells-1.x" in
the file and update that occurrence (preserve surrounding sentence and wording).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 982a072e-a8ba-46e6-9bfd-da921d14c565

📥 Commits

Reviewing files that changed from the base of the PR and between 7e075fd and bfe1065.

📒 Files selected for processing (5)

• ci/docs/publish.md
• docs/develop.md
• docs/fips.md
• docs/new_stemcell_line.md
• docs/publish.md

💤 Files with no reviewable changes (2)

• ci/docs/publish.md
• docs/develop.md

[coderabbitai]

Actionable comments posted: 3

♻️ Duplicate comments (2)

docs/fips.md (1)

43-43: ⚠️ Potential issue | 🟠 Major

gsutil defacl example appears invalid without a permission suffix

Line 43 likely won’t work as written. -u grants typically require principal:PERMISSION (for example PLACEHOLDER:READER).

Suggested fix

-gsutil defacl ch -u PLACEHOLDER gs://bosh-core-stemcells-fips
+gsutil defacl ch -u PLACEHOLDER:READER gs://bosh-core-stemcells-fips

Current gsutil documentation for `gsutil defacl ch` grant syntax: does `-u` require `<user>:<perm>` (e.g., `:R`/`:READ`)?

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@docs/fips.md` at line 43, The example `gsutil defacl ch -u PLACEHOLDER
gs://bosh-core-stemcells-fips` is missing a permission suffix for the principal;
update the example so the `-u` argument uses the required principal:PERMISSION
form (e.g., replace PLACEHOLDER with a principal followed by a permission such
as :READER or :OWNER) so the command demonstrates the correct grant syntax.

docs/publish.md (1)

11-13: ⚠️ Potential issue | 🟠 Major

Use the actual aggregate job name.

The parenthetical example references aggregate-candidate-stemcells-1.x, but the builder pipeline job is aggregate-candidate-stemcells (not version-suffixed). Update the text to reflect the actual job name.

📝 Proposed fix

-Please check the latest build of the aggregate-candidate-stemcells job of the
-stemcell line you need to release (aggregate-candidate-stemcells-1.x),
-you should see a successful build which was triggered by the USN notice.
+Please check the latest build of the aggregate-candidate-stemcells job of the
+stemcell line you need to release,
+you should see a successful build which was triggered by the USN notice.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@docs/publish.md` around lines 11 - 13, Update the documentation line that
references the job name to use the actual builder pipeline job name
"aggregate-candidate-stemcells" instead of the version-suffixed example
"aggregate-candidate-stemcells-1.x"; locate the sentence containing that
parenthetical and replace the parenthetical with the correct job name so the
text reads that you should check the latest build of the
aggregate-candidate-stemcells job (no version suffix).

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@docs/fips.md`:
- Around line 11-31: Add the required blank lines around the fenced YAML block
and the subsequent headings to satisfy markdownlint rules (MD031/MD022): insert
an empty line before the opening ```yaml fence and after the closing ``` fence,
and ensure there is a blank line between the fenced block and the "## setup
access" heading and between "## setup access" and "### working group actions"
(and similarly before "#### bucket owner actions") so the YAML code block and
each heading are separated by one blank line.

In `@docs/publish.md`:
- Around line 1-2: The markdown headings "# Publish a stemcell." and "## Verify
stemcell builds" need blank lines before and after each heading to comply with
Markdown formatting; update the document so there is an empty line above "#
Publish a stemcell." (if not at top) and an empty line below it, and likewise
ensure a blank line above and below "## Verify stemcell builds" to improve
readability and tool compatibility.
- Around line 17-18: The markdown heading "## Publish stemcells" lacks a blank
line after it; insert a single empty line immediately following the "## Publish
stemcells" heading in docs/publish.md so the heading is separated from the next
paragraph/content and renders correctly.

---

Duplicate comments:
In `@docs/fips.md`:
- Line 43: The example `gsutil defacl ch -u PLACEHOLDER
gs://bosh-core-stemcells-fips` is missing a permission suffix for the principal;
update the example so the `-u` argument uses the required principal:PERMISSION
form (e.g., replace PLACEHOLDER with a principal followed by a permission such
as :READER or :OWNER) so the command demonstrates the correct grant syntax.

In `@docs/publish.md`:
- Around line 11-13: Update the documentation line that references the job name
to use the actual builder pipeline job name "aggregate-candidate-stemcells"
instead of the version-suffixed example "aggregate-candidate-stemcells-1.x";
locate the sentence containing that parenthetical and replace the parenthetical
with the correct job name so the text reads that you should check the latest
build of the aggregate-candidate-stemcells job (no version suffix).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: f605394d-42c5-45bc-92b4-4d791a8d828a

📥 Commits

Reviewing files that changed from the base of the PR and between bfe1065 and ea8f6ca.

📒 Files selected for processing (4)

• ci/docs/publish.md
• docs/develop.md
• docs/fips.md
• docs/publish.md

💤 Files with no reviewable changes (2)

• ci/docs/publish.md
• docs/develop.md

[aramprice]

@CodeRabbit review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[mike-jc]

Project #4 does not exist in cloudfoundry (404 error).

[mike-jc]

Does it mean the stemcell can be published only after USN? If not, I would make the wording clearer