Merge branch 'vnext-release' into azuread-privatekeyjwt

# Conflicts:
#	authentication/AzureAD/README.md
#	authentication/AzureAD/azuread-odm-script.zip
#	authentication/AzureAD/images/AddRDCallback.png
#	authentication/Keycloak/README_FINE_GRAIN_PERMISSION.md

.github/workflows/check-links.yml

@@ -0,0 +1,25 @@
+name: Check Markdown links
+
+#on:
+#  push:
+#    branches:
+#      - master
+#  pull_request:
+#    branches: [master]
+on: push
+jobs:
+  markdown-link-check:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: technote-space/get-diff-action@v6
+        with:
+          PATTERNS: |
+            **/**.md
+      
+      - uses: gaurav-nelson/github-action-markdown-link-check@v1
+        with:
+          use-quiet-mode: 'yes'
+          use-verbose-mode: 'yes'
+          config-file: '.md_check_config.json'
+

.gitignore

@@ -1,2 +1,3 @@
 *.iml
 output
+/.vscode

.md_check_config.json

@@ -0,0 +1,9 @@
+{
+    "replacementPatterns": [
+      {
+        "pattern": "^/LICENSE",
+        "replacement": "{{BASEURL}}/LICENSE"
+      }
+    ],
+    "timeout": "20s"
+  }

CONTRIBUTING.md

@@ -244,7 +244,7 @@ request.
 
 
 [help documentation]: http://help.github.com/send-pull-requests
-[bug database]: ../../issues
+[bug database]: https://github.com/DecisionsDev/odm-docker-kubernetes/issues
 [ml-users]: mailto:[email protected]
 [Creating a Pull Request]: https://help.github.com/articles/creating-a-pull-request
 [Fork a Repo]: https://help.github.com/articles/fork-a-repo

README.md

@@ -1,10 +1,9 @@
 # IBM-ODM-Kubernetes
 IBM Operational Decision Manager on Certified Kubernetes
 
-
 [![GitHub release](https://img.shields.io/github/release/ODMDev/odm-docker-kubernetes.svg)](https://github.com/ODMDev/odm-docker-kubernetes/releases)
 ![GitHub last commit](https://img.shields.io/github/last-commit/ODMDev/odm-docker-kubernetes)
-[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
+[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)
 [![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/ibm-odm-charts)](https://artifacthub.io/packages/search?repo=ibm-odm-charts)
 
 
@@ -45,7 +44,7 @@ Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
 
-    http://www.apache.org/licenses/LICENSE-2.0
+    https://www.apache.org/licenses/LICENSE-2.0
 
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,

authentication/AzureAD/README.md

@@ -32,7 +32,7 @@ Microsoft Entra ID is the [new name for Azure AD](https://learn.microsoft.com/en
 
 You need to create a number of secrets before you can install an ODM instance with an external OIDC provider such as the Microsoft Entra ID service, and use web application single sign-on (SSO). The following diagram shows the ODM services with an external OIDC provider after a successful installation.
 
-![ODM web application SSO](/images/AzureAD/diag_azuread_interaction.jpg)
+![ODM web application SSO](images/diag_azuread_interaction.jpg)
 
 The following procedure describes how to manually configure ODM with an Microsoft Entra ID service.
 
@@ -50,7 +50,7 @@ Terminology:
 
 The Authorization Code flow is best used by server-side apps in which the source code is not publicly exposed. The apps must be server-side because the request that exchanges the authorization code for a token requires a client secret, which has to be stored in your client. However, the server-side app requires an end user because it relies on interactions with the end user's web browser which redirects the user and then receives the authorization code.
 
-![Authentication flow](/images/AzureAD/AuthenticationFlow.png) (© Microsoft)
+![Authentication flow](images/AuthenticationFlow.png) (© Microsoft)
 
 The Client Credentials flow is intended for server-side (AKA "confidential") client applications with no end user, which normally describes machine-to-machine communication. The application must be server-side because it must be trusted with the client secret, and since the credentials are hard-coded, it cannot be used by an actual end user. It involves a single, authenticated request to the token endpoint which returns an access token.
 
@@ -98,11 +98,11 @@ After activating your account by email, you should have access to your Microsoft
         * Membership type: Assigned
         * Click **Create**
 
-    ![Add Group](/images/AzureAD/NewGroup.png)
+    ![Add Group](images/NewGroup.png)
 
     In **Azure Active Directory** / **Groups** take note of the Object ID. It will be referenced as ``GROUP_ID`` later in this tutorial.
 
-    ![GroupID](/images/AzureAD/GroupID.png)
+    ![GroupID](images/GroupID.png)
 
 2. Create at least one user that belongs to this new group.
 
@@ -120,8 +120,8 @@ After activating your account by email, you should have access to your Microsoft
 
       * Click **Review + create ** and then **Create or Invite**.
 
-      ![New User Basics](/images/AzureAD/NewUserBasics.png)
-      ![New User Assignments](/images/AzureAD/NewUserAssignments.png)
+      ![New User Basics](images/NewUserBasics.png)
+      ![New User Assignments](images/NewUserAssignments.png)
 
       * Click the **myodmuser** user previously created
         * Edit properties