Fix: Add missing tenant sync config [master]

[wso2-engineering-bot]

This PR was automatically generated by Claude AI.

• Issue: [Doc Issue] Add missing tenant sync config #10911
• Type: Documentation
• Summary: Ported changes from PR [4.5.0] Update tenant sync document #10780 to master branch. Updated tenant sync configuration to move skip_create_resident_key_manager from [apim.tenant_sharing.properties] to [apim.key_manager] section and added complete sample configuration.
• Verification: mkdocs build passed successfully

Summary by CodeRabbit

• Documentation
  • Reorganized configuration guidance for enhanced structure and clarity.
  • Updated sample configurations with explicit key manager parameters and identity server settings.
  • Added illustrative TOML examples demonstrating WSO2 IS-7 default key manager setup.

[coderabbitai]

Walkthrough

Configuration documentation for WSO2 API Manager multitenancy with IS-7 updated to relocate the skip_create_resident_key_manager setting from the tenant sharing properties section to the key manager section, with accompanying sample TOML configurations adjusted accordingly.

Changes

Cohort / File(s)	Summary
Documentation & Configuration en/docs/administer/multitenancy/tenant-sharing-with-wso2is7.md	Relocated skip_create_resident_key_manager configuration from [apim.tenant_sharing.properties] to [apim.key_manager] section. Updated surrounding documentation text and added illustrative TOML configuration snippets demonstrating default key manager setup.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 A configuration takes a hop,
From one section to the next—
The keys now rest where they belong,
In the manager's proper nest,
Order brings the rabbit joy! 🎉

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description provides issue reference, type, and summary but lacks most required template sections like Goals, Approach, Release notes, Documentation impact assessment, and testing details.	Expand the description to include Goals, Approach with sample config details, Release notes, Documentation links confirming changes, and test environment verification details per the template.
Title check	❓ Inconclusive	The title focuses on 'missing tenant sync config' but the actual change moves an existing configuration between sections and updates documentation samples, which is more of a restructuring/documentation update than adding missing config.	Consider clarifying the title to reflect the actual change, such as 'Fix: Reorganize tenant sync configuration documentation' or 'Fix: Update key manager config location in tenant sharing docs'.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fixing-issue-10911-master-1773326867

📝 Coding Plan for PR comments

• Generate coding plan

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

en/docs/administer/multitenancy/tenant-sharing-with-wso2is7.md (2)

158-165: Clarify TOML structure and tenant sharing context.

The configuration example has structural and conceptual clarity issues:

Issues:

1. Incomplete TOML structure: The configuration shows [apim.tenant_sharing.properties] without its required parent [[apim.tenant_sharing]] array table declaration. This makes the TOML structure incomplete or potentially invalid.

2. Conceptual confusion: The text states "users can disable tenant sharing and still use the following configuration" (line 157), but the configuration uses [apim.tenant_sharing.properties] without explicitly showing enable_tenant_sync=false or explaining why tenant_sharing properties are used when tenant sharing is supposedly disabled.

3. Incomplete example: If demonstrating "orthogonal features" where tenant sync is disabled but auto key manager is enabled, the example should clearly show all necessary configuration, including either omitting the tenant_sharing section entirely (if possible) or showing enable_tenant_sync=false.

💡 Suggested improvements

Option 1: Show complete TOML structure with explicit disable

     ````toml
+    [[apim.tenant_sharing]]
+    type = "WSO2-IS-7"
+
     [apim.tenant_sharing.properties]
+    enable_tenant_sync=false
     auto_configure_key_manager=true

     [apim.key_manager]
     skip_create_resident_key_manager=true
     ````

Option 2: Clarify if auto_configure_key_manager requires tenant_sharing section

If auto_configure_key_manager can only be configured under [apim.tenant_sharing.properties], add a note explaining this:

     Which means users can disable tenant sharing and still use the following configuration to avoid creating default resident key manager and allow creating **WSO2 IS 7.x as a third party key manager** as the default key manager.

+    !!! note
+        The `auto_configure_key_manager` property must be set under `[apim.tenant_sharing.properties]` even when tenant synchronization is disabled (by setting `enable_tenant_sync=false` or omitting sync credentials).

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@en/docs/administer/multitenancy/tenant-sharing-with-wso2is7.md` around lines
158 - 165, The TOML example is incomplete and confusing: add the missing array
table declaration [[apim.tenant_sharing]] and explicitly show
enable_tenant_sync=false if you intend to demonstrate tenant sharing being
disabled; keep the apim.tenant_sharing.properties block (with
auto_configure_key_manager=true) under that array table and retain the
apim.key_manager skip_create_resident_key_manager setting, or alternatively
remove the tenant_sharing block entirely and note that
auto_configure_key_manager must be set under apim.tenant_sharing.properties if
that is a requirement—update the example and accompanying text to match
whichever option you choose so the structure and intent are unambiguous.

---

121-127: Clarify TOML configuration structure.

The configuration fragment shows [apim.tenant_sharing.properties] without its parent [[apim.tenant_sharing]] array table declaration. While this might work as an incremental addition to an existing configuration (defined earlier at lines 84-93), it could confuse users about the proper TOML structure.

Consider either:

1. Adding a note that this assumes the [[apim.tenant_sharing]] block is already defined (as shown at line 84), or
2. Showing the complete configuration structure including the parent array declaration

📝 Suggested clarification

Add a note before the configuration block:

 For configuring WSO2 IS 7.x as the default key manager you have to add the following configurations to the `<Product-Home>/repository/conf/deployment.toml`:

+!!! note
+    The following configuration should be added to the existing `[[apim.tenant_sharing]]` block configured earlier (lines 84-93).
+
 ````toml

Alternatively, show the complete structure:

-````toml
-[apim.tenant_sharing.properties]
-auto_configure_key_manager=true
-
-[apim.key_manager]
-skip_create_resident_key_manager=true
-````
+````toml
+[[apim.tenant_sharing]]
+type = "WSO2-IS-7"
+[apim.tenant_sharing.properties]
+enable_tenant_sync= true
+username= "admin"
+password= "admin"
+identity_server_base_url= "https://localhost:9444"
+auto_configure_key_manager=true
+
+[apim.key_manager]
+skip_create_resident_key_manager=true
+````

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@en/docs/administer/multitenancy/tenant-sharing-with-wso2is7.md` around lines
121 - 127, The TOML snippet uses [apim.tenant_sharing.properties] without its
parent [[apim.tenant_sharing]] array table which may confuse readers; update the
doc so the snippet is self-contained by either (A) adding a brief note above the
block stating it assumes an existing [[apim.tenant_sharing]] entry defined
earlier, or (B) replacing the fragment with the full structure including
[[apim.tenant_sharing]] and the nested [apim.tenant_sharing.properties] and
[apim.key_manager] entries (reference the headers [[apim.tenant_sharing]],
[apim.tenant_sharing.properties], and [apim.key_manager] to locate where to
edit).

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@en/docs/administer/multitenancy/tenant-sharing-with-wso2is7.md`:
- Around line 136-149: Fix the markdown lint warning by properly
nesting/indenting the fenced TOML block so the admonition recognizes it as a
code block, and clarify the sample scope for apim.tenant_sharing: either (A)
make it a full tenant-sync+key-manager example by adding
apim.tenant_sharing.properties entries enable_tenant_sync, username and password
alongside identity_server_base_url and auto_configure_key_manager, or (B) keep
it as an auto key-manager-only example and add a one-line note stating that
tenant synchronization is disabled/omitted; ensure you update the
apim.key_manager skip_create_resident_key_manager line accordingly and reference
the apim.tenant_sharing, apim.tenant_sharing.properties, enable_tenant_sync,
username, password and apim.key_manager symbols when making the change.

---

Nitpick comments:
In `@en/docs/administer/multitenancy/tenant-sharing-with-wso2is7.md`:
- Around line 158-165: The TOML example is incomplete and confusing: add the
missing array table declaration [[apim.tenant_sharing]] and explicitly show
enable_tenant_sync=false if you intend to demonstrate tenant sharing being
disabled; keep the apim.tenant_sharing.properties block (with
auto_configure_key_manager=true) under that array table and retain the
apim.key_manager skip_create_resident_key_manager setting, or alternatively
remove the tenant_sharing block entirely and note that
auto_configure_key_manager must be set under apim.tenant_sharing.properties if
that is a requirement—update the example and accompanying text to match
whichever option you choose so the structure and intent are unambiguous.
- Around line 121-127: The TOML snippet uses [apim.tenant_sharing.properties]
without its parent [[apim.tenant_sharing]] array table which may confuse
readers; update the doc so the snippet is self-contained by either (A) adding a
brief note above the block stating it assumes an existing
[[apim.tenant_sharing]] entry defined earlier, or (B) replacing the fragment
with the full structure including [[apim.tenant_sharing]] and the nested
[apim.tenant_sharing.properties] and [apim.key_manager] entries (reference the
headers [[apim.tenant_sharing]], [apim.tenant_sharing.properties], and
[apim.key_manager] to locate where to edit).

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: bc4cd985-80d7-43f0-be44-88485bae863e

📥 Commits

Reviewing files that changed from the base of the PR and between 218e7ec and 12014f0.

📒 Files selected for processing (1)

• en/docs/administer/multitenancy/tenant-sharing-with-wso2is7.md

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Address markdown linting warning and clarify sample configuration scope.

The static analysis tool flagged a code block style issue at line 136. Additionally, the sample configuration may cause confusion about its intended scope.

Issues identified:

1. Markdown formatting: The fenced code block inside the "important" admonition may need proper indentation for the markdown processor to recognize it correctly.

2. Sample completeness: The configuration shows [[apim.tenant_sharing]] with type = "WSO2-IS-7" but omits tenant synchronization properties (enable_tenant_sync, username, password) that were shown in the earlier example (lines 84-93). This creates ambiguity about whether this sample is for:

   • Full tenant sync + auto key manager configuration, or
   • Just auto key manager configuration without tenant sync

🔧 Suggested fixes

Fix 1: Address the markdown linting warning

Ensure the code block is properly formatted within the admonition. The indentation may need adjustment depending on your markdown processor.

Fix 2: Clarify the sample's purpose

Option A - If this is for tenant sync + auto key manager, add the missing properties:

     ````toml
     [[apim.tenant_sharing]]
     type = "WSO2-IS-7"

     [apim.tenant_sharing.properties]
+    enable_tenant_sync= true
+    username= "admin"
+    password= "admin"
     identity_server_base_url= "https://localhost:9444"
     auto_configure_key_manager=true

     [apim.key_manager]
     skip_create_resident_key_manager = true
     ````

Option B - If this is only for auto key manager (no tenant sync), clarify in the text:

-    Therefore, in this case sample configuration to register WSO2 IS 7.x as the default key manager would be as follows:
+    Therefore, to register WSO2 IS 7.x as the default key manager (without tenant synchronization), the sample configuration would be as follows:

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	Therefore, in this case sample configuration to register WSO2 IS 7.x as the default key manager would be as follows:
	````toml
	[[apim.tenant_sharing]]
	type = "WSO2-IS-7"
	[apim.tenant_sharing.properties]
	identity_server_base_url= "https://localhost:9444"
	auto_configure_key_manager=true
	[apim.key_manager]
	skip_create_resident_key_manager = true
	````
	Therefore, in this case sample configuration to register WSO2 IS 7.x as the default key manager would be as follows:

Suggested change

	Therefore, in this case sample configuration to register WSO2 IS 7.x as the default key manager would be as follows:
	````toml
	[[apim.tenant_sharing]]
	type = "WSO2-IS-7"
	[apim.tenant_sharing.properties]
	identity_server_base_url= "https://localhost:9444"
	auto_configure_key_manager=true
	[apim.key_manager]
	skip_create_resident_key_manager = true
	````
	Therefore, to register WSO2 IS 7.x as the default key manager (without tenant synchronization), the sample configuration would be as follows:

🧰 Tools

🪛 markdownlint-cli2 (0.21.0)

[warning] 136-136: Code block style
Expected: fenced; Actual: indented

(MD046, code-block-style)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@en/docs/administer/multitenancy/tenant-sharing-with-wso2is7.md` around lines
136 - 149, Fix the markdown lint warning by properly nesting/indenting the
fenced TOML block so the admonition recognizes it as a code block, and clarify
the sample scope for apim.tenant_sharing: either (A) make it a full
tenant-sync+key-manager example by adding apim.tenant_sharing.properties entries
enable_tenant_sync, username and password alongside identity_server_base_url and
auto_configure_key_manager, or (B) keep it as an auto key-manager-only example
and add a one-line note stating that tenant synchronization is disabled/omitted;
ensure you update the apim.key_manager skip_create_resident_key_manager line
accordingly and reference the apim.tenant_sharing,
apim.tenant_sharing.properties, enable_tenant_sync, username, password and
apim.key_manager symbols when making the change.