Use link helper for articles (#52)

* Use {% link %} helper for linking to articles
* Swap site.url for site.baseurl

_articles/accounts.md

@@ -28,6 +28,6 @@ This page lists various services that login.gov team uses to do work.
 - OpsGenie
 - search.gov dashboard
 
-[onboarding]: {{site.url}}/articles/onboarding.html
-[offboarding]: {{site.url}}/articles/offboarding.html
+[onboarding]: {% link _articles/onboarding.md %}
+[offboarding]: {% link _articles/offboarding.md %}
 [handbook-appendix]: https://docs.google.com/document/d/1ZMpi7Gj-Og1dn-qUBfQHqLc1Im7rUzDmIxKn11DPJzk/edit#heading=h.1c3ohc5eqn5r

_articles/appdev-deploy.md

@@ -9,7 +9,7 @@ This is a guide for the Release Manager, the engineer who shepherds code to stag
 
 This guide assumes that:
 - You have a [GPG key set up with GitHub](https://help.github.com/en/github/authenticating-to-github/adding-a-new-gpg-key-to-your-github-account) (for signing commits)
-- You have [set up `aws-vault`]({{site.baseurl}}/articles/infrastructure-setting-up-aws-vault.html), and have can SSH (via `ssm-instance`) in to our production environment
+- You have [set up `aws-vault`]({% link _articles/infrastructure-setting-up-aws-vault.md %}), and have can SSH (via `ssm-instance`) in to our production environment
 
 Note: it is a good idea to make sure you have the latest pulled down from identity-devops - lots of goood improvements all the time!
 

_articles/appdev-lambda-jobs.md

@@ -155,4 +155,4 @@ Here's the step-by-step to enable the lambda background jobs workflow in the IDP
 
 3. Recyle the IDP so the changes take effect
 
-[secrets-config]: {{site.baseurl}}/articles/appdev-secrets-configuration.html
+[secrets-config]: {% link _articles/appdev-secrets-configuration.md %}

_articles/incident-response-checklist.md

@@ -19,12 +19,12 @@ This is a quick checklist for any incident (security, privacy, outage, degraded
 
 ## Assess
 
-* [Incident confirmed]({{site.baseurl}}/articles/secops-incident-response-guide.html#initiate-phase)
+* [Incident confirmed]({% link _articles/secops-incident-response-guide.md %}#initiate-phase)
   - System security potentially compromised
   - System unavailable or functionality degraded
   - System under significant active attack from outside or inside threat
   - System integrity in question
-* [Severity assigned]({{site.baseurl}}/articles/secops-incident-response-guide.html#incident-severities) (can be changed later as new information is collected)
+* [Severity assigned]({% link _articles/secops-incident-response-guide.md %}#incident-severities) (can be changed later as new information is collected)
   - **High**: Confirmed PII breach, confirmed security penetration, complete outage
   - **Medium**: Suspected PII breach, suspected security penetration, partial outage
   - **Low**: Suspected attack, outage of non-prod persistent system (`int`)
@@ -56,5 +56,5 @@ This is a quick checklist for any incident (security, privacy, outage, degraded
 # Resources
 
 * [Official login.gov Incident Response plan](https://drive.google.com/file/d/1Em3F3oZF_SRuuRLqwr6-pwlE4iNmT2ix/view): The authoritative source
-* [login.gov Security Incident Response Guide]({{site.baseurl}}/articles/secops-incident-response-guide.html): IR guidance and overview, defer to the official IR plan
+* [login.gov Security Incident Response Guide]({% link _articles/secops-incident-response-guide.md %}): IR guidance and overview, defer to the official IR plan
 * [NIST 800-61r2 Computer Security Incident Response Guide](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf)

_articles/infrastructure-acceptance-criteria.md

@@ -93,7 +93,7 @@ The full process of accepting, working on, and completing an Issue is as follows
     * Move Issue back to the **In Progress** column
     * Collaborate with the DevOps team (assigned engineer and/or others) to drive the story to completion
 
-An Issue is **Done** when ACs are met and evidence is documented. The On-Call addresses outstanding ACs daily to keep things moving, and will clear out any remaining Issues during the [weekly `AC Club` hangout]({{site.baseurl}}/articles/infrastructure-ceremonies.html#ac-club), which provides a dedicated time for auditing/verifying Issues. The **Done** column is reset at the beginning of every sprint cycle.
+An Issue is **Done** when ACs are met and evidence is documented. The On-Call addresses outstanding ACs daily to keep things moving, and will clear out any remaining Issues during the [weekly `AC Club` hangout]({% link _articles/infrastructure-ceremonies.md %}#ac-club), which provides a dedicated time for auditing/verifying Issues. The **Done** column is reset at the beginning of every sprint cycle.
 
 ## Pull Requests
 

_articles/infrastructure-ceremonies.md

@@ -67,7 +67,7 @@ Used for the weekly handoff between the current and previous On-Call team member
 - Previous On-Call(s): fill out "What ops stuff happened last week?" section of doc
 - Current On-Call(s): fill out "What ops stuff is happening this week?" section of doc
 
-Start the meeting with those sections of the doc, following the [On-Call review and handoff procedures]({{site.baseurl}}/articles/infrastructure-oncall-guide.html#procedure) when doing so. Follow the On-Call review with either [Sprint Planning](#sprint-planning) or [Backlog Refinement](#backlog-refinement) depending upon the week.
+Start the meeting with those sections of the doc, following the [On-Call review and handoff procedures]({% link _articles/infrastructure-oncall-guide.md %}#procedure) when doing so. Follow the On-Call review with either [Sprint Planning](#sprint-planning) or [Backlog Refinement](#backlog-refinement) depending upon the week.
 
 ### Sprint Retro
 (Part of [Weekly Omnibus](#weekly-omnibus); done at the start of a new sprint)

_articles/infrastructure-iam-configs.md

@@ -7,7 +7,7 @@ category: Infrastructure
 
 ## Overview
 
-A set of modules in [`identity-terraform`](https://github.com/18F/identity-terraform) are used to create the full mappings between the users, groups, roles, and accounts across the org. Please refer to the [AWS Accounts and IAM Groups/Roles]({{site.baseurl}}/articles/infrastructure-aws-accounts-and-roles.html) page for specific data about our existing AWS accounts/groups/roles/etc.
+A set of modules in [`identity-terraform`](https://github.com/18F/identity-terraform) are used to create the full mappings between the users, groups, roles, and accounts across the org. Please refer to the [AWS Accounts and IAM Groups/Roles]({% link _articles/infrastructure-aws-accounts-and-roles.md %}) page for specific data about our existing AWS accounts/groups/roles/etc.
 
 ## Terraform Configuration
 
@@ -157,7 +157,7 @@ An individual AWS IAM account can only be part of _one_ AccountType. If you requ
 If a new AWS account is added to the Login.gov organization, the following changes will be needed to provide IAM permissions/access to it.
 
 _Prerequisites:_
-* Determine the **Friendly Name**, **Alias**, **CLI Prefix**, **AWS Account ID**, and **Account Type** as per the other examples in [the AWS Accounts matrix]({{site.baseurl}}/articles/infrastructure-aws-accounts-and-roles.html). Add a new line with those values to the matrix as part of a PR update to this document.
+* Determine the **Friendly Name**, **Alias**, **CLI Prefix**, **AWS Account ID**, and **Account Type** as per the other examples in [the AWS Accounts matrix]({% link _articles/infrastructure-aws-accounts-and-roles.md %}). Add a new line with those values to the matrix as part of a PR update to this document.
 * Verify that there is at least one NON-Terraform-managed IAM user profile with the equivalent of _FullAdministrator_ permissions within the account. This user will perform the initial run of `terraform/all` to create the Roles in the account, allowing users within `terraform/master` to Assume these Roles.
 
 _Steps:_

_articles/infrastructure-oncall-guide.md

@@ -17,11 +17,11 @@ private links and contact information useful for oncall infrastructure engineers
 * **Acknowledge pages** - Ack OpsGenie pages within 5 minutes if possible to ensure timely response and avoid rollover to secondary
 * **Appropriately respond to alert** - Assess impact to end users and service providers and judge severity, acting as Incident Response reporter if appropriate
 * **Check Production** - Review systems and logs for indicators of issues which are not yet monitored, or unexpected behaviors
-* **Initiate Incident Response (IR)** - Based on [Incident Severities]({{site.baseurl}}/articles/secops-incident-response-guide.html#incident-severities)
+* **Initiate Incident Response (IR)** - Based on [Incident Severities]({% link _articles/secops-incident-response-guide.md %}#incident-severities)
   * **High Severity** - Act immediately 24/7 and see through to remediation or confirmed handoff to other team members
   * **Medium Severity** - During business hours as a top priority
   * **Low Severity** - During business hours and yielding for release and other duties
-* **Initiate Incident Response (IR) Process** - Act as Situation Lead/Incident Commander following the [Security Incident Response Guide]({{site.baseurl}}/articles/secops-incident-response-guide.html)
+* **Initiate Incident Response (IR) Process** - Act as Situation Lead/Incident Commander following the [Security Incident Response Guide]({% link _articles/secops-incident-response-guide.md %})
 * **Handle interrupts**
   * Administrative tasks (onboard/offboard/change access)
   * Urgent product, app, or ops team requests
@@ -104,7 +104,7 @@ Before going on-call for Identity DevOps ensure the following:
 * Comfortable navigating APM and Infrastructure areas in NewRelic
 * Comfortable reviewing logs in AWS CloudWatch and/or with cw CLI tool
 * Shadowed full set of deploys: dev, int, staging, and prod application and other infrastructure code
-* Reviewed [Security Incident Response Guide]({{site.baseurl}}/articles/secops-incident-response-guide.html)
+* Reviewed [Security Incident Response Guide]({% link _articles/secops-incident-response-guide.md %})
 * Reviewed [past postmortems](https://drive.google.com/drive/folders/1ZdroGfCbGmeUPuCqiR8BetUhEXRfk4ui)
 * Joined [#identity-situation](https://gsa-tts.slack.com/messages/login-situation/) channel
 * Joined [identity-devops Hangout](https://chat.google.com/room/AAAAJIpl9Oo) group (* Only for use in case of Slack outage)

_articles/offboarding.md

@@ -24,8 +24,8 @@ Review the [Leaving TTS page in the TTS Handbook](https://handbook.tts.gsa.gov/l
   - Note that CircleCI, CodeClimate, and Snyk rights are removed via GitHub integration
 - [Using the JIRA Portal](https://cm-jira.usa.gov/servicedesk/customer/portal/11), choose `Application Access` and request that the user be removed from the Login.gov project (and deactivated if they are no longer working for GSA).
 - Use the [TTS Slack Form](https://goo.gl/forms/mKATdB9QuNo7AXVY2) to submit user modification
-- Remove from [login.gov Slack groups]({{site.url}}/articles/slack.html).
-- Remove from [all accounts]({{site.url}}/articles/accounts.html)
+- Remove from [login.gov Slack groups]({% link _articles/slack.md %}).
+- Remove from [all accounts]({% link _articles/accounts.md %})
   - [Remove user from Login.gov Google Groups](https://groups.google.com/a/gsa.gov/forum/#!myforums)
   - [Remove the user from Hubspot](https://app.hubspot.com/settings/5531666/users)
   - [Remove user from Figma](https://www.figma.com/files/team/893580939040886405/Login.gov/members)

_articles/onboarding.md

@@ -10,7 +10,7 @@ TTS Talent has [their own onboarding checklist in Google Drive](https://docs.goo
 
 ## For new login.gov team members to complete themselves
 
-- Familiarize yourself with the [login.gov Handbook]({{site.url}})
+- Familiarize yourself with the [login.gov Handbook]({{site.baseurl}})
 - Watch a [login.gov authentication overview](https://drive.google.com/file/d/1UFq0OAHgbLdPUXXj6FAIgSxtLyAfYxSa/view)
 - Watch a [login.gov identity verification overview](https://drive.google.com/file/d/1GanUUpkAcJCopQAPac4DSe10LREdSGZw/view)
 - Review the [Login.gov org chart](https://docs.google.com/spreadsheets/d/1tiTR2ohdl0NIsrF4gJjNipEZ0z0oq1pOFWYjHg8Tbi0/edit#gid=0)
@@ -50,7 +50,7 @@ Look at this work as a power multiplier, you are helping someone gain a firm fou
   - Contractors who are working on TTS projects most or full-time can be added as full Slack members.
   - Other collaborators should be added as multi-channel guests.
   - Full Slack access for Contractors is at the discretion of login.gov's Contracting Officer. Please see [TTS Handbook guidance](https://handbook.tts.gsa.gov/slack-admin/) for more info.
-- Add to appropriate [login.gov Slack groups]({{site.url}}/articles/slack.html) like `login-feds` or `login-appdev-team`.
+- Add to appropriate [login.gov Slack groups]({% link _articles/slack.md %}) like `login-feds` or `login-appdev-team`.
 - Add them to the [Login.gov Shared Calendar](https://calendar.google.com/calendar/embed?src=gsa.gov_6ovul6pcsmgd40o8pqn7qmge5g%40group.calendar.google.com)
   - Non-GSA.gov email address: `See all event details` permission
   - With GSA.gov email address: `Make changes AND manage sharing`
@@ -136,7 +136,7 @@ Look at this work as a power multiplier, you are helping someone gain a firm fou
   - Update the knapsack report for the IdP
   - Update the IdP's rubygem and npm dependencies
 - Learn to release the app
-  - Read the [release management guide]({{site.baseurl}}/articles/appdev-deploy.html)
+  - Read the [release management guide]({% link _articles/appdev-deploy.md %})
   - Shadow someone who is deploying the app
 - Get access to the login.gov static site setting in Federalist
 - Review some more documentation