Merge pull request #1745 from jzelinskie/html-readme

README: htmlify, update links

README.md

@@ -1,54 +1,62 @@
-# SpiceDB
-
-[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/6348/badge)](https://bestpractices.coreinfrastructure.org/projects/6348)
-[![Container Image](https://img.shields.io/github/v/release/authzed/spicedb?color=%232496ED&label=container&logo=docker "Container Image")](https://hub.docker.com/r/authzed/spicedb/tags)
-[![Docs](https://img.shields.io/badge/docs-authzed.com-%234B4B6C "Authzed Documentation")](https://docs.authzed.com)
-[![Discord Server](https://img.shields.io/discord/844600078504951838?color=7289da&label=discord&logo=discord&logoColor=7289da "Discord Server")](https://authzed.com/discord)
-[![Twitter](https://img.shields.io/badge/twitter-%40authzed-1D8EEE?logo=twitter "@authzed on Twitter")](https://twitter.com/authzed)
-
-SpiceDB is an open source, [Google Zanzibar]-inspired database for creating and managing security-critical application permissions.
-
-Developers create a [schema] and use [client libraries] to apply the schema to the database, insert [relationships] into the database, and query the database to efficiently check permissions in their applications.
-
-[Google Zanzibar]: https://authzed.com/blog/what-is-zanzibar/
-[schema]: https://authzed.com/docs/guides/schema
-[client libraries]: https://github.com/authzed/awesome-spicedb#clients
-[relationships]: https://authzed.com/docs/reference/glossary#relationship
-
-Features that distinguish SpiceDB from other systems include:
-
-- Expressive [gRPC] and [HTTP/JSON] APIs for checking permissions, listing access, and powering devtools
-- A distributed, parallel graph-engine faithful to the architecture described in [Google's Zanzibar paper]
-- A flexible consistency model configurable [per-request] that includes resistance to the [New Enemy Problem]
-- An expressive [schema language] with a [playground] and CI/CD integrations for [validation] and [integration testing]
-- A pluggable [storage system] supporting [in-memory], [Spanner], [CockroachDB], [PostgreSQL] and [MySQL]
-- Deep observability with [Prometheus] metrics, [pprof] profiles, structured logging, and [OpenTelemetry] tracing
-
-Want to learn more about the inspiration for SpiceDB? We've annotated [Google's Zanzibar Paper] with our own commentary.
-
-[gRPC]: https://buf.build/authzed/api/docs/main:authzed.api.v1
-[HTTP/JSON]: https://app.swaggerhub.com/apis-docs/authzed/authzed/1.0
-
-[per-request]: https://docs.authzed.com/reference/api-consistency
-[New Enemy Problem]: https://authzed.com/blog/new-enemies/
-
-[schema language]: https://docs.authzed.com/guides/schema
-[playground]: https://play.authzed.com
-[validation]: https://github.com/authzed/action-spicedb-validate
-[integration testing]: https://github.com/authzed/action-spicedb
-
-[storage system]: https://authzed.com/docs/spicedb/selecting-a-datastore
-[in-memory]: https://github.com/hashicorp/go-memdb
-[PostgreSQL]: https://www.postgresql.org
-[Spanner]: https://cloud.google.com/spanner
-[CockroachDB]: https://github.com/cockroachdb/cockroach
-[MySQL]: https://www.mysql.com
-
-[Prometheus]: https://prometheus.io
-[pprof]: https://jvns.ca/blog/2017/09/24/profiling-go-with-pprof/
-[OpenTelemetry]: https://opentelemetry.io
-
-[Google's Zanzibar paper]: https://authzed.com/zanzibar
+<h1 align="center">
+    <a href="https://authzed.com#gh-dark-mode-only" target="_blank">
+        <img width="300" src="https://github.com/authzed/spicedb/assets/343539/82234426-468b-4297-8b5c-f06a44fe2278" alt="spicedb logo">
+    </a>
+    <a href="https://authzed.com#gh-light-mode-only" target="_blank">
+        <img width="300" src="https://github.com/authzed/spicedb/assets/343539/312ff046-7076-4c30-afd4-2e3d86c06f51" alt="spicedb Logo">
+    </a>
+</h1>
+
+<h3 align="center">
+  SpiceDB sets the standard for authorization that <i>scales</i>.
+  <br/><br/>Scale with<br/>
+  Traffic • Dev Velocity • Functionality • Geography
+</h3>
+
+<p align="center">
+  <a href="https://github.com/authzed/spicedb/releases"><img alt="release badge" src="https://img.shields.io/github/v/release/authzed/spicedb?color=%236EC93F&label=latest%20release&sort=semver&style=flat-square"></a>
+  &nbsp;
+  <a href="https://hub.docker.com/repository/docker/authzed/spicedb" target="_blank"><img alt="docker pulls badge" src="https://img.shields.io/docker/pulls/authzed/spicedb?color=%23448CE6&style=flat-square"></a>
+  &nbsp;
+  <a href="https://authzed.com/blog/go-ecosystem"><img alt="built with Go badge" src="https://img.shields.io/badge/built_with-Go-367B99.svg?style=flat-square"></a>
+  &nbsp;
+  <a href="https://www.bestpractices.dev/en/projects/6348" target="_blank"><img alt="cii badge" src="https://img.shields.io/cii/percentage/6348?style=flat-square&label=cii%20best%20practices&color=F8D44B"></a>
+  &nbsp;
+</p>
+
+<p align="center">
+  <a href="https://discord.gg/spicedb"><img alt="discord badge" src="https://img.shields.io/discord/844600078504951838?color=7289da&label=discord&style=flat-square"></a>
+	&nbsp;
+    <a href="https://twitter.com/authzed"><img alt="twitter badge" src="https://img.shields.io/badge/[email protected]?style=flat-square"></a>
+    &nbsp;
+    <a href="https://www.linkedin.com/company/authzed/"><img alt="linkedin badge" src="https://img.shields.io/badge/linkedin-+authzed-2D65BC.svg?style=flat-square"></a>
+</p>
+
+## What is SpiceDB?
+
+SpiceDB is a graph database purpose-built for storing and evaluating access control data.
+
+As of 2021, [broken access control became the #1 threat to the web][owasp]. With SpiceDB, developers finally have the solution to stopping this threat the same way as the hyperscalers.
+
+[owasp]: https://owasp.org/Top10/A01_2021-Broken_Access_Control/
+
+### Why SpiceDB?
+
+- [**World-class engineering**][about]: painstakingly built by experts that pioneered the cloud-native ecosystem
+- [**Authentic design**][zanzibar]: mature and feature-complete implementation of Google's Zanzibar paper
+- [**Proven in production**][1M]: 5ms p95 when scaled to millions of queries/s, billions of relationships
+- [**Global consistency**][consistency]: consistency configured per-request unlocks correctness while maintaining performance
+- [**Multi-paradigm**][caveats]: caveated relationships combine the best concepts in authorization: ABAC & ReBAC
+- [**Safety in tooling**][tooling]: designs schemas with real-time validation or validate in your CI/CD workflow
+- [**Reverse Indexes**][reverse-indexes]: queries for "What can `subject` do?", "Who can access `resource`?"
+
+[about]: https://authzed.com/why-authzed
+[zanzibar]: https://authzed.com/zanzibar
+[1M]: https://authzed.com/blog/google-scale-authorization
+[caveats]: https://netflixtechblog.com/abac-on-spicedb-enabling-netflixs-complex-identity-types-c118f374fa89
+[tooling]: https://authzed.com/docs/spicedb/modeling/validation-testing-debugging
+[reverse-indexes]: https://authzed.com/docs/spicedb/getting-started/faq#what-is-a-reverse-index
+[consistency]: https://authzed.com/docs/spicedb/concepts/consistency
 
 ## Joining the Community
 
@@ -178,9 +186,9 @@ You can try both SpiceDB and zed entirely in your browser on the [playground] th
 
 If you don't want to start with the examples loadable from the Playground, you can follow a guide for [developing a schema] or review the the schema language [design documentation].
 
-To get a quick idea of schema development, you can watch the creators of SpiceDB writing a schema for GitHub:
+Watch the SpiceDB primer video to get started with schema development:
 
-[![Modeling GitHub YouTube Video Thumbnail](https://user-images.githubusercontent.com/343539/223837989-ead99ff9-ef35-4cf3-864d-d8d86ecdf9ce.png)](https://www.youtube.com/watch?v=x3-B9-ICj0w)
+<a href="https://www.youtube.com/watch?v=AoK0LrkGFDY" target="_blank"><img width="600" alt="SpiceDB Primer YouTube Thumbnail" src="https://github.com/authzed/spicedb/assets/343539/7784dfa2-b330-4c5e-b32a-090759e48392"></a>
 
 [developing a schema]: https://docs.authzed.com/guides/schema
 [design documentation]: https://docs.authzed.com/reference/schema-lang
@@ -196,7 +204,8 @@ Because every millisecond counts, we recommend using libraries that leverage the
 
 To get an understanding of integrating an application with SpiceDB, you can follow the [Protecting Your First App] guide or review API documentation on the [Buf Registry] or [Postman].
 
-[installing zed]: https://github.com/authzed/zed
+[installing zed]: https://authzed.com/docs/spicedb/getting-started/installing-zed
+[playground]: https://play.authzed.com
 [existing client libraries]: https://github.com/authzed/awesome-spicedb#clients
 [Protecting Your First App]: https://docs.authzed.com/guides/first-app
 [Buf Registry]: https://buf.build/authzed/api/docs
@@ -209,5 +218,6 @@ We appreciate all contributions, large and small, and would like to thank all th
 
 In addition, we'd like to highlight a few notable contributions:
 
-- The GitHub Authorization Team for implementing and contributing the MySQL datastore
-- The Netflix Authorization Team for [sponsoring and being a design partner for Caveats](https://authzed.com/blog/abac-on-spicedb-enabling-netflix-complex-identity-types)
+- <img alt="github logo" height="15px" src="https://github.com/authzed/spicedb/assets/343539/c05b8aef-c862-4499-bebf-0a43f3b423c4"> The GitHub Authorization Team for implementing and contributing the MySQL datastore
+- <img alt="netflix logo" height="15px" src="https://github.com/authzed/spicedb/assets/343539/e64128f0-978f-4fd6-bdd7-1ce7cb6b34b9"> The Netflix Authorization Team for sponsoring and being a design partner for caveats
+- <img alt="equinix logo" height="15px" src="https://github.com/authzed/spicedb/assets/343539/7bf706f9-910d-4902-8957-c914a7468eff"> The Equinix Metal Team for sponsoring our benchmarking hardware

magefiles/lint.go

@@ -51,7 +51,7 @@ func (Lint) Markdown() error {
 	}
 	return sh.RunV("docker", "run", "--rm",
 		"-v", fmt.Sprintf("%s:/src:ro", cwd),
-		"ghcr.io/igorshubovych/markdownlint-cli:v0.34.0", "--config", "/src/.markdownlint.yaml", "/src")
+		"ghcr.io/igorshubovych/markdownlint-cli:v0.39.0", "--config", "/src/.markdownlint.yaml", "/src")
 }
 
 // Go Run all go linters