docs: catch some missed docs -> guide (#9850)

docs/guide/configuration/cache.md

@@ -100,7 +100,7 @@ $ trivy server --cache-backend redis://localhost:6379 \
 [trivy-java-db]: ./db.md
 [misconf-checks]: ../scanner/misconfiguration/check/builtin.md
 [boltdb]: https://github.com/etcd-io/bbolt
-[parallel-run]: https://trivy.dev/{{ git.tag}}/docs/references/troubleshooting/#running-in-parallel-takes-same-time-as-series-run
+[parallel-run]: https://trivy.dev/docs/{{ git.tag}}/guide/references/troubleshooting/#running-in-parallel-takes-same-time-as-series-run
 
 [^1]: Downloaded when scanning for vulnerabilities
 [^2]: Downloaded when scanning `jar/war/par/ear` files

pkg/commands/artifact/run.go

@@ -469,7 +469,7 @@ func checkOptions(ctx context.Context, opts flag.Options, targetKind TargetKind)
 		log.WarnContext(ctx,
 			fmt.Sprintf(
 				"Trivy runs in client/server mode, but misconfiguration and secret scanning will be done on the client side, see %s",
-				doc.URL("/docs/references/modes/client-server", ""),
+				doc.URL("guide/references/modes/client-server", ""),
 			),
 		)
 	}
@@ -603,7 +603,7 @@ func (r *runner) initScannerConfig(ctx context.Context, opts flag.Options) (Scan
 				strings.Join(xstrings.ToStringSlice(nonSecrets), ",")))
 		}
 		// e.g. https://trivy.dev/docs/latest/scanner/secret/#recommendation
-		logger.Info(fmt.Sprintf("Please see %s for faster secret detection", doc.URL("/docs/scanner/secret/", "recommendation")))
+		logger.Info(fmt.Sprintf("Please see %s for faster secret detection", doc.URL("guide/scanner/secret/", "recommendation")))
 	} else {
 		opts.SecretConfigPath = ""
 	}

pkg/commands/run.go

@@ -12,7 +12,7 @@ import (
 )
 
 const (
-	troubleshootingDocPath = "/docs/references/troubleshooting/"
+	troubleshootingDocPath = "guide/references/troubleshooting/"
 	lockDocFragment        = "database-and-cache-lock-errors"
 	timeoutDocFragment     = "timeout"
 )

pkg/dependency/parser/java/pom/artifact.go

@@ -17,7 +17,7 @@ var (
 	emptyVersionWarn = sync.OnceFunc(func() {
 		log.WithPrefix("pom").Warn("Dependency version cannot be determined. Child dependencies will not be found.",
 			// e.g. https://trivy.dev/docs/latest/coverage/language/java/#empty-dependency-version
-			log.String("details", doc.URL("/docs/coverage/language/java/", "empty-dependency-version")))
+			log.String("details", doc.URL("guide/coverage/language/java/", "empty-dependency-version")))
 	})
 )
 

pkg/fanal/analyzer/imgconf/dockerfile/dockerfile.go

@@ -23,7 +23,7 @@ import (
 
 var (
 	disabledChecks = set.New("AVD-DS-0007", "AVD-DS-0016")
-	reason         = "See " + doc.URL("docs/target/container_image", "disabled-checks")
+	reason         = "See " + doc.URL("guide/target/container_image", "disabled-checks")
 )
 
 const analyzerVersion = 1

pkg/fanal/analyzer/language/conda/environment/environment.go

@@ -44,7 +44,7 @@ func (*parser) Parse(ctx context.Context, r xio.ReadSeekerAt) ([]types.Package,
 				// Show log once per file
 				once.Do(func() {
 					// e.g. https://trivy.dev/docs/latest/coverage/os/conda/#license_1
-					log.WithPrefix("conda").Debug(fmt.Sprintf("License not found. See %s for details.", doc.URL("docs/coverage/os/conda/", "license_1")),
+					log.WithPrefix("conda").Debug(fmt.Sprintf("License not found. See %s for details.", doc.URL("guide/coverage/os/conda/", "license_1")),
 						log.String("pkg", pkg.Name), log.Err(err))
 				})
 			}

pkg/iac/rego/load.go

@@ -272,7 +272,7 @@ func (s *Scanner) handleModulesMetadata(path string, module *ast.Module) {
 		s.logger.Warn(
 			"Module has legacy input format - please update to use annotations",
 			log.FilePath(module.Package.Location.File),
-			log.String("details", doc.URL("/docs/scanner/misconfiguration/custom", "input")),
+			log.String("details", doc.URL("guide/scanner/misconfiguration/custom", "input")),
 		)
 	}
 
@@ -280,7 +280,7 @@ func (s *Scanner) handleModulesMetadata(path string, module *ast.Module) {
 		s.logger.Warn(
 			"Module has legacy metadata format - please update to use annotations",
 			log.FilePath(module.Package.Location.File),
-			log.String("details", doc.URL("/docs/scanner/misconfiguration/custom", "metadata")),
+			log.String("details", doc.URL("guide/scanner/misconfiguration/custom", "metadata")),
 		)
 		return
 	}

pkg/oci/artifact.go

@@ -262,8 +262,8 @@ func shouldTryOtherRepo(err error) bool {
 	for _, diagnostic := range terr.Errors {
 		// For better user experience
 		if diagnostic.Code == transport.DeniedErrorCode || diagnostic.Code == transport.UnauthorizedErrorCode {
-			// e.g. https://trivy.dev/docs/latest/references/troubleshooting/#db
+			// e.g. https://trivy.dev/docs/latest/guide/references/troubleshooting/#db
-			log.Warnf("See %s", doc.URL("/docs/references/troubleshooting/", "db"))
+			log.Warnf("See %s", doc.URL("guide/references/troubleshooting/", "db"))
 			break
 		}
 	}

pkg/report/table/vulnerability.go

@@ -93,7 +93,7 @@ func (r *vulnerabilityRenderer) renderDetectedVulnerabilities(result types.Resul
 		if os.Getenv(envDisableNotice) != "" || os.Getenv("CI") == "" {
 			return
 		}
-		_, _ = color.New(color.FgCyan).Fprintf(r.w, vexNotice, doc.URL("docs/supply-chain/vex/repo", "publishing-vex-documents"))
+		_, _ = color.New(color.FgCyan).Fprintf(r.w, vexNotice, doc.URL("guide/supply-chain/vex/repo", "publishing-vex-documents"))
 	})
 
 	tw := newTableWriter(r.w, r.isTerminal)

pkg/version/doc/doc.go

@@ -15,10 +15,11 @@ const devVersion = "dev"
 // BaseURL returns the base URL for the versioned documentation
 func BaseURL(ver string) *url.URL {
 	ver = canonicalVersion(ver)
+	path := path.Join("docs", ver)
 	return &url.URL{
 		Scheme: "https",
 		Host:   "trivy.dev",
-		Path:   ver,
+		Path:   path,
 	}
 }
 

pkg/version/doc/doc_test.go

@@ -17,32 +17,32 @@ func TestBaseURL(t *testing.T) {
 		{
 			name: "dev",
 			ver:  "dev",
-			want: "https://trivy.dev/dev",
+			want: "https://trivy.dev/docs/dev",
 		},
 		{
 			name: "semver",
 			ver:  "0.52.0",
-			want: "https://trivy.dev/v0.52",
+			want: "https://trivy.dev/docs/v0.52",
 		},
 		{
 			name: "with v prefix",
 			ver:  "v0.52.0",
-			want: "https://trivy.dev/v0.52",
+			want: "https://trivy.dev/docs/v0.52",
 		},
 		{
 			name: "pre-release",
 			ver:  "0.52.0-beta1",
-			want: "https://trivy.dev/dev",
+			want: "https://trivy.dev/docs/dev",
 		},
 		{
 			name: "non-semver",
 			ver:  "1",
-			want: "https://trivy.dev/dev",
+			want: "https://trivy.dev/docs/dev",
 		},
 		{
 			name: "empty",
 			ver:  "",
-			want: "https://trivy.dev/dev",
+			want: "https://trivy.dev/docs/dev",
 		},
 	}
 	for _, tt := range tests {
@@ -63,28 +63,28 @@ func TestURL(t *testing.T) {
 		{
 			name:    "path without slash",
 			rawPath: "foo",
-			want:    "https://trivy.dev/dev/foo",
+			want:    "https://trivy.dev/docs/dev/foo",
 		},
 		{
 			name:    "path with leading slash",
 			rawPath: "/foo",
-			want:    "https://trivy.dev/dev/foo",
+			want:    "https://trivy.dev/docs/dev/foo",
 		},
 		{
 			name:    "path with slash",
 			rawPath: "foo/bar",
-			want:    "https://trivy.dev/dev/foo/bar",
+			want:    "https://trivy.dev/docs/dev/foo/bar",
 		},
 		{
 			name:     "path with fragment",
 			rawPath:  "foo",
 			fragment: "bar",
-			want:     "https://trivy.dev/dev/foo#bar",
+			want:     "https://trivy.dev/docs/dev/foo#bar",
 		},
 		{
 			name:    "empty",
 			rawPath: "",
-			want:    "https://trivy.dev/dev",
+			want:    "https://trivy.dev/docs/dev",
 		},
 	}
 	for _, tt := range tests {

pkg/vulnerability/vulnerability.go

@@ -47,7 +47,7 @@ var (
 // cf. https://github.com/aquasecurity/trivy/issues/6714
 var onceWarn = sync.OnceFunc(func() {
 	// e.g. https://trivy.dev/docs/latest/scanner/vulnerability/#severity-selection
-	log.Warnf("Using severities from other vendors for some vulnerabilities. Read %s for details.", doc.URL("/docs/scanner/vulnerability/", "severity-selection"))
+	log.Warnf("Using severities from other vendors for some vulnerabilities. Read %s for details.", doc.URL("guide/scanner/vulnerability/", "severity-selection"))
 })
 
 // Client manipulates vulnerabilities