Merge pull request #4420 from hhunter-ms/upmerge_11-05

Upmerge 11/05
dapr · Nov 5, 2024 · 07b6aa8 · 07b6aa8
2 parents 1632f50 + 48cbac2
commit 07b6aa8
Show file tree

Hide file tree

Showing 35 changed files with 107 additions and 41 deletions.
diff --git a/daprdocs/content/en/contributing/contributing-overview.md b/daprdocs/content/en/contributing/contributing-overview.md
@@ -18,7 +18,7 @@ See the [Dapr community repository](https://github.com/dapr/community) for more
 
 1. **Docs**: This [repository](https://github.com/dapr/docs) contains the documentation for Dapr. You can contribute by updating existing documentation, fixing errors, or adding new content to improve user experience and clarity. Please see the specific guidelines for [docs contributions]({{< ref contributing-docs >}}).
 
-2. **Quickstarts**: The Quickstarts [repository](https://github.com/dapr/quickstarts) provides simple, step-by-step guides to help users get started with Dapr quickly. Contributions in this repository involve creating new quickstarts, improving existing ones, or ensuring they stay up-to-date with the latest features.
+2. **Quickstarts**: The Quickstarts [repository](https://github.com/dapr/quickstarts) provides simple, step-by-step guides to help users get started with Dapr quickly. [Contributions in this repository](https://github.com/dapr/quickstarts/blob/master/CONTRIBUTING.md) involve creating new quickstarts, improving existing ones, or ensuring they stay up-to-date with the latest features.
 
 3. **Runtime**: The Dapr runtime [repository](https://github.com/dapr/dapr) houses the core runtime components. Here, you can contribute by fixing bugs, optimizing performance, implementing new features, or enhancing existing ones.
 

diff --git a/daprdocs/content/en/contributing/daprbot.md b/daprdocs/content/en/contributing/daprbot.md
@@ -2,7 +2,7 @@
 type: docs
 title: "Dapr bot reference"
 linkTitle: "Dapr bot"
-weight: 15
+weight: 70
 description: "List of Dapr bot capabilities."
 ---
 

diff --git a/daprdocs/content/en/contributing/docs-contrib/contributing-docs.md b/daprdocs/content/en/contributing/docs-contrib/contributing-docs.md
@@ -41,15 +41,18 @@ Style and tone conventions should be followed throughout all Dapr documentation
 
 ## Diagrams and images
 
-Diagrams and images are invaluable visual aids for documentation pages. Diagrams are kept in a [Dapr Diagrams Deck](https://github.com/dapr/docs/tree/v1.11/daprdocs/static/presentations), which includes guidance on style and icons. 
+Diagrams and images are invaluable visual aids for documentation pages. Use the diagram style and icons in the [Dapr Diagrams template deck](https://github.com/dapr/docs/tree/v1.14/daprdocs/static/presentations). 
 
-As you create diagrams for your documentation:
+The process for creating diagrams for your documentation:
 
-- Save them as high-res PNG files into the [images folder](https://github.com/dapr/docs/tree/v1.11/daprdocs/static/images).
-- Name your PNG files using the convention of a concept or building block so that they are grouped.
+1. Download the [Dapr Diagrams template deck](https://github.com/dapr/docs/tree/v1.14/daprdocs/static/presentations) to use the icons and colors.
+1. Add a new slide and create your diagram. 
+1. Screen capture the diagram as high-res PNG file and save in the [images folder](https://github.com/dapr/docs/tree/v1.14/daprdocs/static/images).
+1. Name your PNG files using the convention of a concept or building block so that they are grouped.
   - For example: `service-invocation-overview.png`. 
   - For more information on calling out images using shortcode, see the [Images guidance](#images) section below.
-- Add the diagram to the correct section in the `Dapr-Diagrams.pptx` deck so that they can be amended and updated during routine refresh.
+1. Add the diagram to the appropriate section in your documentation using the HTML `<image>` tag.
+1. In your PR, comment the diagram slide (not the screen capture) so it can be reviewed and added to the diagram deck by maintainers.
 
 ## Contributing a new docs page
 

diff --git a/...ntent/en/developing-applications/building-blocks/pubsub/subscription-methods.md b/...ntent/en/developing-applications/building-blocks/pubsub/subscription-methods.md
@@ -37,17 +37,16 @@ metadata:
 spec:
   topic: orders
   routes:
-    default: /checkout
+    default: /orders
   pubsubname: pubsub
 scopes:
 - orderprocessing
-- checkout
 ```
 
 Here the subscription called `order`: 
 - Uses the pub/sub component called `pubsub` to subscribes to the topic called `orders`.
-- Sets the `route` field to send all topic messages to the `/checkout` endpoint in the app.
-- Sets `scopes` field to scope this subscription for access only by apps with IDs `orderprocessing` and `checkout`.
+- Sets the `route` field to send all topic messages to the `/orders` endpoint in the app.
+- Sets `scopes` field to scope this subscription for access only by apps with ID `orderprocessing`.
 
 When running Dapr, set the YAML component file path to point Dapr to the component.
 
@@ -113,7 +112,7 @@ In your application code, subscribe to the topic specified in the Dapr pub/sub c
 
 ```csharp
  //Subscribe to a topic 
-[HttpPost("checkout")]
+[HttpPost("orders")]
 public void getCheckout([FromBody] int orderId)
 {
     Console.WriteLine("Subscriber received : " + orderId);
@@ -128,7 +127,7 @@ public void getCheckout([FromBody] int orderId)
 import io.dapr.client.domain.CloudEvent;
 
  //Subscribe to a topic
-@PostMapping(path = "/checkout")
+@PostMapping(path = "/orders")
 public Mono<Void> getCheckout(@RequestBody(required = false) CloudEvent<String> cloudEvent) {
     return Mono.fromRunnable(() -> {
         try {
@@ -146,7 +145,7 @@ public Mono<Void> getCheckout(@RequestBody(required = false) CloudEvent<String>
 from cloudevents.sdk.event import v1
 
 #Subscribe to a topic 
-@app.route('/checkout', methods=['POST'])
+@app.route('/orders', methods=['POST'])
 def checkout(event: v1.Event) -> None:
     data = json.loads(event.Data())
     logging.info('Subscriber received: ' + str(data))
@@ -163,7 +162,7 @@ const app = express()
 app.use(bodyParser.json({ type: 'application/*+json' }));
 
 // listen to the declarative route
-app.post('/checkout', (req, res) => {
+app.post('/orders', (req, res) => {
   console.log(req.body);
   res.sendStatus(200);
 });
@@ -178,7 +177,7 @@ app.post('/checkout', (req, res) => {
 var sub = &common.Subscription{
 	PubsubName: "pubsub",
 	Topic:      "orders",
-	Route:      "/checkout",
+	Route:      "/orders",
 }
 
 func eventHandler(ctx context.Context, e *common.TopicEvent) (retry bool, err error) {
@@ -191,7 +190,7 @@ func eventHandler(ctx context.Context, e *common.TopicEvent) (retry bool, err er
 
 {{< /tabs >}}
 
-The `/checkout` endpoint matches the `route` defined in the subscriptions and this is where Dapr sends all topic messages to.
+The `/orders` endpoint matches the `route` defined in the subscriptions and this is where Dapr sends all topic messages to.
 
 ### Streaming subscriptions
 
@@ -325,7 +324,7 @@ In the example below, you define the values found in the [declarative YAML subsc
 
 ```csharp
 [Topic("pubsub", "orders")]
-[HttpPost("/checkout")]
+[HttpPost("/orders")]
 public async Task<ActionResult<Order>>Checkout(Order order, [FromServices] DaprClient daprClient)
 {
     // Logic
@@ -337,7 +336,7 @@ or
 
 ```csharp
 // Dapr subscription in [Topic] routes orders topic to this route
-app.MapPost("/checkout", [Topic("pubsub", "orders")] (Order order) => {
+app.MapPost("/orders", [Topic("pubsub", "orders")] (Order order) => {
     Console.WriteLine("Subscriber received : " + order);
     return Results.Ok(order);
 });
@@ -359,7 +358,7 @@ app.UseEndpoints(endpoints =>
 ```java
 private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
 
-@Topic(name = "checkout", pubsubName = "pubsub")
+@Topic(name = "orders", pubsubName = "pubsub")
 @PostMapping(path = "/orders")
 public Mono<Void> handleMessage(@RequestBody(required = false) CloudEvent<String> cloudEvent) {
   return Mono.fromRunnable(() -> {
@@ -370,6 +369,7 @@ public Mono<Void> handleMessage(@RequestBody(required = false) CloudEvent<String
       throw new RuntimeException(e);
     }
   });
+}
 ```
 
 {{% /codetab %}}
@@ -382,7 +382,7 @@ def subscribe():
     subscriptions = [
       {
         'pubsubname': 'pubsub',
-        'topic': 'checkout',
+        'topic': 'orders',
         'routes': {
           'rules': [
             {
@@ -418,7 +418,7 @@ app.get('/dapr/subscribe', (req, res) => {
   res.json([
     {
       pubsubname: "pubsub",
-      topic: "checkout",
+      topic: "orders",
       routes: {
         rules: [
           {
@@ -480,7 +480,7 @@ func configureSubscribeHandler(w http.ResponseWriter, _ *http.Request) {
 	t := []subscription{
 		{
 			PubsubName: "pubsub",
-			Topic:      "checkout",
+			Topic:      "orders",
 			Routes: routes{
 				Rules: []rule{
 					{

diff --git a/...eveloping-applications/building-blocks/state-management/howto-get-save-state.md b/...eveloping-applications/building-blocks/state-management/howto-get-save-state.md
@@ -10,8 +10,6 @@ State management is one of the most common needs of any new, legacy, monolith, o
 
 In this guide, you'll learn the basics of using the key/value state API to allow an application to save, get, and delete state.
 
-## Example
-
 The code example below _loosely_ describes an application that processes orders with an order processing service which has a Dapr sidecar. The order processing service uses Dapr to store state in a Redis state store.
 
 <img src="/images/building-block-state-management-example.png" width=1000 alt="Diagram showing state management of example service">
@@ -554,7 +552,7 @@ namespace EventService
             string DAPR_STORE_NAME = "statestore";
             //Using Dapr SDK to retrieve multiple states
             using var client = new DaprClientBuilder().Build();
-            IReadOnlyList<BulkStateItem> mulitpleStateResult = await client.GetBulkStateAsync(DAPR_STORE_NAME, new List<string> { "order_1", "order_2" }, parallelism: 1);
+            IReadOnlyList<BulkStateItem> multipleStateResult = await client.GetBulkStateAsync(DAPR_STORE_NAME, new List<string> { "order_1", "order_2" }, parallelism: 1);
         }
     }
 }

diff --git a/.../developing-applications/building-blocks/workflow/workflow-features-concepts.md b/.../developing-applications/building-blocks/workflow/workflow-features-concepts.md
@@ -135,7 +135,7 @@ Because workflow retry policies are configured in code, the exact developer expe
 | --- | --- |
 | **Maximum number of attempts** | The maximum number of times to execute the activity or child workflow. |
 | **First retry interval** | The amount of time to wait before the first retry. |
-| **Backoff coefficient** | The amount of time to wait before each subsequent retry. |
+| **Backoff coefficient** | The coefficient used to determine the rate of increase of back-off. For example a coefficient of 2 doubles the wait of each subsequent retry. |
 | **Maximum retry interval** | The maximum amount of time to wait before each subsequent retry. |
 | **Retry timeout** | The overall timeout for retries, regardless of any configured max number of attempts. |
 

diff --git a/daprdocs/content/en/getting-started/quickstarts/workflow-quickstart.md b/daprdocs/content/en/getting-started/quickstarts/workflow-quickstart.md
@@ -10,6 +10,10 @@ description: Get started with the Dapr Workflow building block
 Dapr Workflow is currently in beta. [See known limitations for {{% dapr-latest-version cli="true" %}}]({{< ref "workflow-overview.md#limitations" >}}).
 {{% /alert %}}
 
+{{% alert title="Note" color="primary" %}}
+Redis is currently used as the state store component for Workflows in the Quickstarts. However, Redis does not support transaction rollbacks and should not be used in production as an actor state store.
+{{% /alert %}}
+
 Let's take a look at the Dapr [Workflow building block]({{< ref workflow-overview.md >}}). In this Quickstart, you'll create a simple console application to demonstrate Dapr's workflow programming model and the workflow management APIs.
 
 In this guide, you'll:
@@ -1356,4 +1360,4 @@ Join the discussion in our [discord channel](https://discord.com/channels/778680
 - Walk through a more in-depth [.NET SDK example workflow](https://github.com/dapr/dotnet-sdk/tree/master/examples/Workflow)
 - Learn more about [Workflow as a Dapr building block]({{< ref workflow-overview >}})
 
-{{< button text="Explore Dapr tutorials  >>" page="getting-started/tutorials/_index.md" >}}
+{{< button text="Explore Dapr tutorials  >>" page="getting-started/tutorials/_index.md" >}}
diff --git a/daprdocs/content/en/operations/configuration/secret-scope.md b/daprdocs/content/en/operations/configuration/secret-scope.md
@@ -4,10 +4,15 @@ title: "How-To: Limit the secrets that can be read from secret stores"
 linkTitle: "Limit secret store access"
 weight: 3000
 description: "Define secret scopes by augmenting the existing configuration resource with restrictive permissions."
+description: "Define secret scopes by augmenting the existing configuration resource with restrictive permissions."
 ---
 
+In addition to [scoping which applications can access a given component]({{< ref "component-scopes.md">}}), you can also scop a named secret store component to one or more secrets for an application. By defining `allowedSecrets` and/or `deniedSecrets` lists, you restrict applications to access only specific secrets.
 In addition to [scoping which applications can access a given component]({{< ref "component-scopes.md">}}), you can also scop a named secret store component to one or more secrets for an application. By defining `allowedSecrets` and/or `deniedSecrets` lists, you restrict applications to access only specific secrets.
 
+For more information about configuring a Configuration resource:
+- [Configuration overview]({{< ref configuration-overview.md >}})
+- [Configuration schema]({{< ref configuration-schema.md >}})
 For more information about configuring a Configuration resource:
 - [Configuration overview]({{< ref configuration-overview.md >}})
 - [Configuration schema]({{< ref configuration-schema.md >}})
@@ -55,8 +60,10 @@ The `allowedSecrets` and `deniedSecrets` list values take priority over the `def
 
 ### Scenario 1: Deny access to all secrets for a secret store
 
+In a Kubernetes cluster, the native Kubernetes secret store is added to your Dapr application by default. In some scenarios, it may be necessary to deny access to Dapr secrets for a given application. To add this configuration: 
 In a Kubernetes cluster, the native Kubernetes secret store is added to your Dapr application by default. In some scenarios, it may be necessary to deny access to Dapr secrets for a given application. To add this configuration: 
 
+1. Define the following `appconfig.yaml`. 
 1. Define the following `appconfig.yaml`. 
 
    ```yaml
@@ -70,7 +77,25 @@ In a Kubernetes cluster, the native Kubernetes secret store is added to your Dap
          - storeName: kubernetes
            defaultAccess: deny
    ```
+   ```yaml
+   apiVersion: dapr.io/v1alpha1
+   kind: Configuration
+   metadata:
+     name: appconfig
+   spec:
+     secrets:
+       scopes:
+         - storeName: kubernetes
+           defaultAccess: deny
+   ```
+
+1. Apply it to the Kubernetes cluster using the following command:
+
+   ```bash
+   kubectl apply -f appconfig.yaml`.
+   ```
 
+For applications that you need to deny access to the Kubernetes secret store, follow [the Kubernetes instructions]({{< ref kubernetes-overview >}}), adding the following annotation to the application pod.
 1. Apply it to the Kubernetes cluster using the following command:
 
    ```bash
@@ -85,6 +110,7 @@ dapr.io/config: appconfig
 
 With this defined, the application no longer has access to Kubernetes secret store.
 
+### Scenario 2: Allow access to only certain secrets in a secret store
 ### Scenario 2: Allow access to only certain secrets in a secret store
 
 To allow a Dapr application to have access to only certain secrets, define the following `config.yaml`:
@@ -102,6 +128,7 @@ spec:
         allowedSecrets: ["secret1", "secret2"]
 ```
 
+This example defines configuration for secret store named `vault`. The default access to the secret store is `deny`. Meanwhile, some secrets are accessible by the application based on the `allowedSecrets` list. Follow [the Sidecar configuration instructions]({{< ref "configuration-overview.md#sidecar-configuration" >}}) to apply configuration to the sidecar.
 This example defines configuration for secret store named `vault`. The default access to the secret store is `deny`. Meanwhile, some secrets are accessible by the application based on the `allowedSecrets` list. Follow [the Sidecar configuration instructions]({{< ref "configuration-overview.md#sidecar-configuration" >}}) to apply configuration to the sidecar.
 
 ### Scenario 3: Deny access to certain sensitive secrets in a secret store
@@ -126,3 +153,8 @@ This configuration explicitly denies access to `secret1` and `secret2` from the
 ## Next steps
 
 {{< button text="Service invocation access control" page="invoke-allowlist" >}}
+This configuration explicitly denies access to `secret1` and `secret2` from the secret store named `vault,` while allowing access to all other secrets. Follow [the Sidecar configuration instructions]({{< ref "configuration-overview.md#sidecar-configuration" >}}) to apply configuration to the sidecar.
+
+## Next steps
+
+{{< button text="Service invocation access control" page="invoke-allowlist" >}}