From 47f23f2f58f5040fcb10d3bdec09edf36b1df3e0 Mon Sep 17 00:00:00 2001 From: Ori Zohar Date: Thu, 17 Dec 2020 14:29:39 -0800 Subject: [PATCH 01/11] Re-organizing secret store related articles --- .../building-blocks/secrets/howto-secrets.md | 52 ++++++++----------- .../secrets/secrets-overview.md | 34 ++++++------ .../secret-stores-overview.md | 48 +++++++++++++++-- 3 files changed, 85 insertions(+), 49 deletions(-) diff --git a/daprdocs/content/en/developing-applications/building-blocks/secrets/howto-secrets.md b/daprdocs/content/en/developing-applications/building-blocks/secrets/howto-secrets.md index 512704261..db1828c55 100644 --- a/daprdocs/content/en/developing-applications/building-blocks/secrets/howto-secrets.md +++ b/daprdocs/content/en/developing-applications/building-blocks/secrets/howto-secrets.md @@ -6,42 +6,23 @@ weight: 2000 description: "Use the secret store building block to securely retrieve a secret" --- -It's common for applications to store sensitive information such as connection strings, keys and tokens that are used to authenticate with databases, services and external systems in secrets by using a dedicated secret store. +This article provides guidance on using Dapr's secrets API in your code to leverage the [secrets store building block]({{}}). The secrets API allows you to easily retrieve secrets in your application code from a configured secret store. -Usually this involves setting up a secret store such as Azure Key Vault, Hashicorp Vault and others and storing the application level secrets there. To access these secret stores, the application needs to import the secret store SDK, and use it to access the secrets. +## Prerequisites -This usually involves writing a fair amount of boilerplate code that is not related to the actual business domain of the app, and this becomes an even greater challenge in multi-cloud scenarios: if an app needs to deploy to two different environments and use two different secret stores, the amount of boilerplate code gets doubled, and the effort increases. - -In addition, not all secret stores have native SDKs for all programming languages. - -To make it easier for developers everywhere to consume application secrets, Dapr has a dedicated secrets building block API that allows developers to get secrets from a secret store. - -## Setting up a secret store component - -The first step involves setting up a secret store, either in the cloud or in the hosting environment such as a cluster. This is done by using the relevant instructions from the cloud provider or secret store implementation. - -The second step is to configure the secret store with Dapr. - -To deploy in Kubernetes, save the file above to `aws_secret_manager.yaml` and then run: - -```bash -kubectl apply -f aws_secret_manager.yaml -``` - -To run locally, create a `components` dir containing the YAML file and provide the path to the `dapr run` command with the flag `--components-path`. - -Watch this [video](https://www.youtube.com/watch?v=OtbYCBt9C34&feature=youtu.be&t=1818) for an example on how to use the secrets API. Or watch this [video](https://www.youtube.com/watch?v=8W-iBDNvCUM&feature=youtu.be&t=1765) for an example on how to component scopes with secret components and the secrets API. +Before retrieving secrets in your application's code, you must have a secret store component configured. See guidance on [how to configure a secret store]({{}}) and review [supported secret stores]({{< ref supported-secret-stores >}}) to see specific details required for different secret store solutions. ## Calling the secrets API -Now that the secret store is set up, you can call Dapr to get the secrets for a given key for a specific secret store. +Once you have a secret store set up, you can call Dapr to get the secrets for a given key for a specific secret store. For a full API reference, go [here](https://github.com/dapr/docs/blob/master/reference/api/secrets_api.md). Here are a few examples in different programming languages: -### Go +{{< tabs "Go" "Javascript" "Python" "Rust" "C#" >}} +{{% codetab %}} ```Go import ( "fmt" @@ -61,7 +42,10 @@ func main() { fmt.Println(string(body)) } ``` -### Javascript + +{{% /codetab %}} + +{{% codetab %}} ```javascript require('isomorphic-fetch'); @@ -78,7 +62,9 @@ fetch(`${secretsUrl}/kubernetes/my-secret`) }); ``` -### Python +{{% /codetab %}} + +{{% codetab %}} ```python import requests as req @@ -87,7 +73,10 @@ resp = req.get("http://localhost:3500/v1.0/secrets/kubernetes/my-secret") print(resp.text) ``` -### Rust +{{% /codetab %}} + + +{{% codetab %}} ```rust #![deny(warnings)] @@ -105,7 +94,9 @@ async fn main() -> Result<(), reqwest::Error> { } ``` -### C# +{{% /codetab %}} + +{{% codetab %}} ```csharp var client = new HttpClient(); @@ -115,3 +106,6 @@ response.EnsureSuccessStatusCode(); string secret = await response.Content.ReadAsStringAsync(); Console.WriteLine(secret); ``` +{{% /codetab %}} + +{{< /tabs >}} \ No newline at end of file diff --git a/daprdocs/content/en/developing-applications/building-blocks/secrets/secrets-overview.md b/daprdocs/content/en/developing-applications/building-blocks/secrets/secrets-overview.md index a2f0ae693..17408748c 100644 --- a/daprdocs/content/en/developing-applications/building-blocks/secrets/secrets-overview.md +++ b/daprdocs/content/en/developing-applications/building-blocks/secrets/secrets-overview.md @@ -6,25 +6,20 @@ weight: 1000 description: "Overview of Dapr secrets management building block" --- -Almost all non-trivial applications need to _securely_ store secret data like API keys, database passwords, and more. By nature, these secrets should not be checked into the version control system, but they also need to be accessible to code running in production. This is generally a hard problem, but it's critical to get it right. Otherwise, critical production systems can be compromised. +It's common for applications to store sensitive information such as connection strings, keys and tokens that are used to authenticate with databases, services and external systems in secrets by using a dedicated secret store. -Dapr's solution to this problem is the secrets API and secrets stores. +Usually this involves setting up a secret store such as Azure Key Vault, Hashicorp Vault and others and storing the application level secrets there. To access these secret stores, the application needs to import the secret store SDK, and use it to access the secrets. This may require a fair amount of boilerplate code that is not related to the actual business domain of the app, and so becomes an even greater challenge in multi-cloud scenarios where different vendor specific secret stores may be used. -Here's how it works: +To make it easier for developers everywhere to consume application secrets, Dapr has a dedicated secrets building block API that allows developers to get secrets from a secret store. -- Dapr is set up to use a **secret store** - a place to securely store secret data -- Application code uses the standard Dapr secrets API to retrieve secrets. +Using Dapr's secret store building block typically involves the following: +1. Setting up a component for a specific secret store solution. +1. Retrieving secrets using the Dapr secrets API in the application code. +1. Optionally, referencing secrets in Dapr component files. -Some examples for secret stores include `Kubernetes`, `Hashicorp Vault`, `Azure KeyVault`. See [secret stores]({{< ref supported-secret-stores >}}) for the list of supported stores. - -See [Setup secret stores]({{< ref howto-secrets.md >}}) for a HowTo guide for setting up and using secret stores. - -## Referencing secret stores in Dapr components - -Instead of including credentials directly within a Dapr component file, you can place the credentials within a Dapr supported secret store and reference the secret within the Dapr component. This is preferred approach and is a recommended best practice especially in production environments. - -For more information read [Referencing Secret Stores in Components]({{< ref component-secrets.md >}}) +## Setting up a secret store +See [Setup secret stores]({{< ref howto-secrets.md >}}) for guidance on how to setup a secret store with Dapr. ## Using secrets in your application @@ -47,9 +42,16 @@ Notice that in all of the examples above the application code did not have to ch See [Access Application Secrets using the Secrets API]({{< ref howto-secrets.md >}}) for a How To guide to use secrets in your application. - For detailed API information read [Secrets API]({{< ref secrets_api.md >}}). - +## Referencing secret stores in Dapr components + +When configuring Dapr components such as state stores it is often required to include credentials in components files. Instead of doing that, you can place the credentials within a Dapr supported secret store and reference the secret within the Dapr component. This is preferred approach and is a recommended best practice especially in production environments. + +For more information read [referencing secret stores in components]({{< ref component-secrets.md >}}) + +## Limiting access to secrets + +To provide more granular control on access to secrets, Dapr provides the ability to define scopes and restricting access permissions. Learn more about [using secret scoping]({{}}) diff --git a/daprdocs/content/en/operations/components/setup-secret-store/secret-stores-overview.md b/daprdocs/content/en/operations/components/setup-secret-store/secret-stores-overview.md index 001bffa00..620e46f27 100644 --- a/daprdocs/content/en/operations/components/setup-secret-store/secret-stores-overview.md +++ b/daprdocs/content/en/operations/components/setup-secret-store/secret-stores-overview.md @@ -7,11 +7,11 @@ weight: 10000 type: docs --- -Dapr integrates with secret stores to provide apps and other components with secure store and access to secrets such as access keys and passwords.. Each secret store component has a name and this name is used when accessing a secret. +Dapr integrates with secret stores to provide apps and other components with secure store and access to secrets such as access keys and passwords. Each secret store component has a name and this name is used when accessing a secret. -Secret stores are extensible and can be found in the [components-contrib repo](https://github.com/dapr/components-contrib). +As with other building block components, secret store components are extensible and can be found in the [components-contrib repo](https://github.com/dapr/components-contrib). -A secret store in Dapr is described using a `Component` file: +A secret store in Dapr is described using a `Component` file with the following fields: ```yaml apiVersion: dapr.io/v1alpha1 @@ -32,7 +32,47 @@ spec: The type of secret store is determined by the `type` field, and things like connection strings and other metadata are put in the `.metadata` section. -Visit [this guide]({{< ref "howto-secrets.md#setting-up-a-secret-store-component" >}}) for instructions on configuring a secret store component. +Different [supported secret stores]({{< ref supported-secret-stores >}}) will have different specific fields that would need to be configured. For example, when configuring a secret store which uses AWS Secrets Manager the file would look like this: + +```yaml +apiVersion: dapr.io/v1alpha1 +kind: Component +metadata: + name: awssecretmanager + namespace: default +spec: + type: secretstores.aws.secretmanager + version: v1 + metadata: + - name: region + value: "[aws_region]" + - name: accessKey + value: "[aws_access_key]" + - name: secretKey + value: "[aws_secret_key]" + - name: sessionToken + value: "[aws_session_token]" +``` + +Once you have created the component's YAML file, follow these instructions to apply it based on your hosting environment: + + +{{< tabs "Self-Hosted" "Kubernetes" >}} + +{{% codetab %}} +To run locally, create a `components` dir containing the YAML file and provide the path to the `dapr run` command with the flag `--components-path`. +{{% /codetab %}} + +{{% codetab %}} +To deploy in Kubernetes, assuming your component file is named `secret-store.yaml`, run: + +```bash +kubectl apply -f secret-store.yaml +``` +{{% /codetab %}} + +{{< /tabs >}} + ## Related links From 0e5ca5d0e0565e003e4d94800920b71444ddae89 Mon Sep 17 00:00:00 2001 From: Ori Zohar Date: Tue, 22 Dec 2020 11:08:01 -0800 Subject: [PATCH 02/11] Adding local secret store example --- .../building-blocks/secrets/howto-secrets.md | 74 ++++++++++++++++--- 1 file changed, 63 insertions(+), 11 deletions(-) diff --git a/daprdocs/content/en/developing-applications/building-blocks/secrets/howto-secrets.md b/daprdocs/content/en/developing-applications/building-blocks/secrets/howto-secrets.md index e4e5d8d68..c27b89383 100644 --- a/daprdocs/content/en/developing-applications/building-blocks/secrets/howto-secrets.md +++ b/daprdocs/content/en/developing-applications/building-blocks/secrets/howto-secrets.md @@ -8,17 +8,60 @@ description: "Use the secret store building block to securely retrieve a secret" This article provides guidance on using Dapr's secrets API in your code to leverage the [secrets store building block]({{}}). The secrets API allows you to easily retrieve secrets in your application code from a configured secret store. -## Prerequisites +## Set up a secret store -Before retrieving secrets in your application's code, you must have a secret store component configured. See guidance on [how to configure a secret store]({{}}) and review [supported secret stores]({{< ref supported-secret-stores >}}) to see specific details required for different secret store solutions. +Before retrieving secrets in your application's code, you must have a secret store component configured. For the purposes of this guide, as an example you will configure a local secret store which uses a local JSON file to store secrets. -## Calling the secrets API +>Note: The component used in this example is not secured and is not recommended for production deployments. You can find other alternatives [here]({{}}). -Once you have a secret store set up, you can call Dapr to get the secrets for a given key for a specific secret store. +Create a file named `secrets.json` with the following contents: + +```json +{ + "my-secret" : "I'm Batman" +} +``` + +Create a directory for your components file named `components` and inside it create a file named `localSecretStore.yaml` with the following contents: + +```yaml +apiVersion: dapr.io/v1alpha1 +kind: Component +metadata: + name: my-secrets-store + namespace: default +spec: + type: secretstores.local.file + version: v1 + metadata: + - name: secretsFile + value: /secrets.json + - name: nestedSeparator + value: ":" +``` + +Make sure to replace `` with the path to the JSON file you just created. + +To configure a different kind of secret store see the guidance on [how to configure a secret store]({{}}) and review [supported secret stores]({{}}) to see specific details required for different secret store solutions. +## Get a secret + +Now run the Dapr sidecar (with no application) + +```bash +dapr run --app-id my-app --port 3500 --components-path ./components +``` + +And now you can get the secret by calling the Dapr sidecar using the secrets API: + +```bash +curl http://localhost:3500/v1.0/secrets/my-secrets-store/my-secret +``` For a full API reference, go [here]({{< ref secrets_api.md >}}). -Here are a few examples in different programming languages: +## Calling the secrets API from your code + +Once you have a secret store set up, you can call Dapr to get the secrets from your application code. Here are a few examples in different programming languages: {{< tabs "Go" "Javascript" "Python" "Rust" "C#" >}} @@ -30,7 +73,7 @@ import ( ) func main() { - url := "http://localhost:3500/v1.0/secrets/kubernetes/my-secret" + url := "http://localhost:3500/v1.0/secrets/my-secrets-store/my-secret" res, err := http.Get(url) if err != nil { @@ -51,7 +94,7 @@ func main() { require('isomorphic-fetch'); const secretsUrl = `http://localhost:3500/v1.0/secrets`; -fetch(`${secretsUrl}/kubernetes/my-secret`) +fetch(`${secretsUrl}/my-secrets-store/my-secret`) .then((response) => { if (!response.ok) { throw "Could not get secret"; @@ -69,7 +112,7 @@ fetch(`${secretsUrl}/kubernetes/my-secret`) ```python import requests as req -resp = req.get("http://localhost:3500/v1.0/secrets/kubernetes/my-secret") +resp = req.get("http://localhost:3500/v1.0/secrets/my-secrets-store/my-secret") print(resp.text) ``` @@ -84,7 +127,7 @@ use std::{thread}; #[tokio::main] async fn main() -> Result<(), reqwest::Error> { - let res = reqwest::get("http://localhost:3500/v1.0/secrets/kubernetes/my-secret").await?; + let res = reqwest::get("http://localhost:3500/v1.0/secrets/my-secrets-store/my-secret").await?; let body = res.text().await?; println!("Secret:{}", body); @@ -100,7 +143,7 @@ async fn main() -> Result<(), reqwest::Error> { ```csharp var client = new HttpClient(); -var response = await client.GetAsync("http://localhost:3500/v1.0/secrets/kubernetes/my-secret"); +var response = await client.GetAsync("http://localhost:3500/v1.0/secrets/my-secrets-store/my-secret"); response.EnsureSuccessStatusCode(); string secret = await response.Content.ReadAsStringAsync(); @@ -108,4 +151,13 @@ Console.WriteLine(secret); ``` {{% /codetab %}} -{{< /tabs >}} \ No newline at end of file +{{< /tabs >}} + +## Related links + +- [Dapr secrets overview]({{}}) +- [Secrets API reference]({{}}) +- [Configure a secret store]({{}}) +- [Supported secrets]({{}}) +- [Using secrets in components]({{}}) +- [Secret stores quickstart](https://github.com/dapr/quickstarts/tree/master/secretstore) \ No newline at end of file From 2991483483c8d2707a589c94c8b10e7d6f4c5190 Mon Sep 17 00:00:00 2001 From: Ori Zohar Date: Tue, 22 Dec 2020 11:35:03 -0800 Subject: [PATCH 03/11] Update howto-get-save-state.md Fixing dapr run command --- .../building-blocks/state-management/howto-get-save-state.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/daprdocs/content/en/developing-applications/building-blocks/state-management/howto-get-save-state.md b/daprdocs/content/en/developing-applications/building-blocks/state-management/howto-get-save-state.md index c7dcb577b..fcec20db1 100644 --- a/daprdocs/content/en/developing-applications/building-blocks/state-management/howto-get-save-state.md +++ b/daprdocs/content/en/developing-applications/building-blocks/state-management/howto-get-save-state.md @@ -42,7 +42,7 @@ The following example shows how to save two key/value pairs in a single call usi {{% codetab %}} Begin by ensuring a Dapr sidecar is running: ```bash -dapr --app-id myapp --port 3500 run +dapr run --app-id myapp --port 3500 run ``` {{% alert title="Note" color="info" %}} It is important to set an app-id, as the state keys are prefixed with this value. If you don't set it one is generated for you at runtime, and the next time you run the command a new one will be generated and you will no longer be able to access previously saved state. From cb3d9e328a818bba4124a93d35fce7a86891bb39 Mon Sep 17 00:00:00 2001 From: Ori Zohar Date: Tue, 22 Dec 2020 17:07:43 -0800 Subject: [PATCH 04/11] Update daprdocs/content/en/developing-applications/building-blocks/state-management/howto-get-save-state.md Co-authored-by: Mukundan Sundararajan --- .../building-blocks/state-management/howto-get-save-state.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/daprdocs/content/en/developing-applications/building-blocks/state-management/howto-get-save-state.md b/daprdocs/content/en/developing-applications/building-blocks/state-management/howto-get-save-state.md index fcec20db1..2a740cad4 100644 --- a/daprdocs/content/en/developing-applications/building-blocks/state-management/howto-get-save-state.md +++ b/daprdocs/content/en/developing-applications/building-blocks/state-management/howto-get-save-state.md @@ -42,7 +42,7 @@ The following example shows how to save two key/value pairs in a single call usi {{% codetab %}} Begin by ensuring a Dapr sidecar is running: ```bash -dapr run --app-id myapp --port 3500 run +dapr run --app-id myapp --dapr-http-port 3500 ``` {{% alert title="Note" color="info" %}} It is important to set an app-id, as the state keys are prefixed with this value. If you don't set it one is generated for you at runtime, and the next time you run the command a new one will be generated and you will no longer be able to access previously saved state. From 37fc1d8c589d080888221683adc7d27c1b366a71 Mon Sep 17 00:00:00 2001 From: Kevin Goslar Date: Tue, 22 Dec 2020 20:08:32 -0600 Subject: [PATCH 05/11] Fix spelling of Rust (#1056) See https://www.rust-lang.org. --- daprdocs/content/en/concepts/faq.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/daprdocs/content/en/concepts/faq.md b/daprdocs/content/en/concepts/faq.md index a494c2a01..3904d0a2c 100644 --- a/daprdocs/content/en/concepts/faq.md +++ b/daprdocs/content/en/concepts/faq.md @@ -50,7 +50,7 @@ The Dapr runtime SDKs have language specific actor frameworks. The .NET SDK for ### Does Dapr have any SDKs if I want to work with a particular programming language or framework? -To make using Dapr more natural for different languages, it includes language specific SDKs for Go, Java, JavaScript, .NET, Python, RUST and C++. +To make using Dapr more natural for different languages, it includes language specific SDKs for Go, Java, JavaScript, .NET, Python, Rust and C++. These SDKs expose the functionality in the Dapr building blocks, such as saving state, publishing an event or creating an actor, through a typed, language API rather than calling the http/gRPC API. This enables you to write a combination of stateless and stateful functions and actors all in the language of their choice. And because these SDKs share the Dapr runtime, you get cross-language actor and functions support. From cb16afd4e2928cf2ff41ba179b585858dd3cc39d Mon Sep 17 00:00:00 2001 From: Tom Kerkhove Date: Sun, 27 Dec 2020 13:53:31 +0100 Subject: [PATCH 06/11] Alphabetically order Microsoft Azure bindings --- .../components/setup-bindings/supported-bindings/_index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/daprdocs/content/en/operations/components/setup-bindings/supported-bindings/_index.md b/daprdocs/content/en/operations/components/setup-bindings/supported-bindings/_index.md index cc339776e..72b0817bf 100644 --- a/daprdocs/content/en/operations/components/setup-bindings/supported-bindings/_index.md +++ b/daprdocs/content/en/operations/components/setup-bindings/supported-bindings/_index.md @@ -49,9 +49,9 @@ Every binding has its own unique set of properties. Click the name link to see t | Name | Input
Binding | Output
Binding | Status | |------|:----------------:|:-----------------:|--------| | [Azure Blob Storage]({{< ref blobstorage.md >}}) | | ✅ | Experimental | -| [Azure EventHubs]({{< ref eventhubs.md >}}) | ✅ | ✅ | Experimental | | [Azure CosmosDB]({{< ref cosmosdb.md >}}) | | ✅ | Experimental | +| [Azure Event Grid]({{< ref eventgrid.md >}}) | ✅ | ✅ | Experimental | +| [Azure Event Hubs]({{< ref eventhubs.md >}}) | ✅ | ✅ | Experimental | | [Azure Service Bus Queues]({{< ref servicebusqueues.md >}}) | ✅ | ✅ | Experimental | | [Azure SignalR]({{< ref signalr.md >}}) | | ✅ | Experimental | | [Azure Storage Queues]({{< ref storagequeues.md >}}) | ✅ | ✅ | Experimental | -| [Azure Event Grid]({{< ref eventgrid.md >}}) | ✅ | ✅ | Experimental | From bee1ae08300213c43ac4672b4a7b663ab26387b5 Mon Sep 17 00:00:00 2001 From: Newbe36524 Date: Wed, 30 Dec 2020 08:30:02 +0800 Subject: [PATCH 07/11] Update apns.md (#1058) remove leading empty line --- .../components/setup-bindings/supported-bindings/apns.md | 1 - 1 file changed, 1 deletion(-) diff --git a/daprdocs/content/en/operations/components/setup-bindings/supported-bindings/apns.md b/daprdocs/content/en/operations/components/setup-bindings/supported-bindings/apns.md index 76aa5c5dc..81035a7ca 100644 --- a/daprdocs/content/en/operations/components/setup-bindings/supported-bindings/apns.md +++ b/daprdocs/content/en/operations/components/setup-bindings/supported-bindings/apns.md @@ -1,4 +1,3 @@ - --- type: docs title: "Apple Push Notification Service binding spec" From 1f0b5e8879d43735ab30e6153f4b68f8a95846e3 Mon Sep 17 00:00:00 2001 From: gaoxinge Date: Fri, 1 Jan 2021 01:47:56 +0800 Subject: [PATCH 08/11] refine code align in middleware concept (#1066) * refine code align * refine code align --- daprdocs/content/en/concepts/middleware-concept.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/daprdocs/content/en/concepts/middleware-concept.md b/daprdocs/content/en/concepts/middleware-concept.md index 405826103..8c04043e2 100644 --- a/daprdocs/content/en/concepts/middleware-concept.md +++ b/daprdocs/content/en/concepts/middleware-concept.md @@ -49,9 +49,9 @@ Your handler implementation can include any inbound logic, outbound logic, or bo func GetHandler(metadata Metadata) fasthttp.RequestHandler { return func(h fasthttp.RequestHandler) fasthttp.RequestHandler { return func(ctx *fasthttp.RequestCtx) { - //inboud logic - h(ctx) //call the downstream handler - //outbound logic + // inboud logic + h(ctx) // call the downstream handler + // outbound logic } } } From 388591bed9b0cd6447f15eb0f4850ba6c093159d Mon Sep 17 00:00:00 2001 From: Tom Kerkhove Date: Sat, 2 Jan 2021 18:11:23 +0100 Subject: [PATCH 09/11] Fix typo in Kubernetes binding docs (#1060) --- .../setup-bindings/supported-bindings/kubernetes-binding.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/daprdocs/content/en/operations/components/setup-bindings/supported-bindings/kubernetes-binding.md b/daprdocs/content/en/operations/components/setup-bindings/supported-bindings/kubernetes-binding.md index 165c2673f..cdab04a66 100644 --- a/daprdocs/content/en/operations/components/setup-bindings/supported-bindings/kubernetes-binding.md +++ b/daprdocs/content/en/operations/components/setup-bindings/supported-bindings/kubernetes-binding.md @@ -63,7 +63,7 @@ Three different event types are available: - Delete : Only the `oldVal` field is populated, `newVal` field is an empty `v1.Event`, `event` is `delete` - Update : Both the `oldVal` and `newVal` fields are populated, `event` is `update` -## Required permisiions +## Required permissions For consuming `events` from Kubernetes, permissions need to be assigned to a User/Group/ServiceAccount using [RBAC Auth] mechanism of Kubernetes. @@ -105,4 +105,4 @@ roleRef: - [Bindings building block]({{< ref bindings >}}) - [How-To: Trigger application with input binding]({{< ref howto-triggers.md >}}) - [How-To: Use bindings to interface with external resources]({{< ref howto-bindings.md >}}) -- [Bindings API reference]({{< ref bindings_api.md >}}) \ No newline at end of file +- [Bindings API reference]({{< ref bindings_api.md >}}) From 4ee8bf2f197a2711fbdf9b5aa1bacfc3f9c686f3 Mon Sep 17 00:00:00 2001 From: Jayesh Sharma <37150991+wjayesh@users.noreply.github.com> Date: Sat, 2 Jan 2021 23:17:11 +0530 Subject: [PATCH 10/11] update link (#1068) --- .../building-blocks/bindings/howto-bindings.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/daprdocs/content/en/developing-applications/building-blocks/bindings/howto-bindings.md b/daprdocs/content/en/developing-applications/building-blocks/bindings/howto-bindings.md index 8d3029d6a..cc26653fc 100644 --- a/daprdocs/content/en/developing-applications/building-blocks/bindings/howto-bindings.md +++ b/daprdocs/content/en/developing-applications/building-blocks/bindings/howto-bindings.md @@ -57,7 +57,7 @@ As seen above, you invoked the `/binding` endpoint with the name of the binding The payload goes inside the mandatory `data` field, and can be any JSON serializable value. You'll also notice that there's an `operation` field that tells the binding what you need it to do. -You can check [here]({{< ref bindings >}}) which operations are supported for every output binding. +You can check [here]({{< ref supported-bindings >}}) which operations are supported for every output binding. ## References From d756b392a382d587a3d52eafe3a394c5d27a7a63 Mon Sep 17 00:00:00 2001 From: Yaron Schneider Date: Wed, 6 Jan 2021 14:38:04 -0800 Subject: [PATCH 11/11] Update setup-nats-streaming.md --- .../setup-pubsub/supported-pubsub/setup-nats-streaming.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/daprdocs/content/en/operations/components/setup-pubsub/supported-pubsub/setup-nats-streaming.md b/daprdocs/content/en/operations/components/setup-pubsub/supported-pubsub/setup-nats-streaming.md index fa1ef5dae..0cb33ebea 100644 --- a/daprdocs/content/en/operations/components/setup-pubsub/supported-pubsub/setup-nats-streaming.md +++ b/daprdocs/content/en/operations/components/setup-pubsub/supported-pubsub/setup-nats-streaming.md @@ -63,6 +63,8 @@ spec: # blow are subscription configuration. - name: subscriptionType value: # Required. Allowed values: topic, queue. + - name: deliverNew + value: true # - name: ackWaitTime # value: "" # Optional. See: https://docs.nats.io/developing-with-nats-streaming/acks#acknowledgements # - name: maxInFlight @@ -74,9 +76,7 @@ spec: # value: 1 # - name: startWithLastReceived # value: false - - name: deliverAll - value: true - # - name: deliverNew + # - name: deliverAll # value: false # - name: startAtTimeDelta # value: ""