From d458c93dbe6f87c6008e3d00f790a733f6f74d72 Mon Sep 17 00:00:00 2001 From: komoto <38282539+chiru1221@users.noreply.github.com> Date: Fri, 11 Mar 2022 08:02:51 +0900 Subject: [PATCH 1/4] Fix grcp metadata in js client (#2243) Signed-off-by: chiru1221 --- .../service-invocation/howto-invoke-services-grpc.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/daprdocs/content/en/developing-applications/building-blocks/service-invocation/howto-invoke-services-grpc.md b/daprdocs/content/en/developing-applications/building-blocks/service-invocation/howto-invoke-services-grpc.md index d4f810aa5..a8db4c237 100644 --- a/daprdocs/content/en/developing-applications/building-blocks/service-invocation/howto-invoke-services-grpc.md +++ b/daprdocs/content/en/developing-applications/building-blocks/service-invocation/howto-invoke-services-grpc.md @@ -183,7 +183,7 @@ response = stub.SayHello(request={ name: 'Darth Revan' }, metadata=metadata) const metadata = new grpc.Metadata(); metadata.add('dapr-app-id', 'server'); -client.sayHello({ name: "Darth Malgus", metadata }) +client.sayHello({ name: "Darth Malgus" }, metadata) ``` {{% /codetab %}} From e41329798cc8516f6a64bb8eccf7d7ea21ccc292 Mon Sep 17 00:00:00 2001 From: Shuya Motouchi Date: Sat, 12 Mar 2022 07:46:53 +0900 Subject: [PATCH 2/4] Update gRPC-integration.md (#2253) Here, it doesn't work github.com/dapr/go-sdk/dapr/proto/common/v1 It works here github.com/dapr/dapr/pkg/proto/common/v1 --- .../en/developing-applications/integrations/gRPC-integration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/daprdocs/content/en/developing-applications/integrations/gRPC-integration.md b/daprdocs/content/en/developing-applications/integrations/gRPC-integration.md index 6e88bc44e..b241ca3bf 100644 --- a/daprdocs/content/en/developing-applications/integrations/gRPC-integration.md +++ b/daprdocs/content/en/developing-applications/integrations/gRPC-integration.md @@ -124,7 +124,7 @@ import ( "github.com/golang/protobuf/ptypes/any" "github.com/golang/protobuf/ptypes/empty" - commonv1pb "github.com/dapr/go-sdk/dapr/proto/common/v1" + commonv1pb "github.com/dapr/dapr/pkg/proto/common/v1" pb "github.com/dapr/go-sdk/dapr/proto/runtime/v1" "google.golang.org/grpc" ) From e2cc4d79d7d20c218d100e690fe9ac60538e5bc9 Mon Sep 17 00:00:00 2001 From: Simon McKenna Date: Sun, 13 Mar 2022 18:28:18 +1030 Subject: [PATCH 3/4] Fix typo and case inconsistency (#2257) Signed-off-by: Simon McKenna --- daprdocs/content/en/getting-started/configure-state-pubsub.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/daprdocs/content/en/getting-started/configure-state-pubsub.md b/daprdocs/content/en/getting-started/configure-state-pubsub.md index d227166dc..4b4a2ce63 100644 --- a/daprdocs/content/en/getting-started/configure-state-pubsub.md +++ b/daprdocs/content/en/getting-started/configure-state-pubsub.md @@ -11,7 +11,7 @@ aliases: In order to get up and running with the state and pub/sub building blocks two components are needed: 1. A state store component for persistence and restoration -2. As pub/sub message broker component for async-style message delivery +2. A pub/sub message broker component for async-style message delivery A full list of supported components can be found here: - [Supported state stores]({{< ref supported-state-stores >}}) @@ -136,7 +136,7 @@ This example uses the kubernetes secret that was created when setting up a clust If using a state store other than Redis, refer to the [supported state stores]({{< ref supported-state-stores >}}) for information on what options to set. {{% /alert %}} -### Create Pub/sub message broker component +### Create pub/sub message broker component Create a file called redis-pubsub.yaml, and paste the following: From 17862794bacb50610a75d70b18f0567f1587d6ba Mon Sep 17 00:00:00 2001 From: Aaron Crawfis Date: Mon, 14 Mar 2022 15:14:48 -0700 Subject: [PATCH 4/4] Add clarification on authenticating to Azure (#2241) * Add clarification on authenticating to Azure Add a comment pointing further down for more information. Signed-off-by: Aaron Crawfis * Update to non-depracated fields Signed-off-by: Aaron Crawfis * Remove extra value Signed-off-by: Aaron Crawfis Co-authored-by: Mark Fussell --- .../supported-secret-stores/azure-keyvault.md | 37 +++++++++---------- 1 file changed, 18 insertions(+), 19 deletions(-) diff --git a/daprdocs/content/en/reference/components-reference/supported-secret-stores/azure-keyvault.md b/daprdocs/content/en/reference/components-reference/supported-secret-stores/azure-keyvault.md index f88aa2ce5..bb4da6959 100644 --- a/daprdocs/content/en/reference/components-reference/supported-secret-stores/azure-keyvault.md +++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/azure-keyvault.md @@ -23,21 +23,19 @@ spec: type: secretstores.azure.keyvault version: v1 metadata: - - name: vaultName + - name: vaultName # Required value: [your_keyvault_name] - - name: spnTenantId + - name: azureEnvironment # Optional, defaults to AZUREPUBLICCLOUD + value: "AZUREPUBLICCLOUD" + # See authentication section below for all options + - name: azureTenantId value: "[your_service_principal_tenant_id]" - - name: spnClientId + - name: azureClientId value: "[your_service_principal_app_id]" - value : "[pfx_certificate_contents]" - - name: spnCertificateFile + - name: azureCertificateFile value : "[pfx_certificate_file_fully_qualified_local_path]" ``` -{{% alert title="Warning" color="warning" %}} -The above example uses secrets as plain strings. It is recommended to use a local secret store such as [Kubernetes secret store]({{< ref kubernetes-secret-store.md >}}) or a [local file]({{< ref file-secret-store.md >}}) to bootstrap secure key storage. -{{% /alert %}} - ## Authenticating with Azure AD The Azure Key Vault secret store component supports authentication with Azure AD only. Before you enable this component, make sure you've read the [Authenticating to Azure]({{< ref authenticating-azure.md >}}) document and created an Azure AD application (also called Service Principal). Alternatively, make sure you have created a managed identity for your application platform. @@ -48,10 +46,11 @@ The Azure Key Vault secret store component supports authentication with Azure AD |--------------------|:--------:|---------|---------| | `vaultName` | Y | The name of the Azure Key Vault | `"mykeyvault"` | | `azureEnvironment` | N | Optional name for the Azure environment if using a different Azure cloud | `"AZUREPUBLICCLOUD"` (default value), `"AZURECHINACLOUD"`, `"AZUREUSGOVERNMENTCLOUD"`, `"AZUREGERMANCLOUD"` | +| Auth metadata | | See [Authenticating to Azure]({{< ref authenticating-azure.md >}}) for more information Additionally, you must provide the authentication fields as explained in the [Authenticating to Azure]({{< ref authenticating-azure.md >}}) document. -## Create the Azure Key Vault and authorize the Service Principal +## Example: Create an Azure Key Vault and authorize a Service Principal ### Prerequisites @@ -111,7 +110,7 @@ Make sure you have followed the steps in the [Authenticating to Azure]({{< ref a --scope "${RG_ID}/providers/Microsoft.KeyVault/vaults/${KEYVAULT_NAME}" ``` -## Configure the component +### Configure the component {{< tabs "Self-Hosted" "Kubernetes">}} @@ -286,14 +285,14 @@ To use **Azure managed identity**: ``` 4. Create and use a managed identity / pod identity by following [this guide](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#create-a-pod-identity). After creating an AKS pod identity, [give this identity read permissions on your desired KeyVault instance](https://docs.microsoft.com/azure/key-vault/general/assign-access-policy?tabs=azure-cli#assign-the-access-policy), and finally in your application deployment inject the pod identity via a label annotation: - ```yaml - apiVersion: v1 - kind: Pod - metadata: - name: mydaprdemoapp - labels: - aadpodidbinding: $POD_IDENTITY_NAME - ``` + ```yaml + apiVersion: v1 + kind: Pod + metadata: + name: mydaprdemoapp + labels: + aadpodidbinding: $POD_IDENTITY_NAME + ``` {{% /codetab %}}