Merge branch 'issue_3423' of https://github.com/hhunter-ms/docs into issue_3423

2023-06-30 09:31:38 -04:00 · 2023-06-30 09:31:38 -04:00 · aaa2c2a203
parent fac5e6a2c6 b40f30c8cf
commit aaa2c2a203
9 changed files with 106 additions and 9 deletions
--- a/daprdocs/content/en/concepts/security-concept.md
+++ b/daprdocs/content/en/concepts/security-concept.md
@ -211,6 +211,21 @@ The Dapr threat model is below.
 ## Security audit
 ### June 2023
 In June 2023, Dapr completed a fuzzing audit done by Ada Logics.
 The audit achieved the following:
 - OSS-Fuzz integration
 - 39 new fuzzers for Dapr
 - Fuzz test coverage for Dapr Runtime, Kit and Components-contrib
 - All fuzzers running continuously after the audit has completed
 You can find the full report [here](/docs/Dapr-june-2023-fuzzing-audit-report.pdf).
 3 issues were found during the audit.
 ### February 2021
 In February 2021, Dapr went through a 2nd security audit targeting its 1.0 release by Cure53.
@ -255,4 +270,4 @@ Visit [this page]({{< ref support-security-issues.md >}}) to report a security i
 ## Related links
-[Operational Security]({{< ref "security.md" >}})
+[Operational Security]({{< ref "security.md" >}})
--- a/daprdocs/content/en/operations/support/support-release-policy.md
+++ b/daprdocs/content/en/operations/support/support-release-policy.md
@ -32,8 +32,8 @@ Patch support is for supported versions (current and previous).
 The Dapr's sidecar image is published to both [GitHub Container Registry](https://github.com/dapr/dapr/pkgs/container/daprd) and [Docker Registry](https://hub.docker.com/r/daprio/daprd/tags). The default image contains all components. From version 1.11, Dapr also offers a variation of the sidecar image, containing only stable components.
-* Default sidecar images: `daprio/daprd:<version>` or `ghcr.io/dapr/daprd:<version>` (for example `ghcr.io/dapr/daprd:1.11.0`)
+* Default sidecar images: `daprio/daprd:<version>` or `ghcr.io/dapr/daprd:<version>` (for example `ghcr.io/dapr/daprd:1.11.1`)
-* Sidecar images for stable components: `daprio/daprd:<version>-stablecomponents` or `ghcr.io/dapr/daprd:<version>-stablecomponents` (for example `ghcr.io/dapr/daprd:1.11.0-stablecomponents`)
+* Sidecar images for stable components: `daprio/daprd:<version>-stablecomponents` or `ghcr.io/dapr/daprd:<version>-stablecomponents` (for example `ghcr.io/dapr/daprd:1.11.1-stablecomponents`)
 On Kubernetes, the sidecar image can be overwritten for the application Deployment resource with the `dapr.io/sidecar-image` annotation. See more about [Dapr's arguments and annotations]({{<ref "arguments-annotations-overview.md" >}}). The default 'daprio/daprd:latest' image is used if not specified.
@ -45,6 +45,7 @@ The table below shows the versions of Dapr releases that have been tested togeth
 | Release date | Runtime     | CLI  | SDKs  | Dashboard  | Status |
 |--------------------|:--------:|:--------|---------|---------|---------|
 | June 22nd 2023 | 1.11.1</br>  | 1.11.0 | Java 1.9.0 </br>Go 1.8.0 </br>PHP 1.1.0 </br>Python 1.10.0 </br>.NET 1.11.0 </br>JS 3.1.0 | 0.13.0 | Supported (current) |
 | June 12th 2023 | 1.11.0</br>  | 1.11.0 | Java 1.9.0 </br>Go 1.8.0 </br>PHP 1.1.0 </br>Python 1.10.0 </br>.NET 1.11.0 </br>JS 3.1.0 | 0.13.0 | Supported (current) |
 | May 15th 2023 | 1.10.7</br>  | 1.10.0 | Java 1.8.0 </br>Go 1.7.0 </br>PHP 1.1.0 </br>Python 1.9.0 </br>.NET 1.10.0 </br>JS 3.0.0 | 0.11.0 | Supported |
 | May 12th 2023 | 1.10.6</br>  | 1.10.0 | Java 1.8.0 </br>Go 1.7.0 </br>PHP 1.1.0 </br>Python 1.9.0 </br>.NET 1.10.0 </br>JS 3.0.0 | 0.11.0 | Supported |
@ -116,8 +117,8 @@ General guidance on upgrading can be found for [self hosted mode]({{< ref self-h
 |                          |                 1.9.6 |                   1.10.7 |
 | 1.8.0 to 1.8.6           |                   N/A |                    1.9.6 |
 | 1.9.0                    |                   N/A |                    1.9.6 |
-| 1.10.0                   |                   N/A |                   1.10.7 |
+| 1.10.0                   |                   N/A |                   1.10.8 |
-| 1.11.0                   |                   N/A |                   1.11.0 |
+| 1.11.0                   |                   N/A |                   1.11.1 |
 ## Upgrade on Hosting platforms
--- a/daprdocs/content/en/reference/api/bindings_api.md
+++ b/daprdocs/content/en/reference/api/bindings_api.md
@ -37,6 +37,45 @@ If running on kubernetes apply the component to your cluster.
 > **Note:** In production never place passwords or secrets within Dapr component files. For information on securely storing and retrieving secrets using secret stores refer to [Setup Secret Store]({{< ref setup-secret-store >}})
 ### Binding direction (optional)
 In some scenarios, it would be useful to provide additional information to Dapr to indicate the direction supported by the binding component. 
 Providing the supported binding direction helps the Dapr sidecar avoid the `"wait for the app to become ready"` state, where it waits indefinitely for the application to become available.
 You can specify the `direction` field as part of the component's metadata. The valid values for this field are: 
 - `"input"`
 - `"output"`
 - `"input, output"`
 Here a few scenarios when the `"direction"` metadata field could help:
 - When an application (detached from the sidecar) runs as a serverless workload and is scaled to zero, the `"wait for the app to become ready"` check done by the Dapr sidecar becomes pointless.
 - If the detached Dapr sidecar is scaled to zero and the application reaches the sidecar (before even starting an HTTP server), the `"wait for the app to become ready"` deadlocks the app and the sidecar into waiting for each other.
 ### Example
 ```yaml
 apiVersion: dapr.io/v1alpha1
 kind: Component
 metadata:
  name: kafkaevent
 spec:
  type: bindings.kafka
  version: v1
  metadata:
  - name: brokers
    value: "http://localhost:5050"
  - name: topics
    value: "someTopic"
  - name: publishTopic
    value: "someTopic2"
  - name: consumerGroup
    value: "group1"
  - name: "direction"
    value: "input, output"
 ```
 ## Invoking Service Code Through Input Bindings
 A developer who wants to trigger their app using an input binding can listen on a `POST` http endpoint with the route name being the same as `metadata.name`.
--- a/daprdocs/content/en/reference/components-reference/supported-bindings/servicebusqueues.md
+++ b/daprdocs/content/en/reference/components-reference/supported-bindings/servicebusqueues.md
@ -153,6 +153,36 @@ curl -X POST http://localhost:3500/v1.0/bindings/myServiceBusQueue \
 {{< /tabs >}}
 ## Schedule a message
 A message can be scheduled for delayed processing.
 To schedule a message, use the `metadata` section in the request body during the binding invocation: the field name is `ScheduledEnqueueTimeUtc`.
 The supported timestamp formats are [RFC1123](https://www.rfc-editor.org/rfc/rfc1123) and [RFC3339](https://www.rfc-editor.org/rfc/rfc3339).
 {{< tabs "Linux">}}
 {{% codetab %}}
 ```shell
 curl -X POST http://localhost:3500/v1.0/bindings/myServiceBusQueue \
  -H "Content-Type: application/json" \
  -d '{
        "data": {
          "message": "Hi"
        },
        "metadata": {
          "ScheduledEnqueueTimeUtc": "Tue, 02 Jan 2024 15:04:05 GMT"
        },
        "operation": "create"
      }'
 ```
 {{% /codetab %}}
 {{< /tabs >}}
 ## Related links
 - [Basic schema for a Dapr component]({{< ref component-schema >}})
--- a/daprdocs/content/en/reference/components-reference/supported-middleware/middleware-bearer.md
+++ b/daprdocs/content/en/reference/components-reference/supported-middleware/middleware-bearer.md
@ -22,22 +22,30 @@ spec:
  version: v1
  metadata:
    - name: audience
-      value: "<your token audience; e.g. the application's client ID>"
+      value: "<your token audience; i.e. the application's client ID>"
    - name: issuer
      value: "<your token issuer, e.g. 'https://accounts.google.com'>"
    # Optional values
    - name: jwksURL
-      value: "https://accounts.google.com/.well-known/openid-configuration"
+      value: "<JWKS URL, e.g. 'https://accounts.google.com/.well-known/openid-configuration'>"
 ```
 ## Spec metadata fields
 | Field | Required | Details | Example |
 |-------|:--------:|---------|---------|
 | `audience` | Y | The audience expected in the tokens. Usually, this corresponds to the client ID of your application that is created as part of a credential hosted by a OpenID Connect platform. | 
-| `issuer` | Y | The issuer authority, which is the value expected in the issuer claim in the tokens. | `"https://accounts.google.com"`, `"https://login.salesforce.com"`
+| `issuer` | Y | The issuer authority, which is the value expected in the issuer claim in the tokens. | `"https://accounts.google.com"`
 | `jwksURL` | N | Address of the JWKS (JWK Set containing the public keys for verifying tokens). If empty, will try to fetch the URL set in the OpenID Configuration document `<issuer>/.well-known/openid-configuration`.  | `"https://accounts.google.com/.well-known/openid-configuration"`
 Common values for `issuer` include:
 - Auth0: `https://{domain}`, where `{domain}` is the domain of your Auth0 application
 - Azure AD: `https://login.microsoftonline.com/{tenant}/v2.0`, where `{tenant}` should be replaced with the tenant ID of your application, as a UUID
 - Google: `https://accounts.google.com`
 - Salesforce (Force.com): `https://login.salesforce.com`
 ## Dapr configuration
 To be applied, the middleware must be referenced in [configuration]({{< ref configuration-concept.md >}}). See [middleware pipelines]({{< ref "middleware.md">}}).
--- a/daprdocs/content/en/reference/components-reference/supported-pubsub/setup-azure-servicebus-queues.md
+++ b/daprdocs/content/en/reference/components-reference/supported-pubsub/setup-azure-servicebus-queues.md
@ -137,6 +137,8 @@ To set Azure Service Bus metadata when sending a message, set the query paramete
 > **Note:** The `metadata.MessageId` property does not set the `id` property of the cloud event returned by Dapr and should be treated in isolation.
 > **Note:** The `metadata.ScheduledEnqueueTimeUtc` property supports the [RFC1123](https://www.rfc-editor.org/rfc/rfc1123) and [RFC3339](https://www.rfc-editor.org/rfc/rfc3339) timestamp formats.
 ### Receiving a message with metadata
 When Dapr calls your application, it will attach Azure Service Bus message metadata to the request using either HTTP headers or gRPC metadata.
--- a/daprdocs/content/en/reference/components-reference/supported-pubsub/setup-azure-servicebus-topics.md
+++ b/daprdocs/content/en/reference/components-reference/supported-pubsub/setup-azure-servicebus-topics.md
@ -142,6 +142,8 @@ To set Azure Service Bus metadata when sending a message, set the query paramete
 > **NOTE:** If the `metadata.SessionId` property is not set but the topic requires sessions then an empty session id will be used.
 > **NOTE:** The `metadata.ScheduledEnqueueTimeUtc` property supports the [RFC1123](https://www.rfc-editor.org/rfc/rfc1123) and [RFC3339](https://www.rfc-editor.org/rfc/rfc3339) timestamp formats.
 ### Receiving a message with metadata
 When Dapr calls your application, it will attach Azure Service Bus message metadata to the request using either HTTP headers or gRPC metadata.
--- a/daprdocs/layouts/shortcodes/dapr-latest-version.html
+++ b/daprdocs/layouts/shortcodes/dapr-latest-version.html
@ -1 +1 @@
-{{- if .Get "short" }}1.11{{ else if .Get "long" }}1.11.0{{ else if .Get "cli" }}1.11.0{{ else }}1.11.0{{ end -}}
+{{- if .Get "short" }}1.11{{ else if .Get "long" }}1.11.1{{ else if .Get "cli" }}1.11.0{{ else }}1.11.1{{ end -}}
--- a/daprdocs/static/docs/Dapr-june-2023-fuzzing-audit-report.pdf
+++ b/daprdocs/static/docs/Dapr-june-2023-fuzzing-audit-report.pdf
`@ -1 +1 @@`
	`{{- if .Get "short" }}1.11{{ else if .Get "long" }}1.11.0{{ else if .Get "cli" }}1.11.0{{ else }}1.11.0{{ end -}}`	`{{- if .Get "short" }}1.11{{ else if .Get "long" }}1.11.1{{ else if .Get "cli" }}1.11.0{{ else }}1.11.1{{ end -}}`