From 9f3b5a28ff95270fd1a5f532473e09cb982de119 Mon Sep 17 00:00:00 2001 From: Tiago Alves Macambira Date: Fri, 30 Jun 2023 15:23:06 -0700 Subject: [PATCH 1/7] Fix documentation for query parameters. Moves moves query parameter from the API documentation (where it was lost and bound to be forgotten and left out-of-sync to component development) to each individual secret store documentation (which was the right place to begin with and where there's a greater chance of it being kept up-to-date with each component development). Also fixes the examples that were malformed and that misled customers to believe that Vault had support for a `namespace` query parameter as brought up in dapr/components-contrib#2806. Fixes #3353 Signed-off-by: Tiago Alves Macambira --- .../content/en/reference/api/secrets_api.md | 26 +++++-------------- .../aws-secret-manager.md | 9 +++++++ .../gcp-secret-manager.md | 10 +++++++ .../hashicorp-vault.md | 8 ++++++ .../kubernetes-secret-store.md | 8 ++++++ 5 files changed, 41 insertions(+), 20 deletions(-) diff --git a/daprdocs/content/en/reference/api/secrets_api.md b/daprdocs/content/en/reference/api/secrets_api.md index eae6f3901..bfbdea7f1 100644 --- a/daprdocs/content/en/reference/api/secrets_api.md +++ b/daprdocs/content/en/reference/api/secrets_api.md @@ -28,26 +28,18 @@ name | the name of the secret to get #### Query Parameters -Some secret stores have **optional** metadata properties. metadata is populated using query parameters: +Some secret stores have support for **optional** per-request metadata properties. Use query parameters to provide those properties: ``` GET http://localhost:/v1.0/secrets//?metadata.version_id=15 ``` -##### GCP Secret Manager -The following optional meta can be provided to the GCP Secret Manager component +Observe that not all secret stores support the same set of parameters. For instance, both Hashicorp Vault, GCP Secret Manager and AWS Secret Manager support the `version_id` parameter, but only AWS Secret Manager supports the `version_stage` parameter and only Kubernetes Secrets supports the `namespace` parameter. +Check each secret store's documentation for the list of supported parameters. -Query Parameter | Description ---------- | ----------- -metadata.version_id | version for the given secret key -##### AWS Secret Manager -The following optional meta can be provided to the AWS Secret Manager component +TBD it makes no sense to have this data here in a non-authoritative way. It should be in the component reference. -Query Parameter | Description ---------- | ----------- -metadata.version_id | version for the given secret key -metadata.version_stage | version stage for the given secret key ### HTTP Response @@ -101,17 +93,11 @@ Code | Description ### Examples ```shell -curl http://localhost:3500/v1.0/secrets/vault/db-secret +curl http://localhost:3500/v1.0/secrets/mySecretStore/db-secret ``` ```shell -curl http://localhost:3500/v1.0/secrets/vault/db-secret?metadata.version_id=15&metadata.version_stage=AAA -``` - -> Note, in case of deploying into namespace other than default, the above query will also have to include the namespace metadata (e.g. `production` below) - -```shell -curl http://localhost:3500/v1.0/secrets/vault/db-secret?metadata.version_id=15&?metadata.namespace=production +curl http://localhost:3500/v1.0/secrets/myAwsSecretStore/db-secret?metadata.version_id=15&metadata.version_stage=production ``` ## Get Bulk Secret diff --git a/daprdocs/content/en/reference/components-reference/supported-secret-stores/aws-secret-manager.md b/daprdocs/content/en/reference/components-reference/supported-secret-stores/aws-secret-manager.md index e57aece7b..4e5336f1e 100644 --- a/daprdocs/content/en/reference/components-reference/supported-secret-stores/aws-secret-manager.md +++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/aws-secret-manager.md @@ -48,6 +48,15 @@ The above example uses secrets as plain strings. It is recommended to use a loca When running the Dapr sidecar (daprd) with your application on EKS (AWS Kubernetes), if you're using a node/pod that has already been attached to an IAM policy defining access to AWS resources, you **must not** provide AWS access-key, secret-key, and tokens in the definition of the component spec you're using. {{% /alert %}} +## Optional per-request metadata properties + +The following [optional query parameters]({{< ref "secrets_api#query-parameters" >}}) can be provided to AWS Secret Manager component: + +Query Parameter | Description +--------- | ----------- +metadata.version_id | version for the given secret key +metadata.version_stage | version stage for the given secret key + ## Create an AWS Secrets Manager instance Setup AWS Secrets Manager using the AWS documentation: https://docs.aws.amazon.com/secretsmanager/latest/userguide/tutorials_basic.html. diff --git a/daprdocs/content/en/reference/components-reference/supported-secret-stores/gcp-secret-manager.md b/daprdocs/content/en/reference/components-reference/supported-secret-stores/gcp-secret-manager.md index 53d22f708..8a37d255a 100644 --- a/daprdocs/content/en/reference/components-reference/supported-secret-stores/gcp-secret-manager.md +++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/gcp-secret-manager.md @@ -61,6 +61,16 @@ The above example uses secrets as plain strings. It is recommended to use a loca | client_x509_cert_url | N | The certificate URL for the client | `"https://www.googleapis.com/robot/v1/metadata/x509/.iam.gserviceaccount.com"`| | private_key | Y | The private key for authentication | `"privateKey"` | +## Optional per-request metadata properties + +The following [optional query parameters]({{< ref "secrets_api#query-parameters" >}}) can be provided to the GCP Secret Manager component: + +Query Parameter | Description +--------- | ----------- +metadata.version_id | version for the given secret key + + + ## Setup GCP Secret Manager instance Setup GCP Secret Manager using the GCP documentation: https://cloud.google.com/secret-manager/docs/quickstart. diff --git a/daprdocs/content/en/reference/components-reference/supported-secret-stores/hashicorp-vault.md b/daprdocs/content/en/reference/components-reference/supported-secret-stores/hashicorp-vault.md index 19eaebdbd..f52251d71 100644 --- a/daprdocs/content/en/reference/components-reference/supported-secret-stores/hashicorp-vault.md +++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/hashicorp-vault.md @@ -66,6 +66,14 @@ The above example uses secrets as plain strings. It is recommended to use a loca | enginePath | N | The [engine](https://www.vaultproject.io/api-docs/secret/kv/kv-v2) path in vault. Defaults to `"secret"` | `"kv"`, `"any"` | | vaultValueType | N | Vault value type. `map` means to parse the value into `map[string]string`, `text` means to use the value as a string. 'map' sets the `multipleKeyValuesPerSecret` behavior. `text` makes Vault behave as a secret store with name/value semantics. Defaults to `"map"` | `"map"`, `"text"` | +## Optional per-request metadata properties + +The following [optional query parameters]({{< ref "secrets_api#query-parameters" >}}) can be provided to Hashicorp Vault secret store component: + +Query Parameter | Description +--------- | ----------- +metadata.version_id | version for the given secret key + ## Setup Hashicorp Vault instance {{< tabs "Self-Hosted" "Kubernetes" >}} diff --git a/daprdocs/content/en/reference/components-reference/supported-secret-stores/kubernetes-secret-store.md b/daprdocs/content/en/reference/components-reference/supported-secret-stores/kubernetes-secret-store.md index e323f92ca..c8c599231 100644 --- a/daprdocs/content/en/reference/components-reference/supported-secret-stores/kubernetes-secret-store.md +++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/kubernetes-secret-store.md @@ -34,6 +34,14 @@ spec: ## Spec metadata fields For the Kubernetes secret store component, there are no metadata attributes. +## Optional per-request metadata properties + +The following [optional query parameters]({{< ref "secrets_api#query-parameters" >}}) can be provided to Kubernetes secret store component: + +Query Parameter | Description +--------- | ----------- +`metadata.namespace`| The namespace of the secret. If not specified, the namespace of the pod will be used. + ## Related links - [Secrets building block]({{< ref secrets >}}) - [How-To: Retrieve a secret]({{< ref "howto-secrets.md" >}}) From 83688894e4a94bd9d9f5bb3f0e670dace64df436 Mon Sep 17 00:00:00 2001 From: Tiago Alves Macambira Date: Fri, 30 Jun 2023 15:37:55 -0700 Subject: [PATCH 2/7] Update daprdocs/content/en/reference/api/secrets_api.md Signed-off-by: Tiago Alves Macambira --- daprdocs/content/en/reference/api/secrets_api.md | 1 - 1 file changed, 1 deletion(-) diff --git a/daprdocs/content/en/reference/api/secrets_api.md b/daprdocs/content/en/reference/api/secrets_api.md index bfbdea7f1..4403d80b9 100644 --- a/daprdocs/content/en/reference/api/secrets_api.md +++ b/daprdocs/content/en/reference/api/secrets_api.md @@ -38,7 +38,6 @@ Observe that not all secret stores support the same set of parameters. For insta Check each secret store's documentation for the list of supported parameters. -TBD it makes no sense to have this data here in a non-authoritative way. It should be in the component reference. ### HTTP Response From a00850b5f6ee7481f01d8f4023756a2b37bff413 Mon Sep 17 00:00:00 2001 From: Tiago Alves Macambira Date: Fri, 30 Jun 2023 15:39:49 -0700 Subject: [PATCH 3/7] Update daprdocs/content/en/reference/components-reference/supported-secret-stores/gcp-secret-manager.md Signed-off-by: Tiago Alves Macambira --- .../supported-secret-stores/gcp-secret-manager.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/daprdocs/content/en/reference/components-reference/supported-secret-stores/gcp-secret-manager.md b/daprdocs/content/en/reference/components-reference/supported-secret-stores/gcp-secret-manager.md index 8a37d255a..e9ab5e71b 100644 --- a/daprdocs/content/en/reference/components-reference/supported-secret-stores/gcp-secret-manager.md +++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/gcp-secret-manager.md @@ -69,8 +69,6 @@ Query Parameter | Description --------- | ----------- metadata.version_id | version for the given secret key - - ## Setup GCP Secret Manager instance Setup GCP Secret Manager using the GCP documentation: https://cloud.google.com/secret-manager/docs/quickstart. From 4920dfd830b34db4ae5df8dd13ce53f3ae89fe7b Mon Sep 17 00:00:00 2001 From: Tiago Alves Macambira Date: Fri, 30 Jun 2023 15:59:20 -0700 Subject: [PATCH 4/7] Document query parameter for al secret stores with documentation. Signed-off-by: Tiago Alves Macambira --- .../alicloud-oos-parameter-store.md | 9 +++++++++ .../supported-secret-stores/aws-secret-manager.md | 6 +++--- .../supported-secret-stores/azure-keyvault.md | 9 +++++++++ .../supported-secret-stores/gcp-secret-manager.md | 2 +- .../supported-secret-stores/hashicorp-vault.md | 2 +- .../supported-secret-stores/huaweicloud-csms.md | 9 +++++++++ 6 files changed, 32 insertions(+), 5 deletions(-) diff --git a/daprdocs/content/en/reference/components-reference/supported-secret-stores/alicloud-oos-parameter-store.md b/daprdocs/content/en/reference/components-reference/supported-secret-stores/alicloud-oos-parameter-store.md index 360ef4d04..cfd73cb6a 100644 --- a/daprdocs/content/en/reference/components-reference/supported-secret-stores/alicloud-oos-parameter-store.md +++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/alicloud-oos-parameter-store.md @@ -43,6 +43,15 @@ The above example uses secrets as plain strings. It is recommended to use a loca | accessKeySecret | Y | The AlibabaCloud Access Key Secret to access this resource | `"accessKeySecret"` | | securityToken | N | The AlibabaCloud Security Token to use | `"securityToken"` | +## Optional per-request metadata properties + +The following [optional query parameters]({{< ref "secrets_api#query-parameters" >}}) can be provided when retrieving secrets from this secret store: + +Query Parameter | Description +--------- | ----------- +`metadata.version_id` | version for the given secret key +`metadata.path` | (For bulk requests only) the path from the metadata. If not set means root path (all secrets). + ## Create an AlibabaCloud OOS Parameter Store instance Setup AlibabaCloud OOS Parameter Store using the AlibabaCloud documentation: https://www.alibabacloud.com/help/en/doc-detail/186828.html. diff --git a/daprdocs/content/en/reference/components-reference/supported-secret-stores/aws-secret-manager.md b/daprdocs/content/en/reference/components-reference/supported-secret-stores/aws-secret-manager.md index 4e5336f1e..a0f2b9b01 100644 --- a/daprdocs/content/en/reference/components-reference/supported-secret-stores/aws-secret-manager.md +++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/aws-secret-manager.md @@ -50,12 +50,12 @@ When running the Dapr sidecar (daprd) with your application on EKS (AWS Kubernet ## Optional per-request metadata properties -The following [optional query parameters]({{< ref "secrets_api#query-parameters" >}}) can be provided to AWS Secret Manager component: +The following [optional query parameters]({{< ref "secrets_api#query-parameters" >}}) can be provided when retrieving secrets from this secret store: Query Parameter | Description --------- | ----------- -metadata.version_id | version for the given secret key -metadata.version_stage | version stage for the given secret key +`metadata.version_id` | version for the given secret key +`metadata.version_stage` | version stage for the given secret key ## Create an AWS Secrets Manager instance diff --git a/daprdocs/content/en/reference/components-reference/supported-secret-stores/azure-keyvault.md b/daprdocs/content/en/reference/components-reference/supported-secret-stores/azure-keyvault.md index 91ba14867..f008b2ff4 100644 --- a/daprdocs/content/en/reference/components-reference/supported-secret-stores/azure-keyvault.md +++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/azure-keyvault.md @@ -53,6 +53,15 @@ The Azure Key Vault secret store component supports authentication with Azure AD Additionally, you must provide the authentication fields as explained in the [Authenticating to Azure]({{< ref authenticating-azure.md >}}) document. +## Optional per-request metadata properties + +The following [optional query parameters]({{< ref "secrets_api#query-parameters" >}}) can be provided when retrieving secrets from this secret store: + +Query Parameter | Description +--------- | ----------- +`metadata.version_id` | version for the given secret key +`metadata.maxresults` | (For bulk requests only) number of secrets to return after which the request will be truncated. + ## Example ### Prerequisites diff --git a/daprdocs/content/en/reference/components-reference/supported-secret-stores/gcp-secret-manager.md b/daprdocs/content/en/reference/components-reference/supported-secret-stores/gcp-secret-manager.md index e9ab5e71b..b485e6b42 100644 --- a/daprdocs/content/en/reference/components-reference/supported-secret-stores/gcp-secret-manager.md +++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/gcp-secret-manager.md @@ -67,7 +67,7 @@ The following [optional query parameters]({{< ref "secrets_api#query-parameters" Query Parameter | Description --------- | ----------- -metadata.version_id | version for the given secret key +`metadata.version_id` | version for the given secret key ## Setup GCP Secret Manager instance diff --git a/daprdocs/content/en/reference/components-reference/supported-secret-stores/hashicorp-vault.md b/daprdocs/content/en/reference/components-reference/supported-secret-stores/hashicorp-vault.md index f52251d71..a2f78b02a 100644 --- a/daprdocs/content/en/reference/components-reference/supported-secret-stores/hashicorp-vault.md +++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/hashicorp-vault.md @@ -72,7 +72,7 @@ The following [optional query parameters]({{< ref "secrets_api#query-parameters" Query Parameter | Description --------- | ----------- -metadata.version_id | version for the given secret key +`metadata.version_id` | version for the given secret key ## Setup Hashicorp Vault instance diff --git a/daprdocs/content/en/reference/components-reference/supported-secret-stores/huaweicloud-csms.md b/daprdocs/content/en/reference/components-reference/supported-secret-stores/huaweicloud-csms.md index 5f5685157..effdda940 100644 --- a/daprdocs/content/en/reference/components-reference/supported-secret-stores/huaweicloud-csms.md +++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/huaweicloud-csms.md @@ -40,6 +40,15 @@ The above example uses secrets as plain strings. It is recommended to use a loca | accessKey | Y | The HuaweiCloud Access Key to access this resource | `"accessKey"` | | secretAccessKey | Y | The HuaweiCloud Secret Access Key to access this resource | `"secretAccessKey"` | +## Optional per-request metadata properties + +The following [optional query parameters]({{< ref "secrets_api#query-parameters" >}}) can be provided when retrieving secrets from this secret store: + +Query Parameter | Description +--------- | ----------- +`metadata.version_id` | version for the given secret key + + ## Setup HuaweiCloud Cloud Secret Management Service (CSMS) instance Setup HuaweiCloud Cloud Secret Management Service (CSMS) using the HuaweiCloud documentation: https://support.huaweicloud.com/intl/en-us/usermanual-dew/dew_01_9993.html. From 6e088d1659634459752f89b9e9302618ddf1c1b9 Mon Sep 17 00:00:00 2001 From: Tiago Alves Macambira Date: Wed, 5 Jul 2023 13:33:12 -0700 Subject: [PATCH 5/7] Apply suggestions from code review Co-authored-by: Hannah Hunter <94493363+hhunter-ms@users.noreply.github.com> Signed-off-by: Tiago Alves Macambira --- daprdocs/content/en/reference/api/secrets_api.md | 7 +++++-- .../alicloud-oos-parameter-store.md | 6 +++--- .../supported-secret-stores/aws-secret-manager.md | 4 ++-- .../supported-secret-stores/azure-keyvault.md | 4 ++-- .../supported-secret-stores/gcp-secret-manager.md | 2 +- .../supported-secret-stores/hashicorp-vault.md | 2 +- .../supported-secret-stores/huaweicloud-csms.md | 2 +- 7 files changed, 15 insertions(+), 12 deletions(-) diff --git a/daprdocs/content/en/reference/api/secrets_api.md b/daprdocs/content/en/reference/api/secrets_api.md index 4403d80b9..d67489d00 100644 --- a/daprdocs/content/en/reference/api/secrets_api.md +++ b/daprdocs/content/en/reference/api/secrets_api.md @@ -34,8 +34,11 @@ Some secret stores have support for **optional** per-request metadata properties GET http://localhost:/v1.0/secrets//?metadata.version_id=15 ``` -Observe that not all secret stores support the same set of parameters. For instance, both Hashicorp Vault, GCP Secret Manager and AWS Secret Manager support the `version_id` parameter, but only AWS Secret Manager supports the `version_stage` parameter and only Kubernetes Secrets supports the `namespace` parameter. -Check each secret store's documentation for the list of supported parameters. +Observe that not all secret stores support the same set of parameters. For example: +- Hashicorp Vault, GCP Secret Manager, and AWS Secret Manager support the `version_id` parameter +- Only AWS Secret Manager supports the `version_stage` parameter +- Only Kubernetes Secrets supports the `namespace` parameter +Check each [secret store's documentation]({{< ref supported-secret-stores.md >}}) for the list of supported parameters. diff --git a/daprdocs/content/en/reference/components-reference/supported-secret-stores/alicloud-oos-parameter-store.md b/daprdocs/content/en/reference/components-reference/supported-secret-stores/alicloud-oos-parameter-store.md index cfd73cb6a..39c4493a0 100644 --- a/daprdocs/content/en/reference/components-reference/supported-secret-stores/alicloud-oos-parameter-store.md +++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/alicloud-oos-parameter-store.md @@ -45,12 +45,12 @@ The above example uses secrets as plain strings. It is recommended to use a loca ## Optional per-request metadata properties -The following [optional query parameters]({{< ref "secrets_api#query-parameters" >}}) can be provided when retrieving secrets from this secret store: +The following [optional query parameters]({{< ref "secrets_api.md#query-parameters" >}}) can be provided when retrieving secrets from this secret store: Query Parameter | Description --------- | ----------- -`metadata.version_id` | version for the given secret key -`metadata.path` | (For bulk requests only) the path from the metadata. If not set means root path (all secrets). +`metadata.version_id` | Version for the given secret key +`metadata.path` | (For bulk requests only) The path from the metadata. If not set, defaults to root path (all secrets). ## Create an AlibabaCloud OOS Parameter Store instance diff --git a/daprdocs/content/en/reference/components-reference/supported-secret-stores/aws-secret-manager.md b/daprdocs/content/en/reference/components-reference/supported-secret-stores/aws-secret-manager.md index a0f2b9b01..1a7063880 100644 --- a/daprdocs/content/en/reference/components-reference/supported-secret-stores/aws-secret-manager.md +++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/aws-secret-manager.md @@ -54,8 +54,8 @@ The following [optional query parameters]({{< ref "secrets_api#query-parameters" Query Parameter | Description --------- | ----------- -`metadata.version_id` | version for the given secret key -`metadata.version_stage` | version stage for the given secret key +`metadata.version_id` | Version for the given secret key. +`metadata.version_stage` | Version stage for the given secret key. ## Create an AWS Secrets Manager instance diff --git a/daprdocs/content/en/reference/components-reference/supported-secret-stores/azure-keyvault.md b/daprdocs/content/en/reference/components-reference/supported-secret-stores/azure-keyvault.md index f008b2ff4..57286c1b3 100644 --- a/daprdocs/content/en/reference/components-reference/supported-secret-stores/azure-keyvault.md +++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/azure-keyvault.md @@ -59,8 +59,8 @@ The following [optional query parameters]({{< ref "secrets_api#query-parameters" Query Parameter | Description --------- | ----------- -`metadata.version_id` | version for the given secret key -`metadata.maxresults` | (For bulk requests only) number of secrets to return after which the request will be truncated. +`metadata.version_id` | Version for the given secret key. +`metadata.maxresults` | (For bulk requests only) Number of secrets to return, after which the request will be truncated. ## Example diff --git a/daprdocs/content/en/reference/components-reference/supported-secret-stores/gcp-secret-manager.md b/daprdocs/content/en/reference/components-reference/supported-secret-stores/gcp-secret-manager.md index b485e6b42..c0e8ca400 100644 --- a/daprdocs/content/en/reference/components-reference/supported-secret-stores/gcp-secret-manager.md +++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/gcp-secret-manager.md @@ -67,7 +67,7 @@ The following [optional query parameters]({{< ref "secrets_api#query-parameters" Query Parameter | Description --------- | ----------- -`metadata.version_id` | version for the given secret key +`metadata.version_id` | Version for the given secret key. ## Setup GCP Secret Manager instance diff --git a/daprdocs/content/en/reference/components-reference/supported-secret-stores/hashicorp-vault.md b/daprdocs/content/en/reference/components-reference/supported-secret-stores/hashicorp-vault.md index a2f78b02a..d73ba7db0 100644 --- a/daprdocs/content/en/reference/components-reference/supported-secret-stores/hashicorp-vault.md +++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/hashicorp-vault.md @@ -72,7 +72,7 @@ The following [optional query parameters]({{< ref "secrets_api#query-parameters" Query Parameter | Description --------- | ----------- -`metadata.version_id` | version for the given secret key +`metadata.version_id` | Version for the given secret key. ## Setup Hashicorp Vault instance diff --git a/daprdocs/content/en/reference/components-reference/supported-secret-stores/huaweicloud-csms.md b/daprdocs/content/en/reference/components-reference/supported-secret-stores/huaweicloud-csms.md index effdda940..329a12961 100644 --- a/daprdocs/content/en/reference/components-reference/supported-secret-stores/huaweicloud-csms.md +++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/huaweicloud-csms.md @@ -46,7 +46,7 @@ The following [optional query parameters]({{< ref "secrets_api#query-parameters" Query Parameter | Description --------- | ----------- -`metadata.version_id` | version for the given secret key +`metadata.version_id` | Version for the given secret key. ## Setup HuaweiCloud Cloud Secret Management Service (CSMS) instance From 30b080a3bff56ff6d46739e32bc06daecbb8f295 Mon Sep 17 00:00:00 2001 From: Tiago Alves Macambira Date: Wed, 5 Jul 2023 13:41:59 -0700 Subject: [PATCH 6/7] Update daprdocs/content/en/reference/api/secrets_api.md Co-authored-by: Hannah Hunter <94493363+hhunter-ms@users.noreply.github.com> Signed-off-by: Tiago Alves Macambira --- daprdocs/content/en/reference/api/secrets_api.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/daprdocs/content/en/reference/api/secrets_api.md b/daprdocs/content/en/reference/api/secrets_api.md index d67489d00..58f8693d6 100644 --- a/daprdocs/content/en/reference/api/secrets_api.md +++ b/daprdocs/content/en/reference/api/secrets_api.md @@ -28,7 +28,7 @@ name | the name of the secret to get #### Query Parameters -Some secret stores have support for **optional** per-request metadata properties. Use query parameters to provide those properties: +Some secret stores support **optional**, per-request metadata properties. Use query parameters to provide those properties. For example: ``` GET http://localhost:/v1.0/secrets//?metadata.version_id=15 From 53b70602165beb21bb4bee2770e07cc701fc6312 Mon Sep 17 00:00:00 2001 From: Tiago Alves Macambira Date: Wed, 5 Jul 2023 15:10:57 -0700 Subject: [PATCH 7/7] Apply suggestions from code review Co-authored-by: Mark Fussell Signed-off-by: Tiago Alves Macambira --- daprdocs/content/en/reference/api/secrets_api.md | 2 +- .../supported-secret-stores/kubernetes-secret-store.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/daprdocs/content/en/reference/api/secrets_api.md b/daprdocs/content/en/reference/api/secrets_api.md index 58f8693d6..89e8a405a 100644 --- a/daprdocs/content/en/reference/api/secrets_api.md +++ b/daprdocs/content/en/reference/api/secrets_api.md @@ -35,7 +35,7 @@ GET http://localhost:/v1.0/secrets//?metadata ``` Observe that not all secret stores support the same set of parameters. For example: -- Hashicorp Vault, GCP Secret Manager, and AWS Secret Manager support the `version_id` parameter +- Hashicorp Vault, GCP Secret Manager and AWS Secret Manager support the `version_id` parameter - Only AWS Secret Manager supports the `version_stage` parameter - Only Kubernetes Secrets supports the `namespace` parameter Check each [secret store's documentation]({{< ref supported-secret-stores.md >}}) for the list of supported parameters. diff --git a/daprdocs/content/en/reference/components-reference/supported-secret-stores/kubernetes-secret-store.md b/daprdocs/content/en/reference/components-reference/supported-secret-stores/kubernetes-secret-store.md index c8c599231..b629503d8 100644 --- a/daprdocs/content/en/reference/components-reference/supported-secret-stores/kubernetes-secret-store.md +++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/kubernetes-secret-store.md @@ -40,7 +40,7 @@ The following [optional query parameters]({{< ref "secrets_api#query-parameters" Query Parameter | Description --------- | ----------- -`metadata.namespace`| The namespace of the secret. If not specified, the namespace of the pod will be used. +`metadata.namespace`| The namespace of the secret. If not specified, the namespace of the pod is used. ## Related links - [Secrets building block]({{< ref secrets >}})