upmerge/06-24 (#1588)

* Supported Release Info and Upgrade Path for v1.2 (#1494)

* Supported Release Info and Upgrade Path for v1.2

* Update support-release-policy.md

* Update daprdocs/content/en/operations/support/support-release-policy.md

Co-authored-by: Aaron Crawfis <[email protected]>

* Adding K8s versions table (#1521)

* Adding table of kubernetes versions

* Updating intro

* Fix incorrect postgresql connection string example (#1524)

Co-authored-by: Aaron Crawfis <[email protected]>

* Update docs on using Codespaces with Dapr repos (#1522)

* Update docs on using Codespaces with Dapr repos

* Move codespaces.md under the Contributing topic

* Update daprdocs/content/en/contributing/codespaces.md

Co-authored-by: Aaron Crawfis <[email protected]>

* Fix two typos (#1526)

Co-authored-by: Aaron Crawfis <[email protected]>

* Update chinese content (#1527)

Co-authored-by: Aaron Crawfis <[email protected]>

* Updated to fix deprecated helm chart location (#1528)

The `https://kubernetes-charts.storage.googleapis.com/` location is no longer used, so this change updates this, the command to install, and the missing update step that will cause the install to fail if an update was never done after adding the location.

Co-authored-by: Aaron Crawfis <[email protected]>

* nr_consul_typo fixed malformed yaml (#1532)

Co-authored-by: Aaron Crawfis <[email protected]>

* Fix typo in azure-keyvault-managed-identity.md (#1541)

* Fix custom middleware sample code interface implementation error (#1539)

Fix custom middleware sample code interface implementation error, interface function declare error.

Co-authored-by: Aaron Crawfis <[email protected]>

* Fix the file name of secrets json (#1546)

* Tech writing touch-ups (#1555)

* Tech writing touch-ups (#1556)

Co-authored-by: Aaron Crawfis <[email protected]>

* Tech writing touch-ups (#1557)

Co-authored-by: Aaron Crawfis <[email protected]>

* Tech writing touch-ups (#1558)

Co-authored-by: Aaron Crawfis <[email protected]>

* Tech writing touch-ups (#1560)

Co-authored-by: Aaron Crawfis <[email protected]>

* Tech writing touch-ups (#1559)

Co-authored-by: Aaron Crawfis <[email protected]>

* Ignore intellij link that isn't resolvable (#1564)

* Update issue templates (#1563)

* Update issue templates

* Add needs-triage

* Updating PubSub documentation to remove slave wording (#1565)

* Updating PubSub documentation to remove slave

Bitnami has updated their Redis Helm chart to change redis-slave to redis-replicas. I am updating the documentation for PubSub to reflect this change and avoid confusion for any readers.

* Removing more instances of Redis slave naming

Co-authored-by: Aaron Crawfis <[email protected]>

* Actor Runtime Configuration Docs (#1495)

* Actor Runtime Configuration Docs

Addresses #1470

* Update daprdocs/content/en/developing-applications/building-blocks/actors/howto-actors.md

Co-authored-by: Aaron Crawfis <[email protected]>

* Update daprdocs/content/en/developing-applications/building-blocks/actors/howto-actors.md

Co-authored-by: Aaron Crawfis <[email protected]>

* add configuration examples

* configuration examples

* Fix syntax

* Add dotnet sample

* Update daprdocs/content/en/developing-applications/building-blocks/actors/howto-actors.md

Co-authored-by: Aaron Crawfis <[email protected]>

* Fixed GCP Pub/Sub Binding required fields (#1578)

* aacrawfi/middlware (#1567)

* Move and update middleware components

* Update middleware docs structure

* Combine middleware pages

* Update middleware references

* Update middleware image

* Fix incorrect curl syntax in Actors API examples (#1577)

Co-authored-by: Aaron Crawfis <[email protected]>

* Fix link at api-allowlist.md (#1574)

Fix link at api-allowlist.md to Dapr Configuration overview

Co-authored-by: Aaron Crawfis <[email protected]>

* Add language that only a single state store component can be used for actors state mangement (#1579)

Co-authored-by: Aaron Crawfis <[email protected]>

* fix: cron format (#1581)

* Updated name resolution docs (#1576)

* Add consul references

* Fix typo

Add a missing word

* Clarify state management examples

* Added table to show Kubernetes options

When I read this doc it was unclear that the cert could be provided as a secret. The only table on the original version showed `spnCertificateFile` as a required option. I added a second table to make it clear that in Kubernetes there is a `spnCertificate` option that does not require a file on disk.

* incorporating feedback

* Update daprdocs/content/en/reference/components-reference/supported-secret-stores/azure-keyvault.md

* Update daprdocs/content/en/reference/components-reference/supported-secret-stores/azure-keyvault.md

* Fix self-hosted docs

* Remove name-resolution reference

* Add other name resolution providers

* Update service invocation docs

* Remove whitespace

* Update service-invocation-overview.md

Fixed typo and added a sentence on Consul

* Update setup-nr-consul.md

Minor updates

* Address comments

* Fix code formatting

Co-authored-by: Esteban Luchsinger <[email protected]>
Co-authored-by: Donovan Brown <[email protected]>
Co-authored-by: Mark Fussell <[email protected]>

Co-authored-by: Bernd Verst <[email protected]>
Co-authored-by: Mark Fussell <[email protected]>
Co-authored-by: Zonciu Liang <[email protected]>
Co-authored-by: Simon Leet <[email protected]>
Co-authored-by: Maarten Mulders <[email protected]>
Co-authored-by: Newbe36524 <[email protected]>
Co-authored-by: Steven Jenkins De Haro <[email protected]>
Co-authored-by: Abdulaziz Elsheikh <[email protected]>
Co-authored-by: Antonio Fiumanò <[email protected]>
Co-authored-by: li1234yun <[email protected]>
Co-authored-by: greenie-msft <[email protected]>
Co-authored-by: voipengineer <[email protected]>
Co-authored-by: Evan Simkowitz <[email protected]>
Co-authored-by: Ricardo Niepel <[email protected]>
Co-authored-by: Abhith Rajan <[email protected]>
Co-authored-by: Esteban Luchsinger <[email protected]>
Co-authored-by: Donovan Brown <[email protected]>

daprdocs/content/en/concepts/components-concept.md

@@ -29,7 +29,7 @@ Service discovery components are used with the [service invocation]({{<ref "serv
 
 ## Middleware
 
-Dapr allows custom [middleware]({{<ref "middleware-concept.md">}})  to be plugged into the request processing pipeline. Middleware can perform additional actions on a request, such as authentication, encryption and message transformation before the request is routed to the user code, or before the request is returned to the client. The middleware components are used with the [service invocation]({{<ref "service-invocation-overview.md">}}) building block.
+Dapr allows custom [middleware]({{<ref "middleware.md">}})  to be plugged into the request processing pipeline. Middleware can perform additional actions on a request, such as authentication, encryption and message transformation before the request is routed to the user code, or before the request is returned to the client. The middleware components are used with the [service invocation]({{<ref "service-invocation-overview.md">}}) building block.
 
 - [Middleware implementations](https://github.com/dapr/components-contrib/tree/master/middleware)
 

daprdocs/content/en/developing-applications/building-blocks/actors/howto-actors.md

@@ -23,10 +23,9 @@ Refer [api spec]({{< ref "actors_api.md#invoke-actor-method" >}}) for more detai
 ## Actor state management
 
 Actors can save state reliably using state management capability.
-
 You can interact with Dapr through HTTP/gRPC endpoints for state management.
 
-To use actors, your state store must support multi-item transactions.  This means your state store [component](https://github.com/dapr/components-contrib/tree/master/state) must implement the [TransactionalStore](https://github.com/dapr/components-contrib/blob/master/state/transactional_store.go) interface.  The list of components that support transactions/actors can be found here: [supported state stores]({{< ref supported-state-stores.md >}}).
+To use actors, your state store must support multi-item transactions.  This means your state store [component](https://github.com/dapr/components-contrib/tree/master/state) must implement the [TransactionalStore](https://github.com/dapr/components-contrib/blob/master/state/transactional_store.go) interface.  The list of components that support transactions/actors can be found here: [supported state stores]({{< ref supported-state-stores.md >}}). Only a single state store component can be used as the statestore for all actors. 
 
 ## Actor timers and reminders
 

daprdocs/content/en/developing-applications/building-blocks/service-invocation/service-invocation-overview.md

@@ -12,10 +12,10 @@ Using service invocation, your application can reliably and securely communicate
 
 In many environments with multiple services that need to communicate with each other, developers often ask themselves the following questions:
 
-* How do I discover and invoke methods on different services?
-* How do I call other services securely with encryption and apply access control on the methods?
-* How do I handle retries and transient errors?
-* How do I use tracing to see a call graph with metrics to diagnose issues in production?
+- How do I discover and invoke methods on different services?
+- How do I call other services securely with encryption and apply access control on the methods?
+- How do I handle retries and transient errors?
+- How do I use tracing to see a call graph with metrics to diagnose issues in production?
 
 Dapr addresses these challenges by providing a service invocation API that acts as a combination of a reverse proxy with built-in service discovery, while leveraging built-in distributed tracing, metrics, error handling, encryption and more.
 
@@ -28,11 +28,9 @@ The diagram below is an overview of how Dapr's service invocation works.
 <img src="/images/service-invocation-overview.png" width=800 alt="Diagram showing the steps of service invocation">
 
 1. Service A makes an HTTP or gRPC call targeting Service B. The call goes to the local Dapr sidecar.
-2. Dapr discovers Service B's location using the [name resolution component](https://github.com/dapr/components-contrib/tree/master/nameresolution) which is running on the given [hosting platform]({{< ref "hosting" >}}).
+2. Dapr discovers Service B's location using the [name resolution component]({{< ref supported-name-resolution >}}) which is running on the given [hosting platform]({{< ref "hosting" >}}).
 3. Dapr forwards the message to Service B's Dapr sidecar
-
-    **Note**: All calls between Dapr sidecars go over gRPC for performance. Only calls between services and Dapr sidecars can be either HTTP or gRPC
-
+   - **Note**: All calls between Dapr sidecars go over gRPC for performance. Only calls between services and Dapr sidecars can be either HTTP or gRPC
 4. Service B's Dapr sidecar forwards the request to the specified endpoint (or method) on Service B.  Service B then runs its business logic code.
 5. Service B sends a response to Service A.  The response goes to Service B's sidecar.
 6. Dapr forwards the response to Service A's Dapr sidecar.
@@ -43,63 +41,59 @@ Service invocation provides several features to make it easy for you to call met
 
 ### Namespaces scoping
 
-Service invocation supports calls across namespaces. On all supported hosting platforms, Dapr app IDs conform to a valid FQDN format that includes the target namespace.
-
-For example, the following string contains the app ID `nodeapp` in addition to the namespace the app runs in `production`.
+By default, users can invoke services within the same namespaces by simply referencing the app ID (`nodeapp`):
 
+```sh
+localhost:3500/v1.0/invoke/nodeapp/method/neworder
 ```
-localhost:3500/v1.0/invoke/nodeapp.production/method/neworder
-```
 
-This is especially useful in cross namespace calls in a Kubernetes cluster. Watch this video for a demo on how to use namespaces with service invocation.
+Service invocation also supports calls across namespaces. On all supported hosting platforms, Dapr app IDs conform to a valid FQDN format that includes the target namespace.
+
+Users can specify both the app ID (`nodeapp`) in addition to the namespace the app runs in (`production`):
 
-<iframe width="560" height="315" src="https://www.youtube.com/embed/LYYV_jouEuA?start=497" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
+```sh
+localhost:3500/v1.0/invoke/nodeapp.production/method/neworder
+```
 
+This is especially useful in cross namespace calls in a Kubernetes cluster.
 
 ### Service-to-service security
 
 All calls between Dapr applications can be made secure with mutual (mTLS) authentication on hosted platforms, including automatic certificate rollover, via the Dapr Sentry service. The diagram below shows this for self hosted applications.
 
 For more information read the [service-to-service security]({{< ref "security-concept.md#sidecar-to-sidecar-communication" >}}) article.
 
-
-### Service access policies security
+### Access control
 
 Applications can control which other applications are allowed to call them and what they are authorized to do via access policies. This enables you to restrict sensitive applications, that say have personnel information, from being accessed by unauthorized applications, and combined with service-to-service secure communication, provides for soft multi-tenancy deployments.
 
 For more information read the [access control allow lists for service invocation]({{< ref invoke-allowlist.md >}}) article.
 
-#### Example service invocation security
-The diagram below is an example deployment on a Kubernetes cluster with a Daprized `Ingress` service that calls onto `Service A` using service invocation with mTLS encryption and an applies access control policy. `Service A` then calls onto `Service B` also using service invocation and mTLS. Each service is running in different namespaces for added isolation.
-
-<img src="/images/service-invocation-security.png" width=800>
-
 ### Retries
 
 Service invocation performs automatic retries with backoff time periods in the event of call failures and transient errors.
 
 Errors that cause retries are:
 
-* Network errors including endpoint unavailability and refused connections.
-* Authentication errors due to a renewing certificate on the calling/callee Dapr sidecars.
+- Network errors including endpoint unavailability and refused connections.
+- Authentication errors due to a renewing certificate on the calling/callee Dapr sidecars.
 
 Per call retries are performed with a backoff interval of 1 second up to a threshold of 3 times.
 Connection establishment via gRPC to the target sidecar has a timeout of 5 seconds.
 
 ### Pluggable service discovery
 
-Dapr can run on any [hosting platform]({{< ref hosting >}}). For the supported hosting platforms this means they have a [name resolution component](https://github.com/dapr/components-contrib/tree/master/nameresolution) developed for them that enables service discovery. For example, the Kubernetes name resolution component uses the Kubernetes DNS service to resolve the location of other applications running in the cluster. For local and multiple physical machines this uses the mDNS protocol.
-
-> Note: [For local and physical machines, ensure mDNS is functioning properly.]({{< ref "common_issues.md#service-invocation-is-failing-and-my-dapr-service-is-missing-an-appId-macos" >}})
+Dapr can run on a variety of [hosting platforms]({{< ref hosting >}}). To enable service discovery and service invocation, Dapr uses pluggable [name resolution components]({{< ref supported-name-resolution >}}). For example, the Kubernetes name resolution component uses the Kubernetes DNS service to resolve the location of other applications running in the cluster. Self-hosted machines can use the mDNS name resolution component. The Consul name resolution component can be used in any hosting environment including Kubernetes or self-hosted.  
 
 ### Round robin load balancing with mDNS
+
 Dapr provides round robin load balancing of service invocation requests with the mDNS protocol, for example with a single machine or with multiple, networked, physical machines.
 
 The diagram below shows an example of how this works. If you have 1 instance of an application with app ID `FrontEnd` and 3 instances of application with app ID `Cart` and you call from `FrontEnd` app to `Cart` app, Dapr round robins' between the 3 instances. These instance can be on the same machine or on different machines. .
 
-<img src="/images/service-invocation-mdns-round-robin.png" width=800 alt="Diagram showing the steps of service invocation">
+<img src="/images/service-invocation-mdns-round-robin.png" width=600 alt="Diagram showing the steps of service invocation">
 
-Note: You can have N instances of the same app with the same app ID as app ID is unique per app. And you can have multiple instances of that app where all those instances have the same app ID.
+**Note**: You can have N instances of the same app with the same app ID as app ID is unique per app. And you can have multiple instances of that app where all those instances have the same app ID.
 
 ### Tracing and metrics with observability
 
@@ -110,11 +104,12 @@ By default, all calls between applications are traced and metrics are gathered t
 The API for service invocation can be found in the [service invocation API reference]({{< ref service_invocation_api.md >}}) which describes how to invoke a method on another service.
 
 ## Example
+
 Following the above call sequence, suppose you have the applications as described in the [hello world quickstart](https://github.com/dapr/quickstarts/blob/master/hello-world/README.md), where a python app invokes a node.js app. In such a scenario, the python app would be "Service A" , and a Node.js app would be "Service B".
 
 The diagram below shows sequence 1-7 again on a local machine showing the API calls:
 
-<img src="/images/service-invocation-overview-example.png" width=800>
+<img src="/images/service-invocation-overview-example.png" width=800 />
 
 1. The Node.js app has a Dapr app ID of `nodeapp`. The python app invokes the Node.js app's `neworder` method by POSTing `http://localhost:3500/v1.0/invoke/nodeapp/method/neworder`, which first goes to the python app's local Dapr sidecar.
 2. Dapr discovers the Node.js app's location using name resolution component (in this case mDNS while self-hosted) which runs on your local machine.
@@ -126,9 +121,9 @@ The diagram below shows sequence 1-7 again on a local machine showing the API ca
 
 ## Next steps
 
-* Follow these guides on:
-    * [How-to: Invoke services using HTTP]({{< ref howto-invoke-discover-services.md >}})
-    * [How-To: Configure Dapr to use gRPC]({{< ref grpc >}})
-* Try out the [hello world quickstart](https://github.com/dapr/quickstarts/blob/master/hello-world/README.md) which shows how to use HTTP service invocation or try the samples in the [Dapr SDKs]({{< ref sdks >}})
-* Read the [service invocation API specification]({{< ref service_invocation_api.md >}})
-* Understand the [service invocation performance]({{< ref perf-service-invocation.md >}}) numbers
+- Follow these guides on:
+  - [How-to: Invoke services using HTTP]({{< ref howto-invoke-discover-services.md >}})
+  - [How-To: Configure Dapr to use gRPC]({{< ref grpc >}})
+- Try out the [hello world quickstart](https://github.com/dapr/quickstarts/blob/master/hello-world/README.md) which shows how to use HTTP service invocation or try the samples in the [Dapr SDKs]({{< ref sdks >}})
+- Read the [service invocation API specification]({{< ref service_invocation_api.md >}})
+- Understand the [service invocation performance]({{< ref perf-service-invocation.md >}}) numbers

daprdocs/content/en/developing-applications/building-blocks/state-management/state-management-overview.md

@@ -65,7 +65,7 @@ Dapr supports two types of bulk operations - **bulk** or **multi**. You can grou
 Read the [API reference]({{< ref state_api.md >}}) to learn how use bulk and multi options.
 
 ### Actor state
-Transactional state stores can be used to store actor state. To specify which state store to be used for actors, specify value of property `actorStateStore` as `true` in the metadata section of the state store component. Actors state is stored with a specific scheme in transactional state stores, which allows for consistent querying. Read the [API reference]({{< ref state_api.md >}}) to learn more about state stores for actors and the [actors API reference]({{< ref actors_api.md >}})
+Transactional state stores can be used to store actor state. To specify which state store to be used for actors, specify value of property `actorStateStore` as `true` in the metadata section of the state store component. Actors state is stored with a specific scheme in transactional state stores, which allows for consistent querying. Only a single state store component can be used as the statestore for all actors. Read the [API reference]({{< ref state_api.md >}}) to learn more about state stores for actors and the [actors API reference]({{< ref actors_api.md >}})
 
 ### Query state store directly