diff --git a/.github/config/en-custom.txt b/.github/config/en-custom.txt index b1a00ab7a..f1f268434 100644 --- a/.github/config/en-custom.txt +++ b/.github/config/en-custom.txt @@ -1103,6 +1103,7 @@ OnFailure AzureKeyVaultVolumePropertiesKeys EnvironmentProperties Readonly +EnvironmentPropertiesRecipeParameters EnvironmentPropertiesRecipes SystemData TrackedResourceTags @@ -1344,8 +1345,10 @@ RecipeDefinition RecipeDefinitionParameters RecipePackProperties RecipePackPropertiesRecipes +RecipeParameterValue recipeKind recipeLocation +recipeParameters recipePacks recipepacks referencedBy diff --git a/.github/workflows/close-stale-prs.yml b/.github/workflows/close-stale-prs.yml index c9a810a7b..5d2e1ebe7 100644 --- a/.github/workflows/close-stale-prs.yml +++ b/.github/workflows/close-stale-prs.yml @@ -10,14 +10,16 @@ on: schedule: - cron: "0 18 * * *" # Run the workflow every day at 6PM UTC (10AM PST). +permissions: {} + jobs: stale: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 + timeout-minutes: 5 permissions: pull-requests: write - steps: - - uses: actions/stale@5f858e3efba33a5ca4407a664cc011ad407f2008 # v10.1.0 + - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10.1.1 with: repo-token: ${{ github.token }} stale-pr-message: This pull request has been automatically marked as stale because it has been inactive for 90 days. Remove stale label or comment or this PR will be closed in 7 days. diff --git a/.github/workflows/issues.yml b/.github/workflows/devops-boards.yaml similarity index 76% rename from .github/workflows/issues.yml rename to .github/workflows/devops-boards.yaml index 434c628a8..9e321a350 100644 --- a/.github/workflows/issues.yml +++ b/.github/workflows/devops-boards.yaml @@ -11,14 +11,15 @@ concurrency: group: issue-${{ github.event.issue.number }} cancel-in-progress: false -# Extra permissions needed to login with Entra ID service principal via federated identity -permissions: - id-token: write - issues: write +permissions: {} jobs: ado: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 + timeout-minutes: 5 + permissions: + id-token: write + issues: write environment: name: issues steps: @@ -36,19 +37,19 @@ jobs: run: | # The resource ID for Azure DevOps is always 499b84ac-1321-427f-aa17-267ca6975798 # https://learn.microsoft.com/azure/devops/integrate/get-started/authentication/service-principal-managed-identity - ADO_TOKEN=$(az account get-access-token --resource 499b84ac-1321-427f-aa17-267ca6975798 --query "accessToken" --output tsv) - echo "::add-mask::$ADO_TOKEN" - echo "ADO_TOKEN=$ADO_TOKEN" >> $GITHUB_ENV + ADO_TOKEN=$(az account get-access-token --resource 499b84ac-1321-427f-aa17-267ca6975798 --query accessToken --output tsv) + echo "::add-mask::${ADO_TOKEN}" + echo "ADO_TOKEN=${ADO_TOKEN}" >> "${GITHUB_ENV}" - name: Sync issue to Azure DevOps uses: danhellem/github-actions-issue-to-work-item@8d0ead9b49a65aa66dac6949b1ff149d7ef8b4de # v2.5 env: ado_token: ${{ env.ADO_TOKEN }} - github_token: ${{ secrets.GH_RAD_CI_BOT_PAT }} + github_token: ${{ github.token }} ado_organization: azure-octo ado_project: Incubations - ado_area_path: "Incubations\\Radius" - ado_iteration_path: "Incubations\\Radius" + ado_area_path: Incubations\\Radius + ado_iteration_path: Incubations\\Radius ado_new_state: New ado_active_state: Active ado_close_state: Closed diff --git a/.github/workflows/pr-checks.yaml b/.github/workflows/pr-checks.yaml index fbed607ca..70fa9d037 100644 --- a/.github/workflows/pr-checks.yaml +++ b/.github/workflows/pr-checks.yaml @@ -6,10 +6,16 @@ on: pull_request: types: [opened, reopened, synchronize, labeled, unlabeled] +permissions: {} + jobs: check-do-not-merge-tag: name: Check for do-not-merge tag - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 + timeout-minutes: 5 + permissions: + issues: read + pull-requests: read steps: - name: Check for do-not-merge label uses: mheap/github-action-required-labels@8afbe8ae6ab7647d0c9f0cfa7c2f939650d22509 # v5.5.1 diff --git a/.github/workflows/redirect.yml b/.github/workflows/redirect.yml index d0691e89f..7263c5f64 100644 --- a/.github/workflows/redirect.yml +++ b/.github/workflows/redirect.yml @@ -19,18 +19,24 @@ on: - "redirect/**" - ".github/workflows/redirect.yml" +permissions: {} + jobs: deploy-website: name: Deploy Redirect Website - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 + timeout-minutes: 5 + permissions: + contents: read steps: - name: Checkout repo - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: submodules: false + persist-credentials: false - name: Deploy staging site - uses: Azure/static-web-apps-deploy@4d27395796ac319302594769cfe812bd207490b1 # v1 + uses: Azure/static-web-apps-deploy@1a947af9992250f3bc2e68ad0754c0b0c11566c9 # v1 with: azure_static_web_apps_api_token: ${{ secrets.SWA_REDIRECT_TOKEN }} action: upload @@ -42,11 +48,14 @@ jobs: close_pr_site: name: Close PR Staging Site if: github.event_name == 'pull_request' && github.event.action == 'closed' - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 + timeout-minutes: 5 + permissions: + contents: read steps: - name: Close Pull Request id: closepullrequest - uses: Azure/static-web-apps-deploy@4d27395796ac319302594769cfe812bd207490b1 # v1 + uses: Azure/static-web-apps-deploy@1a947af9992250f3bc2e68ad0754c0b0c11566c9 # v1 with: azure_static_web_apps_api_token: ${{ secrets.SWA_REDIRECT_TOKEN }} action: close diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 35ede98d4..305ee2fcd 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -11,6 +11,8 @@ on: default: "" type: string +permissions: {} + env: GITHUB_TOKEN: ${{ secrets.GH_RAD_CI_BOT_PAT }} GITHUB_EMAIL: radiuscoreteam@service.microsoft.com @@ -18,13 +20,17 @@ env: jobs: release-docs: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 + timeout-minutes: 5 + permissions: + contents: read steps: - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: token: ${{ secrets.GH_RAD_CI_BOT_PAT }} ref: edge path: docs + persist-credentials: false - name: Configure git run: | @@ -40,7 +46,7 @@ jobs: run: | # CHANNEL is the major and minor version of the VERSION_NUMBER (e.g. 0.1) CHANNEL="$(echo ${{ inputs.version }} | cut -d '.' -f 1,2)" - echo "channel=$CHANNEL" >> $GITHUB_OUTPUT + echo "channel=$CHANNEL" >> "${GITHUB_OUTPUT}" - name: Release docs run: | diff --git a/.github/workflows/spellcheck.yaml b/.github/workflows/spellcheck.yaml index a5dc61a59..46c270f8d 100644 --- a/.github/workflows/spellcheck.yaml +++ b/.github/workflows/spellcheck.yaml @@ -14,6 +14,8 @@ on: - v*.* - edge +permissions: {} + env: ACTION_LINK: "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" @@ -23,28 +25,38 @@ concurrency: jobs: spellcheck: name: Spellcheck - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 + timeout-minutes: 5 + permissions: + contents: read + pull-requests: write steps: - name: Checkout docs - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + with: + persist-credentials: false - name: Spellcheck - uses: rojopolis/spellcheck-github-actions@6f2326b663e2dbab920da0fc4144b9f3202434ba # 0.54.0 + uses: rojopolis/spellcheck-github-actions@16d0338a5a3b5e3111a078029fb9a07a8125053d # 0.55.0 with: config_path: .github/config/.pyspelling.yml - name: Post GitHub workkflow output on failure if: failure() run: | - echo "## :x: Spellcheck Failed" >> $GITHUB_STEP_SUMMARY - echo "There are spelling errors in your PR. Visit [the workflow output](${{ env.ACTION_LINK }}) to see what words are failing." >> $GITHUB_STEP_SUMMARY - echo "### Adding new words" >> $GITHUB_STEP_SUMMARY - echo "If you are adding a new custom word refer to the [docs guide](https://docs.radapp.io/contributing/docs/#spelling)" >> $GITHUB_STEP_SUMMARY + { + echo "## :x: Spellcheck Failed" + echo "There are spelling errors in your PR. Visit [the workflow output](${{ env.ACTION_LINK }}) to see what words are failing." + echo "### Adding new words" + echo "If you are adding a new custom word refer to the [docs guide](https://docs.radapp.io/contributing/docs/#spelling)" + } >> "${GITHUB_STEP_SUMMARY}" - name: Post GitHub workflow output on success run: | - echo "## :white_check_mark: Spellcheck Passed" >> $GITHUB_STEP_SUMMARY - echo "There are no spelling errors in your PR." >> $GITHUB_STEP_SUMMARY + { + echo "## :white_check_mark: Spellcheck Passed" + echo "There are no spelling errors in your PR." + } >> "${GITHUB_STEP_SUMMARY}" - name: Post GitHub comment on failure if: failure() diff --git a/.github/workflows/upmerge.yaml b/.github/workflows/upmerge.yaml index 21779d36a..6235696e6 100644 --- a/.github/workflows/upmerge.yaml +++ b/.github/workflows/upmerge.yaml @@ -29,13 +29,19 @@ name: Upmerge docs to edge on: workflow_dispatch: +permissions: {} + jobs: upmerge: name: Upmerge docs to edge - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 + timeout-minutes: 5 + permissions: + contents: write + pull-requests: write steps: # Checkout the edge branch - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: ref: edge # https://github.com/actions/checkout/issues/125#issuecomment-570254411 @@ -48,35 +54,35 @@ jobs: run: | git config --global user.email "radiuscoreteam@service.microsoft.com" git config --global user.name "Radius CI Bot" - git remote set-url origin https://$GH_TOKEN@github.com/${{ github.repository }} + git remote set-url origin "https://${GH_TOKEN}@github.com/${{ github.repository }}" # Create a new branch from edge. This branch will be used to PR back into edge. - name: Create new branch run: | - export DATE=$(date +%Y-%m-%d) - export RAND=$(openssl rand -hex 2) - export BRANCH_NAME=upmerge/$DATE-$RAND - echo "BRANCH_NAME=$BRANCH_NAME" >> $GITHUB_ENV - git checkout -b $BRANCH_NAME + DATE=$(date +%Y-%m-%d) + RAND=$(openssl rand -hex 2) + BRANCH_NAME="upmerge/${DATE}-${RAND}" + echo "BRANCH_NAME=${BRANCH_NAME}" >> "${GITHUB_ENV}" + git checkout -b "${BRANCH_NAME}" # Merge changes from the github.ref branch, i.e., the branch from which the workflow is triggered. That # branch is assumed to be the current release branch, but could be any branch. # If there are no changes, stop the workflow. - name: Upmerge docs run: | - export SOURCE_BRANCH=$(basename ${{ github.ref }}) + SOURCE_BRANCH=$(basename ${{ github.ref }}) echo "Upmerging docs from $SOURCE_BRANCH to edge" - git fetch origin $SOURCE_BRANCH - git merge --no-commit origin/$SOURCE_BRANCH + git fetch origin "${SOURCE_BRANCH}" + git merge --no-commit "origin/${SOURCE_BRANCH}" git checkout edge -- docs/config.toml docs/layouts/partials/hooks/body-end.html git commit --signoff --message "Upmerge to edge" if git diff --quiet edge; then - echo "No changes to merge from $SOURCE_BRANCH to edge" - echo "NO_CHANGES=true" >> $GITHUB_ENV + echo "No changes to merge from ${SOURCE_BRANCH} to edge" + echo "NO_CHANGES=true" >> "${GITHUB_ENV}" else - echo "Pushing $BRANCH_NAME for PR to edge" - git push --set-upstream origin $BRANCH_NAME + echo "Pushing ${BRANCH_NAME} for PR to edge" + git push --set-upstream origin "${BRANCH_NAME}" fi # Create a PR from the new branch to edge @@ -84,4 +90,5 @@ jobs: if: env.NO_CHANGES != 'true' env: GH_TOKEN: ${{ secrets.GH_RAD_CI_BOT_PAT }} - run: gh pr create --title "Upmerge to edge" --body "Upmerge to edge (kicked off by @${{ github.triggering_actor }})" --base edge --head $BRANCH_NAME + run: | + gh pr create --title "Upmerge to edge" --body "Upmerge to edge (kicked off by @${{ github.triggering_actor }})" --base edge --head "${BRANCH_NAME}" diff --git a/.github/workflows/validate-bicep.yaml b/.github/workflows/validate-bicep.yaml index fbdf4c8a0..b36fe188d 100644 --- a/.github/workflows/validate-bicep.yaml +++ b/.github/workflows/validate-bicep.yaml @@ -28,13 +28,20 @@ on: - edge - v* +permissions: {} + jobs: build: name: Validate Bicep Code - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 + timeout-minutes: 5 + permissions: + contents: read steps: - name: Check out repo - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + with: + persist-credentials: false - name: Setup and verify bicep CLI run: | diff --git a/.github/workflows/website.yaml b/.github/workflows/website.yaml index a03e9bddc..17d46845a 100644 --- a/.github/workflows/website.yaml +++ b/.github/workflows/website.yaml @@ -14,15 +14,16 @@ on: - edge - v*.* -permissions: - id-token: write # Required for requesting the JWT - contents: read # Required for actions/checkout +permissions: {} jobs: build: name: Build Hugo Website if: github.event.action != 'closed' - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 + timeout-minutes: 5 + permissions: + contents: read # Required for actions/checkout environment: # If a PR into edge, use 'edge'. If a PR into anywhere else, use 'latest'. If a push, use the branch name. name: ${{ github.event_name == 'pull_request' && (github.base_ref == 'edge' && 'edge' || 'latest') || github.ref_name }} @@ -34,22 +35,24 @@ jobs: HUGO_ENV: production steps: - name: Checkout docs repo - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: submodules: true + persist-credentials: false - name: Parse release version and set environment variables run: python ./.github/scripts/get_docs_version.py - name: Checkout radius repo - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: repository: radius-project/radius ref: ${{ env.RELEASE_BRANCH }} path: ./radius + persist-credentials: false - name: Setup Node - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 + uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 with: node-version: "14" @@ -80,7 +83,7 @@ jobs: - name: Build Hugo Site run: | cd docs - if [ $GITHUB_EVENT_NAME == 'pull_request' ]; then + if [ "${GITHUB_EVENT_NAME}" == 'pull_request' ]; then STAGING_URL="https://${{ vars.ENV_STATICWEBAPP_BASE }}-${{github.event.number }}.westus2.3.azurestaticapps.net/" fi hugo ${STAGING_URL+-b "$STAGING_URL"} @@ -96,16 +99,21 @@ jobs: name: Deploy Hugo Website to App Service if: github.event_name == 'push' || github.event_name == 'workflow_dispatch' needs: [build] - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 + timeout-minutes: 5 + permissions: + id-token: write # Required for requesting the JWT + contents: read # Required for actions/checkout environment: # If push to edge, use 'edge'. If push to anywhere else, use 'latest'. name: ${{ github.ref_name == 'edge' && 'edge' || 'latest' }} url: ${{ github.ref_name == 'edge' && 'https://edge.docs.radapp.io' || 'https://docs.radapp.io' }} steps: - name: Checkout docs repo - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: submodules: false + persist-credentials: false - name: Download Hugo artifacts uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 @@ -130,7 +138,10 @@ jobs: deploy-website: name: Deploy Hugo Website needs: [build] - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 + timeout-minutes: 5 + permissions: + contents: read # Required for actions/checkout environment: # If a PR or push into edge, use 'edge'. If a PR or push into anywhere else, use 'latest'. name: ${{ github.event_name == 'pull_request' && (github.base_ref == 'edge' && 'edge' || 'latest') || (github.ref_name == 'edge' && 'edge' || 'latest') }} @@ -144,7 +155,7 @@ jobs: path: site/ - name: Deploy staging site - uses: Azure/static-web-apps-deploy@4d27395796ac319302594769cfe812bd207490b1 # v1 + uses: Azure/static-web-apps-deploy@1a947af9992250f3bc2e68ad0754c0b0c11566c9 # v1 with: azure_static_web_apps_api_token: ${{ secrets.ENV_STATICWEBAPP_TOKEN }} skip_deploy_on_missing_secrets: true @@ -158,7 +169,10 @@ jobs: close_pr_site: name: Close PR Staging Site if: github.event_name == 'pull_request' && github.event.action == 'closed' - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 + timeout-minutes: 5 + permissions: + contents: read # Required for actions/checkout environment: # If a PR into edge, use 'edge'. If a PR into anywhere else, use 'latest'. name: ${{ github.base_ref == 'edge' && 'edge' || 'latest' }} @@ -166,7 +180,7 @@ jobs: steps: - name: Close Pull Request id: closepullrequest - uses: Azure/static-web-apps-deploy@4d27395796ac319302594769cfe812bd207490b1 # v1 + uses: Azure/static-web-apps-deploy@1a947af9992250f3bc2e68ad0754c0b0c11566c9 # v1 with: azure_static_web_apps_api_token: ${{ secrets.ENV_STATICWEBAPP_TOKEN }} skip_deploy_on_missing_secrets: true @@ -177,19 +191,19 @@ jobs: name: Index site for Algolia if: github.event_name == 'push' needs: ["build", "deploy"] - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 + timeout-minutes: 5 + permissions: + contents: read # Required for actions/checkout environment: # If push to edge, use 'edge'. If push to anywhere else, use 'latest'. name: ${{ github.ref_name == 'edge' && 'edge' || 'latest' }} - env: - ALGOLIA_APP_ID: ${{ secrets.ALGOLIA_API_APPID }} - ALGOLIA_API_KEY: ${{ secrets.ALGOLIA_API_KEY }} - ALGOLIA_INDEX_NAME: ${{ secrets.ENV_ALGOLIA_INDEXNAME }} steps: - name: Checkout docs repo - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: submodules: false + persist-credentials: false - name: Download Hugo artifacts uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 @@ -204,3 +218,7 @@ jobs: - name: Index site run: python ./.github/scripts/algolia.py ./site + env: + ALGOLIA_APP_ID: ${{ secrets.ALGOLIA_API_APPID }} + ALGOLIA_API_KEY: ${{ secrets.ALGOLIA_API_KEY }} + ALGOLIA_INDEX_NAME: ${{ secrets.ENV_ALGOLIA_INDEXNAME }} diff --git a/docs/content/contributing/overview/index.md b/docs/content/contributing/overview/index.md index b20cdb5fe..1b13ccfa3 100644 --- a/docs/content/contributing/overview/index.md +++ b/docs/content/contributing/overview/index.md @@ -4,7 +4,7 @@ title: "Overview: Contributing to Radius" linkTitle: "Overview" description: "Guides and requirements for contributing to Radius" weight: 100 -aliases : ["/community/contributing/overview"] +aliases: ["/community/contributing/overview"] --- We welcome contributions to Radius! Contributions can come in different ways such as engaging with the community, contributing code, or improving the documentation. This page provides an overview of the different ways you can contribute to Radius. @@ -15,11 +15,11 @@ Check out the [Radius Community]({{< ref community >}}) page to learn about the ## GitHub -If you would like to file Issues, access the source code, or use Codespaces please visit the [Radius GitHub repo](https://github.com/radius-project). +If you would like to file Issues, access the source code, or use Codespaces please visit the [Radius GitHub repo](https://github.com/radius-project). ### good-first-issues -To quickly get started with contributing to code on Radius, here are some identified [good-first-issues](https://aka.ms/radius-first-issues) that you can `/assign` to yourself and start contributing. +To quickly get started with contributing to code on Radius, here are some identified [good-first-issues](https://aka.ms/radius-first-issues) that you can `/assign` to yourself and start contributing. good-first-issues @@ -29,7 +29,7 @@ Check out the following table to learn where and how you can contribute: | Repository | Description | Contribution guides | |------------|-------------|---------------------| -| **Resource Types and Recipes** | Shared library of Radius Resource Types and Recipes for Radius applications | [radius-project/resource-types-contrib](https://github.com/radius-project/resource-types-contrib/blob/main/CONTRIBUTING.MD) | +| **Resource Types and Recipes** | Shared library of Radius Resource Types and Recipes for Radius applications | [radius-project/resource-types-contrib](https://github.com/radius-project/resource-types-contrib/tree/main/docs/contributing) | | **Radius** | Main repository that contains source code for [`rad` CLI](https://github.com/radius-project/radius/blob/main/docs/contributing/contributing-code/contributing-code-cli/README.md), [control plane](https://github.com/radius-project/radius/blob/main/docs/contributing/contributing-code/contributing-code-control-plane/README.md) and other components of Radius | [radius-project/radius](https://github.com/radius-project/radius/blob/main/CONTRIBUTING.md)| | **Docs** | Documentation for Radius | [radius-project/docs]({{< ref contributing-docs>}})| | **Dashboard** | The frontend experience for Radius |[radius-project/dashboard](https://github.com/radius-project/dashboard/blob/main/CONTRIBUTING.md) | diff --git a/docs/content/guides/author-apps/kubernetes/overview/index.md b/docs/content/guides/author-apps/kubernetes/overview/index.md index 13e5ab5d2..ff30b2b38 100644 --- a/docs/content/guides/author-apps/kubernetes/overview/index.md +++ b/docs/content/guides/author-apps/kubernetes/overview/index.md @@ -12,9 +12,9 @@ Radius Applications are able to connect to and leverage Kubernetes resources. ## Resource library -Visit [GitHub](https://github.com/Azure/bicep-types-k8s/blob/main/generated/index.md) to reference the Kubernetes resource. +Visit [GitHub](https://github.com/Azure/bicep-types-k8s/tree/main/generated) to reference the Kubernetes resource. -{{< button text="Kubernetes resource library" link="https://github.com/Azure/bicep-types-k8s/blob/main/generated/index.md" newtab="true" >}} +{{< button text="Kubernetes resource library" link="https://github.com/Azure/bicep-types-k8s/tree/main/generated" newtab="true" >}} ## Example diff --git a/docs/content/reference/cli/rad_install_kubernetes.md b/docs/content/reference/cli/rad_install_kubernetes.md index 5d6411317..4f7a21be3 100644 --- a/docs/content/reference/cli/rad_install_kubernetes.md +++ b/docs/content/reference/cli/rad_install_kubernetes.md @@ -15,7 +15,7 @@ Installs Radius onto a kubernetes cluster Install Radius in a Kubernetes cluster using the Radius Helm chart. By default 'rad install kubernetes' will install Radius with the version matching the rad CLI version. -Radius will be installed in the 'radius-system' namespace. For more information visit https://docs.radapp.io/concepts/technical/architecture/ +Radius will be installed in the 'radius-system' namespace. For more information visit https://docs.radapp.io/concepts/ Overrides can be set by specifying Helm chart values with the '--set' flag. For more information visit https://docs.radapp.io/guides/operations/kubernetes/install/. @@ -61,11 +61,11 @@ rad install kubernetes --set-string 'global.imagePullSecrets[0].name=azure-cred' # Install Radius with the intermediate root CA certificate in the current Kubernetes context rad install kubernetes --set-file global.rootCA.cert=/path/to/rootCA.crt -# Install Radius with zipkin server for distributed tracing +# Install Radius with zipkin server for distributed tracing rad install kubernetes --set global.zipkin.url=http://localhost:9411/api/v2/spans # Install Radius with central prometheus monitoring service -rad install kubernetes --set global.prometheus.path=/customdomain.com/metrics,global.prometheus.port=443,global.rootCA.cert=/path/to/rootCA.crt +rad install kubernetes --set global.prometheus.path=/customdomain.com/metrics,global.prometheus.port=443,global.rootCA.cert=/path/to/rootCA.crt # Install Radius using a helmchart from specified file path rad install kubernetes --chart /root/radius/deploy/Chart diff --git a/docs/content/reference/cli/rad_rollback_kubernetes.md b/docs/content/reference/cli/rad_rollback_kubernetes.md index a7ddb52b6..9bb12f364 100644 --- a/docs/content/reference/cli/rad_rollback_kubernetes.md +++ b/docs/content/reference/cli/rad_rollback_kubernetes.md @@ -30,7 +30,7 @@ The rollback operation will: This command operates on the cluster associated with the active workspace. To rollback Radius in a different cluster, switch to the appropriate workspace first using 'rad workspace switch'. -Radius is installed in the 'radius-system' namespace. For more information visit https://docs.radapp.io/concepts/technical/architecture/ +Radius is installed in the 'radius-system' namespace. For more information visit https://docs.radapp.io/concepts/ ``` @@ -52,7 +52,7 @@ rad rollback kubernetes --revision 3 # List available revisions without performing rollback rad rollback kubernetes --list-revisions -# Check which workspace is active +# Check which workspace is active rad workspace show # Switch to a different workspace before rolling back diff --git a/docs/content/reference/cli/rad_upgrade_kubernetes.md b/docs/content/reference/cli/rad_upgrade_kubernetes.md index 5b882ce34..08db3cbd8 100644 --- a/docs/content/reference/cli/rad_upgrade_kubernetes.md +++ b/docs/content/reference/cli/rad_upgrade_kubernetes.md @@ -24,7 +24,7 @@ Preflight checks include: - Cluster resource availability - Custom configuration parameter validation -Radius is installed in the 'radius-system' namespace. For more information visit https://docs.radapp.io/concepts/technical/architecture/. +Radius is installed in the 'radius-system' namespace. For more information visit https://docs.radapp.io/concepts/. ``` diff --git a/docs/content/reference/limitations.md b/docs/content/reference/limitations.md index 44d565db6..ac24eb403 100644 --- a/docs/content/reference/limitations.md +++ b/docs/content/reference/limitations.md @@ -26,7 +26,7 @@ This will be addressed further in a future release. A Radius Environment allows you to specify Kubernetes as your compute platform, as well as specify the Kubernetes namespace in which Kubernetes objects are deployed. Additionally, you can override the namespace for a specific application using the [kubernetesNamespace extension.]({{< ref "application-schema#kubernetesNamespace" >}}). Currently, changing the namespace of an environment or application requires the application to be deleted and redeployed. If you need to change the namespace of an application, you can do so by deleting the application and/or environment and redeploying it with the new namespace. -### Resource names cannot contain underscores (_) +### Resource names cannot contain underscores (\_) Using an underscore in a resource name will result in an error. @@ -45,7 +45,9 @@ Error - Type: IncludeError, Status: True, Reason: RootIncludesRoot, Message: roo As a workaround make sure to use distinct names for both containers and gateways. ### Typos in Radius Resource Type Names + Deploying a Radius Resources with a typo in the resource type or an unsupported resource type will result in an Azure provider related error being thrown during deployment. For example, when `Application.Core/Extenders` is defined as `Application.Core/Extender` you will get an error messaging similar to: + ``` Azure deployment failed, please ensure you have configured an Azure provider with your Radius environment: https://docs.radapp.io/guides/operations/providers/azure-provider/ ``` @@ -121,7 +123,7 @@ This will be addressed in a future release when we change how the environmentId ### Bicep AWS limitations -Some of the [AWS resource types](/resource-schema/aws) are 'non-idempotent', this means that this resource type is assigned a primary identifier at deployment time and is currently not supported by Bicep. +Some of the [AWS resource types](./resource-schema/aws) are 'non-idempotent', this means that this resource type is assigned a primary identifier at deployment time and is currently not supported by Bicep. We are currently building support for non-idempotent resources in Radius. Please like and comment on this [this issue](https://github.com/radius-project/radius/issues/6227) if you are interested in the same. @@ -133,6 +135,6 @@ As a workaround, you can try using [Terraform Recipes]({{< ref "concepts/recipes If you receive an error saying Visual Studio Code or another application is not authorized to clone any of the Radius repositories you may need to re-authorize the GitHub app: -1. Open a browser to https://github.com/settings/applications +1. Open a browser to 1. Find the applicable app and select Revoke 1. Reopen app on local machine and re-auth diff --git a/docs/content/reference/metrics.md b/docs/content/reference/metrics.md index 26f5d5b0d..db61be6f1 100644 --- a/docs/content/reference/metrics.md +++ b/docs/content/reference/metrics.md @@ -9,25 +9,25 @@ categories: ["Reference"] Radius currently records following custom metrics that provide insight into its health and operations: - * [Radius async operation metrics](#async-operation-metrics) - * [Radius recipe metrics](#recipe-metrics) +- [Async operation metrics](#async-operation-metrics) +- [Recipe Engine metrics](#recipe-engine-metrics) -In addition, Radius uses otelhttp meter provider. Therefore all of the HTTP metrics documented at [otelhttp metrics](https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/metrics/semantic_conventions/http-metrics.md) are also available. +In addition, Radius uses otelhttp meter provider. Therefore all of the HTTP metrics documented at [otelhttp metrics](https://github.com/open-telemetry/semantic-conventions/blob/main/docs/http/http-metrics.md) are also available. ## Async operation metrics | Metrics Name | Description | |--------------|-------------| -|`asyncoperation.operation` | Total async operation count -|`asyncoperation.queued.operation` | Number of queued async operation -|`asyncoperation.extended.operation` | Number of extended async operation that are extended -|`asyncoperation.duration` | Async operation duration in milliseconds +|`asyncoperation.operation` | Total async operation count | +|`asyncoperation.queued.operation` | Number of queued async operation | +|`asyncoperation.extended.operation` | Number of extended async operation that are extended | +|`asyncoperation.duration` | Async operation duration in milliseconds | ## Recipe Engine metrics | Metrics Name | Description | |--------------|-------------| -| `recipe.operation.duration` | Recipe engine operation duration in milliseconds -| `recipe.download.duration` | Recipe download duration in milliseconds -| `recipe.tf.installation.duration` | Terraform installation duration in milliseconds -| `recipe.tf.init.duration` | Terraform initialization duration +| `recipe.operation.duration` | Recipe engine operation duration in milliseconds | +| `recipe.download.duration` | Recipe download duration in milliseconds | +| `recipe.tf.installation.duration` | Terraform installation duration in milliseconds | +| `recipe.tf.init.duration` | Terraform initialization duration | diff --git a/docs/content/reference/resource-schema/core-schema/volumes/volume-azure-keyvault/index.md b/docs/content/reference/resource-schema/core-schema/volumes/volume-azure-keyvault/index.md index 0eaeb4a80..aa9b71fc3 100644 --- a/docs/content/reference/resource-schema/core-schema/volumes/volume-azure-keyvault/index.md +++ b/docs/content/reference/resource-schema/core-schema/volumes/volume-azure-keyvault/index.md @@ -10,7 +10,7 @@ Radius supports mounting an Azure Key Vault as a persistent volume to the contai ## Prerequisites -- [Azure Key Vault CSI Driver](https://azure.github.io/secrets-store-csi-driver-provider-azure/demos/standard-walkthrough/) installed on your cluster +- [Azure Key Vault CSI Driver](https://azure.github.io/secrets-store-csi-driver-provider-azure/docs/demos/standard-walkthrough/) installed on your cluster - [Azure AD Workload Identity](https://azure.github.io/azure-workload-identity/docs/installation.html) installed on your cluster - `azure.com.workload` identity configured on your [environment]({{< ref "concepts/environments" >}}) - Your Azure Key Vault access policy should be set to [Azure role-based access control](https://learn.microsoft.com/azure/key-vault/general/rbac-guide?tabs=azure-cli) diff --git a/docs/content/reference/resources/radius/radius.core/2025-08-01-preview/environments/index.md b/docs/content/reference/resources/radius/radius.core/2025-08-01-preview/environments/index.md index e670bb230..53a41e4cf 100644 --- a/docs/content/reference/resources/radius/radius.core/2025-08-01-preview/environments/index.md +++ b/docs/content/reference/resources/radius/radius.core/2025-08-01-preview/environments/index.md @@ -33,6 +33,7 @@ description: "Detailed reference documentation for radius.core/environments@2025 | **providers** | [Providers](#providers) | | | **provisioningState** | 'Accepted' | 'Canceled' | 'Creating' | 'Deleting' | 'Failed' | 'Provisioning' | 'Succeeded' | 'Updating' | Provisioning state of the resource at the time the operation was called
_(ReadOnly)_ | | **recipePacks** | string[] | List of Recipe Pack resource IDs linked to this environment. | +| **recipeParameters** | [EnvironmentPropertiesRecipeParameters](#environmentpropertiesrecipeparameters) | Recipe specific parameters that apply to all resources of a given type in this environment. | | **simulated** | bool | Simulated environment. | ### Providers @@ -82,6 +83,26 @@ description: "Detailed reference documentation for radius.core/environments@2025 |----------|------|-------------| | **namespace** | string | Kubernetes namespace to deploy workloads into.
_(Required)_ | +### EnvironmentPropertiesRecipeParameters + +#### Properties + +* **none** + +#### Additional Properties + +* **Additional Properties Type**: [RecipeParameterValue](#recipeparametervalue) + +### RecipeParameterValue + +#### Properties + +* **none** + +#### Additional Properties + +* **Additional Properties Type**: any + ### SystemData #### Properties diff --git a/docs/content/reference/resources/radius/radius.core/2025-08-01-preview/recipepacks/index.md b/docs/content/reference/resources/radius/radius.core/2025-08-01-preview/recipepacks/index.md index eb0e5da8c..48eb4f588 100644 --- a/docs/content/reference/resources/radius/radius.core/2025-08-01-preview/recipepacks/index.md +++ b/docs/content/reference/resources/radius/radius.core/2025-08-01-preview/recipepacks/index.md @@ -30,7 +30,6 @@ description: "Detailed reference documentation for radius.core/recipepacks@2025- | Property | Type | Description | |----------|------|-------------| -| **description** | string | Description of what this recipe pack provides | | **provisioningState** | 'Accepted' | 'Canceled' | 'Creating' | 'Deleting' | 'Failed' | 'Provisioning' | 'Succeeded' | 'Updating' | Provisioning state of the resource at the time the operation was called
_(ReadOnly)_ | | **recipes** | [RecipePackPropertiesRecipes](#recipepackpropertiesrecipes) | Map of resource types to their recipe configurations
_(Required)_ | | **referencedBy** | string[] | List of environment IDs that reference this recipe pack
_(ReadOnly)_ | diff --git a/docs/content/reference/samples/tutorial-add-radius/index.md b/docs/content/reference/samples/tutorial-add-radius/index.md index 9ea05d23b..c24f9ef67 100644 --- a/docs/content/reference/samples/tutorial-add-radius/index.md +++ b/docs/content/reference/samples/tutorial-add-radius/index.md @@ -28,7 +28,7 @@ By the end of this tutorial, you will have deployed an existing Kubernetes appli As a part of this tutorial you will deploy an existing containerized Guestbook application originally authored by the Kubernetes community for use in their own tutorials. You will then add Radius to the deployed application. To incrementally add Radius to an existing application, you will leverage the built-in Kubernetes integration functionality by adding an annotation to the application's Kubernetes deployment manifest. This approach is particularly useful for adding Radius capabilities to applications that are already deployed. -The Guestbook application consists of a web front end along with primary and secondary Redis containers for storage, all deployed with Kubernetes. For more information about the application and access its source code, see the [Kubernetes tutorial](https://kubernetes.io/docs/tutorials/stateless-application/guestbook/) and their [examples repo](https://github.com/kubernetes/examples/tree/master/guestbook). +The Guestbook application consists of a web front end along with primary and secondary Redis containers for storage, all deployed with Kubernetes. For more information about the application and access its source code, see the [Kubernetes tutorial](https://kubernetes.io/docs/tutorials/stateless-application/guestbook/) and their [examples repo](https://github.com/kubernetes/examples/tree/master/web/guestbook). Guestbook application architecture diagram @@ -46,11 +46,11 @@ The Guestbook application consists of a web front end along with primary and sec cd samples/kubernetes/guestbook ``` - > The `kubernetes/guestbook` directory contains the Kubernetes YAML manifest files for their Guestbook sample application, copied directly from the [Kubernetes examples repo](https://github.com/kubernetes/examples/tree/master/guestbook). + > The `kubernetes/guestbook` directory contains the Kubernetes YAML manifest files for their Guestbook sample application, copied directly from the [Kubernetes examples repo](https://github.com/kubernetes/examples/tree/master/web/guestbook). 1. Initialize Radius: - Run this command to initialize Radius. For this example, answer **NO** when asked whether to set up an application: + Run this command to initialize Radius. For this example, answer **NO** when asked whether to set up an application: ```bash rad init @@ -143,13 +143,13 @@ Step 2: Deploy and test the existing Guestbook application using `kubectl` ``` Displaying application: demo - + (empty) ``` ## Step 3: Add Radius to the Guestbook application -You will now add Radius to the Guestbook application's Kubernetes deployment manifests by making edits to the YAML files in the `deploy` directory. +You will now add Radius to the Guestbook application's Kubernetes deployment manifests by making edits to the YAML files in the `deploy` directory. 1. In each of the YAML files that contain a manifest for `Kind: Deployment`, add the `annotations` property to `metadata`, and then add the `radapp.io/enabled: 'true'` annotation. Note that the `'true'` must be surrounded in quotes. diff --git a/holding-pen/reference-apps/eshop/_index.md b/holding-pen/reference-apps/eshop/_index.md index 3fba2cff3..6c132f8f6 100644 --- a/holding-pen/reference-apps/eshop/_index.md +++ b/holding-pen/reference-apps/eshop/_index.md @@ -26,7 +26,7 @@ eShop on Containers uses a microservice oriented architecture implementation wit [Deploying eShop without Radius](https://github.com/dotnet-architecture/eShopOnContainers/tree/dev/deploy/k8s) requires deploying a cluster and the backing infrastructure, configuring multiple CLIs and tools, running deployment scripts, and manually copying/pasting credentials and endpoints. -eShop provides instructions to [deploy to Azure](https://github.com/dotnet-architecture/eShopOnContainers/wiki/Deploying-Azure-resources) or to [deploy to an AKS cluster](https://github.com/dotnet-architecture/eShopOnContainers/wiki/Deploy-to-Azure-Kubernetes-Service-(AKS)) (and even to [deploy to AKS using ARM/Bicep templates](https://github.com/Azure/bicep/tree/main/docs/examples/101/aks)). +eShop provides instructions to [deploy to Azure](https://github.com/dotnet-architecture/eShopOnContainers/wiki/Deploying-Azure-resources) or to [deploy to an AKS cluster](https://github.com/dotnet-architecture/eShopOnContainers/wiki/Deploy-to-Azure-Kubernetes-Service-(AKS)) (and even to [deploy to AKS using ARM/Bicep templates](https://github.com/Azure/azure-quickstart-templates/tree/master/quickstarts/microsoft.kubernetes/aks)). Once the cluster and infrastructure resources are deployed, you can [deploy the eShop application using Helm charts and PowerShell](https://github.com/dotnet-architecture/eShopOnContainers/wiki/Deploy-to-Azure-Kubernetes-Service-(AKS)#install-eshoponcontainers-using-helm).