Merge tag 'v2.1.0' into release/latest

.github/policies/resourceManagement.yml

@@ -0,0 +1,42 @@
+id: 
+name: GitOps.PullRequestIssueManagement
+description: GitOps.PullRequestIssueManagement primitive
+owner: 
+resource: repository
+disabled: false
+where: 
+configuration:
+  resourceManagementConfiguration:
+    scheduledSearches: []
+    eventResponderTasks:
+    - if:
+      - payloadType: Pull_Request
+      - hasLabel:
+          label: Auto-Merge
+      then:
+      - enableAutoMerge:
+          mergeMethod: Squash
+      description: 
+    - if:
+      - payloadType: Pull_Request
+      - labelRemoved:
+          label: Auto-Merge
+      then:
+      - disableAutoMerge
+      description: 
+    - if:
+      - payloadType: Pull_Request
+      - isAction:
+          action: Opened
+      - isActivitySender:
+          user: dotnet-maestro[bot]
+          issueAuthor: False
+      - titleContains:
+          pattern: Update dependencies
+          isRegex: False
+      then:
+      - approvePullRequest:
+          comment: Auto-approving dependency update.
+      description: 
+onFailure: 
+onSuccess: 

.github/workflows/backport.yml

@@ -0,0 +1,23 @@
+name: Backport PR to branch
+on:
+  issue_comment:
+    types: [created]
+  schedule:
+    # once a day at 13:00 UTC to cleanup old runs
+    - cron: '0 13 * * *'
+
+permissions:
+  contents: write
+  issues: write
+  pull-requests: write
+  actions: write
+
+jobs:
+  backport:
+    if: ${{ contains(github.event.comment.body, '/backport to') || github.event_name == 'schedule' }}
+    uses: dotnet/arcade/.github/workflows/backport-base.yml@main
+    with:
+      pr_description_template: |
+        Backport of #%source_pr_number% to %target_branch%
+
+        /cc %cc_users%

.github/workflows/markdownlint-problem-matcher.json

@@ -0,0 +1,17 @@
+{
+    "problemMatcher": [
+        {
+            "owner": "markdownlint",
+            "pattern": [
+                {
+                    "regexp": "^([^:]*):(\\d+):?(\\d+)?\\s([\\w-\\/]*)\\s(.*)$",
+                    "file": 1,
+                    "line": 2,
+                    "column": 3,
+                    "code": 4,
+                    "message": 5
+                }
+            ]
+        }
+    ]
+}

.github/workflows/markdownlint.yml

@@ -0,0 +1,26 @@
+name: Markdownlint
+
+permissions:
+  contents: read
+
+# run even on changes without markdown changes, so that we can
+# make it in GitHub a required check for PR's
+on:
+  pull_request:
+
+jobs:
+  lint:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v3
+    - name: Use Node.js
+      uses: actions/setup-node@v3
+      with:
+        node-version: 16.x
+    - name: Run Markdownlint
+      run: |
+        echo "::add-matcher::.github/workflows/markdownlint-problem-matcher.json"
+        npm i -g markdownlint-cli
+        markdownlint "**.md"

.markdownlint.json

@@ -0,0 +1,22 @@
+{
+    "default": true,
+    "ul-indent":                       false,
+    "no-trailing-spaces":              false,
+    "line-length":                     false,
+    "blanks-around-headings":          false,
+    "no-duplicate-heading":            { "siblings_only": true },
+    "no-trailing-punctuation":         false,
+    "ol-prefix":                       { "one_or_ordered": true },
+    "blanks-around-fences":            false,
+    "blanks-around-lists":             false,
+    "no-inline-html":                  { "allowed_elements": [ "summary", "details" ]},
+    "no-bare-urls":                    false,
+    "single-trailing-newline":         false,
+    "emphasis-style":                  false,
+    "first-line-heading":              false,
+    "no-space-in-code":                false,
+
+    // rule settings and options are documented in https://github.com/DavidAnson/markdownlint
+    // feel free to disable more low value rules in here; get rule name from the error message.
+    // the purpose of the linter is to catch significant issues like broken links.
+}

Directory.Build.props

@@ -6,12 +6,11 @@
     <Copyright>© Microsoft Corporation. All rights reserved.</Copyright>
     <PackageIcon></PackageIcon>
     <PackageIconFullPath></PackageIconFullPath>
-    <LangVersion>11.0</LangVersion>
+    <LangVersion>12.0</LangVersion>
     <PackageLicenseExpression>MIT</PackageLicenseExpression>
     <StrongNameKeyId>Microsoft</StrongNameKeyId>
     <EmbedUntrackedSources>true</EmbedUntrackedSources>
     <IncludeSymbols>true</IncludeSymbols>
-    <SymbolPackageFormat>snupkg</SymbolPackageFormat>
   </PropertyGroup>
 
   <PropertyGroup>

azure-pipelines.yml

@@ -32,6 +32,7 @@ variables:
     value: Release
   - name: runCodeQL3000
     value: ${{ and(ne(variables['System.TeamProject'], 'public'), or(eq(variables['Build.Reason'], 'Schedule'), and(eq(variables['Build.Reason'], 'Manual'), eq(parameters.runCodeQL3000, 'true')))) }}
+  - template: /eng/common/templates/variables/pool-providers.yml
   # Rely on task Arcade injects, not auto-injected build step.
   - name: skipComponentGovernanceDetection
     value: true
@@ -75,10 +76,10 @@ stages:
       - job: Windows
         pool:
           ${{ if eq(variables['System.TeamProject'], 'public') }}:
-            name: NetCore-Svc-Public
+            name: $(DncEngPublicBuildPool)
             demands: ImageOverride -equals windows.vs2019.amd64.open
           ${{ if ne(variables['System.TeamProject'], 'public') }}:
-            name: NetCore1ESPool-Svc-Internal
+            name: $(DncEngInternalBuildPool)
             demands: ImageOverride -equals windows.vs2019.amd64
         ${{ if eq(variables.runCodeQL3000, 'true') }}:
           # Component governance and SBOM creation are not needed here. Disable what Arcade would inject.

docs/DailyBuilds.md

@@ -14,6 +14,8 @@ If you want to download the latest daily build and use it in a project, then you
       <packageSources>
           <clear />
           <add key=".NET Libraries Daily" value="https://pkgs.dev.azure.com/dnceng/public/_packaging/dotnet-libraries/nuget/v3/index.json" />
+          <!-- The .NET Libraries Transport Daily feed is only needed for the Yarp.Kubernetes.Controller package -->
+          <add key=".NET Libraries Transport Daily" value="https://pkgs.dev.azure.com/dnceng/public/_packaging/dotnet-libraries-transport/nuget/v3/index.json" />
           <add key="NuGet.org" value="https://api.nuget.org/v3/index.json" />
       </packageSources>
   </configuration>

docs/docfx/articles/ab-testing.md

@@ -7,34 +7,28 @@ A/B testing and rolling upgrades require procedures for dynamically assigning in
 ## Example
 
 ```
-    public void Configure(IApplicationBuilder app, IProxyStateLookup lookup)
+app.MapReverseProxy(proxyPipeline =>
+{
+    // Custom cluster selection
+    proxyPipeline.Use((context, next) =>
     {
-        app.UseRouting();
-        app.UseEndpoints(endpoints =>
+        context.RequestServices.GetRequiredService<IProxyStateLookup>();
+        if (lookup.TryGetCluster(ChooseCluster(context), out var cluster))
         {
-            endpoints.MapReverseProxy(proxyPipeline =>
-            {
-                // Custom cluster selection
-                proxyPipeline.Use((context, next) =>
-                {
-                    if (lookup.TryGetCluster(ChooseCluster(context), out var cluster))
-                    {
-                        context.ReassignProxyRequest(cluster);
-                    }
-
-                    return next();
-                });
-                proxyPipeline.UseSessionAffinity();
-                proxyPipeline.UseLoadBalancing();
-            });
-        });
-    }
-
-    private string ChooseCluster(HttpContext context)
-    {
-        // Decide which cluster to use. This could be random, weighted, based on headers, etc.
-        return Random.Shared.Next(2) == 1 ? "cluster1" : "cluster2";
-    }
+            context.ReassignProxyRequest(cluster);
+        }
+
+        return next();
+    });
+    proxyPipeline.UseSessionAffinity();
+    proxyPipeline.UseLoadBalancing();
+});
+
+private string ChooseCluster(HttpContext context)
+{
+    // Decide which cluster to use. This could be random, weighted, based on headers, etc.
+    return Random.Shared.Next(2) == 1 ? "cluster1" : "cluster2";
+}
 ```
 
 ## Usage

docs/docfx/articles/authn-authz.md

@@ -38,33 +38,22 @@ Example:
 
 [Authorization policies](https://docs.microsoft.com/aspnet/core/security/authorization/policies) are an ASP.NET Core concept that the proxy utilizes. The proxy provides the above configuration to specify a policy per route and the rest is handled by existing ASP.NET Core authentication and authorization components.
 
-Authorization policies can be configured in Startup.ConfigureServices as follows:
+Authorization policies can be configured in the application as follows:
 ```
-public void ConfigureServices(IServiceCollection services)
+services.AddAuthorization(options =>
 {
-    services.AddAuthorization(options =>
-    {
-        options.AddPolicy("customPolicy", policy =>
-            policy.RequireAuthenticatedUser());
-    });
-}
+    options.AddPolicy("customPolicy", policy =>
+        policy.RequireAuthenticatedUser());
+});
 ```
 
-In Startup.Configure add the Authorization and Authentication middleware between Routing and Endpoints.
+In Program.cs add the Authorization and Authentication middleware.
 
 ```
-public void Configure(IApplicationBuilder app)
-{
-    app.UseRouting();
+app.UseAuthentication();
+app.UseAuthorization();
 
-    app.UseAuthentication();
-    app.UseAuthorization();
-
-    app.UseEndpoints(endpoints =>
-    {
-        endpoints.MapReverseProxy();
-    });
-}
+app.MapReverseProxy();
 ```
 
 See the [Authentication](https://docs.microsoft.com/aspnet/core/security/authentication/) docs for setting up your preferred kind of authentication.