- Make pseudo http URL with https

- [listing] -> [source, text]
- typos ; hyphenated words reported by IntelliJ
- MP config snippets
- Fix properties snippets (use = instead of : for the key-value separator)
- Some normalization of curl request / response (JSON response as a separate block with a nested title 'JSON response')
- Add fit role to many images
- Fix XML indentation

docs/src/main/asciidoc/includes/cors.adoc

@@ -106,14 +106,14 @@ ifdef::se-flavor[]
 [source,yaml]
 ----
 restrictive-cors:
-  allow-origins: ["http://foo.com", "http://there.com"]
+  allow-origins: ["https://foo.com", "https://there.com"]
   allow-methods: ["PUT", "DELETE"]
 ----
 endif::[]
 ifndef::se-flavor[]
 [source,yaml]
 ----
-allow-origins: ["http://foo.com", "http://there.com"]
+allow-origins: ["https://foo.com", "https://there.com"]
 allow-methods: ["PUT", "DELETE"]
 ----
 endif::[]
@@ -207,15 +207,15 @@ You can use mapped configuration to your advantage if you want to specify all CO
 
 The following example illustrates the mapped cross-origin configuration format.
 
-[source,hocon,subs="attributes+"]
+[source,yaml,subs="attributes+"]
 ----
-{mapped-config-top-key}: // <1>
+{mapped-config-top-key}: # <1>
   paths: <2>
     - path-pattern: /greeting // <3>
-      allow-origins: ["http://foo.com", "http://there.com", "http://other.com"] // <4>
+      allow-origins: ["https://foo.com", "https://there.com", "https://other.com"] # <4>
       allow-methods: ["PUT", "DELETE"]
-    - path-pattern: / // <5>
-      allow-methods: ["GET", "HEAD", "OPTIONS", "POST"] // <6>
+    - path-pattern: / # <5>
+      allow-methods: ["GET", "HEAD", "OPTIONS", "POST"] # <6>
 ----
 // We want to use the following to insert the SE or MP callout 1 text; we need to use the blank, plus,
 // and subs because the MP attribute value contains backticks, and this is the only way we've found
@@ -337,15 +337,15 @@ CORS configuration section.
 // Tag the following example so we can exclude it from MP which supplies its own complete example.
 // tag::se-config-example[]
 The following example restricts sharing of the
-`{built-in-service-prefix}/health` resource, provided by the health built-in service, to only the origin `\http://there.com`.
+`{built-in-service-prefix}/health` resource, provided by the health built-in service, to only the origin `\https://there.com`.
 [source,hocon,subs="attributes+"]
 ----
 cors:
   paths:
     - path-pattern: "{built-in-service-prefix}/health"
-      allow-origins: [http://there.com]
+      allow-origins: [https://there.com]
     - path-pattern: "{built-in-service-prefix}/metrics"
-      allow-origins: [http://foo.com]
+      allow-origins: [https://foo.com]
 ----
 
 // end::se-config-example[]
@@ -368,10 +368,11 @@ Build and run the QuickStart application as usual.
 The metrics service rejects attempts to access metrics on behalf of a disallowed origin.
 [source,bash,subs="attributes+"]
 ----
-curl -i -H "Origin: http://other.com" http://localhost:8080{built-in-service-prefix}/metrics
+curl -i -H "Origin: https://other.com" http://localhost:8080{built-in-service-prefix}/metrics
 ----
 
 [source, listing]
+.Curl output
 ----
 HTTP/1.1 403 Forbidden
 Date: Mon, 11 May 2020 11:08:09 -0500
@@ -382,13 +383,14 @@ connection: keep-alive
 But accesses from `foo.com` succeed.
 [source,bash,subs="attributes+"]
 ----
-curl -i -H "Origin: http://foo.com" http://localhost:8080{built-in-service-prefix}/metrics
+curl -i -H "Origin: https://foo.com" http://localhost:8080{built-in-service-prefix}/metrics
 ----
 
 [source, listing]
+.Curl output
 ----
 HTTP/1.1 200 OK
-Access-Control-Allow-Origin: http://foo.com
+Access-Control-Allow-Origin: https://foo.com
 Content-Type: text/plain
 Date: Mon, 11 May 2020 11:08:16 -0500
 Vary: Origin
@@ -405,7 +407,7 @@ The health service rejects requests from origins not specifically approved.
 
 [source,bash,subs="attributes+"]
 ----
-curl -i -H "Origin: http://foo.com" http://localhost:8080{built-in-service-prefix}/health
+curl -i -H "Origin: https://foo.com" http://localhost:8080{built-in-service-prefix}/health
 ----
 
 [source, listing]
@@ -416,17 +418,17 @@ transfer-encoding: chunked
 connection: keep-alive
 ----
 
-And responds successfully only to cross-origin requests from `\http://there.com`.
+And responds successfully only to cross-origin requests from `\https://there.com`.
 
 [source,bash,subs="attributes+"]
 ----
-curl -i -H "Origin: http://there.com" http://localhost:8080{built-in-service-prefix}/health
+curl -i -H "Origin: https://there.com" http://localhost:8080{built-in-service-prefix}/health
 ----
 
 [source, listing]
 ----
 HTTP/1.1 200 OK
-Access-Control-Allow-Origin: http://there.com
+Access-Control-Allow-Origin: https://there.com
 Content-Type: application/json
 Date: Mon, 11 May 2020 12:07:32 -0500
 Vary: Origin

docs/src/main/asciidoc/includes/metrics/metrics-shared.adoc

@@ -119,26 +119,26 @@ Further, clients can narrow down to a specific metric name by adding the name as
 curl -s -H 'Accept: text/plain' -X GET http://localhost:8080{metrics-endpoint}
 ----
 
-[listing]
+[source,text]
 ----
 # TYPE base:classloader_total_loaded_class_count counter
 # HELP base:classloader_total_loaded_class_count Displays the total number of classes that have been loaded since the Java virtual machine has started execution.
 base:classloader_total_loaded_class_count 3157
 ----
 
-
-.Example Reporting: JSON format
 [source,bash,subs="attributes+"]
+.Example Reporting: JSON format
 ----
 curl -s -H 'Accept: application/json' -X GET http://localhost:8080{metrics-endpoint}
 ----
 
-[listing]
+[source,json]
+.JSON response:
 ----
 {
    "base" : {
       "memory.maxHeap" : 3817865216,
-      "memory.committedHeap" : 335544320,
+      "memory.committedHeap" : 335544320
     }
 }
 ----

docs/src/main/asciidoc/includes/openapi/openapi-ui.adoc

@@ -1,6 +1,6 @@
 ///////////////////////////////////////////////////////////////////////////////
 
-    Copyright (c) 2022, 2023 Oracle and/or its affiliates.
+    Copyright (c) 2022, 2024 Oracle and/or its affiliates.
 
     Licensed under the Apache License, Version 2.0 (the "License");
     you may not use this file except in compliance with the License.
@@ -106,7 +106,7 @@ for the Helidon MP QuickStart greeting application.
 endif::mp-flavor[]
 
 .OpenAPI UI Screen for Helidon {flavor-uc} QuickStart Greeting Application
-image::{screen-capture-start}[align="center",title="Example OpenAPI UI Screen"]
+image::{screen-capture-start}[align="center",title="Example OpenAPI UI Screen",role="fit"]
 
 // end::usage-start[]
 
@@ -129,7 +129,7 @@ The next image shows the screen after you submit the "Returns a personalized gre
 Note that the UI shows the actual response from invoking the operation in the "Server response" section. The "Responses" section farther below describes the possible responses from the operation as declared in the OpenAPI document for the application.
 
 .Example OpenAPI UI Screen
-image::{screen-capture-expanded}[align="center",title="Example OpenAPI UI Screen"]
+image::{screen-capture-expanded}[align="center",title="Example OpenAPI UI Screen",role="fit"]
 
 // end::usage-expanded-screen[]
 // end::usage[]

docs/src/main/asciidoc/includes/openapi/openapi.adoc

@@ -56,11 +56,11 @@ endif::[]
 // end::overview[]
 
 // tag::mp-depc[]
-    <dependency>
-        <groupId>io.helidon.microprofile.openapi</groupId>
-        <artifactId>helidon-microprofile-openapi</artifactId>
-        <scope>runtime</scope>
-    </dependency>
+<dependency>
+    <groupId>io.helidon.microprofile.openapi</groupId>
+    <artifactId>helidon-microprofile-openapi</artifactId>
+    <scope>runtime</scope>
+</dependency>
 // end::mp-depc[]
 
 // tag::furnish-openapi-info[]

docs/src/main/asciidoc/includes/security/providers/oidc.adoc

@@ -1,6 +1,6 @@
 ///////////////////////////////////////////////////////////////////////////////
 
-    Copyright (c) 2018, 2023 Oracle and/or its affiliates.
+    Copyright (c) 2018, 2024 Oracle and/or its affiliates.
 
     Licensed under the Apache License, Version 2.0 (the "License");
     you may not use this file except in compliance with the License.
@@ -36,11 +36,11 @@ security:
   - oidc:
       client-id: "client-id-of-this-service"
       client-secret: "${CLEAR=client-secret-of-this-service}"
-      identity-uri: "http://your-tenant.identity-server.com"
+      identity-uri: "https://your-tenant.identity-server.com"
       frontend-uri: "http://my-service:8080"
       audience: "http://my-service"
       cors:
-        allow-origins: ["http://foo.com", "http://there.com"]
+        allow-origins: ["https://foo.com", "https://there.com"]
         allow-methods: ["PUT", "DELETE"]
       outbound:
         - name: "internal-services"
@@ -94,7 +94,7 @@ the `tenant-id-style` configuration option. For more information, see the table
 ----
 tenants:
    - name: "example-tenant"
-     ... tenant configuration options
+     # ... tenant configuration options
 ----
 
 There are four ways to provide the required tenant information to Helidon by default.
@@ -141,7 +141,7 @@ and the custom tenant configuration discovery can be provided by implementing SP
 include::{rootdir}/config/io_helidon_security_providers_oidc_common_TenantConfig.adoc[leveloffset=+3,tag=config]
 
 ==== How does that work?
-Multitenant support requires to obtain tenant name from the incoming request. OIDC configuration is selected
+Multi-tenant support requires to obtain tenant name from the incoming request. OIDC configuration is selected
 based on the received tenant name. The way this tenant name has to be provided is configured via `tenant-id-style`
 configuration. See <<tenant-enable, How to enable tenants>> for more information. After matching tenant configuration
 with the received name, the rest of the OIDC flow if exactly the same as in <<oidc-workflow, How does OIDC work>>.