config

package
v1.20.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 29, 2023 License: MIT Imports: 21 Imported by: 30

Documentation

Index

Constants

View Source
const (
	// ArchivalEnabled is the state for enabling archival
	ArchivalEnabled = "enabled"
	// ArchivalDisabled is the state for disabling archival
	ArchivalDisabled = "disabled"
	// ArchivalPaused is the state for pausing archival
	ArchivalPaused = "paused"
)
View Source
const (
	ForceTLSConfigAuto      = ""
	ForceTLSConfigInternode = "internode"
	ForceTLSConfigFrontend  = "frontend"
)
View Source
const (
	// EnvKeyRoot the environment variable key for runtime root dir
	EnvKeyRoot = "TEMPORAL_ROOT"
	// EnvKeyConfigDir the environment variable key for config dir
	EnvKeyConfigDir = "TEMPORAL_CONFIG_DIR"
	// EnvKeyEnvironment is the environment variable key for environment
	EnvKeyEnvironment = "TEMPORAL_ENVIRONMENT"
	// EnvKeyAvailabilityZone is the environment variable key for AZ
	EnvKeyAvailabilityZone = "TEMPORAL_AVAILABILITY_ZONE"
	// EnvKeyAvailabilityZoneTypo is the old environment variable key for AZ that
	// included a typo. This is deprecated and only here to support backwards
	// compatibility.
	EnvKeyAvailabilityZoneTypo = "TEMPORAL_AVAILABILTY_ZONE"
	// EnvKeyAllowNoAuth is the environment variable key for setting no authorizer
	EnvKeyAllowNoAuth = "TEMPORAL_ALLOW_NO_AUTH"
)
View Source
const (
	// StoreTypeSQL refers to sql based storage as persistence store
	StoreTypeSQL = "sql"
	// StoreTypeNoSQL refers to nosql based storage as persistence store
	StoreTypeNoSQL = "nosql"
)

Variables

This section is empty.

Functions

func ListenIP

func ListenIP() (net.IP, error)

ListenIP returns the IP to bind to in Listen. It tries to find an IP that can be used by other machines to reach this machine.

func Load

func Load(env string, configDir string, zone string, config interface{}) error

Load loads the configuration from a set of yaml config files found in the config directory

The loader first fetches the set of files matching a pre-determined naming convention, then sorts them by hierarchy order and after that, simply loads the files one after another with the key/values in the later files overriding the key/values in the earlier files

The hierarchy is as follows from lowest to highest

base.yaml
    env.yaml   -- environment is one of the input params ex-development
      env_az.yaml -- zone is another input param

Types

type Archival

type Archival struct {
	// History is the config for the history archival
	History HistoryArchival `yaml:"history"`
	// Visibility is the config for visibility archival
	Visibility VisibilityArchival `yaml:"visibility"`
}

Archival contains the config for archival

func (*Archival) Validate

func (a *Archival) Validate(namespaceDefaults *ArchivalNamespaceDefaults) error

Validate validates the archival config

type ArchivalNamespaceDefaults

type ArchivalNamespaceDefaults struct {
	// History is the namespace default history archival config for each namespace
	History HistoryArchivalNamespaceDefaults `yaml:"history"`
	// Visibility is the namespace default visibility archival config for each namespace
	Visibility VisibilityArchivalNamespaceDefaults `yaml:"visibility"`
}

ArchivalNamespaceDefaults is the default archival config for each namespace

type Authorization

type Authorization struct {
	// Signing key provider for validating JWT tokens
	JWTKeyProvider       JWTKeyProvider `yaml:"jwtKeyProvider"`
	PermissionsClaimName string         `yaml:"permissionsClaimName"`
	// Empty string for noopAuthorizer or "default" for defaultAuthorizer
	Authorizer string `yaml:"authorizer"`
	// Empty string for noopClaimMapper or "default" for defaultJWTClaimMapper
	ClaimMapper string `yaml:"claimMapper"`
}

type Cassandra

type Cassandra struct {
	// Hosts is a csv of cassandra endpoints
	Hosts string `yaml:"hosts" validate:"nonzero"`
	// Port is the cassandra port used for connection by gocql client
	Port int `yaml:"port"`
	// User is the cassandra user used for authentication by gocql client
	User string `yaml:"user"`
	// Password is the cassandra password used for authentication by gocql client
	Password string `yaml:"password"`
	// keyspace is the cassandra keyspace
	Keyspace string `yaml:"keyspace" validate:"nonzero"`
	// Datacenter is the data center filter arg for cassandra
	Datacenter string `yaml:"datacenter"`
	// MaxConns is the max number of connections to this datastore for a single keyspace
	MaxConns int `yaml:"maxConns"`
	// ConnectTimeout is a timeout for initial dial to cassandra server (default: 600 milliseconds)
	ConnectTimeout time.Duration `yaml:"connectTimeout"`
	// TLS configuration
	TLS *auth.TLS `yaml:"tls"`
	// Consistency configuration (defaults to LOCAL_QUORUM / LOCAL_SERIAL for all stores if this field not set)
	Consistency *CassandraStoreConsistency `yaml:"consistency"`
	// DisableInitialHostLookup instructs the gocql client to connect only using the supplied hosts
	DisableInitialHostLookup bool `yaml:"disableInitialHostLookup"`
	// AddressTranslator translates Cassandra IP addresses, used for cases when IP addresses gocql driver returns are not accessible from the server
	AddressTranslator *CassandraAddressTranslator `yaml:"addressTranslator"`
}

Cassandra contains configuration to connect to Cassandra cluster

type CassandraAddressTranslator added in v1.17.3

type CassandraAddressTranslator struct {
	// Translator defines name of translator implementation to use for Cassandra address translation
	Translator string `yaml:"translator"`
	// Options map of options for address translator implementation
	Options map[string]string `yaml:"options"`
}

type CassandraConsistencySettings

type CassandraConsistencySettings struct {
	// Consistency sets the default consistency level. Values identical to gocql Consistency values. (defaults to LOCAL_QUORUM if not set).
	Consistency string `yaml:"consistency"`
	// SerialConsistency sets the consistency for the serial prtion of queries. Values identical to gocql SerialConsistency values. (defaults to LOCAL_SERIAL if not set)
	SerialConsistency string `yaml:"serialConsistency"`
}

CassandraConsistencySettings sets the default consistency level for regular & serial queries to Cassandra.

type CassandraStoreConsistency

type CassandraStoreConsistency struct {
	// Default defines the consistency level for ALL stores.
	// Defaults to LOCAL_QUORUM and LOCAL_SERIAL if not set
	Default *CassandraConsistencySettings `yaml:"default"`
}

CassandraStoreConsistency enables you to set the consistency settings for each Cassandra Persistence Store for Temporal

func (*CassandraStoreConsistency) GetConsistency

func (c *CassandraStoreConsistency) GetConsistency() gocql.Consistency

GetConsistency returns the gosql.Consistency setting from the configuration for the given store type

func (*CassandraStoreConsistency) GetSerialConsistency

func (c *CassandraStoreConsistency) GetSerialConsistency() gocql.SerialConsistency

GetSerialConsistency returns the gosql.SerialConsistency setting from the configuration for the store

type CertExpirationValidation

type CertExpirationValidation struct {
	// Log warnings for certificates expiring during this time window from now
	WarningWindow time.Duration `yaml:"warningWindow"`
	// Log error for certificates expiring during this time window from now
	ErrorWindow time.Duration `yaml:"errorWindow"`
	// Interval between checks for certificate expiration
	CheckInterval time.Duration `yaml:"checkInterval"`
}

CertExpirationValidation contains settings for periodic checks of TLS certificate expiration

type ClientTLS

type ClientTLS struct {
	// DNS name to validate against for server to server connections.
	// Required when TLS is enabled in a multi-host cluster.
	// This name should be referenced by the certificate specified in the ServerTLS section.
	ServerName string `yaml:"serverName"`

	// If you want to verify the temporal server hostname and server cert, then you should turn this on
	// This option is basically equivalent to InSecureSkipVerify
	// See InSecureSkipVerify in http://golang.org/pkg/crypto/tls/ for more info
	DisableHostVerification bool `yaml:"disableHostVerification"`

	// Optional - A list of paths to files containing the PEM-encoded public key of the Certificate Authorities that are used to validate the server's TLS certificate
	// You cannot specify both RootCAFiles and RootCAData
	RootCAFiles []string `yaml:"rootCaFiles"`

	// Optional - A list of base64 PEM-encoded public keys of the Certificate Authorities that are used to validate the server's TLS certificate.
	// You cannot specify both RootCAFiles and RootCAData
	RootCAData []string `yaml:"rootCaData"`

	// Optional - Use TLS even is neither client certificate nor root CAs are configured
	// This is for non-mTLS cases when client validates serve against a set of trusted CA certificates configured in the environment
	ForceTLS bool `yaml:"forceTLS"`
}

ClientTLS contains TLS configuration for clients within the Temporal Cluster to connect to Temporal nodes.

type Config

type Config struct {
	// Global is process-wide service-related configuration
	Global Global `yaml:"global"`
	// Persistence contains the configuration for temporal datastores
	Persistence Persistence `yaml:"persistence"`
	// Log is the logging config
	Log log.Config `yaml:"log"`
	// ClusterMetadata is the config containing all valid clusters and active cluster
	ClusterMetadata *cluster.Config `yaml:"clusterMetadata"`
	// DCRedirectionPolicy contains the frontend datacenter redirection policy
	DCRedirectionPolicy DCRedirectionPolicy `yaml:"dcRedirectionPolicy"`
	// Services is a map of service name to service config items
	Services map[string]Service `yaml:"services"`
	// Archival is the config for archival
	Archival Archival `yaml:"archival"`
	// PublicClient is config for connecting to temporal frontend
	PublicClient PublicClient `yaml:"publicClient"`
	// DynamicConfigClient is the config for setting up the file based dynamic config client
	// Filepath should be relative to the root directory
	DynamicConfigClient *dynamicconfig.FileBasedClientConfig `yaml:"dynamicConfigClient"`
	// NamespaceDefaults is the default config for every namespace
	NamespaceDefaults NamespaceDefaults `yaml:"namespaceDefaults"`
	// ExporterConfig allows the specification of process-wide OTEL exporters
	ExporterConfig telemetry.ExportConfig `yaml:"otel"`
}

Config contains the configuration for a set of temporal services

func LoadConfig

func LoadConfig(env string, configDir string, zone string) (*Config, error)

Helper function for loading configuration

func (*Config) String

func (c *Config) String() string

String converts the config object into a string

func (*Config) Validate

func (c *Config) Validate() error

Validate validates this config

type CustomDatastoreConfig

type CustomDatastoreConfig struct {
	// Name of the custom datastore
	Name string `yaml:"name"`
	// Options to be used by AbstractDatastoreFactory implementation
	Options map[string]any `yaml:"options"`
}

CustomDatastoreConfig is the configuration for connecting to a custom datastore that is not supported by temporal core

type DCRedirectionPolicy

type DCRedirectionPolicy struct {
	Policy string `yaml:"policy"`
	ToDC   string `yaml:"toDC"`
}

DCRedirectionPolicy contains the frontend datacenter redirection policy

type DataStore

type DataStore struct {
	// FaultInjection contains the config for fault injector wrapper.
	FaultInjection *FaultInjection `yaml:"faultInjection"`
	// Cassandra contains the config for a cassandra datastore
	Cassandra *Cassandra `yaml:"cassandra"`
	// SQL contains the config for a SQL based datastore
	SQL *SQL `yaml:"sql"`
	// Custom contains the config for custom datastore implementation
	CustomDataStoreConfig *CustomDatastoreConfig `yaml:"customDatastore"`
	// ElasticSearch contains the config for a ElasticSearch datastore
	Elasticsearch *client.Config `yaml:"elasticsearch"`
}

DataStore is the configuration for a single datastore

func (*DataStore) Validate added in v1.11.0

func (ds *DataStore) Validate() error

Validate validates the data store config

type DataStoreName added in v1.20.0

type DataStoreName string

DataStoreName is the name of a datastore, e.g. "ShardStore". The full list is defined later in this file.

const (
	ShardStoreName     DataStoreName = "ShardStore"
	TaskStoreName      DataStoreName = "TaskStore"
	MetadataStoreName  DataStoreName = "MetadataStore"
	ExecutionStoreName DataStoreName = "ExecutionStore"
	QueueName          DataStoreName = "Queue"
	ClusterMDStoreName DataStoreName = "ClusterMDStore"
)

type FaultInjection added in v1.12.0

type FaultInjection struct {
	// Rate is the probability that we will return an error from any call to any datastore.
	// The value should be between 0.0 and 1.0.
	// The fault injector will inject different errors depending on the data store and method. See the
	// implementation for details.
	// This field is ignored if Targets is non-empty.
	Rate float64 `yaml:"rate"`

	// Targets is a mapping of data store name to a targeted fault injection config for that data store.
	// If Targets is non-empty, then Rate is ignored.
	// Here is an example config for targeted fault injection. This config will inject errors into the
	// UpdateShard method of the ShardStore at a rate of 100%. No other methods will be affected.
	/*
		targets:
		  dataStores:
			ShardStore:
			  methods:
				UpdateShard:
				  seed: 42
				  errors:
					ShardOwnershipLostError: 1.0 # all UpdateShard calls will fail with ShardOwnershipLostError
	*/
	// This will cause the UpdateShard method of the ShardStore to always return ShardOwnershipLostError.
	Targets FaultInjectionTargets `yaml:"targets"`
}

type FaultInjectionDataStoreConfig added in v1.20.0

type FaultInjectionDataStoreConfig struct {
	// Methods is a map of data store method name to a fault injection config for that method.
	// We create an error generator that infers the method name from the call stack using reflection.
	// For example, if a test with targeted fault injection enabled calls ShardStore.UpdateShard, then
	// we fetch the error generator from this map using the key "UpdateShard".
	// The key is the name of the method to inject faults for.
	// The value is the config for that method.
	Methods map[string]FaultInjectionMethodConfig `yaml:"methods"`
}

FaultInjectionDataStoreConfig is the fault injection config for a single datastore, e.g., the ShardStore.

type FaultInjectionMethodConfig added in v1.20.0

type FaultInjectionMethodConfig struct {
	// Errors is a map of error type to probability of returning that error.
	// For example: `ShardOwnershipLostError: 0.1` will cause the method to return a ShardOwnershipLostError 10% of
	// the time.
	// The other 90% of the time, the method will call the underlying datastore.
	// If there are multiple errors for a method, the probability of each error is independent of the others.
	// For example, if there are two errors with probabilities 0.1 and 0.2, then the first error will be returned
	// 10% of the time, the second error will be returned 20% of the time,
	// and the underlying method will be called 70% of the time.
	Errors map[string]float64 `yaml:"errors"`

	// Seed is the seed for the random number generator used to sample faults from the Errors map. You can use this
	// to make the fault injection deterministic.
	// If the test config does not set this to a non-zero number, the fault injector will set it to the current time
	// in nanoseconds.
	Seed int64 `yaml:"seed"`
}

FaultInjectionMethodConfig is the fault injection config for a single method of a data store.

type FaultInjectionTargets added in v1.20.0

type FaultInjectionTargets struct {
	// DataStores is a map of datastore name to fault injection config.
	// Use this to configure fault injection for specific datastores. The key is the name of the datastore,
	// e.g. "ShardStore". See DataStoreName for the list of valid datastore names.
	DataStores map[DataStoreName]FaultInjectionDataStoreConfig `yaml:"dataStores"`
}

FaultInjectionTargets is the set of targets for fault injection. A target is a method of a data store.

type FilestoreArchiver

type FilestoreArchiver struct {
	FileMode string `yaml:"fileMode"`
	DirMode  string `yaml:"dirMode"`
}

FilestoreArchiver contain the config for filestore archiver

type Global

type Global struct {
	// Membership is the ringpop related configuration
	Membership Membership `yaml:"membership"`
	// PProf is the PProf configuration
	PProf PProf `yaml:"pprof"`
	// TLS controls the communication encryption configuration
	TLS RootTLS `yaml:"tls"`
	// Metrics is the metrics subsystem configuration
	Metrics *metrics.Config `yaml:"metrics"`
	// Settings for authentication and authorization
	Authorization Authorization `yaml:"authorization"`
}

Global contains config items that apply process-wide to all services

type GroupTLS

type GroupTLS struct {
	// Client handles client TLS settings
	Client ClientTLS `yaml:"client"`
	// Server handles the server (listener) TLS settings
	Server ServerTLS `yaml:"server"`

	// PerHostOverrides contains per-hostname TLS settings that
	// are used for external clients connecting to the Temporal Cluster on that
	// specific hostname. Host names are case insensitive. Optional. If not present,
	// uses configuration supplied by Server field.
	PerHostOverrides map[string]ServerTLS `yaml:"hostOverrides"`
}

GroupTLS contains an instance client and server TLS settings

func (*GroupTLS) IsClientEnabled added in v1.15.1

func (r *GroupTLS) IsClientEnabled() bool

func (*GroupTLS) IsServerEnabled added in v1.15.1

func (r *GroupTLS) IsServerEnabled() bool

type GstorageArchiver

type GstorageArchiver struct {
	CredentialsPath string `yaml:"credentialsPath"`
}

GstorageArchiver contain the config for google storage archiver

type HistoryArchival

type HistoryArchival struct {
	// State is the state of history archival either: enabled, disabled, or paused
	State string `yaml:"state"`
	// EnableRead whether history can be read from archival
	EnableRead bool `yaml:"enableRead"`
	// Provider contains the config for all history archivers
	Provider *HistoryArchiverProvider `yaml:"provider"`
}

HistoryArchival contains the config for history archival

type HistoryArchivalNamespaceDefaults

type HistoryArchivalNamespaceDefaults struct {
	// State is the namespace default state of history archival: enabled or disabled
	State string `yaml:"state"`
	// URI is the namespace default URI for history archiver
	URI string `yaml:"URI"`
}

HistoryArchivalNamespaceDefaults is the default history archival config for each namespace

type HistoryArchiverProvider

type HistoryArchiverProvider struct {
	Filestore *FilestoreArchiver `yaml:"filestore"`
	Gstorage  *GstorageArchiver  `yaml:"gstorage"`
	S3store   *S3Archiver        `yaml:"s3store"`
}

HistoryArchiverProvider contains the config for all history archivers

type JWTKeyProvider

type JWTKeyProvider struct {
	KeySourceURIs   []string      `yaml:"keySourceURIs"`
	RefreshInterval time.Duration `yaml:"refreshInterval"`
}

@@@SNIPSTART temporal-common-service-config-jwtkeyprovider Contains the config for signing key provider for validating JWT tokens

func (*JWTKeyProvider) HasSourceURIsConfigured added in v1.14.0

func (p *JWTKeyProvider) HasSourceURIsConfigured() bool

type Membership

type Membership struct {
	// MaxJoinDuration is the max wait time to join the gossip ring
	MaxJoinDuration time.Duration `yaml:"maxJoinDuration"`
	// BroadcastAddress is used as the address that is communicated to remote nodes to connect on.
	// This is generally used when BindOnIP would be the same across several nodes (ie: 0.0.0.0)
	// and for nat traversal scenarios. Check net.ParseIP for supported syntax, only IPv4 is supported.
	BroadcastAddress string `yaml:"broadcastAddress"`
}

Membership contains config items related to the membership layer of temporal

type NamespaceDefaults

type NamespaceDefaults struct {
	// Archival is the default archival config for each namespace
	Archival ArchivalNamespaceDefaults `yaml:"archival"`
}

NamespaceDefaults is the default config for each namespace

type PProf

type PProf struct {
	// Port is the port on which the PProf will bind to
	Port int `yaml:"port"`
}

PProf contains the config items for the pprof utility

type Persistence

type Persistence struct {
	// DefaultStore is the name of the default data store to use
	DefaultStore string `yaml:"defaultStore" validate:"nonzero"`
	// VisibilityStore is the name of the datastore to be used for visibility records
	VisibilityStore string `yaml:"visibilityStore"`
	// AdvancedVisibilityStore is the name of the datastore to be used for visibility records
	AdvancedVisibilityStore string `yaml:"advancedVisibilityStore"`
	// NumHistoryShards is the desired number of history shards. This config doesn't
	// belong here, needs refactoring
	NumHistoryShards int32 `yaml:"numHistoryShards" validate:"nonzero"`
	// DataStores contains the configuration for all datastores
	DataStores map[string]DataStore `yaml:"datastores"`
	// TransactionSizeLimit is the largest allowed transaction size
	TransactionSizeLimit dynamicconfig.IntPropertyFn `yaml:"-" json:"-"`
}

Persistence contains the configuration for data store / persistence layer

func (*Persistence) AdvancedVisibilityConfigExist added in v1.13.0

func (c *Persistence) AdvancedVisibilityConfigExist() bool

AdvancedVisibilityConfigExist returns whether user specified advancedVisibilityStore in config

func (*Persistence) DefaultStoreType

func (c *Persistence) DefaultStoreType() string

DefaultStoreType returns the storeType for the default persistence store

func (*Persistence) IsSQLVisibilityStore added in v1.20.0

func (c *Persistence) IsSQLVisibilityStore() bool

func (*Persistence) StandardVisibilityConfigExist added in v1.13.0

func (c *Persistence) StandardVisibilityConfigExist() bool

StandardVisibilityConfigExist returns whether user specified visibilityStore in config

func (*Persistence) Validate

func (c *Persistence) Validate() error

Validate validates the persistence config

type PublicClient

type PublicClient struct {
	// HostPort is the host port to connect on. Host can be DNS name. See the above
	// comment: in many situations you can leave this empty.
	HostPort string `yaml:"hostPort"`
	// Force selection of either the "internode" or "frontend" TLS configs for these
	// connections (only those two strings are valid).
	ForceTLSConfig string `yaml:"forceTLSConfig"`
}

PublicClient is the config for internal nodes (history/matching/worker) connecting to frontend. There are three methods of connecting:

  1. Use membership to locate "internal-frontend" and connect to them using the Internode TLS config (which can be "no TLS"). This is recommended for deployments that use an Authorizer and ClaimMapper. To use this, leave this section out of your config, and make sure there is an "internal-frontend" section in Services.
  2. Use membership to locate "frontend" and connect to them using the Frontend TLS config (which can be "no TLS"). This is recommended for deployments that don't use an Authorizer or ClaimMapper, or have implemented a custom ClaimMapper that correctly identifies the system worker using mTLS and assigns it an Admin-level claim. To use this, leave this section out of your config and make sure there is _no_ "internal-frontend" section in Services.
  3. Connect to an explicit endpoint using the SystemWorker (falling back to Frontend) TLS config (which can be "no TLS"). You can use this if you want to force frontend connections to go through an external load balancer. If you use this with a ClaimMapper+Authorizer, you need to ensure that your ClaimMapper assigns Admin claims to worker nodes, and your Authorizer correctly handles those claims.

type RPC

type RPC struct {
	// GRPCPort is the port  on which gRPC will listen
	GRPCPort int `yaml:"grpcPort"`
	// Port used for membership listener
	MembershipPort int `yaml:"membershipPort"`
	// BindOnLocalHost is true if localhost is the bind address
	BindOnLocalHost bool `yaml:"bindOnLocalHost"`
	// BindOnIP can be used to bind service on specific ip (eg. `0.0.0.0`) -
	// check net.ParseIP for supported syntax, only IPv4 is supported,
	// mutually exclusive with `BindOnLocalHost` option
	BindOnIP string `yaml:"bindOnIP"`
}

RPC contains the rpc config items

type ReplicationTaskProcessorConfig

type ReplicationTaskProcessorConfig struct {
	NoTaskInitialWaitIntervalSecs int     `yaml:"noTaskInitialWaitIntervalSecs"`
	NoTaskWaitBackoffCoefficient  float64 `yaml:"noTaskWaitBackoffCoefficient"`
	NoTaskMaxWaitIntervalSecs     int     `yaml:"noTaskMaxWaitIntervalSecs"`
}

ReplicationTaskProcessorConfig is the config for replication task processor.

type Replicator

type Replicator struct{}

Replicator describes the configuration of replicator

type RootTLS

type RootTLS struct {
	// Internode controls backend service (history, matching, internal-frontend)
	// communication TLS settings.
	Internode GroupTLS `yaml:"internode"`
	// Frontend controls frontend server TLS settings. To control system worker -> frontend
	// TLS, use the SystemWorker field. (Frontend.Client is accepted for backwards
	// compatibility.)
	Frontend GroupTLS `yaml:"frontend"`
	// SystemWorker controls TLS setting for System Workers connecting to Frontend.
	SystemWorker WorkerTLS `yaml:"systemWorker"`
	// RemoteFrontendClients controls TLS setting for talking to remote cluster.
	RemoteClusters map[string]GroupTLS `yaml:"remoteClusters"`
	// ExpirationChecks defines settings for periodic checks for expiration of certificates
	ExpirationChecks CertExpirationValidation `yaml:"expirationChecks"`
	// Interval between refreshes of certificates loaded from files
	RefreshInterval time.Duration `yaml:"refreshInterval"`
}

RootTLS contains all TLS settings for the Temporal server

type S3Archiver

type S3Archiver struct {
	Region           string  `yaml:"region"`
	Endpoint         *string `yaml:"endpoint"`
	S3ForcePathStyle bool    `yaml:"s3ForcePathStyle"`
}

S3Archiver contains the config for S3 archiver

type SQL

type SQL struct {
	// User is the username to be used for the conn
	User string `yaml:"user"`
	// Password is the password corresponding to the user name
	Password string `yaml:"password"`
	// PluginName is the name of SQL plugin
	PluginName string `yaml:"pluginName" validate:"nonzero"`
	// DatabaseName is the name of SQL database to connect to
	DatabaseName string `yaml:"databaseName" validate:"nonzero"`
	// ConnectAddr is the remote addr of the database
	ConnectAddr string `yaml:"connectAddr" validate:"nonzero"`
	// ConnectProtocol is the protocol that goes with the ConnectAddr ex - tcp, unix
	ConnectProtocol string `yaml:"connectProtocol" validate:"nonzero"`
	// ConnectAttributes is a set of key-value attributes to be sent as part of connect data_source_name url
	ConnectAttributes map[string]string `yaml:"connectAttributes"`
	// MaxConns the max number of connections to this datastore
	MaxConns int `yaml:"maxConns"`
	// MaxIdleConns is the max number of idle connections to this datastore
	MaxIdleConns int `yaml:"maxIdleConns"`
	// MaxConnLifetime is the maximum time a connection can be alive
	MaxConnLifetime time.Duration `yaml:"maxConnLifetime"`
	// EXPERIMENTAL - TaskScanPartitions is the number of partitions to sequentially scan during ListTaskQueue operations.
	// This is used for in a sharded sql database such as Vitess for heavy task workloads to minimize scatter gather.
	// The default value for this param is 1, and should not be configured without a thorough understanding of what this does.
	TaskScanPartitions int `yaml:"taskScanPartitions"`
	// TLS is the configuration for TLS connections
	TLS *auth.TLS `yaml:"tls"`
}

SQL is the configuration for connecting to a SQL backed datastore

type ServerTLS

type ServerTLS struct {
	// The path to the file containing the PEM-encoded public key of the certificate to use.
	CertFile string `yaml:"certFile"`
	// The path to the file containing the PEM-encoded private key of the certificate to use.
	KeyFile string `yaml:"keyFile"`
	// A list of paths to files containing the PEM-encoded public key of the Certificate Authorities you wish to trust for client authentication.
	// This value is ignored if `requireClientAuth` is not enabled. Cannot specify both ClientCAFiles and ClientCAData
	ClientCAFiles []string `yaml:"clientCaFiles"`

	// Base64 equivalents of the above artifacts.
	// You cannot specify both a Data and a File for the same artifact (e.g. setting CertFile and CertData)
	CertData     string   `yaml:"certData"`
	KeyData      string   `yaml:"keyData"`
	ClientCAData []string `yaml:"clientCaData"`

	// Requires clients to authenticate with a certificate when connecting, otherwise known as mutual TLS.
	RequireClientAuth bool `yaml:"requireClientAuth"`
}

ServerTLS contains items to load server TLS configuration

type Service

type Service struct {
	// RPC is the rpc configuration
	RPC RPC `yaml:"rpc"`
}

Service contains the service specific config items

type VisibilityArchival

type VisibilityArchival struct {
	// State is the state of visibility archival either: enabled, disabled, or paused
	State string `yaml:"state"`
	// EnableRead whether visibility can be read from archival
	EnableRead bool `yaml:"enableRead"`
	// Provider contains the config for all visibility archivers
	Provider *VisibilityArchiverProvider `yaml:"provider"`
}

VisibilityArchival contains the config for visibility archival

type VisibilityArchivalNamespaceDefaults

type VisibilityArchivalNamespaceDefaults struct {
	// State is the namespace default state of visibility archival: enabled or disabled
	State string `yaml:"state"`
	// URI is the namespace default URI for visibility archiver
	URI string `yaml:"URI"`
}

VisibilityArchivalNamespaceDefaults is the default visibility archival config for each namespace

type VisibilityArchiverProvider

type VisibilityArchiverProvider struct {
	Filestore *FilestoreArchiver `yaml:"filestore"`
	S3store   *S3Archiver        `yaml:"s3store"`
	Gstorage  *GstorageArchiver  `yaml:"gstorage"`
}

VisibilityArchiverProvider contains the config for all visibility archivers

type WorkerTLS

type WorkerTLS struct {
	// The path to the file containing the PEM-encoded public key of the client certificate to use by system workers.
	CertFile string `yaml:"certFile"`
	// The path to the file containing the PEM-encoded private key of the client certificate to use by system workers.
	KeyFile string `yaml:"keyFile"`
	// Base64 equivalents of the above artifacts.
	// You cannot specify both a Data and a File for the same artifact (e.g. setting CertFile and CertData)
	CertData string `yaml:"certData"`
	KeyData  string `yaml:"keyData"`

	// Client TLS settings for system workers
	Client ClientTLS `yaml:"client"`
}

WorkerTLS contains TLS configuration for system workers within the Temporal Cluster to connect to Temporal frontend.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL