Use universally cluster-local FQDNs for temporal-setup container#12
Open
spidercensus wants to merge 3 commits into
Open
Use universally cluster-local FQDNs for temporal-setup container#12spidercensus wants to merge 3 commits into
spidercensus wants to merge 3 commits into
Conversation
spidercensus
requested review from
dmathur0,
jojung1,
polarweasel,
ryanheffernan,
susanhooks and
zsblevins
as code owners
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Enterprise Run ID: 📒 Files selected for processing (1)
🚧 Files skipped from review as they are similar to previous changes (1)
📝 WalkthroughWalkthroughThis PR changes Temporal Helm templates to use fully qualified frontend DNS names ending in ChangesTemporal component FQDN updates
🎯 2 (Simple) | ⏱️ ~10 minutes
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
deploy/helm/templates/temporal.yaml (1)
305-701: 🛠️ Refactor suggestion | 🟠 Major | 🏗️ Heavy liftCross-file inconsistency: Other templates still use short
.svcform.While this PR correctly updates temporal.yaml to use FQDNs, other Helm templates in the chart still reference the frontend service using the short
.svcform:
deploy/helm/templates/kubernetes-secrets.yaml(line ~186): Uses{{ $temporalName }}-frontend-service.{{ .Values.global.namespace }}.svc:{{ port }}for the[temporal] grpc_serviceconfigdeploy/helm/templates/_helpers.tpl(line ~709): ThewaitForTemporalNamespacehelper definesTEMPORAL_ADDRusing the short formFor consistent DNS resolution behavior across all components and environments, consider updating these templates in a follow-up change to use the same
.svc.cluster.localFQDN form.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@deploy/helm/templates/temporal.yaml` around lines 305 - 701, Other templates still use the short .svc DNS form causing inconsistency; update occurrences in deploy/helm/templates/kubernetes-secrets.yaml (the [temporal] grpc_service entry) and the waitForTemporalNamespace helper in deploy/helm/templates/_helpers.tpl (TEMPORAL_ADDR) to use the same FQDN format you introduced (i.e. change ".svc:{{ port }}" or ".svc {{ port }}" to ".svc.cluster.local:{{ port }}" or ".svc.cluster.local {{ port }}" as appropriate), and ensure any env vars or helper-returned addresses (e.g., TEMPORAL_ADDR) match the FQDN form so all templates use consistent "{{ $temporalName }}-frontend-service.{{ .Values.global.namespace }}.svc.cluster.local:{{ .Values.temporal.services.frontend.port }}".
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@deploy/helm/templates/temporal.yaml`:
- Around line 305-310: The wait-for-frontend init container is using a short
hostname form whereas the temporal-setup container sets TEMPORAL_ADDR and uses
the FQDN; update the wait command in the other init container (the
"wait-for-frontend" init container) so its nc -z invocation uses the same FQDN
and port as TEMPORAL_ADDR (i.e., replace "{{ $temporalName }}-frontend-service"
with "{{ $temporalName }}-frontend-service.{{ .Values.global.namespace
}}.svc.cluster.local" and use "{{ .Values.temporal.services.frontend.port }}"
for the port) so both readiness checks resolve identically across environments.
---
Outside diff comments:
In `@deploy/helm/templates/temporal.yaml`:
- Around line 305-701: Other templates still use the short .svc DNS form causing
inconsistency; update occurrences in
deploy/helm/templates/kubernetes-secrets.yaml (the [temporal] grpc_service
entry) and the waitForTemporalNamespace helper in
deploy/helm/templates/_helpers.tpl (TEMPORAL_ADDR) to use the same FQDN format
you introduced (i.e. change ".svc:{{ port }}" or ".svc {{ port }}" to
".svc.cluster.local:{{ port }}" or ".svc.cluster.local {{ port }}" as
appropriate), and ensure any env vars or helper-returned addresses (e.g.,
TEMPORAL_ADDR) match the FQDN form so all templates use consistent "{{
$temporalName }}-frontend-service.{{ .Values.global.namespace
}}.svc.cluster.local:{{ .Values.temporal.services.frontend.port }}".
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: a4bf3e32-ee83-46a5-a3a6-33029ca14102
📒 Files selected for processing (1)
deploy/helm/templates/temporal.yaml
Signed-off-by: Jason Pack <jpack@nvidia.com>
spidercensus
force-pushed
the
jp/fix-temporal-setup
branch
from
0184a0b to
3ce0a1b
Compare
Signed-off-by: Jason Pack <jpack@nvidia.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Summary
Updates all Temporal frontend addresses in the Helm chart from short-form Kubernetes service DNS (..svc) to fully-qualified cluster-local names (..svc.cluster.local).
Problem
Several Temporal components were configured to reach the frontend using the abbreviated .svc hostname. While that often resolves inside a cluster, some environments and tooling expect the full cluster-local FQDN. The temporal-setup init container was especially sensitive to this — it uses nc to wait for the frontend and TEMPORAL_ADDR for namespace/bootstrap commands, so unreliable DNS resolution can block pod startup.
Changes
In deploy/helm/templates/temporal.yaml, append .cluster.local to every Temporal frontend reference:
temporal-setup init container — TEMPORAL_ADDR and the nc -z readiness loop
config-manager-worker — TEMPORAL_ADDRESS
Workflow worker — TEMPORAL_ADDRESS
Scheduler — TEMPORAL_ADDRESS
Gateway — TEMPORAL_ADDRESS
Dev UI — TEMPORAL_ADDRESS
Validation
The kind integration test is manual due to taking ~30 min to complete. When the PR is ready for review,
run Actions -> Kind Integration -> Run workflow against the copy-pr-bot generated
pull-request/<PR_NUMBER>branch. Use the defaulttest_pathfor the full suite,or narrow it only while debugging.
Passing Kind Integration run:
Checklist
CONTRIBUTING.md.docs screenshots, or Helm/rendered outputs.
Summary by CodeRabbit