Skip to content

Update Config Templating#786

Closed
chaptersix wants to merge 23 commits intov1from
alex/config-loading-support
Closed

Update Config Templating#786
chaptersix wants to merge 23 commits intov1from
alex/config-loading-support

Conversation

@chaptersix
Copy link
Copy Markdown
Contributor

@chaptersix chaptersix commented Nov 21, 2025
edited
Loading

What was changed

add required comment to enable templating and updated the env syntax to use sprig. Existing syntax if for dockerize.

Why?

The config yaml includes values than are intended to be read from the environment by sprig. The server now requires that # enable-template comment to allow this.

How was this tested:

running the helm chart with the new docker images. Everything starts successfully after this comment is added.

Breaking change: existing server versions will not be able to parse this config-map

temporal-data and others added 20 commits August 6, 2025 19:10
@temporal-data
Update Chart to 0.65.0.
a7b5ab1
@robholland
Allow passing datacenter when creating the keyspace. (#748)
33101ca
@temporal-data
Update Chart to 0.66.0.
feb47c2
@ghaskins
Add support for "custom" persistence driver (#658)
feafc40 
Temporal core allows for the registration and configuration of custom data stores.
However, there is a disparity in how the helm chart translates persistence
configuration between helm values and the resulting configmap.

As an example, the temporal config for a custom driver for the default store may look
as so:

```
persistence:
  defaultStore: my-custom-store
  visibilityStore: es-visibility
  numHistoryShards: 4
  datastores:
    my-custom-store:
      customDatastore:
        name: "my-custom"
        options:
          hosts: "mycustom.example.com"
          keyspace: "temporal"
```

Translating to helm values would look like

```
server:
  config:
    persistence:
      defaultStore: my-custom-store
      additionalStores:
        my-custom-store:
          customDatastore:
            name: "my-custom"
            options:
              hosts: "mycustom.example.com"
              keyspace: "temporal"
```

This gets us most of the way there, but there are a few problems:

1. The charts always assume defaultStore = "default" and thus have opinions
   about subordinate structures such as default.driver.  This results in objects
   such as Secrets and Jobs being incorrectly emitted for default.driver = "cassandra" even
   though we are trying to specify an alternate store.  This logic should probably
   be $defaultStore.driver and $visibilityStore.driver instead.
2. The additionalStores configuration does not lend itself to first-class
   representation in conditional statements, even though it can be used to
   emit the resulting configmap correctly.

One could argue that we should clean up the helm representation to more closely align
with the temporal-server yaml, but this is a bigger task (and a breaking change).  Instead,
this patch ties into the existing model of using $store.driver = {cassandra, sql, elasticsearch}
and adds a 4th first-class type "custom."

The user may configure this as so:

```
server:
  config:
    persistence:
      default:
        driver: custom
      visibility:
        driver: custom
```

And in doing so, we instruct the various templates to elide the objects (Jobs, Secrets, etc.)
related to that store, leaving it to the user to supply the rest of the required configuration
using a combination of additionalStores, additionalEnv, additionalVolumeMounts, etc., to inject
configuration and secrets.  They would also, of course, be responsible for any DDL setup or
migration.

Signed-off-by: Greg Haskins <greg@manetu.com>
@temporal-data
Update Chart to 0.67.0.
8823829
@temporal-data
Update Chart to 0.68.0.
dc0134e
@PhillypHenning
admintools tag 1.29.0 -> 1.29 (#756)
223fb41
@temporal-data
Update Chart to 0.68.1.
9e34504
@temporal-data
Update Chart to 0.69.0.
790373a
@picatz
Set explicit permissions for GitHub Actions workflows (#765)
042c72c 
This change was made by an automated process to ensure all GitHub Actions workflows have explicitly defined permissions as per best practices.
@temporal-data
Update Chart to 0.70.0.
e887b93
@robholland @tomwheeler
Update the contributing docs for clarity. (#768)
a672072 
* Update the contributing docs for clarity.

Help to guide users on what kind of changes we will accept.

---------

Co-authored-by: Tom Wheeler <tom@temporal.io>
@robholland
Hand over to CGS team. (#772)
3cfb4a9
@mrMoZ1
fix: Very minor typo in README (#769)
1651737 
what: fixed a very minor typo in README.md
@vitornp
Allow adjusting in appProtocol (#679)
0e9827c
@temporal-data
Update Chart to 0.71.0.
bee7310
@temporal-data
Update Chart to 0.72.0.
0488a8f
@chaptersix
add env var that instructs the temporal binary to read the provided c…
828b03b 
…onfig template
@chaptersix
add env var that instructs the temporal binary to read the provided c…
e96ac23 
…onfig template (#782)
@chaptersix
add required comment to enabled templating
5f57761
@chaptersix chaptersix marked this pull request as ready for review November 21, 2025 12:34
@chaptersix chaptersix requested a review from a team as a code owner November 21, 2025 12:34
@chaptersix chaptersix marked this pull request as draft November 21, 2025 15:46
@chaptersix chaptersix changed the title Enable Config Templating Update Config Templating Dec 1, 2025
@chaptersix chaptersix marked this pull request as ready for review December 1, 2025 19:42
bergundy
bergundy reviewed Dec 2, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@bergundy bergundy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it would have been better to support the .Env syntax to avoid an unnecessary breaking change.

Make sure to avoid merging this until the server images are updated.

@robholland
Copy link
Copy Markdown
Contributor

robholland commented Dec 2, 2025

There are multiple ways in which the new template syntax is different from dockerize, it just happens that env ".." vs .Env. is the only relevant issue in the helm charts config. I don't think supporting .Env is a good idea, we have the enable-template system precisely so people can choose when they opt-in to the new format.

@chaptersix
Copy link
Copy Markdown
Contributor Author

chaptersix commented Dec 3, 2025

There are multiple ways in which the new template syntax is different from dockerize, it just happens that env ".." vs .Env. is the only relevant issue in the helm charts config. I don't think supporting .Env is a good idea, we have the enable-template system precisely so people can choose when they opt-in to the new format.

After some internal conversation we are going with sprig only support.

@chaptersix chaptersix requested a review from robholland December 3, 2025 21:40
@robholland
Copy link
Copy Markdown
Contributor

robholland commented Dec 4, 2025

I'd like to introduce this into the alpha 1.0 builds rather than the 0.x range so all breaking changes occur there. Please switch the PR to target the v1 branch rather than main

robholland
robholland reviewed Dec 4, 2025
View reviewed changes
Comment thread charts/temporal/templates/server-configmap.yaml
maxJoinDuration: 30s
broadcastAddress: {{ `{{ default .Env.POD_IP "0.0.0.0" }}` }}
# TODO: validate broadcast address can work with 0.0.0.0
broadcastAddress: {{ `{{ env "POD_IP" | default "" }}` }}
Copy link
Copy Markdown
Contributor

@robholland robholland Dec 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Presumably we can remove the default here?

robholland
robholland requested changes Dec 4, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@robholland robholland left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please switch to target v1 branch.

@chaptersix chaptersix changed the base branch from main to v1 December 4, 2025 17:47
@chaptersix chaptersix requested a review from a team as a code owner December 4, 2025 17:47
@CLAassistant
Copy link
Copy Markdown

CLAassistant commented Dec 4, 2025

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
7 out of 8 committers have signed the CLA.

✅ robholland
✅ ghaskins
✅ picatz
✅ mrMoZ1
✅ vitornp
✅ PhillypHenning
✅ chaptersix
❌ temporal-data
You have signed the CLA already but the status is still pending? Let us recheck it.

@CLAassistant
Copy link
Copy Markdown

CLAassistant commented Dec 4, 2025

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
7 out of 8 committers have signed the CLA.

✅ ghaskins
✅ robholland
✅ PhillypHenning
✅ chaptersix
✅ mrMoZ1
✅ vitornp
✅ picatz
❌ temporal-data
You have signed the CLA already but the status is still pending? Let us recheck it.

@semgrep-managed-scans
Copy link
Copy Markdown

semgrep-managed-scans Bot commented Dec 4, 2025

Semgrep found 1 missing-explicit-permissions finding:

No explicit GITHUB_TOKEN permissions found at the workflow or job level. Add a permissions: block at the workflow root (applies to all jobs) or per job with least privilege (e.g., contents: read and only specific writes like pull-requests: write if needed).

@chaptersix
Copy link
Copy Markdown
Contributor Author

chaptersix commented Dec 4, 2025

moving to #794

@chaptersix chaptersix closed this Dec 4, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bergundy bergundy bergundy left review comments

@robholland robholland robholland requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.