From 7a2ed0207f5f7637c7e6a27a7bc5208b15edc3eb Mon Sep 17 00:00:00 2001
From: Quang Ngo <quang.ngo@payrails.com>
Date: Thu, 8 Jan 2026 11:48:48 +0100
Subject: [PATCH 1/8] Feat: Add server readiness probe

At the moment we only have `livenessProbe` and no `readinessProbe` for
server pods.
On startup pods are getting requests right away before being ready.
This change adds configuration for that.
---
 .../temporal/templates/server-deployment.yaml |  4 +++
 .../tests/server_deployment_test.yaml         | 34 +++++++++++++++++++
 charts/temporal/values.yaml                   |  6 ++++
 3 files changed, 44 insertions(+)

diff --git a/charts/temporal/templates/server-deployment.yaml b/charts/temporal/templates/server-deployment.yaml
index 1f34e375..b703e1c3 100644
--- a/charts/temporal/templates/server-deployment.yaml
+++ b/charts/temporal/templates/server-deployment.yaml
@@ -104,6 +104,10 @@ spec:
             initialDelaySeconds: 150
             tcpSocket:
               port: rpc
+          readinessProbe:
+             initialDelaySeconds: {{ default $.Values.server.readinessProbeDelaySeconds $serviceValues.readinessProbeDelaySeconds }}
+             tcpSocket:
+               port: rpc
           {{- end }}
           volumeMounts:
             - name: config
diff --git a/charts/temporal/tests/server_deployment_test.yaml b/charts/temporal/tests/server_deployment_test.yaml
index 608489b2..07b5331d 100644
--- a/charts/temporal/tests/server_deployment_test.yaml
+++ b/charts/temporal/tests/server_deployment_test.yaml
@@ -211,3 +211,37 @@ tests:
       - equal:
           path: spec.strategy.rollingUpdate.maxUnavailable
           value: 0
+  - it: readinessProbe defaults to service wide resources
+    template: templates/server-deployment.yaml
+    documentSelector:
+      path: '$[?(@.metadata.name == "RELEASE-NAME-temporal-frontend")].kind'
+      value: Deployment
+      matchMany: true
+    set:
+      server:
+        readinessProbeDelaySeconds: 10
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].readinessProbe.initialDelaySeconds
+          value: 10
+      - equal:
+          path: spec.template.spec.containers[0].readinessProbe.tcpSocket.port
+          value: rpc
+  - it: readinessProbe favours service specific resources
+    template: templates/server-deployment.yaml
+    documentSelector:
+      path: '$[?(@.metadata.name == "RELEASE-NAME-temporal-frontend")].kind'
+      value: Deployment
+      matchMany: true
+    set:
+      server:
+        readinessProbeDelaySeconds: 15
+      frontend:
+        readinessProbeDelaySeconds: 10
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].readinessProbe.initialDelaySeconds
+          value: 10
+      - equal:
+          path: spec.template.spec.containers[0].readinessProbe.tcpSocket.port
+          value: rpc
diff --git a/charts/temporal/values.yaml b/charts/temporal/values.yaml
index 3aed2d55..69598866 100644
--- a/charts/temporal/values.yaml
+++ b/charts/temporal/values.yaml
@@ -24,6 +24,7 @@ server:
     pullPolicy: IfNotPresent
   # Global default settings (can be overridden per service)
   replicaCount: 1
+  readinessProbeDelaySeconds: 0
   metrics:
     # Annotate pods and services directly with the following Prometheus annotations.
     # prometheus.io/job
@@ -264,6 +265,7 @@ server:
     containerSecurityContext: {}
     topologySpreadConstraints: []
     podDisruptionBudget: {}
+    readinessProbeDelaySeconds: 0
   internalFrontend:
     # Enable this to create internal-frontend
     enabled: false
@@ -297,6 +299,7 @@ server:
     containerSecurityContext: {}
     topologySpreadConstraints: []
     podDisruptionBudget: {}
+    readinessProbeDelaySeconds: 0
   history:
     service:
       # type: ClusterIP
@@ -325,6 +328,7 @@ server:
     containerSecurityContext: {}
     topologySpreadConstraints: []
     podDisruptionBudget: {}
+    readinessProbeDelaySeconds: 0
   matching:
     service:
       # type: ClusterIP
@@ -352,6 +356,7 @@ server:
     containerSecurityContext: {}
     topologySpreadConstraints: []
     podDisruptionBudget: {}
+    readinessProbeDelaySeconds: 0
   worker:
     service:
       # type: ClusterIP
@@ -379,6 +384,7 @@ server:
     containerSecurityContext: {}
     topologySpreadConstraints: []
     podDisruptionBudget: {}
+    readinessProbeDelaySeconds: 0
 admintools:
   enabled: true
   image:

From 04dbe959242ad0e4fe74c683085eea67b0d24108 Mon Sep 17 00:00:00 2001
From: Quang Ngo <quang.ngo@payrails.com>
Date: Thu, 8 Jan 2026 11:55:36 +0100
Subject: [PATCH 2/8] Fix test

---
 charts/temporal/tests/server_deployment_test.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/charts/temporal/tests/server_deployment_test.yaml b/charts/temporal/tests/server_deployment_test.yaml
index 07b5331d..bacb5d36 100644
--- a/charts/temporal/tests/server_deployment_test.yaml
+++ b/charts/temporal/tests/server_deployment_test.yaml
@@ -236,8 +236,8 @@ tests:
     set:
       server:
         readinessProbeDelaySeconds: 15
-      frontend:
-        readinessProbeDelaySeconds: 10
+        frontend:
+          readinessProbeDelaySeconds: 10
     asserts:
       - equal:
           path: spec.template.spec.containers[0].readinessProbe.initialDelaySeconds

From f8d44960408def6937947550b416d67ba267679f Mon Sep 17 00:00:00 2001
From: Quang Ngo <quang.ngo@payrails.com>
Date: Thu, 8 Jan 2026 15:53:28 +0100
Subject: [PATCH 3/8] Update after reviews

---
 .../temporal/templates/server-deployment.yaml | 12 ++++--
 .../tests/server_deployment_test.yaml         | 39 +++++++++++++------
 charts/temporal/values.yaml                   | 18 ++++++---
 3 files changed, 48 insertions(+), 21 deletions(-)

diff --git a/charts/temporal/templates/server-deployment.yaml b/charts/temporal/templates/server-deployment.yaml
index b703e1c3..eac99a1e 100644
--- a/charts/temporal/templates/server-deployment.yaml
+++ b/charts/temporal/templates/server-deployment.yaml
@@ -104,10 +104,16 @@ spec:
             initialDelaySeconds: 150
             tcpSocket:
               port: rpc
+          {{- end }}
+          {{- if or (eq $service "frontend") (eq $service "internal-frontend") }}
           readinessProbe:
-             initialDelaySeconds: {{ default $.Values.server.readinessProbeDelaySeconds $serviceValues.readinessProbeDelaySeconds }}
-             tcpSocket:
-               port: rpc
+            grpc:
+              port: {{ $serviceValues.service.port }}
+              service: temporal.api.workflowservice.v1.WorkflowService
+          {{- else }}
+          {{- with default $.Values.server.readinessProbe $serviceValues.readinessProbe }}
+          {{- toYaml . | nindent 12 }}
+          {{- end }}
           {{- end }}
           volumeMounts:
             - name: config
diff --git a/charts/temporal/tests/server_deployment_test.yaml b/charts/temporal/tests/server_deployment_test.yaml
index bacb5d36..472ef1e0 100644
--- a/charts/temporal/tests/server_deployment_test.yaml
+++ b/charts/temporal/tests/server_deployment_test.yaml
@@ -211,7 +211,16 @@ tests:
       - equal:
           path: spec.strategy.rollingUpdate.maxUnavailable
           value: 0
-  - it: readinessProbe defaults to service wide resources
+  - it: readinessProbe defaults to empty
+    template: templates/server-deployment.yaml
+    documentSelector:
+      path: '$[?(@.metadata.name == "RELEASE-NAME-temporal-worker")].kind'
+      value: Deployment
+      matchMany: true
+    asserts:
+      - notExists:
+          path: spec.template.spec.containers[0].readinessProbe
+  - it: readinessProbe is set for frontend service
     template: templates/server-deployment.yaml
     documentSelector:
       path: '$[?(@.metadata.name == "RELEASE-NAME-temporal-frontend")].kind'
@@ -219,29 +228,35 @@ tests:
       matchMany: true
     set:
       server:
-        readinessProbeDelaySeconds: 10
+        frontend:
+          readinessProbe:
+            grpc:
+              port: 9999
+              service: WorkflowService
     asserts:
       - equal:
-          path: spec.template.spec.containers[0].readinessProbe.initialDelaySeconds
-          value: 10
+          path: spec.template.spec.containers[0].readinessProbe.grpc.port
+          value: 9999
       - equal:
-          path: spec.template.spec.containers[0].readinessProbe.tcpSocket.port
-          value: rpc
-  - it: readinessProbe favours service specific resources
+          path: spec.template.spec.containers[0].readinessProbe.grpc.service
+          value: WorkflowService
+  - it: readinessProbe is set for history service
     template: templates/server-deployment.yaml
     documentSelector:
-      path: '$[?(@.metadata.name == "RELEASE-NAME-temporal-frontend")].kind'
+      path: '$[?(@.metadata.name == "RELEASE-NAME-temporal-history")].kind'
       value: Deployment
       matchMany: true
     set:
       server:
-        readinessProbeDelaySeconds: 15
-        frontend:
-          readinessProbeDelaySeconds: 10
+        history:
+          readinessProbe:
+             initialDelaySeconds: 300
+             tcpSocket:
+               port: rpc
     asserts:
       - equal:
           path: spec.template.spec.containers[0].readinessProbe.initialDelaySeconds
-          value: 10
+          value: 300
       - equal:
           path: spec.template.spec.containers[0].readinessProbe.tcpSocket.port
           value: rpc
diff --git a/charts/temporal/values.yaml b/charts/temporal/values.yaml
index 69598866..21203cc3 100644
--- a/charts/temporal/values.yaml
+++ b/charts/temporal/values.yaml
@@ -24,7 +24,7 @@ server:
     pullPolicy: IfNotPresent
   # Global default settings (can be overridden per service)
   replicaCount: 1
-  readinessProbeDelaySeconds: 0
+  readinessProbe: {}
   metrics:
     # Annotate pods and services directly with the following Prometheus annotations.
     # prometheus.io/job
@@ -230,6 +230,10 @@ server:
       membershipAppProtocol: tcp
       httpPort: 7243
       httpAppProtocol: http
+    readinessProbe:
+      grpc:
+        port: 7233
+        service: temporal.api.workflowservice.v1.WorkflowService
     ingress:
       enabled: false
       # className:
@@ -265,7 +269,6 @@ server:
     containerSecurityContext: {}
     topologySpreadConstraints: []
     podDisruptionBudget: {}
-    readinessProbeDelaySeconds: 0
   internalFrontend:
     # Enable this to create internal-frontend
     enabled: false
@@ -279,6 +282,10 @@ server:
       membershipAppProtocol: tcp
       httpPort: 7246
       httpAppProtocol: http
+    readinessProbe:
+      grpc:
+        port: 7233
+        service: temporal.api.workflowservice.v1.WorkflowService
     metrics:
       annotations:
         enabled: true
@@ -299,7 +306,6 @@ server:
     containerSecurityContext: {}
     topologySpreadConstraints: []
     podDisruptionBudget: {}
-    readinessProbeDelaySeconds: 0
   history:
     service:
       # type: ClusterIP
@@ -328,7 +334,7 @@ server:
     containerSecurityContext: {}
     topologySpreadConstraints: []
     podDisruptionBudget: {}
-    readinessProbeDelaySeconds: 0
+    readinessProbe: {}
   matching:
     service:
       # type: ClusterIP
@@ -356,7 +362,7 @@ server:
     containerSecurityContext: {}
     topologySpreadConstraints: []
     podDisruptionBudget: {}
-    readinessProbeDelaySeconds: 0
+    readinessProbe: {}
   worker:
     service:
       # type: ClusterIP
@@ -384,7 +390,7 @@ server:
     containerSecurityContext: {}
     topologySpreadConstraints: []
     podDisruptionBudget: {}
-    readinessProbeDelaySeconds: 0
+    readinessProbe: {}
 admintools:
   enabled: true
   image:

From f42a25047392a2b6aa3ff75badc6dd3eba35fe6d Mon Sep 17 00:00:00 2001
From: Quang Ngo <quang.ngo@payrails.com>
Date: Thu, 8 Jan 2026 15:54:36 +0100
Subject: [PATCH 4/8] Update default port

---
 charts/temporal/values.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/charts/temporal/values.yaml b/charts/temporal/values.yaml
index 21203cc3..2a37467d 100644
--- a/charts/temporal/values.yaml
+++ b/charts/temporal/values.yaml
@@ -284,7 +284,7 @@ server:
       httpAppProtocol: http
     readinessProbe:
       grpc:
-        port: 7233
+        port: 7236
         service: temporal.api.workflowservice.v1.WorkflowService
     metrics:
       annotations:

From a6a0f97683c41386e39cd3a4cb3ad009213bba6c Mon Sep 17 00:00:00 2001
From: Quang Ngo <quang.ngo@payrails.com>
Date: Thu, 8 Jan 2026 15:55:55 +0100
Subject: [PATCH 5/8] Adjust default vaules sorting

---
 charts/temporal/values.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/charts/temporal/values.yaml b/charts/temporal/values.yaml
index 2a37467d..14dd75d9 100644
--- a/charts/temporal/values.yaml
+++ b/charts/temporal/values.yaml
@@ -313,6 +313,7 @@ server:
       appProtocol: tcp
       membershipPort: 6934
       membershipAppProtocol: tcp
+    readinessProbe: {}
     metrics:
       annotations:
         enabled: true
@@ -334,7 +335,6 @@ server:
     containerSecurityContext: {}
     topologySpreadConstraints: []
     podDisruptionBudget: {}
-    readinessProbe: {}
   matching:
     service:
       # type: ClusterIP
@@ -342,6 +342,7 @@ server:
       appProtocol: tcp
       membershipPort: 6935
       membershipAppProtocol: tcp
+    readinessProbe: {}
     metrics:
       annotations:
         enabled: false
@@ -362,7 +363,6 @@ server:
     containerSecurityContext: {}
     topologySpreadConstraints: []
     podDisruptionBudget: {}
-    readinessProbe: {}
   worker:
     service:
       # type: ClusterIP
@@ -370,6 +370,7 @@ server:
       appProtocol: tcp
       membershipPort: 6939
       membershipAppProtocol: tcp
+    readinessProbe: {}
     metrics:
       annotations:
         enabled: true
@@ -390,7 +391,6 @@ server:
     containerSecurityContext: {}
     topologySpreadConstraints: []
     podDisruptionBudget: {}
-    readinessProbe: {}
 admintools:
   enabled: true
   image:

From 98817422ff56462fc1f690dbf06f5a4ff0d583bd Mon Sep 17 00:00:00 2001
From: Quang Ngo <quang.ngo@payrails.com>
Date: Thu, 8 Jan 2026 15:57:34 +0100
Subject: [PATCH 6/8] Fix test

---
 charts/temporal/tests/server_deployment_test.yaml | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/charts/temporal/tests/server_deployment_test.yaml b/charts/temporal/tests/server_deployment_test.yaml
index 472ef1e0..4c2cba13 100644
--- a/charts/temporal/tests/server_deployment_test.yaml
+++ b/charts/temporal/tests/server_deployment_test.yaml
@@ -229,17 +229,15 @@ tests:
     set:
       server:
         frontend:
-          readinessProbe:
-            grpc:
-              port: 9999
-              service: WorkflowService
+          service:
+            port: 9999
     asserts:
       - equal:
           path: spec.template.spec.containers[0].readinessProbe.grpc.port
           value: 9999
       - equal:
           path: spec.template.spec.containers[0].readinessProbe.grpc.service
-          value: WorkflowService
+          value: temporal.api.workflowservice.v1.WorkflowService
   - it: readinessProbe is set for history service
     template: templates/server-deployment.yaml
     documentSelector:

From 48d958e0158eb36b58deaf8e4fc5def5c755c942 Mon Sep 17 00:00:00 2001
From: Quang Ngo <quang.ngo@payrails.com>
Date: Thu, 8 Jan 2026 16:16:03 +0100
Subject: [PATCH 7/8] Remove condition for frontend

---
 charts/temporal/templates/server-deployment.yaml  | 8 +-------
 charts/temporal/tests/server_deployment_test.yaml | 6 ++++--
 2 files changed, 5 insertions(+), 9 deletions(-)

diff --git a/charts/temporal/templates/server-deployment.yaml b/charts/temporal/templates/server-deployment.yaml
index eac99a1e..3e1f8cbc 100644
--- a/charts/temporal/templates/server-deployment.yaml
+++ b/charts/temporal/templates/server-deployment.yaml
@@ -105,16 +105,10 @@ spec:
             tcpSocket:
               port: rpc
           {{- end }}
-          {{- if or (eq $service "frontend") (eq $service "internal-frontend") }}
-          readinessProbe:
-            grpc:
-              port: {{ $serviceValues.service.port }}
-              service: temporal.api.workflowservice.v1.WorkflowService
-          {{- else }}
           {{- with default $.Values.server.readinessProbe $serviceValues.readinessProbe }}
+          readinessProbe:
           {{- toYaml . | nindent 12 }}
           {{- end }}
-          {{- end }}
           volumeMounts:
             - name: config
               mountPath: /etc/temporal/config/config_template.yaml
diff --git a/charts/temporal/tests/server_deployment_test.yaml b/charts/temporal/tests/server_deployment_test.yaml
index 4c2cba13..ae7531ad 100644
--- a/charts/temporal/tests/server_deployment_test.yaml
+++ b/charts/temporal/tests/server_deployment_test.yaml
@@ -229,8 +229,10 @@ tests:
     set:
       server:
         frontend:
-          service:
-            port: 9999
+          readinessProbe:
+            grpc:
+              port: 9999
+              service: temporal.api.workflowservice.v1.WorkflowService
     asserts:
       - equal:
           path: spec.template.spec.containers[0].readinessProbe.grpc.port

From 95712ba208a4ef1382b67d7475029c499bef130c Mon Sep 17 00:00:00 2001
From: Quang Ngo <quang.ngo@payrails.com>
Date: Thu, 8 Jan 2026 16:44:49 +0100
Subject: [PATCH 8/8] Add readinessProbe for web

---
 charts/temporal/templates/web-deployment.yaml | 4 ++++
 charts/temporal/values.yaml                   | 5 +++++
 2 files changed, 9 insertions(+)

diff --git a/charts/temporal/templates/web-deployment.yaml b/charts/temporal/templates/web-deployment.yaml
index 15df42cc..b1027cba 100644
--- a/charts/temporal/templates/web-deployment.yaml
+++ b/charts/temporal/templates/web-deployment.yaml
@@ -49,6 +49,10 @@ spec:
             initialDelaySeconds: 10
             tcpSocket:
               port: http
+          {{- with .Values.web.readinessProbe }}
+          readinessProbe:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
           ports:
             - name: http
               containerPort: 8080
diff --git a/charts/temporal/values.yaml b/charts/temporal/values.yaml
index 14dd75d9..6cff93e3 100644
--- a/charts/temporal/values.yaml
+++ b/charts/temporal/values.yaml
@@ -439,6 +439,11 @@ web:
     appProtocol: http
     annotations: {}
     # loadBalancerIP:
+  readinessProbe:
+    initialDelaySeconds: 10
+    httpGet:
+      path: /healthz
+      port: http
   ingress:
     enabled: false
     # className: