temporalio
diff --git a/‎CODEOWNERS‎ ‎.github/CODEOWNERS‎CODEOWNERS renamed to .github/CODEOWNERS b/‎CODEOWNERS‎ ‎.github/CODEOWNERS‎CODEOWNERS renamed to .github/CODEOWNERS
diff --git a/‎.github/workflows/per-pr.yml‎
Lines changed: 38 additions & 1 deletion b/‎.github/workflows/per-pr.yml‎
Lines changed: 38 additions & 1 deletion
diff --git a/‎ARCHITECTURE.md‎
Lines changed: 1 addition & 1 deletion b/‎ARCHITECTURE.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎Cargo.toml‎
Lines changed: 1 addition & 0 deletions b/‎Cargo.toml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎crates/client/src/lib.rs‎
Lines changed: 20 additions & 1 deletion b/‎crates/client/src/lib.rs‎
Lines changed: 20 additions & 1 deletion
diff --git a/‎crates/client/src/options_structs.rs‎
Lines changed: 6 additions & 0 deletions b/‎crates/client/src/options_structs.rs‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎crates/client/src/proxy.rs‎
Lines changed: 106 additions & 0 deletions b/‎crates/client/src/proxy.rs‎
Lines changed: 106 additions & 0 deletions
@@ -46,7 +46,7 @@ jobs:
   test:
     name: Unit Tests
     # Give extra time to ensure pushes to main have time to populate the cache
-    timeout-minutes: ${{ github.ref == 'refs/heads/master' && 20 || 15 }}
+    timeout-minutes: ${{ matrix.timeoutMinutes || (github.ref == 'refs/heads/master' && 20 || 15) }}
     strategy:
       fail-fast: false
       matrix:
@@ -60,6 +60,7 @@ jobs:
             runsOn: macos-14
           - os: macos-intel
             runsOn: macos-15-intel
+            timeoutMinutes: 20
     runs-on: ${{ matrix.runsOn || matrix.os }}
     steps:
       - uses: actions/checkout@v4
@@ -240,6 +241,42 @@ jobs:
           save-if: ${{ github.ref == 'refs/heads/master' }}
       - run: cargo integ-test docker_
 
+  examples:
+    name: "Build and run examples"
+    timeout-minutes: 15
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: dtolnay/rust-toolchain@stable
+      - name: Install protoc
+        uses: arduino/setup-protoc@v3
+        with:
+          version: "23.x"
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+      - uses: Swatinem/rust-cache@v2
+        with:
+          save-if: ${{ github.ref == 'refs/heads/master' }}
+      - name: Build examples
+        run: cargo build --examples -p temporalio-sdk --features examples
+      - name: Install Temporal CLI
+        uses: temporalio/setup-temporal@v0
+      - name: Start Temporal dev server
+        run: |
+          temporal server start-dev --headless &
+          sleep 5
+          temporal operator search-attribute create --name CustomKeywordField --type Keyword
+          temporal operator search-attribute create --name CustomIntField --type Int
+      - name: Run examples
+        run: |
+          for dir in crates/sdk/examples/*/; do
+            sample="$(basename "$dir" | tr '_' '-')"
+            cargo run -p temporalio-sdk --features examples --example "${sample}-worker" &
+            WORKER_PID=$!
+            timeout 20 cargo run -p temporalio-sdk --features examples --example "${sample}-starter"
+            kill $WORKER_PID 2>/dev/null || true
+            wait $WORKER_PID 2>/dev/null || true
+          done
+
   c-bridge-static-link-test:
     name: "C bridge static link test"
     runs-on: ubuntu-latest
 
@@ -8,7 +8,7 @@ If you're newer to SDKs in general, first check out the [SDKs Intro](./arch_docs
 The below diagram depicts how Core-based SDKs are split into two parts. The `sdk-core` common code,
 which is written in Rust, and a `sdk-lang` package specific to the language the user is writing
 their workflow/activity in. For example a user writing workflows in Rust would be pulling in (at
-least) two crates - `temporal-sdk-core` and `temporal-sdk-rust`.
+least) two crates - `temporalio-sdk-core` and `temporalio-sdk`.
 
 ![Arch Diagram](https://lucid.app/publicSegments/view/7872bb33-d2b9-4b90-8aa1-bac111136aa5/image.png)
 
 
@@ -32,6 +32,7 @@ prost = "0.14"
 prost-types = { version = "0.7", package = "prost-wkt-types" }
 pbjson = "0.9"
 pbjson-build = "0.9"
+serde_json = "1.0"
 
 [workspace.lints.rust]
 unreachable_pub = "warn"
 
@@ -72,7 +72,7 @@ use temporalio_common::{
     HasWorkflowDefinition,
     data_converters::{DataConverter, SerializationContextData},
     protos::{
-        coresdk::IntoPayloadsExt,
+        coresdk::{AsJsonPayloadExt, IntoPayloadsExt},
         grpc::health::v1::health_client::HealthClient,
         proto_ts_to_system_time,
         temporal::api::{
@@ -81,6 +81,7 @@ use temporalio_common::{
             enums::v1::{TaskQueueKind, WorkflowExecutionStatus},
             errordetails::v1::WorkflowExecutionAlreadyStartedFailure,
             operatorservice::v1::operator_service_client::OperatorServiceClient,
+            sdk::v1::UserMetadata,
             taskqueue::v1::TaskQueue,
             testservice::v1::test_service_client::TestServiceClient,
             workflow::v1 as workflow,
@@ -1030,6 +1031,22 @@ where
         let workflow_id = options.workflow_id.clone();
         let task_queue_name = options.task_queue.clone();
 
+        let user_metadata = if options.static_summary.is_some() || options.static_details.is_some()
+        {
+            Some(UserMetadata {
+                summary: options.static_summary.map(|s| {
+                    s.as_json_payload()
+                        .expect("String-to-JSON payload serialization is infallible")
+                }),
+                details: options.static_details.map(|s| {
+                    s.as_json_payload()
+                        .expect("String-to-JSON payload serialization is infallible")
+                }),
+            })
+        } else {
+            None
+        };
+
         let run_id = if let Some(start_signal) = options.start_signal {
             // Use signal-with-start when a start_signal is provided
             let res = WorkflowService::signal_with_start_workflow_execution(
@@ -1060,6 +1077,7 @@ where
                     search_attributes: options.search_attributes.map(|d| d.into()),
                     cron_schedule: options.cron_schedule.unwrap_or_default(),
                     header: options.header.or(start_signal.header),
+                    user_metadata,
                     ..Default::default()
                 }
                 .into_request(),
@@ -1100,6 +1118,7 @@ where
                         completion_callbacks: options.completion_callbacks,
                         priority: Some(options.priority.into()),
                         header: options.header,
+                        user_metadata,
                         ..Default::default()
                     }
                     .into_request(),
 
@@ -238,6 +238,12 @@ pub struct WorkflowStartOptions {
 
     /// Headers to include with the start request.
     pub header: Option<Header>,
+
+    /// Single-line static summary for the workflow, shown in the Temporal UI.
+    pub static_summary: Option<String>,
+
+    /// Multi-line static details for the workflow, shown in the Temporal UI.
+    pub static_details: Option<String>,
 }
 
 /// A signal to send atomically when starting a workflow.
 
@@ -52,6 +52,7 @@ impl HttpConnectProxyOptions {
         &self,
         uri: tonic::transport::Uri,
     ) -> anyhow::Result<hyper::upgrade::Upgraded> {
+        let uri = ensure_connect_authority_port(uri);
         debug!("Connecting to {} via proxy at {}", uri, self.target_addr);
         // Create CONNECT request
         let mut req_build = hyper::Request::builder().method("CONNECT").uri(uri);
@@ -207,3 +208,108 @@ impl Connection for ProxyStream {
         }
     }
 }
+
+/// Ensure the URI authority includes an explicit port so that hyper emits a
+/// RFC 9110-compliant CONNECT request-target (authority-form requires host:port).
+fn ensure_connect_authority_port(uri: tonic::transport::Uri) -> tonic::transport::Uri {
+    if uri.port().is_some() {
+        return uri;
+    }
+    let port = match uri.scheme_str() {
+        Some("https") => 443,
+        Some("http") => 80,
+        _ => return uri,
+    };
+    let mut parts = uri.into_parts();
+    if let Some(ref authority) = parts.authority
+        && let Ok(new_auth) = format!("{}:{}", authority.host(), port).parse()
+    {
+        parts.authority = Some(new_auth);
+    }
+    tonic::transport::Uri::from_parts(parts).expect("adding port to valid URI should not fail")
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use tokio::{
+        io::{AsyncBufReadExt, AsyncWriteExt, BufReader},
+        net::TcpListener,
+    };
+
+    struct CapturedConnect {
+        request_line: String,
+        headers: Vec<String>,
+    }
+
+    async fn mock_proxy() -> (String, tokio::task::JoinHandle<CapturedConnect>) {
+        let listener = TcpListener::bind("127.0.0.1:0").await.unwrap();
+        let addr = listener.local_addr().unwrap().to_string();
+        let handle = tokio::spawn(async move {
+            let (stream, _) = listener.accept().await.unwrap();
+            let mut reader = BufReader::new(stream);
+            let mut request_line = String::new();
+            reader.read_line(&mut request_line).await.unwrap();
+            let mut headers = Vec::new();
+            loop {
+                let mut line = String::new();
+                reader.read_line(&mut line).await.unwrap();
+                if line == "\r\n" {
+                    break;
+                }
+                headers.push(line.trim_end().to_string());
+            }
+            reader
+                .into_inner()
+                .write_all(b"HTTP/1.1 200 OK\r\n\r\n")
+                .await
+                .unwrap();
+            CapturedConnect {
+                request_line,
+                headers,
+            }
+        });
+        (addr, handle)
+    }
+
+    #[rstest::rstest]
+    #[case("https://example.com/some/path", "CONNECT example.com:443 HTTP/1.1")]
+    #[case("http://example.com", "CONNECT example.com:80 HTTP/1.1")]
+    #[case("https://example.com:7233", "CONNECT example.com:7233 HTTP/1.1")]
+    #[tokio::test]
+    async fn connect_request_line(#[case] uri: &str, #[case] expected: &str) {
+        let (proxy_addr, handle) = mock_proxy().await;
+        let opts = HttpConnectProxyOptions {
+            target_addr: proxy_addr,
+            basic_auth: None,
+        };
+        let uri: tonic::transport::Uri = uri.parse().unwrap();
+        let _ = opts.connect(uri).await;
+
+        let captured = handle.await.unwrap();
+        assert_eq!(captured.request_line.trim(), expected);
+    }
+
+    #[tokio::test]
+    async fn connect_includes_basic_auth() {
+        let (proxy_addr, handle) = mock_proxy().await;
+        let opts = HttpConnectProxyOptions {
+            target_addr: proxy_addr,
+            basic_auth: Some(("user".to_string(), "pass".to_string())),
+        };
+        let uri: tonic::transport::Uri = "https://example.com:7233".parse().unwrap();
+        let _ = opts.connect(uri).await;
+
+        let captured = handle.await.unwrap();
+        let creds = BASE64_STANDARD.encode("user:pass");
+        let auth_header = captured
+            .headers
+            .iter()
+            .find(|h| h.to_lowercase().starts_with("proxy-authorization:"))
+            .expect("missing proxy-authorization header");
+        assert_eq!(
+            auth_header.trim(),
+            format!("proxy-authorization: Basic {creds}")
+        );
+    }
+}