temporal-worker-k8s

Temporal Worker

  • Commercial Systems
Channel Revision Published Runs on
latest/stable 20 05 Dec 2024
Ubuntu 22.04
latest/edge 23 18 Apr 2025
Ubuntu 22.04
juju deploy temporal-worker-k8s --channel edge
Show information

Learn to deploy on juju >

Platform:

Learn about configurations >

  • auth-provider | string

    (Deprecated in favor of 'auth-secret-id') Authentication provider for user authentication.

    Acceptable values are "candid" and "google".

  • auth-secret-id | string

    Juju secret ID containing authentication and encryption key parameters. This takes precedence over the auth-related configuration options, which will be deprecated in the future.

  • candid-private-key | string

    (Deprecated in favor of 'auth-secret-id') Private key for Candid authentication.

  • candid-public-key | string

    (Deprecated in favor of 'auth-secret-id') Public key for Candid authentication.

  • candid-url | string

    (Deprecated in favor of 'auth-secret-id') URL of the Candid service.

  • candid-username | string

    (Deprecated in favor of 'auth-secret-id') Username for accessing the Candid service.

  • db-name | string

    Name of the database created when relating to a database charm.

  • encryption-key | string

    (Deprecated in favor of 'auth-secret-id') Base64-encoded key used for data encryption.

  • environment | string

    This configuration is used to manage and retrieve sensitive information required by the application from different sources. The environment configuration supports the following sources:

    • Environment Variables: Plaintext environment variables.
    • Juju: Secrets can be managed and retrieved using Juju's secret storage capabilities.
    • Vault: Secrets can be securely stored and accessed from a HashiCorp Vault instance.

    The application will prioritize these sources in the following order: Vault, Juju, and then environment variables. If a variable is not found in the higher priority sources, it will fallback to the next available source. This ensures that the application can function correctly in various deployment scenarios while maintaining security and flexibility.

    Sample structure:

      env:
    - name: key1
      value: value1
    - name: nested_example_key
      value: 
        - connection_id: a_connection_id
          unnesting:
            tables:
              issues: ["test1", "test2"]
              users: [test3]
          redaction:
  juju:
    - secret-id: <secret_id1>
      name: sensitive1
      key: key1
    - secret-id: <secret_id1>
      name: sensitive2
      key: key2
    - secret-id: <secret_id2> # reads all keys from this secret
  vault:
    - path: my-secrets
      name: sensitive1
      key: key1
    - path: my-secrets
      name: sensitive2
      key: key2

  • host | string

    The hostname of the Temporal server.

  • log-level | string

    Default: info

    Configures the log level of gunicorn.

    Acceptable values are: "info", "debug", "warning", "error" and "critical"

  • namespace | string

    Temporal namespace the worker should connect to.

  • oidc-auth-cert-url | string

    (Deprecated in favor of 'auth-secret-id') Authentication certificate URL for OIDC authentication.

  • oidc-auth-type | string

    Default: service_account

    (Deprecated in favor of 'auth-secret-id') Authentication type for OIDC authentication.

  • oidc-auth-uri | string

    (Deprecated in favor of 'auth-secret-id') Authentication URI for OIDC authentication.

  • oidc-client-cert-url | string

    (Deprecated in favor of 'auth-secret-id') Client certificate URL for OIDC authentication.

  • oidc-client-email | string

    (Deprecated in favor of 'auth-secret-id') Client email for OIDC authentication.

  • oidc-client-id | string

    (Deprecated in favor of 'auth-secret-id') Client ID for OIDC authentication.

  • oidc-private-key | string

    (Deprecated in favor of 'auth-secret-id') Project key for OIDC authentication.

  • oidc-private-key-id | string

    (Deprecated in favor of 'auth-secret-id') Private key ID for OIDC authentication.

  • oidc-project-id | string

    (Deprecated in favor of 'auth-secret-id') Project ID for OIDC authentication.

  • oidc-token-uri | string

    (Deprecated in favor of 'auth-secret-id') Token URI for OIDC authentication.

  • queue | string

    Temporal task queue the worker should connect to.

  • sentry-dsn | string

    Sentry Data Source Name to send events to.

  • sentry-environment | string

    The environment to log errors to in Sentry.

  • sentry-redact-params | boolean

    Indicates whether or not event parameters sent to Sentry should be redacted.

  • sentry-release | string

    The version of your code deployed to an environment.

  • sentry-sample-rate | float

    Default: 1.0

    A value between 0 (0% of errors) and 1 (100% of errors) to indicate the proportion of errors to be captured by Sentry.

  • tls-root-cas | string

    Root certificate authority (CA) certificates for TLS communication.