temporalio 0.6.0-aarch64-linux-musl → 1.1.0-aarch64-linux-musl

data/lib/temporalio/client/connection.rb

@@ -154,8 +154,9 @@ module Temporalio
       #   +localhost:7233+.
       # @param api_key [String, nil] API key for Temporal. This becomes the +Authorization+ HTTP header with +"Bearer "+
       #   prepended. This is only set if RPC metadata doesn't already have an +authorization+ key.
-      # @param tls [Boolean, TLSOptions] If false, do not use TLS. If true, use system default TLS options. If TLS
-      #   options are present, those TLS options will be used.
+      # @param tls [Boolean, TLSOptions, nil] If false, do not use TLS. If true, use system default TLS options. If TLS
+      #   options are present, those TLS options will be used. If nil (the default), TLS will be auto-enabled if
+      #   api_key is provided.
       # @param rpc_metadata [Hash<String, String>] Headers to use for all calls to the server. Keys here can be
       #   overriden by per-call RPC metadata keys.
       # @param rpc_retry [RPCRetryOptions] Retry options for direct service calls (when opted in) or all high-level
@@ -173,7 +174,7 @@ module Temporalio
       def initialize(
         target_host:,
         api_key: nil,
-        tls: false,
+        tls: nil,
         rpc_metadata: {},
         rpc_retry: RPCRetryOptions.new,
         identity: "#{Process.pid}@#{Socket.gethostname}",
@@ -285,13 +286,17 @@ module Temporalio
           ),
           identity: @options.identity || "#{Process.pid}@#{Socket.gethostname}"
         )
-        if @options.tls
-          options.tls = if @options.tls.is_a?(TLSOptions)
+        # Auto-enable TLS when API key is provided and tls not explicitly set
+        tls = @options.tls
+        tls = true if tls.nil? && @options.api_key
+
+        if tls
+          options.tls = if tls.is_a?(TLSOptions)
                           Internal::Bridge::Client::TLSOptions.new(
-                            client_cert: @options.tls.client_cert, # steep:ignore
-                            client_private_key: @options.tls.client_private_key, # steep:ignore
-                            server_root_ca_cert: @options.tls.server_root_ca_cert, # steep:ignore
-                            domain: @options.tls.domain # steep:ignore
+                            client_cert: tls.client_cert, # steep:ignore
+                            client_private_key: tls.client_private_key, # steep:ignore
+                            server_root_ca_cert: tls.server_root_ca_cert, # steep:ignore
+                            domain: tls.domain # steep:ignore
                           )
                         else
                           Internal::Bridge::Client::TLSOptions.new

data/lib/temporalio/client.rb

@@ -99,7 +99,7 @@ module Temporalio
       target_host,
       namespace,
       api_key: nil,
-      tls: false,
+      tls: nil,
       data_converter: Converters::DataConverter.default,
       interceptors: [],
       logger: Logger.new($stdout, level: Logger::WARN),

data/lib/temporalio/contrib/open_telemetry.rb

@@ -86,10 +86,24 @@ module Temporalio
           attributes: nil,
           outbound_input: nil
         )
-          tracer.in_span(name, attributes:, kind:) do
+          # We cannot use tracer.in_span because it always assumes we want to set the status as error on exception, but
+          # we do not want to do that for benign exceptions. This is effectively a copy of the source of in_span with
+          # that change.
+          span = nil
+          span = tracer.start_span(name, attributes:, kind:)
+          ::OpenTelemetry::Trace.with_span(span) do
             _apply_context_to_headers(outbound_input.headers) if outbound_input
             yield
           end
+        rescue Exception => e # rubocop:disable Lint/RescueException
+          span&.record_exception(e)
+          # Only set the status if it is not a benign application error
+          unless e.is_a?(Error::ApplicationError) && e.category == Error::ApplicationError::Category::BENIGN
+            span&.status = ::OpenTelemetry::Trace::Status.error("Unhandled exception of type: #{e.class}")
+          end
+          raise e
+        ensure
+          span&.finish
         end
 
         # @!visibility private
@@ -217,7 +231,7 @@ module Temporalio
 
           # @!visibility private
           def execute(input)
-            @root._attach_context(Temporalio::Workflow.info.headers)
+            _attach_context(Temporalio::Workflow.info.headers)
             Workflow.with_completed_span("RunWorkflow:#{Temporalio::Workflow.info.workflow_type}", kind: :server) do
               super
             ensure
@@ -231,7 +245,7 @@ module Temporalio
 
           # @!visibility private
           def handle_signal(input)
-            @root._attach_context(Temporalio::Workflow.info.headers)
+            _attach_context(Temporalio::Workflow.info.headers)
             Workflow.with_completed_span(
               "HandleSignal:#{input.signal}",
               links: _links_from_headers(input.headers),
@@ -246,7 +260,7 @@ module Temporalio
 
           # @!visibility private
           def handle_query(input)
-            @root._attach_context(Temporalio::Workflow.info.headers)
+            _attach_context(Temporalio::Workflow.info.headers)
             Workflow.with_completed_span(
               "HandleQuery:#{input.query}",
               links: _links_from_headers(input.headers),
@@ -267,7 +281,7 @@ module Temporalio
 
           # @!visibility private
           def validate_update(input)
-            @root._attach_context(Temporalio::Workflow.info.headers)
+            _attach_context(Temporalio::Workflow.info.headers)
             Workflow.with_completed_span(
               "ValidateUpdate:#{input.update}",
               attributes: { 'temporalUpdateID' => input.id },
@@ -290,7 +304,7 @@ module Temporalio
 
           # @!visibility private
           def handle_update(input)
-            @root._attach_context(Temporalio::Workflow.info.headers)
+            _attach_context(Temporalio::Workflow.info.headers)
             Workflow.with_completed_span(
               "HandleUpdate:#{input.update}",
               attributes: { 'temporalUpdateID' => input.id },
@@ -309,14 +323,30 @@ module Temporalio
             end
           end
 
+          # @!visibility private
+          def _attach_context(headers)
+            # We have to disable the durable scheduler _even_ for something simple like attach context. For most OTel
+            # implementations, such a procedure is completely deterministic, but unfortunately some implementations like
+            # DataDog monkey patch OpenTelemetry (see
+            # https://github.com/DataDog/dd-trace-rb/blob/f88393d0571806b9980bb2cf5066eba60cfea177/lib/datadog/opentelemetry/api/context.rb#L184)
+            # to make even OpenTelemetry::Context.current non-deterministic because it uses mutexes. And a simple text
+            # map propagation extraction accesses Context.current.
+            Temporalio::Workflow::Unsafe.durable_scheduler_disabled do
+              @root._attach_context(headers)
+            end
+          end
+
           # @!visibility private
           def _links_from_headers(headers)
-            context = @root._context_from_headers(headers)
-            span = ::OpenTelemetry::Trace.current_span(context) if context
-            if span && span != ::OpenTelemetry::Trace::Span::INVALID
-              [::OpenTelemetry::Trace::Link.new(span.context)]
-            else
-              []
+            # See _attach_context above for why we have to disable scheduler even for these simple operations
+            Temporalio::Workflow::Unsafe.durable_scheduler_disabled do
+              context = @root._context_from_headers(headers)
+              span = ::OpenTelemetry::Trace.current_span(context) if context
+              if span && span != ::OpenTelemetry::Trace::Span::INVALID
+                [::OpenTelemetry::Trace::Link.new(span.context)]
+              else
+                []
+              end
             end
           end
         end
@@ -345,7 +375,9 @@ module Temporalio
           # @!visibility private
           def initialize_continue_as_new_error(input)
             # Just apply the current context to headers
-            @root._apply_context_to_headers(input.error.headers)
+            Temporalio::Workflow::Unsafe.durable_scheduler_disabled do
+              @root._apply_context_to_headers(input.error.headers)
+            end
             super
           end
 
@@ -372,7 +404,11 @@ module Temporalio
 
           # @!visibility private
           def _apply_span_to_headers(headers, span)
-            @root._apply_context_to_headers(headers, context: ::OpenTelemetry::Trace.context_with_span(span)) if span
+            # See WorkflowInbound#_attach_context comments for why we have to disable scheduler even for these simple
+            # operations
+            Temporalio::Workflow::Unsafe.durable_scheduler_disabled do
+              @root._apply_context_to_headers(headers, context: ::OpenTelemetry::Trace.context_with_span(span)) if span
+            end
           end
         end
 
@@ -405,9 +441,19 @@ module Temporalio
         )
           span = completed_span(name, attributes:, links:, kind:, exception:, even_during_replay:)
           if span
-            ::OpenTelemetry::Trace.with_span(span) do # rubocop:disable Style/ExplicitBlockArgument
+            # We cannot use ::OpenTelemetry::Trace.with_span here unfortunately. We need to disable the durable
+            # scheduler for just the span attach/detach but leave it enabled for the user code (see
+            # WorkflowInbound#_attach_current for why we have to disable scheduler even for these simple operations).
+            token = Temporalio::Workflow::Unsafe.durable_scheduler_disabled do
+              ::OpenTelemetry::Context.attach(::OpenTelemetry::Trace.context_with_span(span))
+            end
+            begin
               # Yield with no parameters
               yield
+            ensure
+              Temporalio::Workflow::Unsafe.durable_scheduler_disabled do
+                ::OpenTelemetry::Context.detach(token)
+              end
             end
           else
             yield
@@ -441,25 +487,32 @@ module Temporalio
           # Do nothing if replaying and not wanted during replay
           return nil if !even_during_replay && Temporalio::Workflow::Unsafe.replaying?
 
-          # If there is no span on the context and the user hasn't opted in to always creating, do not create. This
-          # prevents orphans if there was no span originally created from the client start-workflow call.
-          if ::OpenTelemetry::Trace.current_span == ::OpenTelemetry::Trace::Span::INVALID &&
-             !root._always_create_workflow_spans
-            return nil
-          end
-
           # Create attributes, adding user-defined ones
           attributes = { 'temporalWorkflowID' => Temporalio::Workflow.info.workflow_id,
                          'temporalRunID' => Temporalio::Workflow.info.run_id }.merge(attributes)
 
           time = Temporalio::Workflow.now.dup
           # Disable durable scheduler because 1) synchronous/non-batch span processors in OTel use network (though could
-          # have just used Unafe.io_enabled for this if not for the next point) and 2) OTel uses Ruby Timeout which we
+          # have just used Unsafe.io_enabled for this if not for the next point) and 2) OTel uses Ruby Timeout which we
           # don't want to use durable timers.
           Temporalio::Workflow::Unsafe.durable_scheduler_disabled do
+            # If there is no span on the context and the user hasn't opted in to always creating, do not create. This
+            # prevents orphans if there was no span originally created from the client start-workflow call.
+            if ::OpenTelemetry::Trace.current_span == ::OpenTelemetry::Trace::Span::INVALID &&
+               !root._always_create_workflow_spans
+              return nil
+            end
+
             span = root.tracer.start_span(name, attributes:, links:, start_timestamp: time, kind:) # steep:ignore
-            # Record exception if present
-            span.record_exception(exception) if exception
+            # Record exception and set status if present
+            if exception
+              span.record_exception(exception)
+              # Only set the status if it is not a benign application error
+              unless exception.is_a?(Error::ApplicationError) &&
+                     exception.category == Error::ApplicationError::Category::BENIGN
+                span.status = ::OpenTelemetry::Trace::Status.error("Unhandled exception of type: #{exception.class}")
+              end
+            end
             # Finish the span (returns self)
             span.finish(end_timestamp: time)
           end

data/lib/temporalio/converters/payload_converter/composite.rb

@@ -3,6 +3,7 @@
 require 'temporalio/api'
 require 'temporalio/converters/payload_converter'
 require 'temporalio/converters/raw_value'
+require 'temporalio/error'
 
 module Temporalio
   module Converters

data/lib/temporalio/converters/payload_converter/json_protobuf.rb

@@ -22,7 +22,7 @@ module Temporalio
 
           Api::Common::V1::Payload.new(
             metadata: { 'encoding' => ENCODING, 'messageType' => value.class.descriptor.name },
-            data: value.to_json
+            data: value.to_json.b
           )
         end
 

data/lib/temporalio/env_config.rb

@@ -0,0 +1,343 @@
+# frozen_string_literal: true
+
+require 'pathname'
+require 'temporalio/internal/bridge'
+
+module Temporalio
+  # Environment and file-based configuration for Temporal clients
+  #
+  # WARNING: Experimental API.
+  module EnvConfig
+    # This module provides utilities to load Temporal client configuration from TOML files
+    # and environment variables.
+
+    # TLS configuration as specified as part of client configuration
+    #
+    # @!attribute [r] disabled
+    #   @return [Boolean, nil] If true, TLS is explicitly disabled; if nil, not specified
+    # @!attribute [r] server_name
+    #   @return [String, nil] SNI override
+    # @!attribute [r] server_root_ca_cert
+    #   @return [Pathname, String, nil] Server CA certificate source
+    # @!attribute [r] client_cert
+    #   @return [Pathname, String, nil] Client certificate source
+    # @!attribute [r] client_private_key
+    #   @return [Pathname, String, nil] Client key source
+    ClientConfigTLS = Data.define(:disabled, :server_name, :server_root_ca_cert, :client_cert, :client_private_key)
+
+    # TLS configuration for Temporal client connections.
+    #
+    # This class provides methods for creating, serializing, and converting
+    # TLS configuration objects used by Temporal clients.
+    class ClientConfigTLS
+      # Create a ClientConfigTLS from a hash
+      # @param hash [Hash, nil] Hash representation
+      # @return [ClientConfigTLS, nil] The TLS configuration or nil if hash is nil/empty
+      def self.from_h(hash)
+        return nil if hash.nil? || hash.empty?
+
+        new(
+          disabled: hash[:disabled],
+          server_name: hash[:server_name],
+          server_root_ca_cert: hash_to_source(hash[:server_ca_cert]),
+          client_cert: hash_to_source(hash[:client_cert]),
+          client_private_key: hash_to_source(hash[:client_key])
+        )
+      end
+
+      # Set default values
+      def initialize(disabled: nil, server_name: nil, server_root_ca_cert: nil, client_cert: nil,
+                     client_private_key: nil)
+        super
+      end
+
+      # Convert to a hash that can be used for TOML serialization
+      # @return [Hash] Dictionary representation
+      def to_h
+        {
+          disabled:,
+          server_name:,
+          server_ca_cert: server_root_ca_cert ? source_to_hash(server_root_ca_cert) : nil,
+          client_cert: client_cert ? source_to_hash(client_cert) : nil,
+          client_key: client_private_key ? source_to_hash(client_private_key) : nil
+        }.compact
+      end
+
+      # Create a TLS configuration for use with connections
+      # @return [Connection::TLSOptions, false] TLS options or false if disabled
+      def to_client_tls_options
+        return false if disabled
+
+        Client::Connection::TLSOptions.new(
+          domain: server_name,
+          server_root_ca_cert: read_source(server_root_ca_cert),
+          client_cert: read_source(client_cert),
+          client_private_key: read_source(client_private_key)
+        )
+      end
+
+      private
+
+      class << self
+        private
+
+        # Convert hash to source object (Pathname or String)
+        def hash_to_source(hash)
+          return nil if hash.nil?
+
+          # Always expect a hash with path or data
+          if hash[:path]
+            Pathname.new(hash[:path])
+          elsif hash[:data]
+            hash[:data]
+          end
+        end
+      end
+
+      def source_to_hash(source)
+        case source
+        when Pathname
+          { path: source.to_s }
+        when String
+          # String is always treated as data content
+          { data: source }
+        when nil
+          nil
+        else
+          raise TypeError, "Source must be Pathname, String, or nil, got #{source.class}"
+        end
+      end
+
+      def read_source(source)
+        case source
+        when Pathname
+          File.read(source.to_s)
+        when String
+          # String is always treated as raw data content
+          source
+        when nil
+          nil
+        else
+          raise TypeError, "Source must be Pathname, String, or nil, got #{source.class}"
+        end
+      end
+    end
+
+    # Represents a client configuration profile.
+    #
+    # This class holds the configuration as loaded from a file or environment.
+    # See #to_client_connect_options to transform the profile to a connect config hash.
+    #
+    # @!attribute [r] address
+    #   @return [String, nil] Client address
+    # @!attribute [r] namespace
+    #   @return [String, nil] Client namespace
+    # @!attribute [r] api_key
+    #   @return [String, nil] Client API key
+    # @!attribute [r] tls
+    #   @return [Boolean, ClientConfigTLS, nil] TLS configuration
+    # @!attribute [r] grpc_meta
+    #   @return [Hash] gRPC metadata
+    ClientConfigProfile = Data.define(:address, :namespace, :api_key, :tls, :grpc_meta)
+
+    # A client configuration profile loaded from environment and files.
+    #
+    # This class represents a complete client configuration profile that can be
+    # loaded from TOML files and environment variables, and converted to client
+    # connection options.
+    class ClientConfigProfile
+      # Create a ClientConfigProfile from a hash
+      # @param hash [Hash] Hash representation
+      # @return [ClientConfigProfile] The client profile
+      def self.from_h(hash)
+        new(
+          address: hash[:address],
+          namespace: hash[:namespace],
+          api_key: hash[:api_key],
+          tls: ClientConfigTLS.from_h(hash[:tls]),
+          grpc_meta: hash[:grpc_meta] || {}
+        )
+      end
+
+      # Load a single client profile from given sources, applying env overrides.
+      #
+      # @param profile [String, nil] Profile to load from the config
+      # @param config_source [Pathname, String, nil] Configuration source -
+      #   Pathname for file path, String for TOML content
+      # @param disable_file [Boolean] If true, file loading is disabled
+      # @param disable_env [Boolean] If true, environment variable loading and overriding is disabled
+      # @param config_file_strict [Boolean] If true, will error on unrecognized keys
+      # @param override_env_vars [Hash, nil] Environment variables to use for loading and overrides
+      # @return [ClientConfigProfile] The client configuration profile
+      def self.load(
+        profile: nil,
+        config_source: nil,
+        disable_file: false,
+        disable_env: false,
+        config_file_strict: false,
+        override_env_vars: nil
+      )
+        path, data = EnvConfig._source_to_path_and_data(config_source)
+
+        raw_profile = Internal::Bridge::EnvConfig.load_client_connect_config(
+          profile,
+          path,
+          data,
+          disable_file,
+          disable_env,
+          config_file_strict,
+          override_env_vars || {}
+        )
+
+        from_h(raw_profile)
+      end
+
+      # Create a ClientConfigProfile instance with defaults
+      def initialize(address: nil, namespace: nil, api_key: nil, tls: nil, grpc_meta: {})
+        super
+      end
+
+      # Convert to a hash that can be used for TOML serialization
+      # @return [Hash] Dictionary representation
+      def to_h
+        {
+          address: address,
+          namespace: namespace,
+          api_key: api_key,
+          tls: tls&.to_h&.then { |tls_hash| tls_hash.empty? ? nil : tls_hash }, # steep:ignore
+          grpc_meta: grpc_meta && grpc_meta.empty? ? nil : grpc_meta
+        }.compact
+      end
+
+      # Create a client connect config from this profile
+      # @return [Array] Tuple of [positional_args, keyword_args] that can be splatted to Client.connect
+      def to_client_connect_options
+        positional_args = [address, namespace]
+        tls_value = false
+        if tls
+          tls_value = tls.to_client_tls_options
+        elsif api_key
+          tls_value = true
+        end
+
+        keyword_args = {
+          api_key: api_key,
+          rpc_metadata: (grpc_meta if grpc_meta && !grpc_meta.empty?),
+          tls: tls_value
+        }.compact
+
+        [positional_args, keyword_args]
+      end
+    end
+
+    # Client configuration loaded from TOML and environment variables.
+    #
+    # This contains a mapping of profile names to client profiles.
+    #
+    # @!attribute [r] profiles
+    #   @return [Hash<String, ClientConfigProfile>] Map of profile name to its corresponding ClientConfigProfile
+    ClientConfig = Data.define(:profiles)
+
+    # Container for multiple client configuration profiles.
+    #
+    # This class holds a collection of named client profiles loaded from
+    # configuration sources and provides methods for profile management
+    # and client connection configuration.
+    class ClientConfig
+      # Create a ClientConfig from a hash
+      # @param hash [Hash] Hash representation
+      # @return [ClientConfig] The client configuration
+      def self.from_h(hash)
+        profiles = hash.transform_values do |profile_hash|
+          ClientConfigProfile.from_h(profile_hash)
+        end
+        new(profiles: profiles)
+      end
+
+      # Load all client profiles from given sources.
+      #
+      # This does not apply environment variable overrides to the profiles, it
+      # only uses an environment variable to find the default config file path
+      # (TEMPORAL_CONFIG_FILE).
+      #
+      # @param config_source [Pathname, String, nil] Configuration source
+      # @param config_file_strict [Boolean] If true, will error on unrecognized keys
+      # @param override_env_vars [Hash, nil] Environment variables to use
+      # @return [ClientConfig] The client configuration
+      def self.load(
+        config_source: nil,
+        config_file_strict: false,
+        override_env_vars: nil
+      )
+        path, data = EnvConfig._source_to_path_and_data(config_source)
+
+        loaded_profiles = Internal::Bridge::EnvConfig.load_client_config(
+          path,
+          data,
+          config_file_strict,
+          override_env_vars || {}
+        )
+
+        from_h(loaded_profiles)
+      end
+
+      # Load a single client profile and convert to connect config
+      #
+      # This is a convenience function that combines loading a profile and
+      # converting it to a connect config hash.
+      #
+      # @param profile [String, nil] The profile to load from the config
+      # @param config_source [Pathname, String, nil] Configuration source
+      # @param disable_file [Boolean] If true, file loading is disabled
+      # @param disable_env [Boolean] If true, environment variable loading and overriding is disabled
+      # @param config_file_strict [Boolean] If true, will error on unrecognized keys
+      # @param override_env_vars [Hash, nil] Environment variables to use for loading and overrides
+      # @return [Array] Tuple of [positional_args, keyword_args] that can be splatted to Client.connect
+      def self.load_client_connect_options(
+        profile: nil,
+        config_source: nil,
+        disable_file: false,
+        disable_env: false,
+        config_file_strict: false,
+        override_env_vars: nil
+      )
+        prof = ClientConfigProfile.load(
+          profile: profile,
+          config_source: config_source,
+          disable_file: disable_file,
+          disable_env: disable_env,
+          config_file_strict: config_file_strict,
+          override_env_vars: override_env_vars
+        )
+        prof.to_client_connect_options
+      end
+
+      # Create a ClientConfig instance with defaults
+      def initialize(profiles: {})
+        super
+      end
+
+      # Convert to a hash that can be used for TOML serialization
+      # @return [Hash] Dictionary representation
+      def to_h
+        profiles.transform_values(&:to_h)
+      end
+    end
+
+    # @param source [Pathname, String, nil] Configuration source
+    # @return [Array<String?, String?>] Tuple of [path, data]
+    # @!visibility private
+    def self._source_to_path_and_data(source)
+      case source
+      when Pathname
+        [source.to_s, nil]
+      when String
+        [nil, source]
+      when nil
+        [nil, nil]
+      else
+        raise TypeError, "Must be Pathname, String, or nil, got #{source.class}"
+      end
+    end
+  end
+end

data/lib/temporalio/error.rb

@@ -97,9 +97,13 @@ module Temporalio
 
     # Error that occurs when an async activity handle tries to heartbeat and the activity is marked as canceled.
     class AsyncActivityCanceledError < Error
+      # @return [Activity::CancellationDetails]
+      attr_reader :details
+
       # @!visibility private
-      def initialize
+      def initialize(details)
         super('Activity canceled')
+        @details = details
       end
     end