Skip to content

fix: tls is not added for profiles without tls#1089

Merged
chaptersix merged 2 commits into
mainfrom
spk/config-tls-bug
Jun 15, 2026
Merged

fix: tls is not added for profiles without tls#1089
chaptersix merged 2 commits into
mainfrom
spk/config-tls-bug

Conversation

@spkane31

Copy link
Copy Markdown
Contributor

Related issues

Closes #1077

What changed?

The helper to iterate over envConfigPropsToFieldNames has a side effect if the parent is nil and failIfParentNotFound=true it will set confProfile.TLS = &envconvfig.ClientConfigTLS{}. When the k=="tls" check happens, confProfile.TLS != nil and it will emit tls: true. Map iteration is non-deterministic and there are 9 tls.* keys vs 1 tls key so the mutation is more likely to happen before checking the tls key.

Checklist

Tests

  • Added unit test

@spkane31 spkane31 requested a review from a team as a code owner June 10, 2026 16:35
@spkane31 spkane31 requested review from chaptersix and tlalfano June 10, 2026 16:35
@chaptersix chaptersix merged commit 79e9f8f into main Jun 15, 2026
11 checks passed
@chaptersix chaptersix deleted the spk/config-tls-bug branch June 15, 2026 14:49
chaptersix added a commit that referenced this pull request Jul 6, 2026
…#1104)

## Summary

Backports server-independent changes from `main` into `release/1.8.x`.
Every commit here was verified to build and pass codegen against the
release line's current dependency pins (`server v1.31.0`, `sdk v1.41.1`,
`api v1.62.8`) — nothing pulls in the newer server/SDK/API that landed
on `main` via #1017.

Scope agreed as: bug fixes + CLI changes + CI/tooling. Dependency bumps
(#1040, #1052, #1063) and server-version-dependent features are
intentionally excluded.

## Included (22 commits, cherry-picked with `-x`)

**CLI / bug fixes**
- #1006 Fix help with value flags (addresses #1003 — `--help` with value
flags like `--address 123` surfaced `pflag: help requested` as an error)
- #1012 skip CountWorkflow in batch operations when `--yes` is set
- #1016 Sort output of listing search attributes
- #1029 Workflow delete now prompts for confirmation
- #1033 Add persistence info to start-dev banner
- #1047 Add `temporal schedule list-matching-times` command
- #1056 Fix task-queue config set help: use real fairness weight flag
names
- #1059 Prefix dev server cluster ID with `dev-server-`
- #1089 fix: tls is not added for profiles without tls
- #1099 Clarify activity pause timeout behavior
- #941 auto-generate deprecation warnings from YAML config

**Tests**
- #1005 Fix flakey test by disabling EC2 metadata lookup
- #1020 Remove `time.Sleep()` in commands.taskqueue_test.go

**CI / tooling**
- #1015 pin alpine docker image to 3.23.4
- #1024 remediate missing-dependency-cooldown
- #1034 Bump actions/upload-artifact from 4 to 7
- #1044 improve dependabot config
- #1045 add PR template
- #1054 pin and bump GitHub Actions to latest versions
- #1057 use allow instead of ignore for dependency-type in dependabot
config
- #1080 Bump the github-actions group with 2 updates

## Excluded (rely on the new server/SDK version)
#1017 (server bump v1.31.0 -> v1.32.0-157.0), #1046, #1087, #1001,
#1091, #1084

## Verification
- `go build ./...` passes
- all test packages compile
- `make gen` reports no codegen drift
- server/sdk/api pins unchanged from `release/1.8.x`



## CI endpoint fix (added)
Also backports the API-key CI test endpoint change from #1087
(`us-east-1` -> `ca-central-1`) as a standalone CI-only commit. This
resolves the `Request unauthorized` failure in the "Test cloud API key"
steps on `release/1.8.x`. The rest of #1087 (Nexus Operation command
code) is excluded as it depends on the new server version.

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Sai Asish Y <say.apm35@gmail.com>
Co-authored-by: Kevin Woo <3469532+kevinawoo@users.noreply.github.com>
Co-authored-by: Rodrigo Zhou <rodrigo.zhou@temporal.io>
Co-authored-by: Stephan Behnke <stephanos@users.noreply.github.com>
Co-authored-by: Jiechen Zhong <jiechen.zhong@temporal.io>
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Co-authored-by: Kent Gruber <kent.gruber@temporal.io>
Co-authored-by: picatz <14850816+picatz@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: John Votta <jpvotta@gmail.com>
Co-authored-by: Nasit  Sarwar Sony <nasitsony96@gmail.com>
Co-authored-by: hussam-salah <156124396+hussam-salah@users.noreply.github.com>
Co-authored-by: Sai Asish Y <say.apm35@gmail.com>
Co-authored-by: Bitalizer <23104115+bitalizer@users.noreply.github.com>
Co-authored-by: Sean Kane <spkane31@gmail.com>
Co-authored-by: Jessica Laughlin <JLDLaughlin@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

config get shows tls true for profiles with no TLS configured

2 participants