API Reference #

Packages #

temporal.bmor10.com/v1alpha1

temporal.bmor10.com/v1alpha1 #

Conversion / hub-and-spoke notes:

v1alpha1 is currently the one and only API version, and is marked as the storage version (see the +kubebuilder:storageversion markers on the root types). When a v1beta1 is introduced, v1alpha1 will become the conversion “hub”: all spoke versions convert to and from it, and conversion webhooks will be wired in here (via the conversion.Convertible / conversion.Hub interfaces from sigs.k8s.io/controller-runtime). Keeping this groundwork explicit now ensures the storage version is unambiguous and that adding a new version later is a localized change.

Package v1alpha1 contains API Schema definitions for the temporal v1alpha1 API group.

ArchivalSpec #

ArchivalSpec is a passthrough for cluster-wide archival configuration.

Appears in:

TemporalClusterSpec

Field	Description	Default	Validation
`history` RawExtension			Optional: {}
`visibility` RawExtension			Optional: {}

AuthorizationSpec #

AuthorizationSpec configures the authorizer and claim mapper.

Appears in:

TemporalClusterSpec

Field	Description	Validation
`authorizer` string		Optional: {}
`claimMapper` string		Optional: {}
`config` RawExtension	Config is a passthrough for authorization provider configuration.	Optional: {}

CassandraDatastoreSpec #

CassandraDatastoreSpec configures a Cassandra datastore.

Appears in:

DatastoreSpec

Field	Default	Validation
`hosts` string array		MinItems: 1
`port` integer	9042	Maximum: 65535 Minimum: 1
`keyspace` string
`user` string		Optional: {}
`passwordSecretRef` SecretKeyReference		Optional: {}
`datacenter` string		Optional: {}
`replicationFactor` integer	1	Minimum: 1 Optional: {}
`tls` DatastoreTLSSpec		Optional: {}

CertificateAuthoritySpec #

CertificateAuthoritySpec configures a certificate authority.

Appears in:

MTLSSpec

Field	Description	Default	Validation
`secretName` string			Optional: {}
`duration` Duration			Optional: {}

ClusterMetadataSpec #

ClusterMetadataSpec is a passthrough for multi-cluster metadata.

Appears in:

TemporalClusterSpec

Field	Description	Default	Validation
`raw` RawExtension			Optional: {}

DatastoreSpec #

DatastoreSpec configures a single datastore. Exactly one backend should be set.

Appears in:

PersistenceSpec

Field	Description	Default	Validation
`sql` SQLDatastoreSpec			Optional: {}
`cassandra` CassandraDatastoreSpec			Optional: {}
`elasticsearch` ElasticsearchDatastoreSpec			Optional: {}
`schemaVersion` string	SchemaVersion is either “auto” (operator-managed migrations) or a pinned schema version string.	auto	Optional: {}

DatastoreTLSSpec #

DatastoreTLSSpec configures TLS for a datastore connection.

Appears in:

CassandraDatastoreSpec
ElasticsearchDatastoreSpec
SQLDatastoreSpec

Field	Default	Validation
`enabled` boolean	true
`caSecretRef` SecretKeyReference		Optional: {}
`certSecretRef` SecretKeyReference		Optional: {}
`keySecretRef` SecretKeyReference		Optional: {}
`enableHostVerification` boolean		Optional: {}
`serverName` string		Optional: {}

DynamicConfigConstraints #

DynamicConfigConstraints scopes a dynamic config value.

Appears in:

DynamicConfigValue

Field	Description	Default	Validation
`namespace` string			Optional: {}
`taskQueueName` string			Optional: {}
`taskQueueType` string			Optional: {}

DynamicConfigSpec #

DynamicConfigSpec is a passthrough for Temporal’s dynamic configuration.

Appears in:

TemporalClusterSpec

Field	Description	Default	Validation
`values` object (keys:string, values:DynamicConfigValue)	Values maps a dynamic config key to one or more constrained values.		Optional: {}

DynamicConfigValue #

DynamicConfigValue is a single dynamic config value with optional constraints.

Appears in:

DynamicConfigSpec

Field	Description	Default	Validation
`value` RawExtension	Value is an arbitrary JSON value for the dynamic config key.
`constraints` DynamicConfigConstraints			Optional: {}

ElasticsearchDatastoreSpec #

ElasticsearchDatastoreSpec configures an Elasticsearch visibility store.

Appears in:

DatastoreSpec

Field	Default	Validation
`url` string
`version` string	v8	Enum: [v7 v8]
`username` string		Optional: {}
`passwordSecretRef` SecretKeyReference		Optional: {}
`indices` object (keys:string, values:string)		Optional: {}
`tls` DatastoreTLSSpec		Optional: {}

EndpointsStatus #

EndpointsStatus reports resolved cluster endpoints.

Appears in:

TemporalClusterStatus

Field	Description	Default	Validation
`frontend` string			Optional: {}
`ui` string			Optional: {}
`metrics` string			Optional: {}

FrontendMTLSSpec #

FrontendMTLSSpec configures the frontend certificate.

Appears in:

MTLSSpec

Field	Description	Default	Validation
`secretName` string			Optional: {}
`dnsNames` string array			Optional: {}

InternalFrontendSpec #

InternalFrontendSpec configures the optional internal-frontend service.

Appears in:

ServicesSpec

Field	Default	Validation
`enabled` boolean	false
`replicas` integer	1	Minimum: 1 Optional: {}
`resources` ResourceRequirements		Optional: {}

IssuerReference #

IssuerReference references a cert-manager Issuer or ClusterIssuer.

Appears in:

MTLSSpec

Field	Default	Validation
`name` string
`kind` string	Issuer	Enum: [Issuer ClusterIssuer] Optional: {}
`group` string	cert-manager.io	Optional: {}

MTLSSpec #

MTLSSpec configures mutual TLS for the cluster.

Appears in:

TemporalClusterSpec

Field	Description	Default	Validation
`provider` string	Provider selects the certificate provider.	cert-manager	Enum: [cert-manager]
`issuerRef` IssuerReference	IssuerRef references the cert-manager issuer used to mint certificates. Required when provider is cert-manager.		Optional: {}
`internodeCA` CertificateAuthoritySpec	InternodeCA configures the internode certificate authority.		Optional: {}
`frontend` FrontendMTLSSpec	Frontend configures the frontend certificate.		Optional: {}
`refreshInterval` Duration	RefreshInterval is the certificate refresh interval.	720h	Optional: {}
`renewBefore` Duration	RenewBefore is how long before expiry a certificate is renewed.	240h	Optional: {}

MetricsSpec #

MetricsSpec configures Prometheus integration.

Appears in:

TemporalClusterSpec

Field	Default	Validation
`enabled` boolean	true
`port` integer	9090	Maximum: 65535 Minimum: 1 Optional: {}
`serviceMonitor` ServiceMonitorSpec		Optional: {}

PersistenceSpec #

PersistenceSpec configures the default and visibility datastores.

Appears in:

TemporalClusterSpec

Field	Description	Default	Validation
`defaultStore` DatastoreSpec	DefaultStore holds workflow execution state. Exactly one of sql or cassandra must be set.
`visibilityStore` DatastoreSpec	VisibilityStore holds visibility records. One of sql, cassandra, or elasticsearch must be set.

PersistenceStatus #

PersistenceStatus reports datastore reachability and schema state.

Appears in:

TemporalClusterStatus

Field	Description	Validation
`schemaVersions` object (keys:string, values:string)	SchemaVersions maps a store name to its observed schema version.	Optional: {}
`history` SchemaUpgradeRecord array	History records schema upgrades applied by the operator.	Optional: {}
`reachable` boolean	Reachable indicates whether the datastores were reachable at last reconcile.	Optional: {}

PodTemplateOverride #

PodTemplateOverride carries metadata and a strategic-merge pod spec override.

Appears in:

ServiceOverrides
ServiceSpec

Field	Description	Validation
`labels` object (keys:string, values:string)		Optional: {}
`annotations` object (keys:string, values:string)		Optional: {}
`spec` RawExtension	Spec is a partial PodSpec (strategic-merge patch) merged onto the generated pod template. It is stored as an opaque object to keep the CRD schema small.	Optional: {}

SQLDatastoreSpec #

SQLDatastoreSpec configures a SQL (Postgres/MySQL) datastore.

Appears in:

DatastoreSpec

Field	Description	Default	Validation
`pluginName` string	PluginName selects the SQL driver.	postgres12	Enum: [postgres12 postgres12_pgx mysql8]
`host` string
`port` integer		5432	Maximum: 65535 Minimum: 1
`database` string
`user` string
`passwordSecretRef` SecretKeyReference	PasswordSecretRef references a secret containing the password. Required for password authentication.		Optional: {}
`passwordCommandSecretRef` SecretKeyReference	PasswordCommandSecretRef references a secret holding a command that emits a short-lived credential (Temporal 1.31+ IAM auth).		Optional: {}
`connectAttributes` object (keys:string, values:string)			Optional: {}
`maxConns` integer			Minimum: 1 Optional: {}
`maxIdleConns` integer			Minimum: 1 Optional: {}
`maxConnLifetime` Duration			Optional: {}
`tls` DatastoreTLSSpec			Optional: {}

SchemaUpgradeRecord #

SchemaUpgradeRecord records a single schema migration.

Appears in:

PersistenceStatus

Field	Description	Default	Validation
`store` string
`fromVersion` string
`toVersion` string
`time` Time

SecretKeyReference #

SecretKeyReference references a single key within a Secret in the same namespace.

Appears in:

CassandraDatastoreSpec
DatastoreTLSSpec
ElasticsearchDatastoreSpec
SQLDatastoreSpec

Field	Description	Default	Validation
`name` string
`key` string		password	Optional: {}

ServiceExposureSpec #

ServiceExposureSpec configures how a service is exposed.

Appears in:

ServiceSpec

Field	Description	Default	Validation
`type` ServiceType		ClusterIP	Enum: [ClusterIP NodePort LoadBalancer] Optional: {}
`annotations` object (keys:string, values:string)			Optional: {}

ServiceMonitorSpec #

ServiceMonitorSpec configures a Prometheus Operator ServiceMonitor.

Appears in:

MetricsSpec

Field	Default	Validation
`enabled` boolean	false
`interval` Duration		Optional: {}
`labels` object (keys:string, values:string)		Optional: {}

ServiceOverrides #

ServiceOverrides are shared defaults applied across services.

Appears in:

ServicesSpec

Field	Description	Default	Validation
`podTemplate` PodTemplateOverride			Optional: {}

ServiceSpec #

ServiceSpec configures a single Temporal service deployment.

Appears in:

ServicesSpec

Field	Default	Validation
`replicas` integer	1	Minimum: 1 Optional: {}
`resources` ResourceRequirements		Optional: {}
`podTemplate` PodTemplateOverride		Optional: {}
`service` ServiceExposureSpec		Optional: {}
`nodeSelector` object (keys:string, values:string)		Optional: {}
`tolerations` Toleration array		Optional: {}
`affinity` Affinity		Optional: {}
`topologySpreadConstraints` TopologySpreadConstraint array		Optional: {}

ServiceStatus #

ServiceStatus reports the readiness of a single service.

Appears in:

TemporalClusterStatus

Field	Description	Default	Validation
`ready` integer			Optional: {}
`desired` integer			Optional: {}
`version` string			Optional: {}

ServicesSpec #

ServicesSpec configures each Temporal service plus shared overrides.

Appears in:

TemporalClusterSpec

Field	Description	Validation
`frontend` ServiceSpec		Optional: {}
`history` ServiceSpec		Optional: {}
`matching` ServiceSpec		Optional: {}
`worker` ServiceSpec		Optional: {}
`internalFrontend` InternalFrontendSpec		Optional: {}
`overrides` ServiceOverrides	Overrides are applied to every service unless overridden per-service.	Optional: {}

TemporalCluster #

TemporalCluster is the Schema for the temporalclusters API.

Field	Description	Validation
`apiVersion` string	`temporal.bmor10.com/v1alpha1`
`kind` string	`TemporalCluster`
`metadata` ObjectMeta	Refer to Kubernetes API documentation for fields of `metadata`.	Optional: {}
`spec` TemporalClusterSpec	spec defines the desired state of TemporalCluster	Required: {}

TemporalClusterClient #

TemporalClusterClient is the Schema for the temporalclusterclients API.

Field	Description	Validation
`apiVersion` string	`temporal.bmor10.com/v1alpha1`
`kind` string	`TemporalClusterClient`
`metadata` ObjectMeta	Refer to Kubernetes API documentation for fields of `metadata`.	Optional: {}
`spec` TemporalClusterClientSpec	spec defines the desired state of TemporalClusterClient	Required: {}

TemporalClusterClientSpec #

TemporalClusterClientSpec defines the desired state of TemporalClusterClient.

Appears in:

TemporalClusterClient

Field	Description	Default	Validation
`clusterRef` LocalObjectReference	ClusterRef references the TemporalCluster to generate client credentials for.
`secretName` string	SecretName is the name of the Secret to write generated client credentials into. Defaults to the resource name when empty.		Optional: {}

TemporalClusterSpec #

TemporalClusterSpec defines the desired state of TemporalCluster.

Appears in:

TemporalCluster

Field	Description	Default	Validation
`version` string	Version is the Temporal server version, e.g. “1.31.1”.		Pattern: `^\d+\.\d+\.\d+$`
`numHistoryShards` integer	NumHistoryShards is the number of history shards. IMMUTABLE after creation. Choose carefully: 512 small prod, 4096 large prod.	512	Maximum: 16384 Minimum: 1
`image` string	Image is the Temporal server image. Default: temporalio/server:.		Optional: {}
`imagePullSecrets` LocalObjectReference array	ImagePullSecrets references secrets for pulling the server image.		Optional: {}
`services` ServicesSpec	Services configures each Temporal service.		Optional: {}
`persistence` PersistenceSpec	Persistence configures the default and visibility datastores. Required.
`mtls` MTLSSpec	MTLS configures mutual TLS (cert-manager-driven by default).		Optional: {}
`dynamicConfig` DynamicConfigSpec	DynamicConfig is a passthrough for Temporal’s dynamic config.		Optional: {}
`ui` UISpec	UI configures temporal-ui as part of this cluster.		Optional: {}
`metrics` MetricsSpec	Metrics configures Prometheus integration.		Optional: {}
`archival` ArchivalSpec	Archival configures cluster-wide archival enablement.		Optional: {}
`authorization` AuthorizationSpec	Authorization configures the authorizer and claim mapper.		Optional: {}
`clusterMetadata` ClusterMetadataSpec	ClusterMetadata is a passthrough for multi-cluster setup.		Optional: {}
`preventDeletion` boolean	PreventDeletion, when true, blocks deletion of the cluster via the validating webhook as a safety measure.		Optional: {}

TemporalNamespace #

TemporalNamespace is the Schema for the temporalnamespaces API.

Field	Description	Validation
`apiVersion` string	`temporal.bmor10.com/v1alpha1`
`kind` string	`TemporalNamespace`
`metadata` ObjectMeta	Refer to Kubernetes API documentation for fields of `metadata`.	Optional: {}
`spec` TemporalNamespaceSpec	spec defines the desired state of TemporalNamespace	Required: {}

TemporalNamespaceSpec #

TemporalNamespaceSpec defines the desired state of TemporalNamespace.

Appears in:

TemporalNamespace

Field	Description	Default	Validation
`clusterRef` LocalObjectReference	ClusterRef references the TemporalCluster that owns this namespace.
`retentionPeriod` Duration	RetentionPeriod is how long closed workflows are retained.	72h	Optional: {}
`description` string	Description is a human-friendly description of the namespace.		Optional: {}
`ownerEmail` string	OwnerEmail is the owner contact for the namespace.		Optional: {}
`allowDeletion` boolean	AllowDeletion permits the operator to delete the Temporal namespace when the CR is deleted. When false, the namespace is left in place.		Optional: {}
`driftDetection` string	DriftDetection controls whether the operator reconciles drift between the spec and the live namespace.	reconcile	Enum: [reconcile ignore] Optional: {}

TemporalSearchAttribute #

TemporalSearchAttribute is the Schema for the temporalsearchattributes API.

Field	Description	Validation
`apiVersion` string	`temporal.bmor10.com/v1alpha1`
`kind` string	`TemporalSearchAttribute`
`metadata` ObjectMeta	Refer to Kubernetes API documentation for fields of `metadata`.	Optional: {}
`spec` TemporalSearchAttributeSpec	spec defines the desired state of TemporalSearchAttribute	Required: {}

TemporalSearchAttributeSpec #

TemporalSearchAttributeSpec defines the desired state of TemporalSearchAttribute.

Appears in:

TemporalSearchAttribute

Field	Description	Validation
`clusterRef` LocalObjectReference	ClusterRef references the TemporalCluster this search attribute belongs to.
`namespace` string	Namespace is the Temporal namespace to register the attribute in.
`name` string	Name is the search attribute name.
`type` string	Type is the search attribute type. Immutable once created.	Enum: [Keyword Text Int Double Bool Datetime KeywordList]
`allowDeletion` boolean	AllowDeletion permits the operator to remove the search attribute from the namespace when the CR is deleted.	Optional: {}

UICodecServerSpec #

UICodecServerSpec configures the temporal-ui codec server.

Appears in:

UISpec

Field	Description	Default	Validation
`endpoint` string
`passAccessToken` boolean			Optional: {}
`includeCredentials` boolean			Optional: {}

UIIngressSpec #

UIIngressSpec configures ingress for temporal-ui.

Appears in:

UISpec

Field	Default	Validation
`enabled` boolean	false
`ingressClassName` string		Optional: {}
`host` string		Optional: {}
`annotations` object (keys:string, values:string)		Optional: {}
`tlsSecretName` string		Optional: {}

UISpec #

UISpec configures temporal-ui.

Appears in:

TemporalClusterSpec

Field	Description	Default	Validation
`enabled` boolean		false
`version` string			Optional: {}
`replicas` integer		1	Minimum: 1 Optional: {}
`ingress` UIIngressSpec			Optional: {}
`auth` RawExtension	Auth is a passthrough for temporal-ui authentication config.		Optional: {}
`codecServer` UICodecServerSpec			Optional: {}

UpgradeStatus #

UpgradeStatus reports the state of an in-progress version upgrade.

Appears in:

TemporalClusterStatus

Field	Description	Validation
`fromVersion` string		Optional: {}
`toVersion` string		Optional: {}
`phase` string		Optional: {}
`rollbackable` boolean	Rollbackable is true until schema migration begins, after which a rollback is no longer safe.	Optional: {}
`startedAt` Time		Optional: {}