This is an API built with Spring Boot to retrieve workflow history and terminate running workflows.
See swagger specification for the exposed endpoints.
Follow these instructions to run the project locally and configure for kubernetes deployment
Ensure you have the following installed and configured locally:
- Java 21
- Maven 3.8.7 or newer
- Auth API running locally or in a development environment
- Temporal Server 1.22.0 or newer running locally or in a development environment. See helm deployment to deploy the Temporal Server to a kubernetes cluster.
This section describes the configuration options available for the history API via environment variables and spring profiles
- Run the project with the
sslprofile to enable SSL - To generate a self-signed keystore file for development purposes, run the following command in the project directory:
keytool -genkeypair -alias history-api -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore history-api.p12 -validity 3650- Follow prompts to set the keystore password.
- Place the generated file in src/main/resources/keystore
- If you don't want to place the file in the resources folder:
- Run
base64 -e -i .\history-api.p12 -o history-api-base64.txtto encode the keystore file for use in kubernetes secrets that will set theHISTORY_API_SSL_KEY_STOREto be the data in the text file you've just generated.
- Run
Caution
Setting VERIFY_HOSTNAMES to false should NOT be used in a live production environment, it should only be used when testing with self-signed SSL certificates.
| Environment Variable | Description | Default Value | Required |
|---|---|---|---|
| HISTORY_API_SSL_KEY_STORE_PASSWORD | The keystore password to access the keystore | Y if using SSL profile | |
| HISTORY_API_SSL_KEY_STORE | The file path or file containing the public and private keys in PKCS12 format | classpath:keystore/history-api.p12 | N |
| JWKS_URI | The endpoint of the Auth API to get the JWK to verify JWT tokens with | https://localhost:53655/auth/.well-known/jwks.json | N |
| VERIFY_HOSTNAMES | If using self signed certificates for SSL, set this to false for non production environments only for development | true | N |
| TEMPORAL_NAMESPACE | The namespace for the Temporal client to connect to | default | N |
| TEMPORAL_ENDPOINT | The URL of the Temporal frontend endpoint to connect to | localhost:7233 | N |
| ENCRYPTION_PASSWORD | The password to encrypt and decrypt Temporal payloads with - this must be the same for every Temporal encryption configuration in the project | changeme | N |
| ENCRYPTION_SALT | The salt to encrypt and decrypt Temporal payloads with - this must be the same for every Temporal encryption configuration in the project | changeme | N |
| LOGGING_LEVEL | The root logging level for the project | info | N |
Follow the instructions below to get a development environment running:
- Clone the repository
- Navigate to the project directory
- Run
mvn clean installto build and test the project - Run
mvn spring-boot:runto start the server- Run
mvn spring-boot:run -Dspring-boot.run.profiles=sslto start the server with SSL enabled (requires extra configuration)
- Run
- To run the unit tests, run
mvn testin the project directory - To run the integration tests see the Integration Tests Project
and make sure that the
@HistoryAPIis added to the filter expression.
- Run the command from the project root to build and push a new image for both arm and amd platforms.
docker buildx build --platform linux/amd64,linux/arm64 -t <account name>/<image-name>:<image-tag> --push .
- See helm deployment to deploy the History API to a kubernetes cluster.