Use dynamic auth credentials #17
Conversation
| func getNamespaceAPIKeyFromEnv(ctx context.Context) (string, error) { | ||
| v := os.Getenv(temporalCloudNamespaceAPIKeyEnvName) | ||
| if v == "" { | ||
| // fallback to using the control plane API key if no namespace specific API key is provided |
There was a problem hiding this comment.
is this comment relevant for public samples?
There was a problem hiding this comment.
Or maybe instead of "control plane" we should say "cloud ops"
| if err != nil { | ||
| return "", fmt.Errorf("failed to get namespace %q: %w", namespace, err) | ||
| } | ||
| if resp.GetNamespace().GetEndpoints().GetGrpcAddress() == "" { |
There was a problem hiding this comment.
This is interesting that we're coupling this grpc address with the regional endpoint for api keys. Maybe we should add a comment here, since picking the right endpoint is a bit tricky.
There was a problem hiding this comment.
If I'm correct it seems like this implementation relies on the api key to both have access to read the namespace info from cloud service and execute workflows.
While this is true today, it might be worth documenting it in case in the future we support keys that only talk to the data plane / control plane.
What was changed
Moved to using dynamic auth credentials.
And other fixes and improvements.