mTLS adding commnets to code blocks + README updates (#121)

vishwa-uber · web-flow · commit 90f978c7857a · 2025-10-31T12:36:14.000-07:00
Signed-off-by: vpatil16@ext.uber.com &lt;vpatil16@ext.uber.com&gt;
diff --git a/new_samples/client_samples/helloworld_tls/README.md b/new_samples/client_samples/helloworld_tls/README.md
@@ -19,9 +19,14 @@ https://github.com/cadence-workflow/cadence/blob/e1267de12f8bc670fc84fab456d3495
    ```
 
 4. **Start cadence server with TLS**
-   ```bash
-   ./cadence-server --env development --zone tls start
-   ```
+To enable mTLS in Cadence server, you need to configure TLS settings and start the server with the appropriate environment configuration.
+Starting the Server with TLS
+Use the --zone flag to specify the TLS configuration when starting the Cadence server:
+
+./cadence-server --env development --zone tls start
+
+This will load [config/development.yaml](https://github.com/cadence-workflow/cadence/blob/e1267de12f8bc670fc84fab456d3495c8fc2f8a8/config/development.yaml) + [config/development_tls.yaml](https://github.com/cadence-workflow/cadence/blob/e1267de12f8bc670fc84fab456d3495c8fc2f8a8/config/development_tls.yaml). 
+See [CONTRIBUTING.md](https://github.com/cadence-workflow/cadence/blob/e1267de12f8bc670fc84fab456d3495c8fc2f8a8/CONTRIBUTING.md#4-run) for more details. 
 
 ## Running the Sample
 
diff --git a/new_samples/client_samples/helloworld_tls/hello_world_tls.go b/new_samples/client_samples/helloworld_tls/hello_world_tls.go
@@ -80,7 +80,10 @@ func withTLSDialOption() (grpc.DialOption, error) {
 		RootCAs:            caCertPool,
 		Certificates:       []tls.Certificate{clientCert},
 	}
+	// Create TLS credentials from the TLS configuration
 	creds := credentials.NewTLS(&tlsConfig)
+	// Create a gRPC dial option with TLS credentials for secure connection
 	grpc.DialerCredentials(creds)
+	// Return the gRPC dial option configured with TLS credentials
 	return grpc.DialerCredentials(creds), nil
 }
diff --git a/new_samples/worker/worker.go b/new_samples/worker/worker.go
@@ -73,6 +73,8 @@ func StartWorker() {
 
 func BuildCadenceClient(dialOptions ...grpc.DialOption) workflowserviceclient.Interface {
 	grpcTransport := grpc.NewTransport()
+	// Create a single peer chooser that identifies the host/port and configures
+	// a gRPC dialer with TLS credentials
 	myChooser := peer.NewSingle(
 		yarpchostport.Identify(HostPort),
 		grpcTransport.NewDialer(dialOptions...),
@@ -91,6 +93,8 @@ func BuildCadenceClient(dialOptions ...grpc.DialOption) workflowserviceclient.In
 
 	clientConfig := dispatcher.ClientConfig(CadenceService)
 
+	// Create a compatibility adapter that wraps proto-based YARPC clients
+	// to provide a unified interface for domain, workflow, worker, and visibility APIs
 	return compatibility.NewThrift2ProtoAdapter(
 		apiv1.NewDomainAPIYARPCClient(clientConfig),
 		apiv1.NewWorkflowAPIYARPCClient(clientConfig),

Original file line number	Diff line number	Diff line change
`@@ -80,7 +80,10 @@ func withTLSDialOption() (grpc.DialOption, error) {`
`80`	`80`	`RootCAs: caCertPool,`
`81`	`81`	`Certificates: []tls.Certificate{clientCert},`
`82`	`82`	`}`
	`83`	`+ // Create TLS credentials from the TLS configuration`
`83`	`84`	`creds := credentials.NewTLS(&tlsConfig)`
	`85`	`+ // Create a gRPC dial option with TLS credentials for secure connection`
`84`	`86`	`grpc.DialerCredentials(creds)`
	`87`	`+ // Return the gRPC dial option configured with TLS credentials`
`85`	`88`	`return grpc.DialerCredentials(creds), nil`
`86`	`89`	`}`