Skip to content

[Bug] temporal workflow list fails without --tls vs. temporal cloud #810

Description

@mdouglass

What are you really trying to do?

I am trying to configure the CLI to connect to Temporal Cloud by setting the environment variables TEMPORAL_ADDRESS, TEMPORAL_NAMESPACE and TEMPORAL_API_KEY.

Describe the bug

When setting these three environment variables and running temporal workflow list you get an error:

$ temporal workflow list        
time=2025-06-08T15:40:22.468 level=ERROR msg="failed reaching server: last connection error: connection error: desc = \"error reading server preface: read tcp 10.0.0.114:54595->18.221.164.238:7233: read: connection reset by peer\""

If you add the explicit --tls, then the connection works correctly.

$ temporal workflow --tls list
... workflows elided ...

I believe this is a bug because the code for --tls says This is defaulted to true if api-key or any other TLS options are present.. I think it is an oversight that it would work correctly if --api-key is set via command line but not if it is set via environment variable.

Environment/Versions

$ uname -a
Darwin machine.local 24.5.0 Darwin Kernel Version 24.5.0: Tue Apr 22 19:53:27 PDT 2025; root:xnu-11417.121.6~2/RELEASE_ARM64_T6041 arm64

$ temporal --version
temporal version 1.3.0 (Server 1.27.1, UI 2.36.0)

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions