Advanced Configuration Reference

This page documents advanced configuration properties and environment variables that are not commonly used but provide fine-grained control over TDK behavior. These properties can be set as environment variables in docker-compose.yml or in application.properties files.

Most users will not need to modify these settings. The defaults are optimized for typical use cases. Only adjust these properties if you have specific performance or operational requirements.

Scheduling & Background Tasks

These properties control internal scheduled tasks such as cleanup operations and health checks.

Task Run Lifecycle

Controls the scheduled check for terminating task runs.

  • GOVERNOR_SCHEDULING_TASK_RUN_TERMINATING_CHECK_DELAY_MILLIS

    Initial delay before the first terminating check runs (in milliseconds).

    Default: 10000 (10 seconds)

    Example: Set to 86400000 (24 hours) to effectively disable frequent checks in test environments:

    GOVERNOR_SCHEDULING_TASK_RUN_TERMINATING_CHECK_DELAY_MILLIS=86400000

  • GOVERNOR_SCHEDULING_TASK_RUN_TERMINATING_CHECK_INTERVAL_MILLIS

    Interval between terminating checks (in milliseconds).

    Default: 30000 (30 seconds)

    Example: Increase interval to reduce system load:

    GOVERNOR_SCHEDULING_TASK_RUN_TERMINATING_CHECK_INTERVAL_MILLIS=60000

Connection Cache Cleanup

Controls how often database connection caches are cleaned up.

  • GOVERNOR_SCHEDULING_CONNECTION_CACHE_CLEANUP_INTERVAL_MILLIS

    Interval for cleaning up cached database connections (in milliseconds).

    Default: 180000 (3 minutes)

    Example:

    GOVERNOR_SCHEDULING_CONNECTION_CACHE_CLEANUP_INTERVAL_MILLIS=300000

Spawned Database Cleanup

Controls cleanup of temporary databases created during workflow execution.

  • GOVERNOR_SCHEDULING_SPAWNED_DATABASE_CLEANUP_INTERVAL_MILLIS

    Interval for removing expired spawned databases (in milliseconds).

    Default: 3600000 (1 hour)

    Example: Check more frequently in development:

    GOVERNOR_SCHEDULING_SPAWNED_DATABASE_CLEANUP_INTERVAL_MILLIS=1800000

Workflow Execution

These properties control workflow execution behavior, thread pools, and connection management.

Workflow Runner

  • WORKFLOW_RUNNER_THREADS

    Number of threads available for workflow execution.

    Default: 30

    Example: Increase for better parallelism on high-core machines:

    WORKFLOW_RUNNER_THREADS=50

  • WORKFLOW_RUNNER_TERMINATION_MS

    Timeout for workflow runner termination (in milliseconds).

    Default: 5000 (5 seconds)

    Example:

    WORKFLOW_RUNNER_TERMINATION_MS=10000

Workflow Data Source Connection Pools

Controls connection pooling behavior for workflow data sources.

  • WORKFLOW_DATASOURCE_SYSTEMPOOLSIZE

    Size of the system connection pool.

    Default: 3

    Example:

    WORKFLOW_DATASOURCE_SYSTEMPOOLSIZE=5

  • WORKFLOW_DATASOURCE_SYSTEMPOOLSCACHEEXPIREACCESSECONDS

    Time (in seconds) after which cached connection pools expire if not accessed.

    Default: 180 (3 minutes)

    Example:

    WORKFLOW_DATASOURCE_SYSTEMPOOLSCACHEEXPIREACCESSECONDS=300

  • WORKFLOW_DATASOURCE_SYSTEMPOOLSCACHESIZE

    Maximum number of connection pools to cache.

    Default: 1024

    Example:

    WORKFLOW_DATASOURCE_SYSTEMPOOLSCACHESIZE=2048

  • WORKFLOW_DATASOURCE_DEFAULTMAXIMUMPOOLSIZE

    Default maximum size for individual connection pools.

    Default: 20

    Example: Increase for data sources with high concurrent access:

    WORKFLOW_DATASOURCE_DEFAULTMAXIMUMPOOLSIZE=30

Workflow Log Files

Controls where and how workflow execution logs are stored.

  • WORKFLOW_LOGFILE_LOCATION

    Directory where workflow run log files are stored.

    Default: logs/runs

    Example: Store logs in a custom directory:

    WORKFLOW_LOGFILE_LOCATION=/var/log/tdk/workflows

  • WORKFLOW_LOGFILE_FILEPREFIXNAME

    Prefix for log file names.

    Default: run

    Example:

    WORKFLOW_LOGFILE_FILEPREFIXNAME=workflow

  • WORKFLOW_LOGFILE_FILEEXTENSIONNAME

    File extension for log files.

    Default: log

    Example:

    WORKFLOW_LOGFILE_FILEEXTENSIONNAME=txt

Agent Configuration

Advanced settings for TDK Agents.

Agent Communication

  • AGENT_GRPC_PORT

    gRPC port for agent communication.

    Default: 50055

    Example:

    AGENT_GRPC_PORT=50060

  • AGENT_GRPC_MAXMESSAGESIZE

    Maximum gRPC message size in bytes.

    Default: 52428800 (50 MB)

    Example: Increase for large workflow configurations:

    AGENT_GRPC_MAXMESSAGESIZE=104857600

  • AGENT_GRPC_COMPRESSION_ENABLED

    Enable gRPC message compression.

    Default: true

    Example:

    AGENT_GRPC_COMPRESSION_ENABLED=false

Agent Health

  • AGENT_ALIVEMINUTES

    Number of minutes an agent is considered alive without heartbeat.

    Default: 2

    Example: Increase tolerance for network issues:

    AGENT_ALIVEMINUTES=5

  • AGENT_CHECKTASKDELAY

    Delay between agent task checks (in milliseconds).

    Default: Not set (uses Spring Boot defaults)

    Example:

    AGENT_CHECKTASKDELAY=1000

Security & Authentication

Advanced security configuration options.

JWT Configuration

  • JWT_ACCESS_TOKEN_EXPIRATION

    Access token expiration time (in milliseconds).

    Default: 86400000 (1 day)

    Example: Reduce for higher security:

    JWT_ACCESS_TOKEN_EXPIRATION=3600000

  • JWT_REFRESH_TOKEN_EXPIRATION

    Refresh token expiration time (in milliseconds).

    Default: 5184000000 (60 days)

    Example:

    JWT_REFRESH_TOKEN_EXPIRATION=2592000000

  • JWT_ISSUER

    JWT token issuer identifier.

    Default: io.synthesized

    Example:

    JWT_ISSUER=mycompany.io

Credentials Encryption

  • CREDENTIALS_ENCRYPTION_KEY

    Base64-encoded key used for encrypting stored credentials.

    Default: Test key (must be changed in production)

    Always generate a new encryption key for production environments. If this key is lost, encrypted credentials cannot be recovered.

    Example:

    CREDENTIALS_ENCRYPTION_KEY=<base64-encoded-key>

Governor Security Settings

  • GOVERNOR_SECURITY_SECRETEXPIRETIMESECONDS

    Time (in seconds) before security secrets expire.

    Default: 30

    Example:

    GOVERNOR_SECURITY_SECRETEXPIRETIMESECONDS=60

  • GOVERNOR_SECURITY_ALLOWEDCLOCKSKEWSECONDS

    Allowed clock skew for time-based security checks (in seconds).

    Default: 0

    Example: Allow up to 30 seconds of clock skew:

    GOVERNOR_SECURITY_ALLOWEDCLOCKSKEWSECONDS=30

  • GOVERNOR_SECURITY_DEFAULTROLE

    Default role assigned to new users.

    Default: USER

    Options: USER, ADMIN

    Example:

    GOVERNOR_SECURITY_DEFAULTROLE=ADMIN

  • GOVERNOR_SECURITY_ALLOWEDORIGINPATTERNS

    CORS allowed origin patterns (comma-separated).

    Default: * (all origins)

    Example: Restrict to specific domains:

    GOVERNOR_SECURITY_ALLOWEDORIGINPATTERNS=https://mycompany.com,https://*.mycompany.com

  • GOVERNOR_SECURITY_OWNERACCESSONLY

    When true, users can only see and access their own workflows.

    Default: false

    Example: Enable for multi-tenant deployments:

    GOVERNOR_SECURITY_OWNERACCESSONLY=true

Database Connection Management

Advanced database connection settings using HikariCP.

HikariCP Connection Pool

  • SPRING_DATASOURCE_HIKARI_CONNECTIONTIMEOUT

    Maximum time (in milliseconds) to wait for a connection from the pool.

    Default: 30000 (30 seconds)

    Example:

    SPRING_DATASOURCE_HIKARI_CONNECTIONTIMEOUT=20000

  • SPRING_DATASOURCE_HIKARI_IDLETIMEOUT

    Maximum time (in milliseconds) a connection can sit idle in the pool.

    Default: 120000 (2 minutes)

    Example:

    SPRING_DATASOURCE_HIKARI_IDLETIMEOUT=180000

  • SPRING_DATASOURCE_HIKARI_MAXLIFETIME

    Maximum lifetime (in milliseconds) of a connection in the pool.

    Default: 1800000 (30 minutes)

    Example:

    SPRING_DATASOURCE_HIKARI_MAXLIFETIME=3600000

  • SPRING_DATASOURCE_HIKARI_KEEPALIVE_TIME

    Frequency (in milliseconds) of keepalive checks for idle connections.

    Default: 0 (disabled)

    Example: Enable keepalive every 5 minutes:

    SPRING_DATASOURCE_HIKARI_KEEPALIVE_TIME=300000

  • SPRING_DATASOURCE_HIKARI_MINIMUMIDLE

    Minimum number of idle connections in the pool.

    Default: 0 (allows scaling to zero)

    Example: Maintain at least 5 idle connections:

    SPRING_DATASOURCE_HIKARI_MINIMUMIDLE=5

  • SPRING_DATASOURCE_HIKARI_MAXIMUMPOOLSIZE

    Maximum number of connections in the pool.

    Default: 15

    Example: Increase for high-concurrency deployments:

    SPRING_DATASOURCE_HIKARI_MAXIMUMPOOLSIZE=25

  • SPRING_DATASOURCE_HIKARI_SCHEMA

    Default schema to use for connections.

    Default: public

    Example:

    SPRING_DATASOURCE_HIKARI_SCHEMA=tdk_schema

Feign Client Configuration

Settings for HTTP client connections to external services.

  • APP_FEIGN_CONNECT_TIMEOUT

    Connection timeout for Feign clients (in seconds).

    Default: 10

    Example:

    APP_FEIGN_CONNECT_TIMEOUT=15

  • APP_FEIGN_READ_TIMEOUT

    Read timeout for Feign clients (in seconds).

    Default: 120

    Example:

    APP_FEIGN_READ_TIMEOUT=180

Management & Monitoring

Settings for application health checks and metrics.

  • MANAGEMENT_ENDPOINTS_WEB_EXPOSURE_INCLUDE

    Comma-separated list of management endpoints to expose.

    Default: health,metrics,prometheus

    Example: Add additional endpoints:

    MANAGEMENT_ENDPOINTS_WEB_EXPOSURE_INCLUDE=health,metrics,prometheus,info,env

  • MANAGEMENT_HEALTH_LDAP_ENABLED

    Enable LDAP health check endpoint.

    Default: false

    Example:

    MANAGEMENT_HEALTH_LDAP_ENABLED=true

Sentry Error Tracking

Configuration for Sentry error tracking integration.

  • SENTRY_DSN

    Sentry Data Source Name for error reporting.

    Default: Empty (disabled)

    Example:

    SENTRY_DSN=https://examplePublicKey@o0.ingest.sentry.io/0

  • SENTRY_TRACES_SAMPLE_RATE

    Percentage of traces to capture (0.0 to 1.0).

    Default: 1.0 (100%)

    Example: Sample 10% of traces in production:

    SENTRY_TRACES_SAMPLE_RATE=0.1

Spring Framework Configuration

Advanced Spring Boot settings.

  • SPRING_MAIN_ALLOW_BEAN_DEFINITION_OVERRIDING

    Allow bean definition overriding.

    Default: true

    Example:

    SPRING_MAIN_ALLOW_BEAN_DEFINITION_OVERRIDING=false

  • SPRING_MAIN_BANNER_MODE

    Control Spring Boot banner display.

    Default: off

    Options: off, console, log

    Example:

    SPRING_MAIN_BANNER_MODE=console

  • SPRING_LIQUIBASE_ANALYTICS_ENABLED

    Enable Liquibase analytics.

    Default: false

    Example:

    SPRING_LIQUIBASE_ANALYTICS_ENABLED=true

  • SPRING_LIQUIBASE_CHANGE_LOG

    Path to Liquibase changelog file.

    Default: classpath:db/migration/governor.dbchangelog.xml

    Example:

    SPRING_LIQUIBASE_CHANGE_LOG=classpath:db/custom-changelog.xml

  • SPRING_LIQUIBASE_ENABLED

    Enable Liquibase database migrations.

    Default: true

    Example: Disable for external database management:

    SPRING_LIQUIBASE_ENABLED=false

See Also