From c67c9bd8c541f3d4b8f0d098c14e589a483de2d5 Mon Sep 17 00:00:00 2001 From: Rob Holland Date: Tue, 5 Aug 2025 16:38:50 +0100 Subject: [PATCH 01/10] Add goreleaser. --- .github/workflows/goreleaser.yml | 69 ++++++++++++++++++++++++ .gitignore | 1 + .goreleaser.latest.yml | 74 +++++++++++++++++++++++++ .goreleaser.yml | 93 ++++++++++++++++++++++++++++++++ Dockerfile.goreleaser | 5 ++ internal/controller/util.go | 10 +++- 6 files changed, 251 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/goreleaser.yml create mode 100644 .goreleaser.latest.yml create mode 100644 .goreleaser.yml create mode 100644 Dockerfile.goreleaser diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml new file mode 100644 index 00000000..27873c27 --- /dev/null +++ b/.github/workflows/goreleaser.yml @@ -0,0 +1,69 @@ +name: goreleaser + +on: + workflow_dispatch: + push: + branches: + - rh-releases + release: + types: + - published + +permissions: + contents: read + packages: write + +jobs: + goreleaser: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + with: + fetch-depth: 0 + + - name: Set up Go + uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 + with: + go-version-file: "go.mod" + check-latest: true + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 + + - name: Login to GitHub Container Registry + uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + # Full release on tagged releases + - name: Run GoReleaser (Release) + if: github.event_name == 'release' + uses: goreleaser/goreleaser-action@336e29918d653399e599bfca99fadc1d7ffbc9f7 # v4.3.0 + with: + version: v2.11.2 + args: release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + # Latest-only build on main branch pushes + - name: Run GoReleaser (Latest) + if: github.event_name == 'push' && github.ref == 'refs/heads/main' + uses: goreleaser/goreleaser-action@336e29918d653399e599bfca99fadc1d7ffbc9f7 # v4.3.0 + with: + version: v2.11.2 + args: release --config .goreleaser.latest.yml + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + # Manual workflow dispatch - snapshot build for testing + - name: Run GoReleaser (Manual) + if: github.event_name == 'workflow_dispatch' + uses: goreleaser/goreleaser-action@336e29918d653399e599bfca99fadc1d7ffbc9f7 # v4.3.0 + with: + version: v2.11.2 + args: release --snapshot --clean + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.gitignore b/.gitignore index ebad078c..586edf3a 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,7 @@ .idea bin +dist secret.env certs diff --git a/.goreleaser.latest.yml b/.goreleaser.latest.yml new file mode 100644 index 00000000..f801d166 --- /dev/null +++ b/.goreleaser.latest.yml @@ -0,0 +1,74 @@ +version: 2 + +before: + hooks: + - go mod download + +announce: + skip: true + +changelog: + disable: true + +release: + disable: true + +builds: + - id: nix + dir: cmd + binary: temporal-worker-controller + ldflags: + - -s -w -X github.com/temporalio/temporal-worker-controller/internal/controller.Version={{.Version}} + goarch: + - amd64 + - arm64 + goos: + - linux + env: + - CGO_ENABLED=0 + +checksum: + disable: true + +# Only build Docker images with 'latest' tag +dockers: + - image_templates: + - "ghcr.io/robholland/temporal-worker-controller:latest-amd64" + dockerfile: Dockerfile.goreleaser + use: buildx + build_flag_templates: + - --platform=linux/amd64 + - --label=org.opencontainers.image.title={{ .ProjectName }} + - --label=org.opencontainers.image.description=Temporal Worker Controller for Kubernetes + - --label=org.opencontainers.image.url=https://github.com/robholland/temporal-worker-controller + - --label=org.opencontainers.image.source=https://github.com/robholland/temporal-worker-controller + - --label=org.opencontainers.image.version=latest + - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }} + - --label=org.opencontainers.image.revision={{ .FullCommit }} + - --label=org.opencontainers.image.licenses=MIT + extra_files: + - LICENSE + + - image_templates: + - "ghcr.io/robholland/temporal-worker-controller:latest-arm64" + dockerfile: Dockerfile.goreleaser + use: buildx + build_flag_templates: + - --platform=linux/arm64 + - --label=org.opencontainers.image.title={{ .ProjectName }} + - --label=org.opencontainers.image.description=Temporal Worker Controller for Kubernetes + - --label=org.opencontainers.image.url=https://github.com/robholland/temporal-worker-controller + - --label=org.opencontainers.image.source=https://github.com/robholland/temporal-worker-controller + - --label=org.opencontainers.image.version=latest + - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }} + - --label=org.opencontainers.image.revision={{ .FullCommit }} + - --label=org.opencontainers.image.licenses=MIT + extra_files: + - LICENSE + +# Create latest manifest +docker_manifests: + - name_template: "ghcr.io/robholland/temporal-worker-controller:latest" + image_templates: + - "ghcr.io/robholland/temporal-worker-controller:latest-amd64" + - "ghcr.io/robholland/temporal-worker-controller:latest-arm64" \ No newline at end of file diff --git a/.goreleaser.yml b/.goreleaser.yml new file mode 100644 index 00000000..073bf28a --- /dev/null +++ b/.goreleaser.yml @@ -0,0 +1,93 @@ +version: 2 + +before: + hooks: + - go mod download + +announce: + skip: true + +changelog: + disable: true + +release: + prerelease: auto + draft: false + +builds: + - id: nix + dir: cmd + binary: temporal-worker-controller + ldflags: + - -s -w -X github.com/temporalio/temporal-worker-controller/internal/controller.Version={{.Version}} + goarch: + - amd64 + - arm64 + goos: + - linux + - darwin + env: + - CGO_ENABLED=0 + +archives: + - id: default + name_template: "temporal-worker-controller_{{ .Version }}_{{ .Os }}_{{ .Arch }}" + files: + - LICENSE + +checksum: + name_template: "checksums.txt" + algorithm: sha256 + +dockers: + - image_templates: + - "ghcr.io/robholland/temporal-worker-controller:{{ .Tag }}-amd64" + - "ghcr.io/robholland/temporal-worker-controller:v{{ .Major }}.{{ .Minor }}-amd64" + dockerfile: Dockerfile.goreleaser + use: buildx + build_flag_templates: + - --platform=linux/amd64 + - --label=org.opencontainers.image.title={{ .ProjectName }} + - --label=org.opencontainers.image.description=Temporal Worker Controller for Kubernetes + - --label=org.opencontainers.image.url=https://github.com/robholland/temporal-worker-controller + - --label=org.opencontainers.image.source=https://github.com/robholland/temporal-worker-controller + - --label=org.opencontainers.image.version={{ .Version }} + - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }} + - --label=org.opencontainers.image.revision={{ .FullCommit }} + - --label=org.opencontainers.image.licenses=MIT + extra_files: + - LICENSE + + - image_templates: + - "ghcr.io/robholland/temporal-worker-controller:{{ .Tag }}-arm64" + - "ghcr.io/robholland/temporal-worker-controller:v{{ .Major }}.{{ .Minor }}-arm64" + dockerfile: Dockerfile.goreleaser + use: buildx + build_flag_templates: + - --platform=linux/arm64 + - --label=org.opencontainers.image.title={{ .ProjectName }} + - --label=org.opencontainers.image.description=Temporal Worker Controller for Kubernetes + - --label=org.opencontainers.image.url=https://github.com/robholland/temporal-worker-controller + - --label=org.opencontainers.image.source=https://github.com/robholland/temporal-worker-controller + - --label=org.opencontainers.image.version={{ .Version }} + - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }} + - --label=org.opencontainers.image.revision={{ .FullCommit }} + - --label=org.opencontainers.image.licenses=MIT + extra_files: + - LICENSE + +docker_manifests: + - name_template: "ghcr.io/robholland/temporal-worker-controller:{{ .Tag }}" + image_templates: + - "ghcr.io/robholland/temporal-worker-controller:{{ .Tag }}-amd64" + - "ghcr.io/robholland/temporal-worker-controller:{{ .Tag }}-arm64" + + - name_template: "ghcr.io/robholland/temporal-worker-controller:v{{ .Major }}.{{ .Minor }}" + image_templates: + - "ghcr.io/robholland/temporal-worker-controller:v{{ .Major }}.{{ .Minor }}-amd64" + - "ghcr.io/robholland/temporal-worker-controller:v{{ .Major }}.{{ .Minor }}-arm64" + + - name_template: "ghcr.io/robholland/temporal-worker-controller:latest" + image_templates: + - "ghcr.io/robholland/temporal-worker-controller:{{ .Tag }}-amd64" + - "ghcr.io/robholland/temporal-worker-controller:{{ .Tag }}-arm64" \ No newline at end of file diff --git a/Dockerfile.goreleaser b/Dockerfile.goreleaser new file mode 100644 index 00000000..9ebdfc6f --- /dev/null +++ b/Dockerfile.goreleaser @@ -0,0 +1,5 @@ +FROM gcr.io/distroless/static-debian12:nonroot + +COPY temporal-worker-controller /usr/local/bin/temporal-worker-controller + +ENTRYPOINT ["temporal-worker-controller"] \ No newline at end of file diff --git a/internal/controller/util.go b/internal/controller/util.go index 3c42ef76..1c1285b1 100644 --- a/internal/controller/util.go +++ b/internal/controller/util.go @@ -14,8 +14,16 @@ const ( defaultControllerIdentity = "temporal-worker-controller" ) -// getControllerVersion returns the version from environment variable (set by Helm from image.tag) +// Version is set by goreleaser via ldflags at build time +var Version = "unknown" + +// getControllerVersion returns the version, preferring build-time injection over environment variable func getControllerVersion() string { + // First check if version was injected at build time + if Version != "" && Version != "unknown" { + return Version + } + // Fall back to environment variable (set by Helm from image.tag) if version := os.Getenv("CONTROLLER_VERSION"); version != "" { return version } From afa8a262046c65086d731bcb61b287ebf061edda Mon Sep 17 00:00:00 2001 From: Rob Holland Date: Tue, 5 Aug 2025 16:40:49 +0100 Subject: [PATCH 02/10] Adjust branch filter. --- .github/workflows/goreleaser.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml index 27873c27..86fbceb5 100644 --- a/.github/workflows/goreleaser.yml +++ b/.github/workflows/goreleaser.yml @@ -50,7 +50,7 @@ jobs: # Latest-only build on main branch pushes - name: Run GoReleaser (Latest) - if: github.event_name == 'push' && github.ref == 'refs/heads/main' + if: github.event_name == 'push' && github.ref == 'refs/heads/rh-releases' uses: goreleaser/goreleaser-action@336e29918d653399e599bfca99fadc1d7ffbc9f7 # v4.3.0 with: version: v2.11.2 From a445db5bd149d89d91fac2c199951c6ccd80d5c2 Mon Sep 17 00:00:00 2001 From: Rob Holland Date: Tue, 5 Aug 2025 16:41:12 +0100 Subject: [PATCH 03/10] Remove redundant branch filter. --- .github/workflows/goreleaser.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml index 86fbceb5..52aacbc8 100644 --- a/.github/workflows/goreleaser.yml +++ b/.github/workflows/goreleaser.yml @@ -50,7 +50,7 @@ jobs: # Latest-only build on main branch pushes - name: Run GoReleaser (Latest) - if: github.event_name == 'push' && github.ref == 'refs/heads/rh-releases' + if: github.event_name == 'push' uses: goreleaser/goreleaser-action@336e29918d653399e599bfca99fadc1d7ffbc9f7 # v4.3.0 with: version: v2.11.2 From 403d0445dc0f738af5cb47987a7cd5ef3b5f4395 Mon Sep 17 00:00:00 2001 From: Rob Holland Date: Tue, 5 Aug 2025 16:48:53 +0100 Subject: [PATCH 04/10] Latest builds are snapshot. --- .github/workflows/goreleaser.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml index 52aacbc8..ac9ec2c2 100644 --- a/.github/workflows/goreleaser.yml +++ b/.github/workflows/goreleaser.yml @@ -54,7 +54,7 @@ jobs: uses: goreleaser/goreleaser-action@336e29918d653399e599bfca99fadc1d7ffbc9f7 # v4.3.0 with: version: v2.11.2 - args: release --config .goreleaser.latest.yml + args: release --config .goreleaser.latest.yml --snapshot --clean env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 7fb5f81a12abe8a427f47a08599034639e4478ee Mon Sep 17 00:00:00 2001 From: Rob Holland Date: Wed, 6 Aug 2025 11:01:56 +0100 Subject: [PATCH 05/10] Refactor actions. Workaround goreleaser not being able to publish snapshots. --- ...oreleaser.yml => publish-latest-image.yml} | 39 +++++------------ .github/workflows/release.yml | 43 +++++++++++++++++++ .goreleaser.latest.yml | 19 ++++---- .goreleaser.yml | 34 +++++++-------- 4 files changed, 79 insertions(+), 56 deletions(-) rename .github/workflows/{goreleaser.yml => publish-latest-image.yml} (52%) create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/publish-latest-image.yml similarity index 52% rename from .github/workflows/goreleaser.yml rename to .github/workflows/publish-latest-image.yml index ac9ec2c2..c82fb2c0 100644 --- a/.github/workflows/goreleaser.yml +++ b/.github/workflows/publish-latest-image.yml @@ -1,20 +1,17 @@ -name: goreleaser +name: publish-latest-image on: workflow_dispatch: push: branches: - rh-releases - release: - types: - - published permissions: contents: read packages: write jobs: - goreleaser: + publish-latest-image: runs-on: ubuntu-latest steps: - name: Checkout @@ -38,32 +35,16 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - # Full release on tagged releases - - name: Run GoReleaser (Release) - if: github.event_name == 'release' - uses: goreleaser/goreleaser-action@336e29918d653399e599bfca99fadc1d7ffbc9f7 # v4.3.0 - with: - version: v2.11.2 - args: release - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - # Latest-only build on main branch pushes - - name: Run GoReleaser (Latest) - if: github.event_name == 'push' + - name: Run GoReleaser uses: goreleaser/goreleaser-action@336e29918d653399e599bfca99fadc1d7ffbc9f7 # v4.3.0 with: version: v2.11.2 args: release --config .goreleaser.latest.yml --snapshot --clean - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - # Manual workflow dispatch - snapshot build for testing - - name: Run GoReleaser (Manual) - if: github.event_name == 'workflow_dispatch' - uses: goreleaser/goreleaser-action@336e29918d653399e599bfca99fadc1d7ffbc9f7 # v4.3.0 - with: - version: v2.11.2 - args: release --snapshot --clean - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: Push snapshot images + run: docker push ghcr.io/${GITHUB_REPOSITORY}:latest-{amd64,arm64} + + - name: Create and push manifest for :latest tag + run: | + docker manifest create ghcr.io/${GITHUB_REPOSITORY}:latest ghcr.io/${GITHUB_REPOSITORY}:latest-{amd64,arm64} + docker manifest push ghcr.io/${GITHUB_REPOSITORY}:latest diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..0264e011 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,43 @@ +name: release + +on: + release: + types: + - published + +permissions: + contents: read + packages: write + +jobs: + release: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + with: + fetch-depth: 0 + + - name: Set up Go + uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 + with: + go-version-file: "go.mod" + check-latest: true + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 + + - name: Login to GitHub Container Registry + uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Run GoReleaser + uses: goreleaser/goreleaser-action@336e29918d653399e599bfca99fadc1d7ffbc9f7 # v4.3.0 + with: + version: v2.11.2 + args: release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.goreleaser.latest.yml b/.goreleaser.latest.yml index f801d166..6e1f3e35 100644 --- a/.goreleaser.latest.yml +++ b/.goreleaser.latest.yml @@ -33,15 +33,15 @@ checksum: # Only build Docker images with 'latest' tag dockers: - image_templates: - - "ghcr.io/robholland/temporal-worker-controller:latest-amd64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:latest-amd64" dockerfile: Dockerfile.goreleaser use: buildx build_flag_templates: - --platform=linux/amd64 - --label=org.opencontainers.image.title={{ .ProjectName }} - --label=org.opencontainers.image.description=Temporal Worker Controller for Kubernetes - - --label=org.opencontainers.image.url=https://github.com/robholland/temporal-worker-controller - - --label=org.opencontainers.image.source=https://github.com/robholland/temporal-worker-controller + - --label=org.opencontainers.image.url=https://github.com/{{ .Env.GITHUB_REPOSITORY | default "temporalio/temporal-worker-controller" }} + - --label=org.opencontainers.image.source=https://github.com/{{ .Env.GITHUB_REPOSITORY | default "temporalio/temporal-worker-controller" }} - --label=org.opencontainers.image.version=latest - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }} - --label=org.opencontainers.image.revision={{ .FullCommit }} @@ -50,15 +50,15 @@ dockers: - LICENSE - image_templates: - - "ghcr.io/robholland/temporal-worker-controller:latest-arm64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:latest-arm64" dockerfile: Dockerfile.goreleaser use: buildx build_flag_templates: - --platform=linux/arm64 - --label=org.opencontainers.image.title={{ .ProjectName }} - --label=org.opencontainers.image.description=Temporal Worker Controller for Kubernetes - - --label=org.opencontainers.image.url=https://github.com/robholland/temporal-worker-controller - - --label=org.opencontainers.image.source=https://github.com/robholland/temporal-worker-controller + - --label=org.opencontainers.image.url=https://github.com/{{ .Env.GITHUB_REPOSITORY | default "temporalio/temporal-worker-controller" }} + - --label=org.opencontainers.image.source=https://github.com/{{ .Env.GITHUB_REPOSITORY | default "temporalio/temporal-worker-controller" }} - --label=org.opencontainers.image.version=latest - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }} - --label=org.opencontainers.image.revision={{ .FullCommit }} @@ -66,9 +66,8 @@ dockers: extra_files: - LICENSE -# Create latest manifest docker_manifests: - - name_template: "ghcr.io/robholland/temporal-worker-controller:latest" + - name_template: "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:latest" image_templates: - - "ghcr.io/robholland/temporal-worker-controller:latest-amd64" - - "ghcr.io/robholland/temporal-worker-controller:latest-arm64" \ No newline at end of file + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:latest-amd64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:latest-arm64" \ No newline at end of file diff --git a/.goreleaser.yml b/.goreleaser.yml index 073bf28a..8b4c7315 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -41,16 +41,16 @@ checksum: dockers: - image_templates: - - "ghcr.io/robholland/temporal-worker-controller:{{ .Tag }}-amd64" - - "ghcr.io/robholland/temporal-worker-controller:v{{ .Major }}.{{ .Minor }}-amd64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:{{ .Tag }}-amd64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:v{{ .Major }}.{{ .Minor }}-amd64" dockerfile: Dockerfile.goreleaser use: buildx build_flag_templates: - --platform=linux/amd64 - --label=org.opencontainers.image.title={{ .ProjectName }} - --label=org.opencontainers.image.description=Temporal Worker Controller for Kubernetes - - --label=org.opencontainers.image.url=https://github.com/robholland/temporal-worker-controller - - --label=org.opencontainers.image.source=https://github.com/robholland/temporal-worker-controller + - --label=org.opencontainers.image.url=https://github.com/{{ .Env.GITHUB_REPOSITORY | default "temporalio/temporal-worker-controller" }} + - --label=org.opencontainers.image.source=https://github.com/{{ .Env.GITHUB_REPOSITORY | default "temporalio/temporal-worker-controller" }} - --label=org.opencontainers.image.version={{ .Version }} - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }} - --label=org.opencontainers.image.revision={{ .FullCommit }} @@ -59,16 +59,16 @@ dockers: - LICENSE - image_templates: - - "ghcr.io/robholland/temporal-worker-controller:{{ .Tag }}-arm64" - - "ghcr.io/robholland/temporal-worker-controller:v{{ .Major }}.{{ .Minor }}-arm64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:{{ .Tag }}-arm64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:v{{ .Major }}.{{ .Minor }}-arm64" dockerfile: Dockerfile.goreleaser use: buildx build_flag_templates: - --platform=linux/arm64 - --label=org.opencontainers.image.title={{ .ProjectName }} - --label=org.opencontainers.image.description=Temporal Worker Controller for Kubernetes - - --label=org.opencontainers.image.url=https://github.com/robholland/temporal-worker-controller - - --label=org.opencontainers.image.source=https://github.com/robholland/temporal-worker-controller + - --label=org.opencontainers.image.url=https://github.com/{{ .Env.GITHUB_REPOSITORY | default "temporalio/temporal-worker-controller" }} + - --label=org.opencontainers.image.source=https://github.com/{{ .Env.GITHUB_REPOSITORY | default "temporalio/temporal-worker-controller" }} - --label=org.opencontainers.image.version={{ .Version }} - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }} - --label=org.opencontainers.image.revision={{ .FullCommit }} @@ -77,17 +77,17 @@ dockers: - LICENSE docker_manifests: - - name_template: "ghcr.io/robholland/temporal-worker-controller:{{ .Tag }}" + - name_template: "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:{{ .Tag }}" image_templates: - - "ghcr.io/robholland/temporal-worker-controller:{{ .Tag }}-amd64" - - "ghcr.io/robholland/temporal-worker-controller:{{ .Tag }}-arm64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:{{ .Tag }}-amd64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:{{ .Tag }}-arm64" - - name_template: "ghcr.io/robholland/temporal-worker-controller:v{{ .Major }}.{{ .Minor }}" + - name_template: "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:v{{ .Major }}.{{ .Minor }}" image_templates: - - "ghcr.io/robholland/temporal-worker-controller:v{{ .Major }}.{{ .Minor }}-amd64" - - "ghcr.io/robholland/temporal-worker-controller:v{{ .Major }}.{{ .Minor }}-arm64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:v{{ .Major }}.{{ .Minor }}-amd64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:v{{ .Major }}.{{ .Minor }}-arm64" - - name_template: "ghcr.io/robholland/temporal-worker-controller:latest" + - name_template: "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:latest" image_templates: - - "ghcr.io/robholland/temporal-worker-controller:{{ .Tag }}-amd64" - - "ghcr.io/robholland/temporal-worker-controller:{{ .Tag }}-arm64" \ No newline at end of file + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:{{ .Tag }}-amd64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:{{ .Tag }}-arm64" \ No newline at end of file From d2db0a6e2df564fb88d8752bd1fe31e925210e23 Mon Sep 17 00:00:00 2001 From: Rob Holland Date: Wed, 6 Aug 2025 11:10:43 +0100 Subject: [PATCH 06/10] Correct syntax. --- .goreleaser.latest.yml | 21 ++++++++++++--------- .goreleaser.yml | 37 ++++++++++++++++++++----------------- 2 files changed, 32 insertions(+), 26 deletions(-) diff --git a/.goreleaser.latest.yml b/.goreleaser.latest.yml index 6e1f3e35..5c2af4cc 100644 --- a/.goreleaser.latest.yml +++ b/.goreleaser.latest.yml @@ -1,5 +1,8 @@ version: 2 +env: + - GITHUB_REPOSITORY={{ if index .Env "GITHUB_REPOSITORY" }}{{ .Env.GITHUB_REPOSITORY }}{{ else }}temporalio/temporal-worker-controller{{ end }} + before: hooks: - go mod download @@ -33,15 +36,15 @@ checksum: # Only build Docker images with 'latest' tag dockers: - image_templates: - - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:latest-amd64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY }}:latest-amd64" dockerfile: Dockerfile.goreleaser use: buildx build_flag_templates: - --platform=linux/amd64 - --label=org.opencontainers.image.title={{ .ProjectName }} - --label=org.opencontainers.image.description=Temporal Worker Controller for Kubernetes - - --label=org.opencontainers.image.url=https://github.com/{{ .Env.GITHUB_REPOSITORY | default "temporalio/temporal-worker-controller" }} - - --label=org.opencontainers.image.source=https://github.com/{{ .Env.GITHUB_REPOSITORY | default "temporalio/temporal-worker-controller" }} + - --label=org.opencontainers.image.url=https://github.com/{{ .Env.GITHUB_REPOSITORY }} + - --label=org.opencontainers.image.source=https://github.com/{{ .Env.GITHUB_REPOSITORY }} - --label=org.opencontainers.image.version=latest - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }} - --label=org.opencontainers.image.revision={{ .FullCommit }} @@ -50,15 +53,15 @@ dockers: - LICENSE - image_templates: - - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:latest-arm64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY }}:latest-arm64" dockerfile: Dockerfile.goreleaser use: buildx build_flag_templates: - --platform=linux/arm64 - --label=org.opencontainers.image.title={{ .ProjectName }} - --label=org.opencontainers.image.description=Temporal Worker Controller for Kubernetes - - --label=org.opencontainers.image.url=https://github.com/{{ .Env.GITHUB_REPOSITORY | default "temporalio/temporal-worker-controller" }} - - --label=org.opencontainers.image.source=https://github.com/{{ .Env.GITHUB_REPOSITORY | default "temporalio/temporal-worker-controller" }} + - --label=org.opencontainers.image.url=https://github.com/{{ .Env.GITHUB_REPOSITORY }} + - --label=org.opencontainers.image.source=https://github.com/{{ .Env.GITHUB_REPOSITORY }} - --label=org.opencontainers.image.version=latest - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }} - --label=org.opencontainers.image.revision={{ .FullCommit }} @@ -67,7 +70,7 @@ dockers: - LICENSE docker_manifests: - - name_template: "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:latest" + - name_template: "ghcr.io/{{ .Env.GITHUB_REPOSITORY }}:latest" image_templates: - - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:latest-amd64" - - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:latest-arm64" \ No newline at end of file + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY }}:latest-amd64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY }}:latest-arm64" \ No newline at end of file diff --git a/.goreleaser.yml b/.goreleaser.yml index 8b4c7315..ac656190 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -1,5 +1,8 @@ version: 2 +env: + - GITHUB_REPOSITORY={{ if index .Env "GITHUB_REPOSITORY" }}{{ .Env.GITHUB_REPOSITORY }}{{ else }}temporalio/temporal-worker-controller{{ end }} + before: hooks: - go mod download @@ -41,16 +44,16 @@ checksum: dockers: - image_templates: - - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:{{ .Tag }}-amd64" - - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:v{{ .Major }}.{{ .Minor }}-amd64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY }}:{{ .Tag }}-amd64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY }}:v{{ .Major }}.{{ .Minor }}-amd64" dockerfile: Dockerfile.goreleaser use: buildx build_flag_templates: - --platform=linux/amd64 - --label=org.opencontainers.image.title={{ .ProjectName }} - --label=org.opencontainers.image.description=Temporal Worker Controller for Kubernetes - - --label=org.opencontainers.image.url=https://github.com/{{ .Env.GITHUB_REPOSITORY | default "temporalio/temporal-worker-controller" }} - - --label=org.opencontainers.image.source=https://github.com/{{ .Env.GITHUB_REPOSITORY | default "temporalio/temporal-worker-controller" }} + - --label=org.opencontainers.image.url=https://github.com/{{ .Env.GITHUB_REPOSITORY }} + - --label=org.opencontainers.image.source=https://github.com/{{ .Env.GITHUB_REPOSITORY }} - --label=org.opencontainers.image.version={{ .Version }} - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }} - --label=org.opencontainers.image.revision={{ .FullCommit }} @@ -59,16 +62,16 @@ dockers: - LICENSE - image_templates: - - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:{{ .Tag }}-arm64" - - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:v{{ .Major }}.{{ .Minor }}-arm64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY }}:{{ .Tag }}-arm64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY }}:v{{ .Major }}.{{ .Minor }}-arm64" dockerfile: Dockerfile.goreleaser use: buildx build_flag_templates: - --platform=linux/arm64 - --label=org.opencontainers.image.title={{ .ProjectName }} - --label=org.opencontainers.image.description=Temporal Worker Controller for Kubernetes - - --label=org.opencontainers.image.url=https://github.com/{{ .Env.GITHUB_REPOSITORY | default "temporalio/temporal-worker-controller" }} - - --label=org.opencontainers.image.source=https://github.com/{{ .Env.GITHUB_REPOSITORY | default "temporalio/temporal-worker-controller" }} + - --label=org.opencontainers.image.url=https://github.com/{{ .Env.GITHUB_REPOSITORY }} + - --label=org.opencontainers.image.source=https://github.com/{{ .Env.GITHUB_REPOSITORY }} - --label=org.opencontainers.image.version={{ .Version }} - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }} - --label=org.opencontainers.image.revision={{ .FullCommit }} @@ -77,17 +80,17 @@ dockers: - LICENSE docker_manifests: - - name_template: "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:{{ .Tag }}" + - name_template: "ghcr.io/{{ .Env.GITHUB_REPOSITORY }}:{{ .Tag }}" image_templates: - - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:{{ .Tag }}-amd64" - - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:{{ .Tag }}-arm64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY }}:{{ .Tag }}-amd64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY }}:{{ .Tag }}-arm64" - - name_template: "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:v{{ .Major }}.{{ .Minor }}" + - name_template: "ghcr.io/{{ .Env.GITHUB_REPOSITORY }}:v{{ .Major }}.{{ .Minor }}" image_templates: - - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:v{{ .Major }}.{{ .Minor }}-amd64" - - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:v{{ .Major }}.{{ .Minor }}-arm64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY }}:v{{ .Major }}.{{ .Minor }}-amd64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY }}:v{{ .Major }}.{{ .Minor }}-arm64" - - name_template: "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:latest" + - name_template: "ghcr.io/{{ .Env.GITHUB_REPOSITORY }}:latest" image_templates: - - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:{{ .Tag }}-amd64" - - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER | default \"temporalio\" }}/temporal-worker-controller:{{ .Tag }}-arm64" \ No newline at end of file + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY }}:{{ .Tag }}-amd64" + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY }}:{{ .Tag }}-arm64" \ No newline at end of file From 99baf675924562b4c7e9b8fdb643af34cb7fd4c7 Mon Sep 17 00:00:00 2001 From: Rob Holland Date: Wed, 6 Aug 2025 11:18:05 +0100 Subject: [PATCH 07/10] Fix docker push invocation. --- .github/workflows/publish-latest-image.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/publish-latest-image.yml b/.github/workflows/publish-latest-image.yml index c82fb2c0..753b3c79 100644 --- a/.github/workflows/publish-latest-image.yml +++ b/.github/workflows/publish-latest-image.yml @@ -42,7 +42,9 @@ jobs: args: release --config .goreleaser.latest.yml --snapshot --clean - name: Push snapshot images - run: docker push ghcr.io/${GITHUB_REPOSITORY}:latest-{amd64,arm64} + run: | + docker push ghcr.io/${GITHUB_REPOSITORY}:latest-amd64 + docker push ghcr.io/${GITHUB_REPOSITORY}:latest-arm64 - name: Create and push manifest for :latest tag run: | From 972a25182deceaf2a44d7facee98b2cff121e5d6 Mon Sep 17 00:00:00 2001 From: Rob Holland Date: Wed, 6 Aug 2025 11:31:40 +0100 Subject: [PATCH 08/10] Move to main for release testing. --- .github/workflows/publish-latest-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-latest-image.yml b/.github/workflows/publish-latest-image.yml index 753b3c79..26a3a1e3 100644 --- a/.github/workflows/publish-latest-image.yml +++ b/.github/workflows/publish-latest-image.yml @@ -4,7 +4,7 @@ on: workflow_dispatch: push: branches: - - rh-releases + - main permissions: contents: read From 4491e99e5a19db0a022105ab954b52126854ed8c Mon Sep 17 00:00:00 2001 From: Rob Holland Date: Wed, 6 Aug 2025 11:52:50 +0100 Subject: [PATCH 09/10] Upgrade permissions so we can attach artifacts. --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0264e011..fd1eacbc 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,7 +6,7 @@ on: - published permissions: - contents: read + contents: write packages: write jobs: From eb5011edd17427dc3790ddb0a0edac1dcecd528c Mon Sep 17 00:00:00 2001 From: Rob Holland Date: Wed, 6 Aug 2025 13:07:04 +0100 Subject: [PATCH 10/10] Appease shellcheck. --- .github/workflows/publish-latest-image.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/publish-latest-image.yml b/.github/workflows/publish-latest-image.yml index 26a3a1e3..7df218a7 100644 --- a/.github/workflows/publish-latest-image.yml +++ b/.github/workflows/publish-latest-image.yml @@ -43,10 +43,10 @@ jobs: - name: Push snapshot images run: | - docker push ghcr.io/${GITHUB_REPOSITORY}:latest-amd64 - docker push ghcr.io/${GITHUB_REPOSITORY}:latest-arm64 + docker push "ghcr.io/${GITHUB_REPOSITORY}:latest-amd64" + docker push "ghcr.io/${GITHUB_REPOSITORY}:latest-arm64" - name: Create and push manifest for :latest tag run: | - docker manifest create ghcr.io/${GITHUB_REPOSITORY}:latest ghcr.io/${GITHUB_REPOSITORY}:latest-{amd64,arm64} - docker manifest push ghcr.io/${GITHUB_REPOSITORY}:latest + docker manifest create "ghcr.io/${GITHUB_REPOSITORY}:latest" "ghcr.io/${GITHUB_REPOSITORY}:latest-amd64" "ghcr.io/${GITHUB_REPOSITORY}:latest-arm64" + docker manifest push "ghcr.io/${GITHUB_REPOSITORY}:latest"