Enable multi-arch build

.github/workflows/build-oci.yaml

@@ -13,38 +13,38 @@ jobs:
     name: build-mapt
     runs-on: ubuntu-24.04
     steps:
+    - name: Prepare runner
+      shell: bash
+      run: |
+        sudo apt-get install -y qemu-user-static
+
     - name: Checkout code
       uses: actions/checkout@v4
 
     - name: Build image for PR
       if: ${{ github.event_name == 'pull_request' }}
+      env:
+        IMG: ghcr.io/redhat-developer/mapt:pr-${{ github.event.number }}
       shell: bash
       run: |
-        IMG=ghcr.io/redhat-developer/mapt:pr-${{ github.event.number }} make oci-build
-        podman save -o mapt.tar ghcr.io/redhat-developer/mapt:pr-${{ github.event.number }}     
-        echo "ghcr.io/redhat-developer/mapt:pr-${{ github.event.number }}" > mapt-image
+        make oci-build
+        make oci-save    
+        echo ${IMG} > mapt-image
+
+
+    - name: Build image for Release
+      if: ${{ github.event_name == 'push' }}
+      run: |
+        make oci-build
+        make oci-save
+
+    - name: Create image metadata
+      run: |
+        echo ${{ github.event_name }} > mapt-event
 
-    - name: Save image for PR
+    - name: Upload crc-builder
       uses: actions/upload-artifact@v4
       with:
         name: mapt
         path: mapt*
-
-    - name: Build image
-      if: ${{ github.event_name != 'pull_request' }}
-      shell: bash
-      run: make oci-build
-
-    - name: Log in to quay.io Registry
-      if: ${{ github.event_name != 'pull_request' }}
-      uses: redhat-actions/podman-login@v1
-      with:
-        registry: quay.io
-        username: ${{ secrets.QUAY_IO_USERNAME }}
-        password: ${{ secrets.QUAY_IO_PASSWORD }}
-
-    - name: Push image
-      if: ${{ github.event_name != 'pull_request' }}
-      shell: bash
-      run: make oci-push
-
+

.github/workflows/push-oci.yml

@@ -11,31 +11,47 @@ jobs:
   push:
     name: push
     if: |
-      github.event.workflow_run.conclusion == 'success' &&
-      github.event.workflow_run.event == 'pull_request' 
+      github.event.workflow_run.conclusion == 'success' 
     runs-on: ubuntu-24.04
     permissions:
       contents: read
       packages: write
     steps:
-      - name: Download mapt assets
-        uses: actions/download-artifact@v4
-        with:
-          name: mapt
-          run-id: ${{ github.event.workflow_run.id }}
-          github-token: ${{ github.token }}
+    - name: Checkout code
+      uses: actions/checkout@v4
 
-      - name: Log in to ghcr.io
-        uses: redhat-actions/podman-login@v1
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+    - name: Download mapt assets
+      uses: actions/download-artifact@v4
+      with:
+        name: mapt
+        run-id: ${{ github.event.workflow_run.id }}
+        github-token: ${{ github.token }}
+
+    - name: Get mapt build informaiton
+      run: echo "source_event=$(cat mapt-event)" >> "$GITHUB_ENV"
 
-      - name: Push mapt
-        run: |
-          podman load -i mapt.tar 
-          podman push $(cat mapt-image)
+    - name: Get mapt image name
+      if: ${{ env.source_event == 'pull_request' }}
+      run: echo "IMG=$(cat mapt-image)" >> "$GITHUB_ENV"
 
-
+    - name: Log in to ghcr.io
+      if: ${{ env.source_event == 'pull_request' }}
+      uses: redhat-actions/podman-login@v1
+      with:
+        registry: ghcr.io
+        username: ${{ github.actor }}
+        password: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Log in quay.io
+      if: ${{ env.source_event == 'push' }}
+      uses: redhat-actions/podman-login@v1
+      with:
+        registry: quay.io
+        username: ${{ secrets.QUAY_IO_USERNAME }}
+        password: ${{ secrets.QUAY_IO_PASSWORD }}
+
+    - name: Push mapt
+      run: |
+        make oci-load
+        make oci-push
 

Makefile

@@ -76,12 +76,30 @@ lint: $(TOOLS_BINDIR)/golangci-lint
 # Build the container image
 .PHONY: oci-build
 oci-build: clean
-	${CONTAINER_MANAGER} build -t ${IMG} -f oci/Containerfile .
+	${CONTAINER_MANAGER} build --platform linux/amd64 --manifest $(IMG)-linux-amd64 -f oci/Containerfile .
+	${CONTAINER_MANAGER} build --platform linux/arm64 --manifest $(IMG)-linux-arm64 -f oci/Containerfile .
+
+MAPT_SAVE ?= mapt
+.PHONY: oci-save 
+oci-save: ARM64D=$(shell ${CONTAINER_MANAGER} manifest inspect ${IMG}-linux-arm64 | jq '.manifests[0].digest')
+oci-save: 
+	${CONTAINER_MANAGER} manifest annotate --arch amd64 $(IMG)-linux-arm64 $(ARM64D)
+	${CONTAINER_MANAGER} save -m -o $(MAPT_SAVE)-linux-amd64.tar $(IMG)-linux-amd64
+	${CONTAINER_MANAGER} save -m -o $(MAPT_SAVE)-linux-arm64.tar $(IMG)-linux-arm64
+
+oci-load:
+	${CONTAINER_MANAGER} load -i $(MAPT_SAVE)-linux-arm64.tar 
+	${CONTAINER_MANAGER} load -i $(MAPT_SAVE)-linux-amd64.tar 
 
 # Push the docker image
 .PHONY: oci-push
 oci-push:
-	${CONTAINER_MANAGER} push ${IMG}
+	${CONTAINER_MANAGER} push $(IMG)-linux-arm64
+	${CONTAINER_MANAGER} push $(IMG)-linux-amd64
+	${CONTAINER_MANAGER} manifest create $(IMG)-linux
+	${CONTAINER_MANAGER} manifest add $(IMG)-linux docker://$(IMG)-linux-arm64
+	${CONTAINER_MANAGER} manifest add $(IMG)-linux docker://$(IMG)-linux-amd64
+	${CONTAINER_MANAGER} manifest push --all $(IMG)-linux
 
 # Update tekton with new version
 .PHONY: tkn-update

oci/Containerfile

@@ -1,22 +1,25 @@
-
-# go 1.21.11-2
-FROM registry.access.redhat.com/ubi9/go-toolset@sha256:b6d157c56a7348a2790fb94fe44eb336027c1e2bb722c7901b30d2e7c38d9554 as builder 
-
+# go toolset 1.21.13-2.1727893526
+FROM registry.access.redhat.com/ubi9/go-toolset@sha256:fd41c001abc243076cc28b63c409ae6d9cbcad401c8124fb67d20fe57a2aa63a as builder
+ARG TARGETARCH
 USER root
 WORKDIR /workspace
 COPY . .
 
 # renovate: datasource=github-releases depName=pulumi/pulumi
 ENV PULUMI_VERSION 3.135.0
-ENV PULUMI_URL https://github.com/pulumi/pulumi/releases/download/v${PULUMI_VERSION}/pulumi-v${PULUMI_VERSION}-linux-x64.tar.gz
-
-RUN make build \
+RUN GOARCH=${TARGETARCH} make build \
+    && if [ "$TARGETARCH" = "amd64" ]; then \
+        export PULUMI_URL="https://github.com/pulumi/pulumi/releases/download/v${PULUMI_VERSION}/pulumi-v${PULUMI_VERSION}-linux-x64.tar.gz"; \
+    else \
+        export PULUMI_URL="https://github.com/pulumi/pulumi/releases/download/v${PULUMI_VERSION}/pulumi-v${PULUMI_VERSION}-linux-arm64.tar.gz"; \
+    fi \
+    && echo ${PULUMI_URL} \
     && curl -L ${PULUMI_URL} -o pulumicli.tar.gz \
     && tar -xzvf pulumicli.tar.gz 
 
-# ubi 9.4-1123.1719560047
-FROM registry.access.redhat.com/ubi9@sha256:081c96d1b1c7cd1855722d01f1ca53360510443737b1eb33284c6c4c330e537c  
-
+# ubi 9.4-1214.1726694543 
+FROM registry.access.redhat.com/ubi9/ubi@sha256:b00d5990a00937bd1ef7f44547af6c7fd36e3fd410e2c89b5d2dfc1aff69fe99
+ARG TARGETARCH
 LABEL org.opencontainers.image.authors="Redhat Developer"
 
 COPY --from=builder /workspace/out/mapt /workspace/pulumi/pulumi /usr/local/bin/
@@ -28,10 +31,7 @@ ENV INTERNAL_OUTPUT=/tmp/mapt \
 VOLUME [ "${INTERNAL_OUTPUT}" ]
 
 ENV AWS_CLI_VERSION 2.16.7
-ENV AWS_CLI_URL https://awscli.amazonaws.com/awscli-exe-linux-x86_64-${AWS_CLI_VERSION}.zip
-
 ENV AZ_CLI_VERSION 2.61.0
-ENV AZ_CLI_RPM https://packages.microsoft.com/rhel/9.0/prod/Packages/a/azure-cli-${AZ_CLI_VERSION}-1.el9.x86_64.rpm
 
 # Pulumi plugins
 # renovate: datasource=github-releases depName=pulumi/pulumi-aws
@@ -47,7 +47,15 @@ ARG PULUMI_TLS_VERSION=v5.0.3
 # renovate: datasource=github-releases depName=pulumi/pulumi-random
 ARG PULUMI_RANDOM_VERSION=v4.16.2
 
-RUN curl ${AWS_CLI_URL} -o awscliv2.zip \
+RUN if [ "$TARGETARCH" = "amd64" ]; then \
+        export ARCH_N=x86_64; \ 
+    else \
+        export ARCH_N=aarch64; \
+    fi \
+    && export AWS_CLI_URL="https://awscli.amazonaws.com/awscli-exe-linux-${ARCH_N}-${AWS_CLI_VERSION}.zip" \
+    && export AZ_CLI_RPM="https://packages.microsoft.com/rhel/9.0/prod/Packages/a/azure-cli-${AZ_CLI_VERSION}-1.el9.${ARCH_N}.rpm" \
+    && echo ${AWS_CLI_URL} ${AZ_CLI_RPM} \
+    && curl ${AWS_CLI_URL} -o awscliv2.zip \
     && dnf install -y unzip \
     && unzip awscliv2.zip \
     && ./aws/install \