Convert GitHub Actions workflows to multi-platform

I have multiple GitHub Actions workflows that build AMD64 images.

Thanks to help from Oğuzhan Yılmaz who converted crtsh-exporter to multi-platform builds, I now have a template for the changes for other repos, revise:

  1. build.yml (or equivalent)
  2. Dockerfiles

GitHub Actions workflow

Add QEMU step:

- name: QEMU
  uses: docker/setup-qemu-action@v3

Replace:

- name: docker build && docker push
  id: docker-build-push
  with:
    context: .
    file: ./Dockerfile
    build-args: |
      VERSION=${{ env.VERSION }}
      COMMIT=${{ github.sha }}
    tags: ...
    push: true

With:

- name: Buildx Multi-platform Linux Docker Images
  id: docker-build-push-multi-platform
  uses: docker/build-push-action@v6
  with:
    context: .
    platforms: linux/amd64,linux/arm64/v7,linux/arm64
    file: ./Dockerfile
    build-args: |
      VERSION=${{ env.VERSION }}
      COMMIT=${{ github.sha }}
    tags: ...
    push: true

Tweak:

- name: Sign container image
  run: |
    DIGEST=${{ steps.docker-build-push-multi-platform.outputs.digest }}
    cosign sign \
    --yes \
    --key=./cosign.key \
    --annotations="repo=${{ github.repository }}" \
    --annotations="workflow=${{ github.workflow }}" \
    --annotations="commit=${{ github.sha }}" \
    --annotations="version=${{ env.VERSION }}" \
    ghcr.io/${{ env.REPO }}@${DIGEST}

Dockerfiles

Replace all occurrences:

  1. GOOS with TARGETOS (drop =linux)
  2. GOARCH with TARGETARCH (drop =amd64)
  3. FROM ... with FROM --platform=${TARGETARCH} ...
  4. Retain RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH}

Use the opportunity to:

  1. Ensure FROM... AS... (case)
  2. replace LABEL key value with LABEL key=value