fix: Optimize multi-arch attestations in single build

- Use docker/build-push-action@v6 native attestation support
- Set provenance=mode=max for better multi-arch attestation handling
- Remove separate attestation step to avoid conflicts
- This should resolve ARM64 attestation issues while keeping simple workflow

Author: neverinfamous

.github/workflows/docker-build.yml

@@ -140,8 +140,8 @@ jobs:
         labels: ${{ steps.meta.outputs.labels }}
         cache-from: type=gha
         cache-to: type=gha,mode=max
-        # Enable attestations for supply chain security
-        provenance: true
+        # Enable attestations for supply chain security (v6 handles multi-arch better)
+        provenance: mode=max
         sbom: true
 
     - name: Test Docker image functionality
@@ -171,12 +171,3 @@ jobs:
         
         echo "✅ Image tests passed"
 
-    # Generate GitHub attestations for supply chain security
-    - name: Generate artifact attestation
-      if: github.event_name != 'pull_request'
-      uses: actions/attest-build-provenance@v1
-      with:
-        subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-        subject-digest: ${{ steps.build.outputs.digest }}
-        push-to-registry: true
-      continue-on-error: true  # Don't fail build if attestation fails