Add support for arm64 images

.github/workflows/pr.yml

@@ -10,12 +10,24 @@ on:
 permissions: {}
 
 env: 
-  REGISTRY: ghcr.io/${{ github.repository }}
-  TAG: smoke-test
+  REGISTRY: 127.0.0.1:5000/qubesome
+  TAG: latest
 
 jobs:
   build-images:
-    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        platform: [ubuntu-latest, ubuntu-24.04-arm]
+
+    runs-on: ${{ matrix.platform }}
+
+    services:
+      registry:
+        image: registry:3
+        ports:
+          - 5000:5000
+
     steps:
       - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
         with:
@@ -26,10 +38,13 @@ jobs:
 
       - name: Setup Docker Buildx
         uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
+        with:
+          name: qubesome
+          driver-opts: network=host
+          platforms: linux/amd64,linux/arm64
 
-      - name: Build images
-        run: |
-          make build
+      - name: Test build and push of images
+        run: make push
 
       - name: Smoke test binaries
         run: |

Makefile

@@ -1,33 +1,48 @@
 REGISTRY ?= workload-images
 TAG ?= latest
 
-BUILDER ?= docker
-RUNNER ?= docker
+BUILDER ?= docker buildx
 
 WORKLOADS=$(shell find workloads -mindepth 2 -maxdepth 2 -type f -name 'Dockerfile' | sort -u | cut -f 2 -d'/')
 TOOLS=$(shell find tools -mindepth 2 -maxdepth 2 -type f -name 'Dockerfile' | sort -u | cut -f 2 -d'/')
 
-build:
+MACHINE = qubesome
+
+# ACTION can only be --load when TARGET_PLATFORM is the current platform:
+#   TARGET_PLATFORMS=linux/amd64 ACTION=--load make build-workload-xorg
+ACTION ?= --load
+TARGET_PLATFORMS ?= $(shell docker info --format '{{.ClientInfo.Os}}/{{.ClientInfo.Arch}}')
+SUPPORTED_PLATFORMS = linux/amd64,linux/arm64
+
+build: build-workload-base
 	$(MAKE) $(addprefix build-workload-, $(WORKLOADS))
 	$(MAKE) $(addprefix build-tool-, $(TOOLS))
 
-build-workload-%:
+buildx-machine:
+	$(BUILDER) use $(MACHINE) >/dev/null 2>&1  || \
+		$(BUILDER) create --name=$(MACHINE) --driver-opt network=host --platform=$(SUPPORTED_PLATFORMS)
+
+build-workload-%: buildx-machine
 	cd workloads/$(subst :,/,$*); \
-		$(BUILDER) build --build-arg=REGISTRY=$(REGISTRY) --build-arg=TAG=$(TAG) \
-			--load -t $(REGISTRY)/$(subst :,/,$*):$(TAG) -f Dockerfile .
+		$(BUILDER) build --builder $(MACHINE) --platform="$(TARGET_PLATFORMS)" \
+			--build-arg=REGISTRY=$(REGISTRY) --build-arg=TAG=$(TAG) \
+			$(ACTION) -t $(REGISTRY)/$(subst :,/,$*):$(TAG) -f Dockerfile .
 
-build-tool-%:
+build-tool-%: buildx-machine
 	cd tools/$(subst :,/,$*); \
-		$(BUILDER) build --build-arg=REGISTRY=$(REGISTRY) --build-arg=TAG=$(TAG) \
-			-t $(REGISTRY)/$(subst :,/,$*):$(TAG) -f Dockerfile .
+		$(BUILDER) build --builder $(MACHINE) --platform="$(TARGET_PLATFORMS)" \
+			--build-arg=REGISTRY=$(REGISTRY) --build-arg=TAG=$(TAG) \
+			$(ACTION) -t $(REGISTRY)/$(subst :,/,$*):$(TAG) -f Dockerfile .
 
 push:
 	$(MAKE) $(addprefix push-workload-, $(WORKLOADS))
 	$(MAKE) $(addprefix push-tool-, $(TOOLS))
 
-push-workload-%: build-workload-%
-	cd workloads/$(subst :,/,$*); \
-		$(BUILDER) push $(REGISTRY)/$(subst :,/,$*):$(TAG)
+push-workload-%:
+	ACTION=--push \
+	TARGET_PLATFORMS=$(SUPPORTED_PLATFORMS) \
+		$(MAKE) build-workload-$(subst :,/,$*)
+
 ifneq ($(TAG),latest)
 	cosign sign --yes "$(REGISTRY)/$(subst :,/,$*):$(TAG)"
 endif