Build amd64 and arm64 platforms for build image

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
kubernetes-sigs · Nov 13, 2024 · 081b117 · 081b117
1 parent d72805c
commit 081b117
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 5 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -126,16 +126,19 @@ jobs:
             type=ref,event=pr
             type=ref,event=tag
             type=sha,format=long
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
+        with:
+          platforms: linux/amd64,linux/arm64
       - name: Build (and push if needed)
         uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
         with:
           context: .
           file: Dockerfile.build-image
+          platforms: linux/amd64,linux/arm64
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
           push: ${{ github.ref == 'refs/heads/main' }}
-          # Only load on PR builds
-          load: ${{ github.ref != 'refs/heads/main' }}
       - name: Run container image vulnerability scanner
         uses: aquasecurity/trivy-action@d710430a6722f083d3b36b8339ff66b32f22ee55 # 0.19.0
         with:

diff --git a/Dockerfile.build-image b/Dockerfile.build-image
@@ -25,13 +25,20 @@ RUN apt-get update && \
 ENV USER=root
 
 ARG NIX_VERSION=2.25.0
-RUN wget https://nixos.org/releases/nix/nix-${NIX_VERSION}/nix-${NIX_VERSION}-x86_64-linux.tar.xz && \
-  tar xf nix-${NIX_VERSION}-x86_64-linux.tar.xz && \
+
+RUN \
+  if [ "$TARGETARCH" = "amd64" ]; then \
+    export ARCH=x86_64; \
+  else \
+    export ARCH=aarch64; \
+  fi && \
+  wget https://nixos.org/releases/nix/nix-${NIX_VERSION}/nix-${NIX_VERSION}-${ARCH}-linux.tar.xz && \
+  tar xf nix-${NIX_VERSION}-${ARCH}-linux.tar.xz && \
   groupadd -r -g 30000 nixbld && \
   for i in $(seq 1 30); do useradd -rM -u $((30000 + i)) -G nixbld nixbld$i ; done && \
   mkdir -m 0755 /etc/nix /nix && \
   printf "sandbox = false\nfilter-syscalls = false\n" > /etc/nix/nix.conf && \
-  nix-${NIX_VERSION}-x86_64-linux/install && \
+  nix-${NIX_VERSION}-${ARCH}-linux/install && \
   ln -s /nix/var/nix/profiles/default/etc/profile.d/nix.sh /etc/profile.d && \
   rm -rf nix-*