dcermak · dcermak · Nov 17, 2022 · Nov 17, 2022 · Nov 17, 2022 · Nov 17, 2022
diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
@@ -11,18 +11,40 @@ on:
 
 jobs:
   podman:
-    runs-on: ubuntu-latest
-    name: Build the container with buildah
+    strategy:
+      fail-fast: false
+      matrix:
+        arch: ["x86_64", "arm64", "ppc64le", "s390x"]
+
+    runs-on: ubuntu-22.04
+    name: Build the containers with buildah
     steps:
       - uses: actions/checkout@v3
-      - run: buildah bud --layers .
+      - name: update buildah
+        run: |
+          . /etc/os-release
+          echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_$VERSION_ID/ /" | sudo tee /etc/apt/sources.list.d/openSUSE:Tools.list
+          curl -fsSL https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_$VERSION_ID/Release.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/libcontainers_unstable.gpg > /dev/null
+          sudo apt update
+          sudo apt install buildah
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - run: buildah bud --platform linux/${{ matrix.arch }} --layers .
 
   docker:
     runs-on: ubuntu-latest
     name: Build and publish the container with docker
     steps:
       - uses: actions/checkout@v3
 
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v2
         with:
@@ -34,8 +56,8 @@ jobs:
         uses: docker/build-push-action@v3
         with:
           context: .
-          platforms: linux/amd64
-          push: ${{ contains(github.ref, 'refs/heads/main') || contains(github.ref, 'refs/tags/') }}
+          platforms: linux/amd64,linux/arm64,linux/ppc64le,linux/s390x
+          # push: ${{ contains(github.ref, 'refs/heads/main') || contains(github.ref, 'refs/tags/') }}
           target: deploy
           tags: |
             ghcr.io/dcermak/container-layer-sizes:latest
@@ -44,8 +66,8 @@ jobs:
         uses: docker/build-push-action@v3
         with:
           context: .
-          platforms: linux/amd64
-          push: ${{ contains(github.ref, 'refs/heads/main') || contains(github.ref, 'refs/tags/') }}
+          platforms: linux/amd64,linux/arm64,linux/ppc64le,linux/s390x
+          # push: ${{ contains(github.ref, 'refs/heads/main') || contains(github.ref, 'refs/tags/') }}
           target: storage-backend-deploy
           tags: |
             ghcr.io/dcermak/container-layer-sizes-backend:latest
diff --git a/Dockerfile b/Dockerfile
@@ -1,14 +1,22 @@
-FROM registry.suse.com/bci/golang:1.17 as go-builder
+FROM registry.suse.com/bci/golang:1.19 as go-builder
 WORKDIR /app/
 COPY . /app/
 
 RUN zypper -n ref && \
     zypper -n in --allow-downgrade libgpgme-devel libassuan-devel libbtrfs-devel device-mapper-devel awk
 RUN go build ./bin/analyzer && go build ./bin/storage
-RUN for lib in $(ldd analyzer |grep '=>'|awk '{print $3}'); do \
-        pkg=$(rpm -q --whatprovides $lib); \
-        if [[ ! $pkg =~ glibc ]]; then zypper download $pkg; fi; \
-    done
+RUN set -eux; \
+    # these are the rpm dependencies of the analyzer, in the next lines we check this on x86_64 only, because ldd fails in qemu…
+    to_download=(libgpgme11 libassuan0 libgpg-error0 libdevmapper1_03 libselinux1 libudev1 libpcre1); \
+    if [[ "$(uname -m)" = "x86_64" ]]; then \
+        deps=(); \
+        for lib in $(ldd analyzer |grep '=>'|awk '{print $3}'); do \
+            pkg=$(rpm -q --qf "%{NAME}\n" --whatprovides $lib); \
+            if [[ ! $pkg =~ glibc ]]; then deps+=( "$pkg" ); fi; \
+        done; \
+        [[ $(echo ${to_download[@]} ${deps[@]}|tr ' ' '\n' | sort | uniq -u) = "" ]]; \
+    fi; \
+    for pkg in "${to_download[@]}"; do zypper -n download $pkg; done
 
 FROM registry.suse.com/bci/node:16 as node-builder
 WORKDIR /app/
@@ -17,7 +25,7 @@ COPY . /app/
 RUN npm -g install yarn && yarn install && yarn run buildProduction
 
 
-FROM registry.suse.com/bci/bci-micro:15.3 as storage-backend-deploy
+FROM registry.suse.com/bci/bci-micro:15.4 as storage-backend-deploy
 WORKDIR /app/
 COPY --from=go-builder /app/storage .
 
@@ -26,13 +34,13 @@ EXPOSE 4040
 ENTRYPOINT ["/app/storage"]
 
 
-FROM registry.suse.com/bci/bci-minimal:15.3 as deploy
+FROM registry.suse.com/bci/bci-minimal:15.4 as deploy
 WORKDIR /app/
 COPY --from=go-builder /app/analyzer .
 COPY --from=node-builder /app/public/ public/
-COPY --from=go-builder /var/cache/zypp/packages/SLE_BCI/x86_64/ .
+COPY --from=go-builder /var/cache/zypp/packages/SLE_BCI/ .
 
-RUN rpm -i --nodeps --force *rpm && rm -rf *rpm
+RUN rpm -i --nodeps --force $(uname -m)/*rpm && rm -rf $(uname -m)/ noarch
 RUN mkdir -p /etc/containers/ /var/lib/containers/storage /var/run/containers/storage && \
     echo '{"default":[{"type":"insecureAcceptAnything"}],"transports":{"docker-daemon":{"":[{"type":"insecureAcceptAnything"}]}}}' > /etc/containers/policy.json && \
     echo $'[storage] \n\