Skip to content

ci: add container builds for arm64 #491

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

ci: add container builds for arm64 #491

wants to merge 5 commits into from

Conversation

@manetherenio
Copy link

@manetherenio manetherenio commented May 26, 2025

Description of changes:
This updates the Github Actions to add ARM64 builds. Currently, only AMD64 is being published to GHCR.

@github-actions
Copy link

github-actions bot commented May 26, 2025

Tests

Please note that running unit and e2e tests requires manual approval from a team member.

e2e tests

We use labels to control which e2e tests contexts are run:

Label Behaviour
none Run Generic tests only
e2e/none skip all e2e tests (documentation etc) - overrides all e2e/* labels Do not run any e2e tests
e2e/flatcar run Flatcar e2e tests Add Flatcar tests

ℹ️ Ask a team member to add the requested labels if you don't have enough permissions.

mcbenjemaa
mcbenjemaa requested changes May 26, 2025
View reviewed changes
Copy link
Member

@mcbenjemaa mcbenjemaa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Build is failing

@manetherenio
Copy link
Author

manetherenio commented May 26, 2025
edited
Loading

It looks like buildx is currently incompatible with both --load and multiple simultaneous platform builds

docker/buildx#59 (comment)

How should we proceed? Remove the load line (currently here ) from the docker/build-push-action invocation?

Alternatively, I could setup a second docker/build-push-action invocation for arm64?

@manetherenio
Copy link
Author

manetherenio commented May 26, 2025

Reading further through the comment chain on the docker/buildx repo, it appears multi-arch builds and --load will work if using the containerd store. Let me try setting that up and see if that works.

@manetherenio
Copy link
Author

manetherenio commented May 27, 2025

So it looks like now with the containerd store enabled, the Trivy scanner is failing to load the new image locally. I'm going to build the arm64 container separately and use the amd64 container for the Trivy scanner.

@manetherenio
Copy link
Author

manetherenio commented May 29, 2025

@mcbenjemaa Builds are succeeding again. Can you please review?

@manetherenio
Copy link
Author

manetherenio commented Jun 4, 2025

@mcbenjemaa @wikkyk @LukasK32
Would someone be willing to give a review now that the builds are no longer failing?

mcbenjemaa
mcbenjemaa reviewed Jun 26, 2025
View reviewed changes
.github/workflows/container-image.yaml
ignore-unfixed: true
severity: 'HIGH,CRITICAL'

- name: Build and push multiplatform Docker image
Copy link
Member

@mcbenjemaa mcbenjemaa Jun 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The build action is called twice.
Would it be possible to call it just once?

@sonarqubecloud
Copy link

sonarqubecloud bot commented Jun 26, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@wikkyk
Copy link
Collaborator

wikkyk commented Jul 4, 2025

This is definitely interesting. However, there are some major issues here:

  1. No official support for arm64 in Proxmox VE
  2. The arm64 builds would go completely untested.
  3. I don't think it's enough to only scan the amd64 image with Trivy.

Is qemu necessary? Go cross-compiles well, there is no need to emulate an arm64. The only issue is tools like controller-gen that get installed at build time. I would rather make cross-compiling work properly (any build tools that are built at build time are built for host arch, everything else gets cross-compiled for target arch) so that e.g. I could do an arm64 build locally like make ARCH=arm64.

@ozhankaraman
Copy link

ozhankaraman commented Jul 7, 2025

arm64 container images would be cool, I have an arm64 arch based Clusterapi management cluster and I am manually compiling capi-proxmox image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mcbenjemaa mcbenjemaa mcbenjemaa requested changes

@65278 65278 Awaiting requested review from 65278 65278 is a code owner

@avorima avorima Awaiting requested review from avorima

@pborn-ionos pborn-ionos Awaiting requested review from pborn-ionos pborn-ionos is a code owner

@wikkyk wikkyk Awaiting requested review from wikkyk wikkyk is a code owner

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@manetherenio @wikkyk @ozhankaraman @mcbenjemaa