blue-build · gmpinder · Oct 3, 2024 · Sep 29, 2024
@@ -258,6 +258,58 @@ jobs:
           grep -q 'ARG IMAGE_REGISTRY=ghcr.io/blue-build' Containerfile || exit 1
           bluebuild build --retry-push -B docker -I docker -S sigstore --push -vv recipes/recipe.yml recipes/recipe-39.yml
 
+  arm64-build:
+    timeout-minutes: 60
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      id-token: write
+    needs:
+      - build
+    if: needs.build.outputs.push == 'true'
+
+    steps:
+      - name: Maximize build space
+        uses: ublue-os/remove-unwanted-software@v6
+
+      - uses: sigstore/[email protected]
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          install: true
+
+      - uses: actions-rust-lang/setup-rust-toolchain@v1
+
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          ref: ${{github.event.pull_request.head.ref}}
+          repository: ${{github.event.pull_request.head.repo.full_name}}
+
+      - name: Install bluebuild
+        run: |
+          cargo install --path . --debug --all-features
+
+      - name: Expose GitHub Runtime
+        uses: crazy-max/ghaction-github-runtime@v3
+
+      - name: Run Build
+        env:
+          GH_TOKEN: ${{ github.token }}
+          GH_PR_EVENT_NUMBER: ${{ github.event.number }}
+          COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }}
+          BB_BUILDKIT_CACHE_GHA: true
+        run: |
+          cd integration-tests/test-repo
+          bluebuild build \
+            --retry-push \
+            --platform linux/arm64 \
+            --push \
+            -vv \
+            recipes/recipe-arm64.yml
+
   docker-build-external-login:
     timeout-minutes: 60
     runs-on: ubuntu-latest

@@ -256,6 +256,58 @@ jobs:
           grep -q 'ARG IMAGE_REGISTRY=ghcr.io/blue-build' Containerfile || exit 1
           bluebuild build --retry-push -B docker -I docker -S sigstore --push -vv recipes/recipe.yml recipes/recipe-39.yml
 
+  arm64-build:
+    timeout-minutes: 60
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      id-token: write
+    if: github.repository == 'blue-build/cli'
+    needs:
+      - build
+
+    steps:
+      - name: Maximize build space
+        uses: ublue-os/remove-unwanted-software@v6
+
+      - uses: sigstore/[email protected]
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          install: true
+
+      - uses: actions-rust-lang/setup-rust-toolchain@v1
+
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          ref: ${{github.event.pull_request.head.ref}}
+          repository: ${{github.event.pull_request.head.repo.full_name}}
+
+      - name: Install bluebuild
+        run: |
+          cargo install --path . --debug --all-features
+
+      - name: Expose GitHub Runtime
+        uses: crazy-max/ghaction-github-runtime@v3
+
+      - name: Run Build
+        env:
+          GH_TOKEN: ${{ github.token }}
+          GH_PR_EVENT_NUMBER: ${{ github.event.number }}
+          COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }}
+          BB_BUILDKIT_CACHE_GHA: true
+        run: |
+          cd integration-tests/test-repo
+          bluebuild build \
+            --retry-push \
+            --platform linux/arm64 \
+            --push \
+            -vv \
+            recipes/recipe-arm64.yml
+
   docker-build-external-login:
     timeout-minutes: 60
     runs-on: ubuntu-latest

@@ -0,0 +1,38 @@
+name: cli/test
+description: This is my personal OS image.
+base-image: quay.io/fedora/fedora-silverblue
+image-version: 40
+alt_tags:
+  - arm64
+stages:
+modules:
+  - from-file: akmods.yml
+  - from-file: flatpaks.yml
+
+  - type: files
+    files:
+      - usr: /usr
+
+  - type: script
+    scripts:
+      - example.sh
+
+  - type: rpm-ostree
+    repos:
+      - https://copr.fedorainfracloud.org/coprs/atim/starship/repo/fedora-%OS_VERSION%/atim-starship-fedora-%OS_VERSION%.repo
+    install:
+      - micro
+      - starship
+    remove:
+      - firefox
+      - firefox-langpacks
+
+  - type: signing
+
+  - type: test-module
+
+  - type: containerfile
+    containerfiles:
+      - labels
+    snippets:
+      - RUN echo "This is a snippet" && ostree container commit
@@ -12,7 +12,7 @@ use std::{
     time::Duration,
 };
 
-use bon::Builder;
+use bon::{bon, Builder};
 use cached::proc_macro::cached;
 use clap::Args;
 use colored::Colorize;
@@ -24,6 +24,7 @@ use once_cell::sync::Lazy;
 use opts::{GenerateImageNameOpts, GenerateTagsOpts};
 #[cfg(feature = "sigstore")]
 use sigstore_driver::SigstoreDriver;
+use types::Platform;
 use uuid::Uuid;
 
 use crate::logging::Logger;
@@ -152,6 +153,7 @@ macro_rules! impl_driver_init {
 
 pub struct Driver;
 
+#[bon]
 impl Driver {
     /// Initializes the Strategy with user provided credentials.
     ///
@@ -192,7 +194,14 @@ impl Driver {
     ///
     /// # Panics
     /// Panics if the mutex fails to lock.
-    pub fn get_os_version(oci_ref: &Reference) -> Result<u64> {
+    #[builder]
+    pub fn get_os_version(
+        /// The OCI image reference.
+        oci_ref: &Reference,
+        /// The platform of the image to pull the version info from.
+        #[builder(default)]
+        platform: Platform,
+    ) -> Result<u64> {
         #[cfg(test)]
         {
             let _ = oci_ref; // silence lint
@@ -203,7 +212,7 @@ impl Driver {
         }
 
         trace!("Driver::get_os_version({oci_ref:#?})");
-        get_version(oci_ref)
+        get_version(oci_ref, platform)
     }
 
     fn get_build_driver() -> BuildDriverType {
@@ -230,10 +239,10 @@ impl Driver {
 #[cached(
     result = true,
     key = "String",
-    convert = "{ oci_ref.to_string() }",
+    convert = r#"{ format!("{oci_ref}-{platform}") }"#,
     sync_writes = true
 )]
-fn get_version(oci_ref: &Reference) -> Result<u64> {
+fn get_version(oci_ref: &Reference, platform: Platform) -> Result<u64> {
     info!("Retrieving OS version from {oci_ref}. This might take a bit");
     let inspect_opts = GetMetadataOpts::builder()
         .image(format!(
@@ -242,6 +251,7 @@ fn get_version(oci_ref: &Reference) -> Result<u64> {
             oci_ref.repository()
         ))
         .tag(oci_ref.tag().unwrap_or("latest"))
+        .platform(platform)
         .build();
     let os_version = Driver::get_metadata(&inspect_opts)
         .and_then(|inspection| {

@@ -6,7 +6,7 @@ use miette::{bail, miette, IntoDiagnostic, Result};
 use semver::Version;
 use serde::Deserialize;
 
-use crate::logging::CommandLogging;
+use crate::{drivers::types::Platform, logging::CommandLogging};
 
 use super::{
     opts::{BuildOpts, PushOpts, TagOpts},
@@ -50,6 +50,10 @@ impl BuildDriver for BuildahDriver {
         let command = cmd!(
             "buildah",
             "build",
+            if !matches!(opts.platform, Platform::Native) => [
+                "--platform",
+                opts.platform.to_string(),
+            ],
             "--pull=true",
             format!("--layers={}", !opts.squash),
             "-f",

@@ -12,6 +12,7 @@ use blue_build_utils::{
     constants::{BB_BUILDKIT_CACHE_GHA, CONTAINER_FILE, DOCKER_HOST, SKOPEO_IMAGE},
     credentials::Credentials,
     string_vec,
+    traits::IntoCollector,
 };
 use colored::Colorize;
 use indicatif::{ProgressBar, ProgressStyle};
@@ -26,6 +27,7 @@ use crate::{
     drivers::{
         image_metadata::ImageMetadata,
         opts::{RunOptsEnv, RunOptsVolume},
+        types::Platform,
     },
     logging::{CommandLogging, Logger},
     signal_handler::{add_cid, remove_cid, ContainerId, ContainerRuntime},
@@ -130,6 +132,10 @@ impl BuildDriver for DockerDriver {
         let status = cmd!(
             "docker",
             "build",
+            if !matches!(opts.platform, Platform::Native) => [
+                "--platform",
+                opts.platform.to_string(),
+            ],
             "-t",
             &*opts.image,
             "-f",
@@ -235,6 +241,10 @@ impl BuildDriver for DockerDriver {
             },
             "build",
             "--pull",
+            if !matches!(opts.platform, Platform::Native) => [
+                "--platform",
+                opts.platform.to_string(),
+            ],
             "-f",
             &*opts.containerfile,
             // https://github.com/moby/buildkit?tab=readme-ov-file#github-actions-cache-experimental
@@ -322,10 +332,16 @@ impl InspectDriver for DockerDriver {
         );
         progress.enable_steady_tick(Duration::from_millis(100));
 
+        let mut args = Vec::new();
+        if !matches!(opts.platform, Platform::Native) {
+            args.extend(["--override-arch", opts.platform.arch()]);
+        }
+        args.extend(["inspect", &url]);
+
         let output = Self::run_output(
             &RunOpts::builder()
                 .image(SKOPEO_IMAGE)
-                .args(bon::vec!["inspect", &url])
+                .args(args.collect_into_vec())
                 .remove(true)
                 .build(),
         )

@@ -37,8 +37,11 @@ impl CiDriver for GithubDriver {
     fn generate_tags(opts: &GenerateTagsOpts) -> miette::Result<Vec<String>> {
         const PR_EVENT: &str = "pull_request";
         let timestamp = blue_build_utils::get_tag_timestamp();
-        let os_version =
-            Driver::get_os_version(opts.oci_ref).inspect(|v| trace!("os_version={v}"))?;
+        let os_version = Driver::get_os_version()
+            .oci_ref(opts.oci_ref)
+            .platform(opts.platform)
+            .call()
+            .inspect(|v| trace!("os_version={v}"))?;
         let ref_name = get_env_var(GITHUB_REF_NAME).inspect(|v| trace!("{GITHUB_REF_NAME}={v}"))?;
         let short_sha = {
             let mut short_sha = get_env_var(GITHUB_SHA).inspect(|v| trace!("{GITHUB_SHA}={v}"))?;
@@ -144,7 +147,7 @@ mod test {
     use rstest::rstest;
 
     use crate::{
-        drivers::{opts::GenerateTagsOpts, CiDriver},
+        drivers::{opts::GenerateTagsOpts, types::Platform, CiDriver},
         test::{TEST_TAG_1, TEST_TAG_2, TIMESTAMP},
     };
 
@@ -285,6 +288,7 @@ mod test {
             &GenerateTagsOpts::builder()
                 .oci_ref(&oci_ref)
                 .maybe_alt_tags(alt_tags)
+                .platform(Platform::LinuxAmd64)
                 .build(),
         )
         .unwrap();

@@ -45,7 +45,10 @@ impl CiDriver for GitlabDriver {
 
     fn generate_tags(opts: &GenerateTagsOpts) -> miette::Result<Vec<String>> {
         const MR_EVENT: &str = "merge_request_event";
-        let os_version = Driver::get_os_version(opts.oci_ref)?;
+        let os_version = Driver::get_os_version()
+            .oci_ref(opts.oci_ref)
+            .platform(opts.platform)
+            .call()?;
         let timestamp = blue_build_utils::get_tag_timestamp();
         let short_sha =
             get_env_var(CI_COMMIT_SHORT_SHA).inspect(|v| trace!("{CI_COMMIT_SHORT_SHA}={v}"))?;
@@ -293,6 +296,7 @@ mod test {
             &GenerateTagsOpts::builder()
                 .oci_ref(&oci_ref)
                 .maybe_alt_tags(alt_tags)
+                .platform(crate::drivers::types::Platform::LinuxAmd64)
                 .build(),
         )
         .unwrap();

@@ -24,7 +24,10 @@ impl CiDriver for LocalDriver {
 
     fn generate_tags(opts: &GenerateTagsOpts) -> miette::Result<Vec<String>> {
         trace!("LocalDriver::generate_tags({opts:?})");
-        let os_version = Driver::get_os_version(opts.oci_ref)?;
+        let os_version = Driver::get_os_version()
+            .oci_ref(opts.oci_ref)
+            .platform(opts.platform)
+            .call()?;
         let timestamp = blue_build_utils::get_tag_timestamp();
         let short_sha = commit_sha();