Introduce multi-arch builds with support for ARM

With this commit we start building multi-arch container images to enable
running containers on ARM systems.

Delete outdated build and publish scripts under container/.

.github/workflows/container.yml

@@ -24,33 +24,59 @@ jobs:
     steps:
       - name: Checkout repository
         uses: actions/checkout@v3
+        # Need fetch-depth 0 to fetch tags, see https://github.com/actions/checkout/issues/701
+        with:
+          fetch-depth: 0
+
+      - name: Gather context
+        id: ctx
+        run: |
+          echo is_release=${{ contains(github.ref, 'refs/tags/') }} | tee -a $GITHUB_OUTPUT
+          echo is_dev=${{ ! contains(github.ref, 'refs/tags/') }} | tee -a $GITHUB_OUTPUT
+          echo version=$(git describe --always --tags) | tee -a $GITHUB_OUTPUT
+
+      # QEMU is used to set up VMs for building non-x86_64 images.
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+        with:
+          platforms: "arm,arm64"
+
+      # This is required to build multi-arch images.
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
 
       - name: Log in to registry
-        run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Build and push container image
-        run: |
-          # Image name may contain only lowercase letters
-          IMAGE_ID=$(echo ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | tr '[A-Z]' '[a-z]')
-
-          # Strip git ref prefix from version
-          VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
-          # If not tag, then use `develop` as image tag
-          [ "$VERSION" == main ] && VERSION=develop
-
-          echo IMAGE_ID=$IMAGE_ID
-          echo VERSION=$VERSION
-
-          docker build . --file container/Dockerfile \
-              --build-arg "CREATED=$(date --rfc-3339=seconds)" \
-              --build-arg "VERSION=$(git describe --always)" \
-              --build-arg "COMMIT=$(git rev-parse -q --verify HEAD^{commit})" \
-              --tag $IMAGE_ID:$VERSION
-
-          docker push $IMAGE_ID:$VERSION
-
-          if [[ "${{ github.ref }}" == "refs/tags/"* ]];
-          then
-            docker tag $IMAGE_ID:$VERSION $IMAGE_ID:latest
-            docker push $IMAGE_ID:latest
-          fi
+      - name: Configure metadata
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          # Configure to use `latest` and the PEP440 version from a tag name for
+          # releases, and `develop` for non-release main builds.
+          tags: |
+            type=pep440,pattern={{ version }},enable=${{ steps.ctx.outputs.is_release }}
+            type=raw,value=latest,enable=${{ steps.ctx.outputs.is_release }}
+            type=raw,value=develop,enable=${{ steps.ctx.outputs.is_dev }}
+          labels: |
+            [email protected]
+            org.opencontainers.image.url=https://karapace.io
+            org.opencontainers.image.documentation=https://github.com/aiven/karapace/
+            org.opencontainers.image.vendor=Aiven
+            org.opencontainers.image.licenses=Apache-2.0
+
+      - uses: docker/build-push-action@v4
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          build-args: |
+            KARAPACE_VERSION=${{ steps.ctx.outputs.version }}
+          file: container/Dockerfile
+          platforms: "linux/amd64,linux/arm64"

container/Dockerfile

@@ -2,12 +2,7 @@
 # generate wheel files.
 FROM debian:stable-slim AS builder
 
-LABEL [email protected] \
-      org.opencontainers.image.url=https://karapace.io \
-      org.opencontainers.image.documentation=https://github.com/aiven/karapace/ \
-      org.opencontainers.image.source=https://github.com/aiven/karapace/ \
-      org.opencontainers.image.vendor=Aiven \
-      org.opencontainers.image.licenses=Apache-2.0
+ARG KARAPACE_VERSION
 
 # Build dependencies that need to be installed:
 # - git: Used to install dependencies directly from their public repos (release
@@ -39,14 +34,6 @@ RUN pip3 wheel --no-deps /build/karapace-repo --wheel-dir /build/karapace-wheel
 # Karapace image.
 FROM debian:stable-slim AS karapace
 
-# Labels must be redefined beucase the base image is debian
-LABEL [email protected] \
-      org.opencontainers.image.url=https://karapace.io \
-      org.opencontainers.image.documentation=https://github.com/aiven/karapace/ \
-      org.opencontainers.image.source=https://github.com/aiven/karapace/ \
-      org.opencontainers.image.vendor=Aiven \
-      org.opencontainers.image.licenses=Apache-2.0
-
 RUN groupadd --system karapace && \
     useradd --system --gid karapace karapace && \
     mkdir /opt/karapace /opt/karapace/runtime /var/log/karapace && \
@@ -70,12 +57,5 @@ COPY ./container/healthcheck.py /opt/karapace
 WORKDIR /opt/karapace
 USER karapace
 
-ARG CREATED
-ARG VERSION
-ARG COMMIT
-LABEL org.opencontainers.image.created=$CREATED \
-      org.opencontainers.image.version=$VERSION \
-      org.opencontainers.image.revision=$COMMIT
-
 HEALTHCHECK --interval=10s --timeout=30s --retries=3 --start-period=60s \
     CMD python3 healthcheck.py http://localhost:$KARAPACE_PORT/_health || exit 1