DevSecOps and Automation on Power

What is a Multi-architecture image?

A multi-arch image is a type of container image that may combine variants for different architectures, and sometimes for different operating systems. When running an image with multi-architecture support, container clients will automatically select an image variant that matches your OS and architecture

In this article, you will learn how you can easily leverage GitHub Actions and Buildah to build multi-arch images.

Step 0: Create accounts on the basic services required

We are using GitHub to host the source code and the build process and Quay.io to host our multi-arch image, so if you want to follow the steps described here, you must have an account on each service.

Step 1: Setup the Quay repository with a new Robot account

Create a repository on Quay.io and add a Robot account to it. A robot account will be useful to pull/push your multi-arch images from/to the container registry (ensure you set the write permission to your robot, like the picture below).

Step 2: Setup the Github repository

Create a new repository on GitHub. On the repository create a new set of new secrets to avoid exposing the credentials of the Quay.io robot. Go to Settings > Secrets > Actions > New repository secret and add a variable for the robot username and another for the token as seen below:

Step 3: Create the Dockerfile of your application

Source code for this tutorial - https://github.com/mayurwaghmode/multi-arch-demo.git

Push the Dockerfile of your application to your GitHub repository, which will be used to create your multi-arch container.

IMPORTANT: to create multi-arch image, you must ensure that the base image you are using is available for your target architectures. In this example, we are building a multi-arch image to run on x86_64 ppc64le, s390x and arm64 and the base image we are using (Ubuntu), is available for each architecture.

Step 4: Configure the GitHub Actions Workflow

In your GitHub repository, create a .github/workflows/ directory.

Inside the .github/workflows/ directory, create a new file where we are going to add the build configuration:

The file describes what should happen. It uses some pre-existing actions available in GitHub’s Marketplace, to ease the process:

• actions/checkout@v2: action for checking out a repository
• docker/setup-qemu-action@v2: action to install QEMU static binaries
• redhat-actions/buildah-build@v2: action for building Docker and Kubernetes-compatible images quickly and easily.
• redhat-actions/push-to-registry@v2: action for pushing a container image or an image manifest to an image registry.

Once the job is configured, each new merge will trigger a new build (you can customize it according to your needs).

And will push it to quay.io at the end of the process:

Step 5: Finally, test your multi-arch image

I haven't tested it on an arm64 machine because of a lack of resources. But hope it will work there as well.

That’s it! Thanks for reading! I hope you found this tutorial helpful. Feel free to reach out in case of any queries. Happy learning!

Originally published on Medium