Skip to content

Docker multi platform build and go mod update #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Docker multi platform build and go mod update #13

wants to merge 2 commits into from

Conversation

achoimet
Copy link
Contributor

@achoimet achoimet commented Sep 26, 2025
edited by coderabbitai bot
Loading

Hello again, small PR to allow to build this nice little service also on ARM. And a little go mod update. Let me know if adjustements are needed @csepulveda

Summary by CodeRabbit

  • New Features

    • Docker images now support multiple architectures (linux/amd64 and linux/arm64).
    • Images run with an explicit entrypoint for more predictable startup.

  • Refactor

    • Reworked container build to a multi-stage process, producing leaner runtime images and using a non-root user for improved security.

  • Chores

    • Upgraded container build and release workflows to the latest Docker actions.
    • Added platform-aware build configuration and disabled provenance to streamline image publishing.
    • Updated project to the latest supported Go version for builds.

@coderabbitai coderabbitai
Copy link
Contributor

coderabbitai bot commented Sep 26, 2025
edited
Loading

Walkthrough

Updates CI workflows to newer Docker actions, adds QEMU/Buildx setup, and configures multi-architecture builds with disabled provenance. Introduces a multi-stage, platform-aware Dockerfile with non-root runtime and explicit entrypoint. Bumps Go toolchain directive to 1.24.7 in go.mod, removing separate toolchain specification.

Changes

Cohort / File(s) Summary
CI workflows: Docker action upgrades and multi-arch
.github/workflows/pre-release.yml, .github/workflows/release.yml		 Adds QEMU and Buildx setup. Upgrades docker/login-action to v3, docker/metadata-action to v5, docker/build-push-action to v6. Extends build to platforms linux/amd64, linux/arm64 with provenance: false. Existing steps retained.
Container build: multi-stage, platform-aware
Dockerfile		 Replaces single-stage build with multi-stage: Go builder (golang:1.24-alpine3.22) and Alpine runtime. Uses TARGETOS/TARGETARCH/TARGETVARIANT to set GOOS/GOARCH, builds binary, copies to minimal image, creates non-root user, sets ENTRYPOINT ["./main"].
Go toolchain directive update
go.mod		 Updates go directive to 1.24.7; removes separate toolchain line. No dependency changes.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant GHA as GitHub Actions Runner
  participant QEMU as Setup QEMU
  participant BLDX as Setup Docker Buildx
  participant DLogin as docker/login-action@v3
  participant Meta as docker/metadata-action@v5
  participant BPush as docker/build-push-action@v6
  participant REG as Container Registry

  Note over GHA: pre-release.yml / release.yml build job
  GHA->>QEMU: Install QEMU
  GHA->>BLDX: Initialize Buildx builder
  GHA->>DLogin: Authenticate to registry
  GHA->>Meta: Generate tags/labels
  GHA->>BPush: Build & push (linux/amd64, linux/arm64)\nprovenance: false
  BPush-->>REG: Push manifest list and images
  REG-->>GHA: Image references available
Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

I nibbled through the pipelines’ vines,
Upgraded docks and tidy lines.
Two-stage burrow, lean and light,
Multi-arch dreams take speedy flight.
Go hops forward, 1.24.7 gleams—
Ship it, quick! on carrot-powered streams. 🥕🚀

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check ✅ Passed The title succinctly captures the two primary changes of the pull request—adding multi-platform Docker build support and updating the Go module—using clear, specific language without extraneous details.
Docstring Coverage ✅ Passed No functions found in the changes. Docstring coverage check skipped.
✨ Finishing touches
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 660be01 and 74b59f0.

📒 Files selected for processing (4)
  • .github/workflows/pre-release.yml (1 hunks)
  • .github/workflows/release.yml (1 hunks)
  • Dockerfile (1 hunks)
  • go.mod (1 hunks)
🔇 Additional comments (3)
go.mod (1)

3-3: Go directive bump aligns with the toolchain updates

The module now targets Go 1.24.7, which matches the updated builder image in the Dockerfile, so the change looks consistent.

.github/workflows/release.yml (1)

27-55: Multi-arch workflow setup looks solid

Adding QEMU/Buildx and pinning the Docker actions to their v3/v5/v6 releases gives us the multi-platform build we want without disrupting the existing attestation step. Looks good.

.github/workflows/pre-release.yml (1)

27-55: Pre-release pipeline mirrors release updates

The same QEMU/Buildx initialization and action upgrades are applied here, keeping both pipelines in sync for multi-arch pushes. No issues spotted.

Tip

👮 Agentic pre-merge checks are now available in preview!

Pro plan users can now enable pre-merge checks in their settings to enforce checklists before merging PRs.

  • Built-in checks – Quickly apply ready-made checks to enforce title conventions, require pull request descriptions that follow templates, validate linked issues for compliance, and more.
  • Custom agentic checks – Define your own rules using CodeRabbit’s advanced agentic capabilities to enforce organization-specific policies and workflows. For example, you can instruct CodeRabbit’s agent to verify that API documentation is updated whenever API schema files are modified in a PR. Note: Upto 5 custom checks are currently allowed during the preview period. Pricing for this feature will be announced in a few weeks.

Please see the documentation for more information.

Example:

reviews:
  pre_merge_checks:
    custom_checks:
      - name: "Undocumented Breaking Changes"
        mode: "warning"
        instructions: |
          Pass/fail criteria: All breaking changes to public APIs, CLI flags, environment variables, configuration keys, database schemas, or HTTP/GraphQL endpoints must be documented in the "Breaking Change" section of the PR description and in CHANGELOG.md. Exclude purely internal or private changes (e.g., code not exported from package entry points or explicitly marked as internal).

Please share your feedback with us on this Discord post.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@achoimet
Copy link
Contributor Author

small reminder @csepulveda, let me know if the PR needs other adjustments. Have a good day.

@achoimet
Copy link
Contributor Author

achoimet commented Oct 9, 2025

@csepulveda Hello again, any time to check this out?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@achoimet