From b3743e51e8637fdbf53cdd73abefea9b529dabde Mon Sep 17 00:00:00 2001
From: Carlos Salas <carlos.salas@suse.com>
Date: Thu, 5 Sep 2024 11:27:05 +0200
Subject: [PATCH] feat: migrate image building to buildx

Signed-off-by: Carlos Salas <carlos.salas@suse.com>
---
 Dockerfile |  8 ++------
 Makefile   | 38 ++++++++++++++++++++++++++------------
 2 files changed, 28 insertions(+), 18 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index e76f3684..91a9b63f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -17,9 +17,6 @@
 # Build the manager binary
 ARG builder_image
 
-# Build architecture
-ARG ARCH
-
 FROM ${builder_image} as builder
 WORKDIR /workspace
 
@@ -41,19 +38,18 @@ COPY ./ ./
 
 # Build
 ARG package=.
-ARG ARCH
 ARG ldflags
 
 # Do not force rebuild of up-to-date packages (do not use -a) and use the compiler cache folder
 RUN --mount=type=cache,target=/go/pkg/mod \
-    CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} \
+    CGO_ENABLED=0 GOOS=linux \
     go build -trimpath -ldflags "${ldflags} -extldflags '-static'" \
     -o manager ${package}
 
 
 # Use distroless as minimal base image to package the manager binary
 # Refer to https://github.com/GoogleContainerTools/distroless for more details
-FROM gcr.io/distroless/static:nonroot-${ARCH}
+FROM gcr.io/distroless/static:nonroot
 LABEL org.opencontainers.image.source=https://github.com/rancher/turtles
 WORKDIR /
 COPY --from=builder /workspace/manager .
diff --git a/Makefile b/Makefile
index 5c0ecfc3..61bb87e8 100644
--- a/Makefile
+++ b/Makefile
@@ -161,6 +161,8 @@ NOTES := $(abspath $(TOOLS_BIN_DIR)/$(NOTES_BIN))
 TAG ?= dev
 ARCH ?= $(shell go env GOARCH)
 ALL_ARCH = amd64 arm64
+TARGET_PLATFORMS := linux/amd64,linux/arm64
+MACHINE := rancher-turtles
 REGISTRY ?= ghcr.io
 ORG ?= rancher
 CONTROLLER_IMAGE_NAME ?= turtles
@@ -324,6 +326,10 @@ build: generate fmt vet ## Build manager binary.
 run: generate fmt vet ## Run a controller from your host.
 	go run ./main.go
 
+buildx-machine:
+	@docker buildx inspect $(MACHINE) || \
+		docker buildx create --name=$(MACHINE) --platform=$(TARGET_PLATFORMS)
+
 ## --------------------------------------
 ## Docker
 ## --------------------------------------
@@ -333,12 +339,9 @@ docker-push: ## Push the docker images
 	docker push $(MANIFEST_IMG):$(TAG)
 
 .PHONY: docker-push-all
-docker-push-all: $(addprefix docker-push-,$(ALL_ARCH))  ## Push all the architecture docker images
+docker-push-all: docker-push  ## Push all the architecture docker images
 	$(MAKE) docker-push-manifest-rancher-turtles
 
-docker-push-%:
-	$(MAKE) ARCH=$* docker-push
-
 .PHONY: docker-push-manifest-rancher-turtles
 docker-push-manifest-rancher-turtles: ## Push the multiarch manifest for the rancher turtles docker images
 	## Minimum docker version 18.06.0 is required for creating and pushing manifest images.
@@ -352,15 +355,26 @@ docker-pull-prerequisites:
 	docker pull $(GO_CONTAINER_IMAGE)
 	docker pull gcr.io/distroless/static:latest
 
-.PHONY: docker-build-all
-docker-build-all: $(addprefix docker-build-,$(ALL_ARCH)) ## Build docker images for all architectures
-
-docker-build-%:
-	$(MAKE) ARCH=$* docker-build
+docker-build-local: buildx-machine docker-pull-prerequisites ## Build docker image for a specific architecture
+	# buildx does not support using local registry for multi-architecture images
+	DOCKER_BUILDKIT=1 BUILDX_BUILDER=$(MACHINE) docker buildx build \
+			--platform $(ARCH) \
+			--load \
+			--build-arg builder_image=$(GO_CONTAINER_IMAGE) \
+			--build-arg goproxy=$(GOPROXY) \
+			--build-arg package=. \
+			--build-arg ldflags="$(LDFLAGS)" . -t $(MANIFEST_IMG):$(TAG)
 
 .PHONY: docker-build
-docker-build: docker-pull-prerequisites ## Run docker-build-* targets for all providers
-	DOCKER_BUILDKIT=1 docker build --build-arg builder_image=$(GO_CONTAINER_IMAGE) --build-arg goproxy=$(GOPROXY) --build-arg ARCH=$(ARCH) --build-arg package=. --build-arg ldflags="$(LDFLAGS)" . -t $(MANIFEST_IMG):$(TAG)
+docker-build: buildx-machine docker-pull-prerequisites ## Run docker-build targets for all architectures
+	DOCKER_BUILDKIT=1 BUILDX_BUILDER=$(MACHINE) docker buildx build \
+			--platform $(TARGET_PLATFORMS) \
+			--push \
+			--attest type=provenance \
+			--build-arg builder_image=$(GO_CONTAINER_IMAGE) \
+			--build-arg goproxy=$(GOPROXY) \
+			--build-arg package=. \
+			--build-arg ldflags="$(LDFLAGS)" . -t $(MANIFEST_IMG):$(TAG)
 
 docker-list-all:
 	@echo $(CONTROLLER_IMG):${TAG}
@@ -546,7 +560,7 @@ test-e2e: $(GINKGO) $(HELM) $(CLUSTERCTL) kubectl e2e-image ## Run the end-to-en
 
 .PHONY: e2e-image
 e2e-image: ## Build the image for e2e tests
-	TAG=v0.0.1 CONTROLLER_IMAGE_NAME=turtles-e2e $(MAKE) docker-build
+	TAG=v0.0.1 CONTROLLER_IMAGE_NAME=turtles-e2e $(MAKE) docker-build-local
 	RELEASE_TAG=v0.0.1 CONTROLLER_IMG=$(REGISTRY)/$(ORG)/turtles-e2e-$(ARCH) CONTROLLER_IMAGE_VERSION=v0.0.1 $(MAKE) build-chart
 
 .PHONY: e2e-image-push