oxsecurity · nvuillam · Jan 1, 2023 · Dec 29, 2022 · Dec 30, 2022 · Dec 30, 2022
@@ -17,25 +17,26 @@
 ###########
 # Globals #
 ###########
-GITHUB_WORKSPACE="${GITHUB_WORKSPACE}"   # GitHub Workspace
-GITHUB_REPOSITORY="${GITHUB_REPOSITORY}" # GitHub Org/Repo passed from system
-DOCKER_USERNAME="${DOCKER_USERNAME}"     # Username to login to DockerHub
-DOCKER_PASSWORD="${DOCKER_PASSWORD}"     # Password to login to DockerHub
-GCR_USERNAME="${GCR_USERNAME}"           # Username to login to GitHub package registry
-GCR_TOKEN="${GCR_TOKEN}"                 # Password to login to GitHub package registry
-REGISTRY="${REGISTRY}"                   # What registry to upload | <GCR> or <Docker>
-IMAGE_REPO="${IMAGE_REPO}"               # Image repo to upload the image
-IMAGE_VERSION="${IMAGE_VERSION}"         # Version to tag the image
-ALWAYS_BUILD="${ALWAYS_BUILD}"           # Always build image even if another has been found
-DOCKERFILE_PATH="${DOCKERFILE_PATH}"     # Path to the Dockerfile to be uploaded
-MAJOR_TAG=''                             # Major tag version if we need to update it
-UPDATE_MAJOR_TAG=0                       # Flag to deploy the major tag version as well
-GCR_URL='ghcr.io'                        # URL to Github Container Registry
-DOCKER_IMAGE_REPO=''                     # Docker tag for the image when created
-GCR_IMAGE_REPO=''                        # Docker tag for the image when created
-FOUND_IMAGE=0                            # Flag for if the image has already been built
-CONTAINER_URL=''                         # Final URL to upload
-SQUASH="${SQUASH}"                       # if true, calls docker build with --squash
+GITHUB_WORKSPACE="${GITHUB_WORKSPACE}"             # GitHub Workspace
+GITHUB_REPOSITORY="${GITHUB_REPOSITORY}"           # GitHub Org/Repo passed from system
+DOCKER_USERNAME="${DOCKER_USERNAME}"               # Username to login to DockerHub
+DOCKER_PASSWORD="${DOCKER_PASSWORD}"               # Password to login to DockerHub
+GCR_USERNAME="${GCR_USERNAME}"                     # Username to login to GitHub package registry
+GCR_TOKEN="${GCR_TOKEN}"                           # Password to login to GitHub package registry
+REGISTRY="${REGISTRY}"                             # What registry to upload | <GCR> or <Docker>
+IMAGE_REPO="${IMAGE_REPO}"                         # Image repo to upload the image
+IMAGE_VERSION="${IMAGE_VERSION}"                   # Version to tag the image
+ALWAYS_BUILD="${ALWAYS_BUILD}"                     # Always build image even if another has been found
+DOCKERFILE_PATH="${DOCKERFILE_PATH}"               # Path to the Dockerfile to be uploaded
+MAJOR_TAG=''                                       # Major tag version if we need to update it
+UPDATE_MAJOR_TAG=0                                 # Flag to deploy the major tag version as well
+GCR_URL='ghcr.io'                                  # URL to Github Container Registry
+DOCKER_IMAGE_REPO=''                               # Docker tag for the image when created
+GCR_IMAGE_REPO=''                                  # Docker tag for the image when created
+FOUND_IMAGE=0                                      # Flag for if the image has already been built
+CONTAINER_URL=''                                   # Final URL to upload
+SQUASH="${SQUASH}"                                 # if true, calls docker build with --squash
+DOCKER_BUILD_PLATFORMS="${DOCKER_BUILD_PLATFORMS}" # docker buildx build --platform value
 
 ###########################################################
 # Dynamic build variables to pass to container when built #
@@ -315,7 +316,7 @@ BuildImage() {
   ###################
   # Build the image #
   ###################
-  DOCKER_BUILDKIT=1 docker build $EXTRA_DOCKER_BUILD_ARGS --no-cache --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${BUILD_REVISION}" --build-arg "BUILD_VERSION=${BUILD_VERSION}" -t "${CONTAINER_URL}:${IMAGE_VERSION}" -f "${DOCKERFILE_PATH}" . 2>&1
+  docker buildx build --platform "${DOCKER_BUILD_PLATFORMS}" $EXTRA_DOCKER_BUILD_ARGS --no-cache --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${BUILD_REVISION}" --build-arg "BUILD_VERSION=${BUILD_VERSION}" -t "${CONTAINER_URL}:${IMAGE_VERSION}" -f "${DOCKERFILE_PATH}" --load . 2>&1
 
   #######################
   # Load the error code #
@@ -340,8 +341,8 @@ BuildImage() {
     # docker tag "${CONTAINER_URL}:${IMAGE_VERSION}" "${CONTAINER_URL}:latest"
 
     # Tag the image with the major tag & latest tag as well
-    DOCKER_BUILDKIT=1 docker build $EXTRA_DOCKER_BUILD_ARGS --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${BUILD_REVISION}" --build-arg "BUILD_VERSION=${MAJOR_TAG}" -t "${CONTAINER_URL}:latest" -f "${DOCKERFILE_PATH}" . 2>&1
-    DOCKER_BUILDKIT=1 docker build $EXTRA_DOCKER_BUILD_ARGS --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${BUILD_REVISION}" --build-arg "BUILD_VERSION=${MAJOR_TAG}" -t "${CONTAINER_URL}:${MAJOR_TAG}" -f "${DOCKERFILE_PATH}" . 2>&1
+    docker buildx build --platform "${DOCKER_BUILD_PLATFORMS}" $EXTRA_DOCKER_BUILD_ARGS --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${BUILD_REVISION}" --build-arg "BUILD_VERSION=${MAJOR_TAG}" -t "${CONTAINER_URL}:latest" -f "${DOCKERFILE_PATH}" --load . 2>&1
+    docker buildx build --platform "${DOCKER_BUILD_PLATFORMS}" $EXTRA_DOCKER_BUILD_ARGS --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${BUILD_REVISION}" --build-arg "BUILD_VERSION=${MAJOR_TAG}" -t "${CONTAINER_URL}:${MAJOR_TAG}" -f "${DOCKERFILE_PATH}" --load . 2>&1
 
     #######################
     # Load the error code #
@@ -377,7 +378,7 @@ BuildImage() {
   ###################
   # Build the image #
   ###################
-  DOCKER_BUILDKIT=1 docker build $EXTRA_DOCKER_BUILD_ARGS --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${BUILD_REVISION}" --build-arg "BUILD_VERSION=${BUILD_VERSION}" -t "${ADDITIONAL_URL}:${IMAGE_VERSION}" -f "${DOCKERFILE_PATH}" . 2>&1
+  docker buildx build --platform "${DOCKER_BUILD_PLATFORMS}" $EXTRA_DOCKER_BUILD_ARGS --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${BUILD_REVISION}" --build-arg "BUILD_VERSION=${BUILD_VERSION}" -t "${ADDITIONAL_URL}:${IMAGE_VERSION}" -f "${DOCKERFILE_PATH}" --load . 2>&1
 
   #######################
   # Load the error code #
@@ -402,8 +403,8 @@ BuildImage() {
     ###################
     # Build the image with latest tags#
     ###################
-    DOCKER_BUILDKIT=1 docker build $EXTRA_DOCKER_BUILD_ARGS --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${BUILD_REVISION}" --build-arg "BUILD_VERSION=${MAJOR_TAG}" -t "${ADDITIONAL_URL}:latest" -f "${DOCKERFILE_PATH}" . 2>&1
-    DOCKER_BUILDKIT=1 docker build $EXTRA_DOCKER_BUILD_ARGS --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${BUILD_REVISION}" --build-arg "BUILD_VERSION=${MAJOR_TAG}" -t "${ADDITIONAL_URL}:${MAJOR_TAG}" -f "${DOCKERFILE_PATH}" . 2>&1
+    docker buildx build --platform "${DOCKER_BUILD_PLATFORMS}" $EXTRA_DOCKER_BUILD_ARGS --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${BUILD_REVISION}" --build-arg "BUILD_VERSION=${MAJOR_TAG}" -t "${ADDITIONAL_URL}:latest" -f "${DOCKERFILE_PATH}" . --load 2>&1
+    docker buildx build --platform "${DOCKER_BUILD_PLATFORMS}" $EXTRA_DOCKER_BUILD_ARGS --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${BUILD_REVISION}" --build-arg "BUILD_VERSION=${MAJOR_TAG}" -t "${ADDITIONAL_URL}:${MAJOR_TAG}" -f "${DOCKERFILE_PATH}" . --load 2>&1
 
     #######################
     # Load the error code #

@@ -52,6 +52,7 @@
         "Braintree",
         "Breporters",
         "Bubley",
+        "buildx",
         "CHECKMAKE",
         "CHECKOV",
         "CHECKSTYLE",

@@ -38,6 +38,15 @@ jobs:
       - name: Checkout Code
         uses: actions/checkout@v3
 
+      #######################
+      # Docker Buildx setup #
+      #######################
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
       ########################
       # Get the current date #
       ########################
@@ -49,7 +58,7 @@ jobs:
       ###################################
       - name: Build image
         shell: bash
-        run: DOCKER_BUILDKIT=1 docker build --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=auto_update_${GITHUB_SHA}" --build-arg "BUILD_VERSION=auto_update_${GITHUB_SHA}" --no-cache -t oxsecurity/megalinter:auto_update_${GITHUB_SHA} . | while read line ; do echo "$(date +'%H:%M:%S')| $line"; done;
+        run: docker buildx build --platform linux/amd64 --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=auto_update_${GITHUB_SHA}" --build-arg "BUILD_VERSION=auto_update_${GITHUB_SHA}" --no-cache -t oxsecurity/megalinter:auto_update_${GITHUB_SHA} --load . | while read line ; do echo "$(date +'%H:%M:%S')| $line"; done;
         timeout-minutes: 60
 
       #####################################

@@ -89,6 +89,7 @@ jobs:
           IMAGE_REPO: oxsecurity/megalinter-${{ matrix.flavor }}
           IMAGE_VERSION: alpha
           DOCKERFILE_PATH: flavors/${{ matrix.flavor }}/Dockerfile
+          DOCKER_BUILD_PLATFORMS: linux/amd64
           REGISTRY: Docker
           SQUASH: "true"
         shell: bash
@@ -114,4 +115,4 @@ jobs:
           security-checks: vuln
           vuln-type: 'os,library'
           severity: 'CRITICAL,HIGH'
-          timeout: 5m0s
+          timeout: 5m0s
@@ -69,6 +69,7 @@ jobs:
           IMAGE_REPO: oxsecurity/megalinter
           IMAGE_VERSION: alpha
           DOCKERFILE_PATH: Dockerfile
+          DOCKER_BUILD_PLATFORMS: linux/amd64
           REGISTRY: Docker
         shell: bash
         run: .automation/upload-docker.sh
@@ -85,6 +86,7 @@ jobs:
           IMAGE_REPO: oxsecurity/megalinter
           IMAGE_VERSION: alpha
           DOCKERFILE_PATH: Dockerfile
+          DOCKER_BUILD_PLATFORMS: linux/amd64
           REGISTRY: GCR
         shell: bash
         run: .automation/upload-docker.sh
@@ -109,4 +111,4 @@ jobs:
           security-checks: vuln
           vuln-type: 'os,library'
           severity: 'CRITICAL,HIGH'
-          timeout: 5m0s
+          timeout: 5m0s
@@ -93,6 +93,7 @@ jobs:
           IMAGE_REPO: oxsecurity/megalinter-${{ matrix.flavor }}
           IMAGE_VERSION: beta
           DOCKERFILE_PATH: flavors/${{ matrix.flavor }}/Dockerfile
+          DOCKER_BUILD_PLATFORMS: linux/amd64
           REGISTRY: Docker
         shell: bash
         run: .automation/upload-docker.sh
@@ -117,4 +118,4 @@ jobs:
           security-checks: vuln
           vuln-type: 'os,library'
           severity: 'CRITICAL,HIGH'
-          timeout: 10m0s
+          timeout: 10m0s
@@ -120,6 +120,7 @@ jobs:
           IMAGE_REPO: oxsecurity/megalinter-only-${{ matrix.linter }}
           IMAGE_VERSION: beta
           DOCKERFILE_PATH: linters/${{ matrix.linter }}/Dockerfile
+          DOCKER_BUILD_PLATFORMS: linux/amd64
           REGISTRY: Docker
         shell: bash
         run: .automation/upload-docker.sh
@@ -132,6 +133,7 @@ jobs:
           IMAGE_REPO: oxsecurity/megalinter-only-${{ matrix.linter }}
           IMAGE_VERSION: "${{ needs.prepare.outputs.unique_docker_image_name }}"
           DOCKERFILE_PATH: linters/${{ matrix.linter }}/Dockerfile
+          DOCKER_BUILD_PLATFORMS: linux/amd64
           REGISTRY: Docker
           ALWAYS_BUILD: force
         shell: bash

@@ -82,6 +82,7 @@ jobs:
           IMAGE_REPO: oxsecurity/megalinter
           IMAGE_VERSION: beta
           DOCKERFILE_PATH: Dockerfile
+          DOCKER_BUILD_PLATFORMS: linux/amd64
           REGISTRY: Docker
         shell: bash
         run: .automation/upload-docker.sh
@@ -97,6 +98,7 @@ jobs:
           IMAGE_REPO: oxsecurity/megalinter
           IMAGE_VERSION: beta
           DOCKERFILE_PATH: Dockerfile
+          DOCKER_BUILD_PLATFORMS: linux/amd64
           REGISTRY: GCR
         shell: bash
         run: .automation/upload-docker.sh
@@ -132,4 +134,4 @@ jobs:
 #          security-checks: vuln
 #          vuln-type: 'os,library'
 #          severity: 'CRITICAL,HIGH'
-#          timeout: 10m0s
+#          timeout: 10m0s
@@ -113,6 +113,7 @@ jobs:
           IMAGE_REPO: oxsecurity/megalinter-only-${{ matrix.linter }}
           IMAGE_VERSION: ${{ needs.prepare.outputs.tag }}
           DOCKERFILE_PATH: linters/${{ matrix.linter }}/Dockerfile
+          DOCKER_BUILD_PLATFORMS: linux/amd64
           REGISTRY: Docker
         shell: bash
         run: .automation/upload-docker.sh

@@ -51,6 +51,15 @@ jobs:
       - name: Checkout Code
         uses: actions/checkout@v3
 
+      #######################
+      # Docker Buildx setup #
+      #######################
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
       ########################
       # Get the current date #
       ########################
@@ -85,7 +94,7 @@ jobs:
              MEGA_LINTER_BASE_IMAGE="oxsecurity/megalinter:${{steps.image_tag.outputs.tag}}"
              echo "Reusing previously built image as base for quick build: ${MEGA_LINTER_BASE_IMAGE}"
           fi
-          DOCKER_BUILDKIT=1 docker build --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${GITHUB_SHA}" --build-arg "BUILD_VERSION=${GITHUB_SHA}" --build-arg "MEGALINTER_BASE_IMAGE=${MEGA_LINTER_BASE_IMAGE}" --no-cache -f "Dockerfile-quick" -t oxsecurity/megalinter:${{steps.image_tag.outputs.tag}} . | while read line ; do echo "$(date +'%H:%M:%S')| $line"; done;
+          docker buildx build --platform linux/amd64 --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${GITHUB_SHA}" --build-arg "BUILD_VERSION=${GITHUB_SHA}" --build-arg "MEGALINTER_BASE_IMAGE=${MEGA_LINTER_BASE_IMAGE}" --no-cache -f "Dockerfile-quick" -t oxsecurity/megalinter:${{steps.image_tag.outputs.tag}} --load . | while read line ; do echo "$(date +'%H:%M:%S')| $line"; done;
         timeout-minutes: 60
 
       ##########################
@@ -100,6 +109,7 @@ jobs:
           IMAGE_REPO: oxsecurity/megalinter
           IMAGE_VERSION: ${{steps.image_tag.outputs.tag}}
           DOCKERFILE_PATH: Dockerfile-quick
+          DOCKER_BUILD_PLATFORMS: linux/amd64
           REGISTRY: Docker
         shell: bash
         run: .automation/upload-docker.sh || true
@@ -117,7 +127,7 @@ jobs:
           !contains(github.event.head_commit.message, 'quick build')
         id: docker_build
         shell: bash
-        run: DOCKER_BUILDKIT=1 docker build --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${GITHUB_SHA}" --build-arg "BUILD_VERSION=${GITHUB_SHA}" --no-cache -t oxsecurity/megalinter:${{steps.image_tag.outputs.tag}} . | while read line ; do echo "$(date +'%H:%M:%S')| $line"; done;
+        run: docker buildx build --platform linux/amd64 --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${GITHUB_SHA}" --build-arg "BUILD_VERSION=${GITHUB_SHA}" --no-cache -t oxsecurity/megalinter:${{steps.image_tag.outputs.tag}} --load . | while read line ; do echo "$(date +'%H:%M:%S')| $line"; done;
         timeout-minutes: 90
 
       ####################################
@@ -138,6 +148,7 @@ jobs:
           IMAGE_REPO: oxsecurity/megalinter
           IMAGE_VERSION: ${{steps.image_tag.outputs.tag}}
           DOCKERFILE_PATH: Dockerfile
+          DOCKER_BUILD_PLATFORMS: linux/amd64
           REGISTRY: Docker
         shell: bash
         run: .automation/upload-docker.sh

@@ -82,6 +82,7 @@ jobs:
           IMAGE_REPO: oxsecurity/megalinter-${{ matrix.flavor }}
           IMAGE_VERSION: ${{ github.event.release.tag_name }}
           DOCKERFILE_PATH: flavors/${{ matrix.flavor }}/Dockerfile
+          DOCKER_BUILD_PLATFORMS: linux/amd64
           REGISTRY: Docker
         shell: bash
         run: .automation/upload-docker.sh

@@ -96,6 +96,7 @@ jobs:
           IMAGE_REPO: oxsecurity/megalinter-only-${{ matrix.linter }}
           IMAGE_VERSION: "${{ github.event.release.tag_name }}"
           DOCKERFILE_PATH: linters/${{ matrix.linter }}/Dockerfile
+          DOCKER_BUILD_PLATFORMS: linux/amd64
           REGISTRY: Docker
           ALWAYS_BUILD: force
         shell: bash

@@ -72,6 +72,7 @@ jobs:
           IMAGE_REPO: oxsecurity/megalinter
           IMAGE_VERSION: ${{ github.event.release.tag_name }}
           DOCKERFILE_PATH: Dockerfile
+          DOCKER_BUILD_PLATFORMS: linux/amd64
           REGISTRY: Docker
         shell: bash
         run: .automation/upload-docker.sh
@@ -87,6 +88,7 @@ jobs:
           IMAGE_REPO: oxsecurity/megalinter
           IMAGE_VERSION: ${{ github.event.release.tag_name }}
           DOCKERFILE_PATH: Dockerfile
+          DOCKER_BUILD_PLATFORMS: linux/amd64
           REGISTRY: GCR
         shell: bash
         run: .automation/upload-docker.sh