feat(ci): update Docker workflows for multi-architecture builds

[matusso]

User description

Refactor GitHub Actions workflows to support multi-architecture
Docker image builds for the Kiterunner project.

• Replace Docker Buildx with standard Docker build commands.
• Update caching strategy to use/cache@v4.
• Introdu separate jobs for amd64 and arm images.
• Create and push a multi-platform manifest for the Kiterunner
  images.

These changes enhance the CI/CD pipeline by enabling support for
multiple architectures, improving build efficiency, and ensuring
consistent image management.

---

PR Type

Enhancement

---

Description

• Refactored GitHub Actions workflows for multi-architecture Docker builds.

  • Split jobs into separate amd64 and arm64 builds.
  • Replaced Docker Buildx with standard Docker build commands.
  • Updated caching strategy to use actions/cache@v4.

• Added a new job to create and push multi-platform Docker manifests.

• Minor formatting fix in metasploit-framework.yml.

---

Changes walkthrough 📝

	Relevant files
Enhancement	kiterunner.yml Refactor workflows for multi-architecture Docker builds    .github/workflows/kiterunner.yml Split build-and-push job into amd64 and arm64 specific jobs. Replaced Docker Buildx with standard Docker build commands. Updated caching strategy to use actions/cache@v4. Added a new job to create and push multi-platform Docker manifests. +54/-19
Formatting	metasploit-framework.yml Minor formatting fix in workflow file                                        .github/workflows/metasploit-framework.yml Fixed minor formatting issue in the workflow file. +1/-1

---

Need help?

Type /help how to ... in the comments thread for any questions about Qodo Merge usage.

Check out the documentation for more information.

[qodo-merge-pro-for-open-source]

CI Feedback 🧐

(Feedback updated until commit 116aec7)

A test triggered by this PR failed. Here is an AI-generated analysis of the failure:

Action: create-multiarch-manifest

Failed stage: Run garethr/snyk-to-sarif@master [❌]

Failure summary: The action failed because it could not find the required input file snyk.json. The error message indicates a FileNotFoundError when trying to open this file, which is specified as the input parameter for the Docker container.

Relevant error logs: 1: ##[group]Operating System 2: Ubuntu ... 236: with: 237: input: snyk.json 238: output: snyk.sarif 239: env: 240: RELEASE_VERSION: v1.0.2 241: KR_DIR: /usr/local/kiterunner 242: ##[endgroup] 243: ##[command]/usr/bin/docker run --name b7864272ca854a089620988d0b2f44f9_766054 --label 841350 --workdir /github/workspace --rm -e "RELEASE_VERSION" -e "KR_DIR" -e "INPUT_INPUT" -e "INPUT_FILE" -e "INPUT_OUTPUT" -e "HOME" -e "GITHUB_JOB" -e "GITHUB_REF" -e "GITHUB_SHA" -e "GITHUB_REPOSITORY" -e "GITHUB_REPOSITORY_OWNER" -e "GITHUB_REPOSITORY_OWNER_ID" -e "GITHUB_RUN_ID" -e "GITHUB_RUN_NUMBER" -e "GITHUB_RETENTION_DAYS" -e "GITHUB_RUN_ATTEMPT" -e "GITHUB_REPOSITORY_ID" -e "GITHUB_ACTOR_ID" -e "GITHUB_ACTOR" -e "GITHUB_TRIGGERING_ACTOR" -e "GITHUB_WORKFLOW" -e "GITHUB_HEAD_REF" -e "GITHUB_BASE_REF" -e "GITHUB_EVENT_NAME" -e "GITHUB_SERVER_URL" -e "GITHUB_API_URL" -e "GITHUB_GRAPHQL_URL" -e "GITHUB_REF_NAME" -e "GITHUB_REF_PROTECTED" -e "GITHUB_REF_TYPE" -e "GITHUB_WORKFLOW_REF" -e "GITHUB_WORKFLOW_SHA" -e "GITHUB_WORKSPACE" -e "GITHUB_ACTION" -e "GITHUB_EVENT_PATH" -e "GITHUB_ACTION_REPOSITORY" -e "GITHUB_ACTION_REF" -e "GITHUB_PATH" -e "GITHUB_ENV" -e "GITHUB_STEP_SUMMARY" -e "GITHUB_STATE" -e "GITHUB_OUTPUT" -e "RUNNER_OS" -e "RUNNER_ARCH" -e "RUNNER_NAME" -e "RUNNER_ENVIRONMENT" -e "RUNNER_TOOL_CACHE" -e "RUNNER_TEMP" -e "RUNNER_WORKSPACE" -e "ACTIONS_RUNTIME_URL" -e "ACTIONS_RUNTIME_TOKEN" -e "ACTIONS_CACHE_URL" -e "ACTIONS_RESULTS_URL" -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/docker-builds/docker-builds":"/github/workspace" 841350:b7864272ca854a089620988d0b2f44f9 "snyk.json" "--file" "" "-o" "snyk.sarif" 244: Problem opening file (FileNotFoundError) snyk.json

[qodo-merge-pro-for-open-source]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 3 🔵🔵🔵⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ Recommended focus areas for review Missing Checkout The amd64 build job is missing the actions/checkout step which is needed to access the Dockerfile and build context steps: - name: Log in to GitHub Container Registry uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} Build Command Error The docker build command contains an invalid duplicate 'build' argument that will cause the build to fail docker build build --platform linux/amd64 \

[qodo-merge-pro-for-open-source]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Score
Possible issue	✅ Add missing Docker push commands Suggestion Impact: The commit added Docker push commands for amd64 images and fixed image tagging to support multi-arch builds code diff: - docker build build --platform linux/amd64 \ + docker build --platform linux/amd64 \ --build-arg "KR_DIR=${{ env.KR_DIR }}" --build-arg "RELEASE_VERSION=${{ env.RELEASE_VERSION }}" \ --tag ghcr.io/${{ github.repository_owner }}/kiterunner:${{ env.RELEASE_VERSION }} \ - --tag ghcr.io/${{ github.repository_owner }}/kiterunner:latest ./files/kiterunner + --tag ghcr.io/${{ github.repository_owner }}/kiterunner:latest-amd64 ./files/kiterunner + docker push ghcr.io/${{ github.repository_owner }}/kiterunner:${{ env.RELEASE_VERSION }}-amd64 + docker push ghcr.io/${{ github.repository_owner }}/kiterunner:latest-amd64 The amd64 build job is missing the Docker push commands, which could cause the multi-arch manifest creation to fail. Add the push commands after the build. .github/workflows/kiterunner.yml [41-44] docker build build --platform linux/amd64 \ --build-arg "KR_DIR=${{ env.KR_DIR }}" --build-arg "RELEASE_VERSION=${{ env.RELEASE_VERSION }}" \ - --tag ghcr.io/${{ github.repository_owner }}/kiterunner:${{ env.RELEASE_VERSION }} \ - --tag ghcr.io/${{ github.repository_owner }}/kiterunner:latest ./files/kiterunner + --tag ghcr.io/${{ github.repository_owner }}/kiterunner:${{ env.RELEASE_VERSION }}-amd64 \ + --tag ghcr.io/${{ github.repository_owner }}/kiterunner:latest-amd64 ./files/kiterunner +docker push ghcr.io/${{ github.repository_owner }}/kiterunner:${{ env.RELEASE_VERSION }}-amd64 +docker push ghcr.io/${{ github.repository_owner }}/kiterunner:latest-amd64 Apply this suggestion Suggestion importance[1-10]: 10 Why: Critical fix - without pushing the amd64 images, the multi-arch manifest creation job will fail since it depends on both amd64 and arm64 images being available in the registry. Also fixes incorrect image tags to match the manifest requirements.	10
	✅ Remove duplicate build argument Suggestion Impact: The duplicate 'build' word was removed from both docker build commands (for amd64 and arm64 platforms) code diff: - docker build build --platform linux/amd64 \ + docker build --platform linux/amd64 \ --build-arg "KR_DIR=${{ env.KR_DIR }}" --build-arg "RELEASE_VERSION=${{ env.RELEASE_VERSION }}" \ --tag ghcr.io/${{ github.repository_owner }}/kiterunner:${{ env.RELEASE_VERSION }} \ --tag ghcr.io/${{ github.repository_owner }}/kiterunner:latest ./files/kiterunner @@ -58,7 +58,7 @@ - name: Build and push arm64 Docker image run: | - docker build build --platform linux/arm64 \ + docker build --platform linux/arm64 \ The 'docker build' command contains an invalid duplicate 'build' argument that will cause the build to fail. Remove the extra 'build' word. .github/workflows/kiterunner.yml [41] -docker build build --platform linux/amd64 \ +docker build --platform linux/amd64 \ Apply this suggestion Suggestion importance[1-10]: 10 Why: Critical fix - the duplicate 'build' word in the Docker command will cause the build to fail completely. This is a syntax error that needs to be fixed for the workflow to work.	10

[sonarqubecloud]

Quality Gate passed for 'routersploit'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[sonarqubecloud]

Quality Gate passed for 'kiterunner'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[sonarqubecloud]

Quality Gate passed for 'mvt-project'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[sonarqubecloud]

Quality Gate passed for 'ghauri'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[sonarqubecloud]

Quality Gate passed for 'pocketbase'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.