feat(arm): adds support building multiarch prowler containers

[sanchezpaco]

Description

This PR implements multi-architecture container builds for Prowler's containerized components using GitHub Actions matrix strategy and Docker Buildx, supporting both ARM64 and AMD64 architectures.

Note: This is a draft PR. We can selectively release this feature (starting with API containers only for example) and then extend it progressively to other components.

Changes Made

• Matrix Strategy: Parallel builds for linux/amd64 (ubuntu-latest) and linux/arm64 (ubuntu-24.04-arm) using different runners for each arch, this prevents emulation when building the containers
• Multi-Arch Manifests: Automatic creation using docker buildx imagetools
• Workflows have been refactored to use job outputs instead of environment variables for sharing data like short_sha and other common variables between jobs, improving workflow reliability and maintainability.

Performance Impact

• Build Times: Remain practically the same due to parallel execution

Trade-offs

• Temporary Architecture Tags: Creates temporary arch-specific tags (e.g., image:version-amd64, image:version-arm64) that remain after manifest creation. These can be cleaned up using registry lifecycle policies if needed.

Cost Impact

• Parallel runners: Instead of one build per container, now 2 builds are run for every push / release
• Temporary artifacts: as specified above, amd64 and arm64 images are being created which are going to consume space & traffic, could be deleted

Future Improvements

• Code Reusability: Create reusable composite actions to eliminate workflow duplication
• Cache Optimization: Review and optimize cache strategies for cross-architecture builds
• Registry Cleanup: Implement automated cleanup of temporary architecture-specific tags

Steps to review

• Multi-architecture container builds have been tested by building all containers and pushing them to a personal DockerHub account, with all builds completing successfully for both AMD64 and ARM64 architectures
  • API: https://github.com/sanchezpaco/prowler/actions/runs/18037844616
  • SDK: https://github.com/sanchezpaco/prowler/actions/runs/18037844565
  • UI: https://github.com/sanchezpaco/prowler/actions/runs/18038098266
• To test this feature comprehensively, run the workflows against your production registries (such as ECR) and verify that the ARM64 version of Prowler functions correctly on ARM-based infrastructure

Checklist

• Are there new checks included in this PR? Yes / No
  • If so, do we need to update permissions for the provider? Please review this carefully.
• Review if the code is being covered by tests.
• Review if code is being documented following this specification https://github.com/google/styleguide/blob/gh-pages/pyguide.md#38-comments-and-docstrings
• Review if backport is needed.
• Review if is needed to change the Readme.md
• Ensure new entries are added to CHANGELOG.md, if applicable.

API

• Verify if API specs need to be regenerated.
• Check if version updates are required (e.g., specs, Poetry, etc.).
• Ensure new entries are added to CHANGELOG.md, if applicable.

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.