Multi-arch build

[cardil]

Summary by CodeRabbit

• New Features

  • Introduced a new .editorconfig file to enforce coding style guidelines.
  • Added a multiarch build workflow for automated container image building and pushing.
  • Updated the Containerfile to include imagemagick installation.
  • Enhanced README.md with a new section for pulling the Docker image and updated badges.

• Documentation

  • Revised the formatting and content of the README.md file.

[coderabbitai]

Walkthrough

This pull request introduces several changes, including the addition of a new .editorconfig file that specifies coding style guidelines for the project. A GitHub Actions workflow named multiarch-build.yaml is created to automate the building and pushing of multi-architecture container images. The Containerfile is updated to include the installation of imagemagick. Lastly, the README.md file is modified to change the title formatting, update the Docker badge, and add a new section for pulling the Docker image.

Changes

File	Change Summary
.editorconfig	New file created with coding style guidelines (e.g., line endings, indentation, charset).
.github/workflows/multiarch-build.yaml	New workflow added for automated multi-architecture container image building and pushing.
Containerfile	Modified to include the installation of imagemagick alongside existing packages.
README.md	Title formatting changed, Docker badge updated, and new section for pulling the Docker image added.

Poem

🐇 In the garden where code does bloom,
A new config file clears the gloom.
With multiarch builds, we leap and bound,
Imagery added, new features abound.
README shines bright, guiding the way,
Hooray for changes, hip-hip-hooray! 🎉

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

🧹 Outside diff range and nitpick comments (4)

.github/workflows/multiarch-build.yaml (4)

3-9: Optimize workflow triggers and fix schedule comment

1. The workflow currently runs on all branches which could consume unnecessary GitHub Actions minutes. Consider limiting it to specific branches.
2. The schedule comment mentions 5:30 but the cron expression shows 7:30 UTC.

 on: 
   push:
     branches:
-      - '**'
+      - 'master'
+      - 'develop'
   schedule:
-  # Every month's 2nd on 5:30
+  # Every month's 2nd at 7:30 UTC
   - cron: '30 7 2 * *'

🧰 Tools

🪛 yamllint

[error] 3-3: trailing spaces

(trailing-spaces)

---

[warning] 9-9: wrong indentation: expected 4 but found 2

(indentation)

---

18-21: Enhance apt-get installation reliability

The package installation could be more robust by adding error handling and best practices.

   - name: Install qemu dependency
     run: |
-      sudo apt-get update
-      sudo apt-get install -y qemu-user-static
+      sudo apt-get update && \
+      DEBIAN_FRONTEND=noninteractive sudo apt-get install -y \
+        qemu-user-static \
+        --no-install-recommends && \
+      sudo apt-get clean && \
+      sudo rm -rf /var/lib/apt/lists/*

---

31-40: Add error handling for push step

Consider adding error handling and retries for the push step to handle temporary registry issues.

   - name: Push To quay.io
     id: push-to-quay
     uses: redhat-actions/push-to-registry@v2
     if: github.ref == 'refs/heads/master'
+    continue-on-error: true
+    max-attempts: 3
     with:
       image: ${{ steps.build-image.outputs.image }}
       tags: ${{ steps.build-image.outputs.tags }}
       registry: quay.io/wavesoftware
       username: ${{ secrets.QUAY_USER }}
       password: ${{ secrets.QUAY_PASSWORD }}
+

🧰 Tools

🪛 yamllint

[error] 40-40: no new line character at the end of file

(new-line-at-end-of-file)

---

1-40: Fix YAML formatting issues

The following formatting issues were detected:

1. Remove trailing spaces
2. Fix indentation (should be 4 spaces)
3. Add newline at end of file

-name: Multiarch build
+name: Multiarch build
 
-on: 
+on:
   push:
     branches:
       - '**'
   schedule:
-  # Every month's 2nd on 5:30
-  - cron: '30 7 2 * *'
+    # Every month's 2nd on 5:30
+    - cron: '30 7 2 * *'
 
 jobs:
   multiarch-build:
     name: Build images
     runs-on: ubuntu-22.04
     steps:
       - uses: actions/checkout@v4
# ... rest of file ...
       password: ${{ secrets.QUAY_PASSWORD }}
+

🧰 Tools

🪛 yamllint

[error] 3-3: trailing spaces

(trailing-spaces)

---

[warning] 9-9: wrong indentation: expected 4 but found 2

(indentation)

---

[error] 40-40: no new line character at the end of file

(new-line-at-end-of-file)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between f063e05 and 7b76681.

📒 Files selected for processing (4)

• .editorconfig (1 hunks)
• .github/workflows/multiarch-build.yaml (1 hunks)
• Containerfile (1 hunks)
• README.md (1 hunks)

✅ Files skipped from review due to trivial changes (1)

• .editorconfig

🧰 Additional context used

🪛 yamllint

.github/workflows/multiarch-build.yaml

[error] 3-3: trailing spaces

(trailing-spaces)

---

[warning] 9-9: wrong indentation: expected 4 but found 2

(indentation)

---

[error] 40-40: no new line character at the end of file

(new-line-at-end-of-file)

🪛 Markdownlint

README.md

11-11: Expected: h2; Actual: h3
Heading levels should only increment by one level at a time

(MD001, heading-increment)

---

7-7: Expected: 0; Actual: 1
Unordered list indentation

(MD007, ul-indent)

---

8-8: Expected: 0; Actual: 1
Unordered list indentation

(MD007, ul-indent)

---

9-9: Expected: 0; Actual: 1
Unordered list indentation

(MD007, ul-indent)

---

14-14: null
Dollar signs used before commands without showing output

(MD014, commands-show-output)

---

11-11: Punctuation: ':'
Trailing punctuation in heading

(MD026, no-trailing-punctuation)

🔇 Additional comments (2)

Containerfile (2)

5-7: LGTM on package installation practices

The installation follows container best practices:

• Uses --no-install-recommends to minimize image size
• Properly cleans up apt cache
• Combines RUN commands to reduce layers

---

5-5: Consider security implications of ImageMagick installation

While the installation looks correct, ImageMagick requires additional security considerations:

1. Consider restricting ImageMagick's capabilities through a custom policy.xml
2. Consider pinning the version for better reproducibility and security tracking

Let's verify the ImageMagick installation across architectures and check its current version: