feat: support arm64

2025-02-13 03:10:17 -05:00 · 2024-07-06 17:34:21 -04:00 · 2024-07-06 17:34:21 -04:00 · 618c3a8a71
commit 618c3a8a71
parent 4c666df3c9
5 changed files with 57 additions and 10 deletions
--- a/.github/workflows/cd.yml
+++ b/.github/workflows/cd.yml
@ -83,6 +83,9 @@ jobs:
          sudo rm -rf /opt/ghc || true
          sudo rm -rf /usr/local/.ghcup || true

+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

@ -129,6 +132,7 @@ jobs:
          cache-to: type=registry,ref=${{ env.CONTAINER_IMAGE_ID }}-buildcache,mode=max
          load: false
          push: true
+          platforms: linux/amd64,linux/arm64/v8
          secrets: |
            GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
          tags: |
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -77,7 +77,7 @@ jobs:

  build-container-image:
    name: Build and Test
-    runs-on: ubuntu-latest
+    runs-on: ${{ contains(matrix.images.platform, 'arm64') && 'ubuntu-24.04-arm' || 'ubuntu-latest' }}
    permissions:
      contents: read
    needs:
@ -86,7 +86,7 @@ jobs:
      # Ref: https://docs.github.com/en/actions/learn-github-actions/contexts#github-context
      # github.head_ref: head_ref or source branch of the pull request
      # github.ref: ref of the branch that triggered the workflow
-      group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}-${{ github.event_name }}-${{ matrix.images.target }}
+      group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}-${{ github.event_name }}-${{ matrix.images.target }}-${{ matrix.images.platform }}
      cancel-in-progress: true
    strategy:
      fail-fast: false
@ -94,13 +94,21 @@ jobs:
        images:
          - prefix: slim-
            target: slim
+            platform: linux/amd64
          - prefix: ""
            target: standard
-    timeout-minutes: 60
+            platform: linux/amd64
+          - prefix: slim-
+            target: slim
+            platform: linux/arm64/v8
+          - prefix: ""
+            target: standard
+            platform: linux/arm64/v8
+    timeout-minutes: 180
    env:
      CONTAINER_IMAGE_ID: "ghcr.io/super-linter/super-linter:${{ matrix.images.prefix }}latest"
      CONTAINER_IMAGE_TARGET: "${{ matrix.images.target }}"
-      CONTAINER_IMAGE_OUTPUT_IMAGE_NAME: "super-linter-${{ matrix.images.prefix }}latest"
+      CONTAINER_IMAGE_OUTPUT_IMAGE_NAME: "super-linter-${{ matrix.images.prefix }}latest-${{ contains(matrix.images.platform, 'arm64') && 'arm64' || 'amd64' }}"
    steps:
      - name: Checkout Code
        uses: actions/checkout@v4
@ -115,6 +123,9 @@ jobs:
          sudo rm -rf /opt/ghc || true
          sudo rm -rf /usr/local/.ghcup || true

+      # - name: Set up QEMU
+      #   uses: docker/setup-qemu-action@v3
+
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

@ -130,6 +141,7 @@ jobs:
          cache-from: type=registry,ref=${{ env.CONTAINER_IMAGE_ID }}-buildcache
          outputs: type=docker,dest=/tmp/${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}.tar
          push: false
+          platforms: ${{ matrix.images.platform }}
          secrets: |
            GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
          tags: |
@ -198,6 +210,7 @@ jobs:

      - name: Test Local Action (debug log)
        uses: ./
+        if: matrix.images.platform == 'linux/amd64'
        env:
          LOG_LEVEL: DEBUG
          CREATE_LOG_FILE: true
@ -210,11 +223,13 @@ jobs:
          VALIDATE_JAVASCRIPT_STANDARD: false

      - name: Get the contents of the log file
+        if: matrix.images.platform == 'linux/amd64'
        run: |
          sudo cat super-linter.log
          sudo rm -v super-linter.log

      - name: Test Local Action (default log)
+        if: matrix.images.platform == 'linux/amd64'
        uses: ./
        env:
          VALIDATE_ALL_CODEBASE: false
--- a/28
+++ b/28
@ -26,9 +26,11 @@ FROM rhysd/actionlint:1.7.4 AS actionlint
 FROM scalameta/scalafmt:v3.8.3 AS scalafmt
 FROM zricethezav/gitleaks:v8.21.2 AS gitleaks
 FROM yoheimuta/protolint:0.50.5 AS protolint
-FROM ghcr.io/clj-kondo/clj-kondo:2024.11.14-alpine AS clj-kondo
+FROM ghcr.io/clj-kondo/clj-kondo:2024.11.14 AS clj-kondo
 FROM dart:3.5.4-sdk AS dart
 FROM mcr.microsoft.com/dotnet/sdk:9.0.100-alpine3.20 AS dotnet-sdk
+FROM mcr.microsoft.com/powershell:7.4-azurelinux-3.0 AS powershell-version-amd64
+FROM mcr.microsoft.com/powershell:7.4-azurelinux-3.0-arm64 AS powershell-version-arm64
 FROM mcr.microsoft.com/powershell:7.4-alpine-3.20 AS powershell
 FROM composer/composer:2.8.3 AS php-composer

@ -66,6 +68,8 @@ RUN apk add --no-cache \

 SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"]

+ARG TARGETARCH
+
 COPY dependencies/python/ /stage
 WORKDIR /stage
 RUN ./build-venvs.sh && rm -rfv /stage
@ -112,10 +116,10 @@ SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"]
 COPY scripts/install-lintr.sh scripts/install-r-package-or-fail.R /
 RUN /install-lintr.sh && rm -rf /install-lintr.sh /install-r-package-or-fail.R

-FROM powershell AS powershell-installer
-
+FROM powershell-version-${TARGETARCH} AS powershell-installer
 # Copy the value of the PowerShell install directory to a file so we can reuse it
 # when copying PowerShell stuff in the main image
+RUN echo "$(pwsh --version | cut -d ' ' -f2)" > /tmp/PS_VERSION
 RUN echo "${PS_INSTALL_FOLDER}" > /tmp/PS_INSTALL_FOLDER

 FROM php-composer AS php-linters
@ -367,7 +371,7 @@ COPY --from=kubeconfrm /kubeconform /usr/bin/
 #####################
 # Install clj-kondo #
 #####################
-COPY --from=clj-kondo /bin/clj-kondo /usr/bin/
+COPY --from=clj-kondo /usr/local/bin/clj-kondo /usr/bin/

 ####################
 # Install dart-sdk #
@ -444,6 +448,8 @@ ENTRYPOINT ["/action/lib/linter.sh"]

 FROM base_image AS slim

+ARG TARGETARCH
+
 # Run to build version file and validate image
 ENV IMAGE="slim"
 COPY scripts/linterVersions.sh /
@ -507,16 +513,27 @@ RUN dotnet help
 #########################################
 # Install Powershell + PSScriptAnalyzer #
 #########################################
+COPY --from=powershell-installer /tmp/PS_VERSION /tmp/PS_VERSION
 COPY --from=powershell-installer /tmp/PS_INSTALL_FOLDER /tmp/PS_INSTALL_FOLDER
 COPY --from=powershell /opt/microsoft/powershell /opt/microsoft/powershell
+ARG TARGETARCH
 # Disable Powershell telemetry
 ENV POWERSHELL_TELEMETRY_OPTOUT=1
 ARG PSSA_VERSION='1.22.0'
 RUN PS_INSTALL_FOLDER="$(cat /tmp/PS_INSTALL_FOLDER)" \
  && echo "PS_INSTALL_FOLDER: ${PS_INSTALL_FOLDER}" \
-  && ln -s "${PS_INSTALL_FOLDER}/pwsh" /usr/bin/pwsh \
+  && if [[ "${TARGETARCH}" == "amd64" ]]; then \
+  ln -s "${PS_INSTALL_FOLDER}/pwsh" /usr/bin/pwsh \
  && chmod a+x,o-w "${PS_INSTALL_FOLDER}/pwsh" \
  && pwsh -c "Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force" \
+  ; else \
+  # Download arm64 version of PowerShell
+  PS_VERSION="$(cat /tmp/PS_VERSION)" \
+  && PS_PACKAGE_URL="https://github.com/PowerShell/PowerShell/releases/download/v${PS_VERSION}/powershell-${PS_VERSION}-linux-arm64.tar.gz" \
+  && wget -q -O - "${PS_PACKAGE_URL}" | tar -xz -C "${PS_INSTALL_FOLDER}" \
+  && ln -s "${PS_INSTALL_FOLDER}/pwsh" /usr/bin/pwsh \
+  && chmod a+x,o-w "${PS_INSTALL_FOLDER}/pwsh" \
+  ; fi \
  && rm -rf /tmp/PS_INSTALL_FOLDER

 #############################################################
@ -527,6 +544,7 @@ RUN --mount=type=secret,id=GITHUB_TOKEN /install-arm-ttk.sh && rm -rf /install-a

 # Run to build version file and validate image again because we installed more linters
 ENV IMAGE="standard"
+ARG TARGETARCH
 COPY scripts/linterVersions.sh /
 RUN /linterVersions.sh \
  && rm -rfv /linterVersions.sh
--- a/dependencies/python/build-venvs.sh
+++ b/dependencies/python/build-venvs.sh
@ -10,6 +10,7 @@ set -euo pipefail

 apk add --no-cache --virtual .python-build-deps \
  gcc \
+  libffi-dev \
  linux-headers \
  musl-dev \
  python3-dev
@ -24,6 +25,12 @@ mkdir -p /venvs
 ########################################
 pip install virtualenv

+if [[ "${TARGETARCH}" != "amd64" ]]; then
+  # Install Rust compiler (required by checkov on arm64) #
+  # remove this once https://github.com/bridgecrewio/checkov/pull/6045 is merged
+  apk add --no-cache rust cargo
+fi
+
 #######################################################
 # Iterate through requirments.txt to install binaries #
 #######################################################
--- a/scripts/linterVersions.sh
+++ b/scripts/linterVersions.sh
@ -78,7 +78,6 @@ LINTER_NAMES_ARRAY['R']="R"
 LINTER_NAMES_ARRAY['RAKU']="raku"
 LINTER_NAMES_ARRAY['RENOVATE']="renovate-config-validator"
 LINTER_NAMES_ARRAY['RUBY']="rubocop"
-LINTER_NAMES_ARRAY['SCALAFMT']="scalafmt"
 LINTER_NAMES_ARRAY['SHELL_SHFMT']="shfmt"
 LINTER_NAMES_ARRAY['SNAKEMAKE_LINT']="snakemake"
 LINTER_NAMES_ARRAY['SNAKEMAKE_SNAKEFMT']="snakefmt"
@ -98,6 +97,10 @@ LINTER_NAMES_ARRAY['XML']="xmllint"
 LINTER_NAMES_ARRAY['YAML']="yamllint"
 LINTER_NAMES_ARRAY['YAML_PRETTIER']="prettier"

+if [[ "${TARGETARCH}" == "amd64" ]]; then
+  LINTER_NAMES_ARRAY['SCALAFMT']="scalafmt"
+fi
+
 if [[ "${IMAGE}" == "standard" ]]; then
  LINTER_NAMES_ARRAY['ARM']="arm-ttk"
  LINTER_NAMES_ARRAY['CSHARP']="dotnet"