Feature/ocu 184 allow binaries and containers to be built for architectures different than amd

Makefile

@@ -39,6 +39,14 @@ BASE_IMAGE=scratch
 DOCKER=docker
 PROTOC=protoc
 
+# https://docs.docker.com/build/building/multi-platform/
+# Make sure to always build containers using AMD64 but allow to be overridden by users if need for cross-os compatibility.
+CONTAINER_OS_ARCH=linux/amd64
+# Allow to independently customise go OS and ARCH flags.
+# Defaulting to linux/amd64 as per CONTAINER_OS_ARCH.
+GOOS=linux
+GOARCH=amd64
+
 export
 
 ########################################
@@ -47,22 +55,25 @@ export
 .PHONY: components component-binaries cmd/draconctl/bin protos build publish-component-containers publish-containers draconctl-image draconctl-image-publish clean-protos clean
 
 $(component_binaries):
-	CGO_ENABLED=0 ./scripts/build_component_binary.sh $@
+	CGO_ENABLED=0 GOOS=$(GOOS) GOARCH=$(GOARCH) ./scripts/build_component_binary.sh $@
 
 component-binaries: $(component_binaries)
 
 $(component_containers): %/docker: %/bin
-	./scripts/build_component_container.sh $@
+	./scripts/build_component_container.sh $@ $(CONTAINER_OS_ARCH)
 
 components: $(component_containers)
 
 cmd/draconctl/bin:
-	CGO_ENABLED=0 go build -o bin/cmd/draconctl cmd/draconctl/main.go
+	CGO_ENABLED=0 GOOS=$(GOOS) GOARCH=$(GOARCH) go build -o bin/cmd/$(GOOS)/$(GOARCH)/draconctl cmd/draconctl/main.go
 
 draconctl-image: cmd/draconctl/bin
 	$(DOCKER) build -t "${CONTAINER_REPO}/draconctl:${DRACON_VERSION}" \
+		--build-arg GOOS=$(GOOS) \
+		--build-arg GOARCH=$(GOARCH) \
 		$$([ "${SOURCE_CODE_REPO}" != "" ] && echo "--label=org.opencontainers.image.source=${SOURCE_CODE_REPO}" ) \
-		-f containers/Dockerfile.draconctl .
+		-f containers/Dockerfile.draconctl . \
+		--platform=$(CONTAINER_OS_ARCH)
 
 draconctl-image-publish: draconctl-image
 	$(DOCKER) push "${CONTAINER_REPO}/draconctl:${DRACON_VERSION}"
@@ -282,7 +293,7 @@ dev-dracon:
 	$(eval CONTAINER_REPO:=localhost:5000)
 	$(eval DRACON_OSS_COMPONENTS_PACKAGE_URL:=./$(DRACON_OSS_COMPONENTS_NAME)-$(DRACON_VERSION).tgz)
 	$(eval IN_CLUSTER_CONTAINER_REPO:=kind-registry:5000)
-	
+
 	$(MAKE) -j 16 publish-containers CONTAINER_REPO=$(CONTAINER_REPO)
 	$(MAKE) -j 16 dev-build-oss-components CONTAINER_REPO=$(CONTAINER_REPO)
 

components/consumers/dependency-track/Dockerfile

@@ -2,6 +2,9 @@ FROM alpine:3.20
 
 RUN apk add --no-cache ca-certificates
 
-COPY ./components/consumers/dependency-track/dependency-track /app/components/consumers/dependency-track/dependency-track
+ARG GOOS=linux
+ARG GOARCH=amd64
+
+COPY ./components/consumers/dependency-track/${GOOS}/${GOARCH}/dependency-track /app/components/consumers/dependency-track/dependency-track
 
 ENTRYPOINT ["/app/components/consumers/dependency-track/dependency-track"]

components/consumers/dependency-track/Makefile

@@ -4,14 +4,24 @@ CONTAINER_REPO=
 DRACON_VERSION=
 SOURCE_CODE_REPO=
 PRODUCER_AGGREGATOR_BASE_IMAGE=$(shell test -e .custom_image && cat .custom_image || echo "scratch")
+# https://docs.docker.com/build/building/multi-platform/
+# Make sure to always build containers using AMD64 but allow to be overridden by users if need for cross-os compatibility.
+CONTAINER_OS_ARCH=linux/amd64
+# Allow to independently customise go OS and ARCH flags.
+# Defaulting to linux/amd64 as per CONTAINER_OS_ARCH.
+GOOS=linux
+GOARCH=amd64
 
 DOCKER=docker
 
 container:
 	$(DOCKER) build --tag $(CONTAINER_REPO)/components/consumers/dependency-track:$(DRACON_VERSION) \
 					--file Dockerfile \
 					$$([ "${SOURCE_CODE_REPO}" != "" ] && echo "--label=org.opencontainers.image.source=${SOURCE_CODE_REPO}" ) \
-					 ../../../bin 1>&2
+					--build-arg GOOS=$(GOOS) \
+					--build-arg GOARCH=$(GOARCH) \
+					../../../bin 1>&2 \
+					--platform=$(CONTAINER_OS_ARCH)
 
 publish:
 	$(DOCKER) push $(CONTAINER_REPO)/components/consumers/dependency-track:$(DRACON_VERSION) 1>&2

components/consumers/jira/Dockerfile

@@ -2,6 +2,9 @@ FROM alpine:3.20
 
 RUN apk add --no-cache ca-certificates
 
-COPY ./components/consumers/jira/jira /app/components/consumers/jira/jira
+ARG GOOS=linux
+ARG GOARCH=amd64
+
+COPY ./components/consumers/jira/${GOOS}/${GOARCH}/jira /app/components/consumers/jira/jira
 
 ENTRYPOINT ["/app/components/consumers/jira/jira"]

components/consumers/jira/Makefile

@@ -4,14 +4,24 @@ CONTAINER_REPO=
 DRACON_VERSION=
 SOURCE_CODE_REPO=
 PRODUCER_AGGREGATOR_BASE_IMAGE=$(shell test -e .custom_image && cat .custom_image || echo "scratch")
+# https://docs.docker.com/build/building/multi-platform/
+# Make sure to always build containers using AMD64 but allow to be overridden by users if need for cross-os compatibility.
+CONTAINER_OS_ARCH=linux/amd64
+# Allow to independently customise go OS and ARCH flags.
+# Defaulting to linux/amd64 as per CONTAINER_OS_ARCH.
+GOOS=linux
+GOARCH=amd64
 
 DOCKER=docker
 
 container:
 	$(DOCKER) build --tag $(CONTAINER_REPO)/components/consumers/jira:$(DRACON_VERSION) \
 					--file Dockerfile \
 					$$([ "${SOURCE_CODE_REPO}" != "" ] && echo "--label=org.opencontainers.image.source=${SOURCE_CODE_REPO}" ) \
-					 ../../../bin 1>&2
+					--build-arg GOOS=$(GOOS) \
+					--build-arg GOARCH=$(GOARCH) \
+				 	../../../bin 1>&2 \
+				 	--platform=$(CONTAINER_OS_ARCH)
 
 publish:
 	$(DOCKER) push $(CONTAINER_REPO)/components/consumers/jira:$(DRACON_VERSION) 1>&2

components/consumers/pdf/Dockerfile

@@ -1,11 +1,11 @@
 FROM golang:latest
 
 WORKDIR /playwright
-RUN go mod init github.com/ocurity/pdf-consumer &&\
-    go get -u github.com/playwright-community/playwright-go &&\ 
-    go run github.com/playwright-community/playwright-go/cmd/playwright@latest install --with-deps
+RUN go mod init github.com/ocurity/pdf-consumer && \
+        go get -u github.com/playwright-community/playwright-go && \
+        go run github.com/playwright-community/playwright-go/cmd/playwright@latest install --with-deps
 
 ENV PATH="${PATH}:/go/pkg/mod/github.com/playwright-community"
 COPY components/consumers/pdf/pdf /playwright/pdf
 COPY components/consumers/pdf/default.html /playwright/default.html
-ENTRYPOINT ["/playwright/pdf"]
+ENTRYPOINT ["/playwright/pdf"]

components/consumers/slack/Dockerfile

@@ -2,6 +2,9 @@ FROM alpine:3.20
 
 RUN apk add --no-cache ca-certificates
 
-COPY ./components/consumers/slack/slack /app/components/consumers/slack/slack
+ARG GOOS=linux
+ARG GOARCH=amd64
 
-ENTRYPOINT ["/app/components/consumers/slack/slack"]
+COPY ./components/consumers/slack/${GOOS}/${GOARCH}/slack /app/components/consumers/slack/slack
+
+ENTRYPOINT ["/app/components/consumers/slack/slack"]

components/consumers/slack/Makefile

@@ -4,14 +4,24 @@ CONTAINER_REPO=
 DRACON_VERSION=
 SOURCE_CODE_REPO=
 PRODUCER_AGGREGATOR_BASE_IMAGE=$(shell test -e .custom_image && cat .custom_image || echo "scratch")
+# https://docs.docker.com/build/building/multi-platform/
+# Make sure to always build containers using AMD64 but allow to be overridden by users if need for cross-os compatibility.
+CONTAINER_OS_ARCH=linux/amd64
+# Allow to independently customise go OS and ARCH flags.
+# Defaulting to linux/amd64 as per CONTAINER_OS_ARCH.
+GOOS=linux
+GOARCH=amd64
 
 DOCKER=docker
 
 container:
 	$(DOCKER) build --tag $(CONTAINER_REPO)/components/consumers/slack:$(DRACON_VERSION) \
 					--file Dockerfile \
 					$$([ "${SOURCE_CODE_REPO}" != "" ] && echo "--label=org.opencontainers.image.source=${SOURCE_CODE_REPO}" ) \
-					 ../../../bin 1>&2
+					--build-arg GOOS=$(GOOS) \
+					--build-arg GOARCH=$(GOARCH) \
+					../../../bin 1>&2 \
+					--platform=$(CONTAINER_OS_ARCH)
 
 publish:
 	$(DOCKER) push $(CONTAINER_REPO)/components/consumers/slack:$(DRACON_VERSION) 1>&2

components/producers/aggregator/Dockerfile

@@ -1,6 +1,9 @@
 ARG PRODUCER_AGGREGATOR_BASE_IMAGE
 FROM ${PRODUCER_AGGREGATOR_BASE_IMAGE}
 
-COPY ./components/producers/aggregator/aggregator-parser /app/components/producers/aggregator/tagger
+ARG GOOS=linux
+ARG GOARCH=amd64
+
+COPY ./components/producers/aggregator/${GOOS}/${GOARCH}/aggregator-parser /app/components/producers/aggregator/tagger
 
 ENTRYPOINT ["/app/components/producers/aggregator/tagger"]

components/producers/aggregator/Makefile

@@ -4,14 +4,24 @@ CONTAINER_REPO=
 DRACON_VERSION=
 SOURCE_CODE_REPO=
 PRODUCER_AGGREGATOR_BASE_IMAGE=$(shell test -e .custom_image && cat .custom_image || echo "scratch")
+# https://docs.docker.com/build/building/multi-platform/
+# Make sure to always build containers using AMD64 but allow to be overridden by users if need for cross-os compatibility.
+CONTAINER_OS_ARCH=linux/amd64
+# Allow to independently customise go OS and ARCH flags.
+# Defaulting to linux/amd64 as per CONTAINER_OS_ARCH.
+GOOS=linux
+GOARCH=amd64
 
 DOCKER=docker
 
 container:
 	$(DOCKER) build --tag $(CONTAINER_REPO)/components/producers/tagger:$(DRACON_VERSION) \
 					--file Dockerfile \
 					$$([ "${SOURCE_CODE_REPO}" != "" ] && echo "--label=org.opencontainers.image.source=${SOURCE_CODE_REPO}" ) \
-					--build-arg PRODUCER_AGGREGATOR_BASE_IMAGE=$(PRODUCER_AGGREGATOR_BASE_IMAGE) ../../../bin 1>&2
+					--build-arg GOOS=$(GOOS) \
+					--build-arg GOARCH=$(GOARCH) \
+					--build-arg PRODUCER_AGGREGATOR_BASE_IMAGE=$(PRODUCER_AGGREGATOR_BASE_IMAGE) ../../../bin 1>&2 \
+					--platform=$(CONTAINER_OS_ARCH)
 
 publish:
 	$(DOCKER) push $(CONTAINER_REPO)/components/producers/tagger:$(DRACON_VERSION) 1>&2

components/producers/github-code-scanning/Dockerfile

@@ -1,7 +1,10 @@
 FROM alpine:3.20
 
+ARG GOOS=linux
+ARG GOARCH=amd64
+
 RUN apk add --no-cache ca-certificates
 
-COPY ./components/producers/github-code-scanning/github-code-scanning-parser /app/components/producers/github-code-scanning/github-code-scanning-parser
+COPY ./components/producers/github-code-scanning/${GOOS}/${GOARCH}/github-code-scanning-parser /app/components/producers/github-code-scanning/github-code-scanning-parser
 
 ENTRYPOINT ["/app/components/producers/github-code-scanning/github-code-scanning-parser"]

components/producers/github-code-scanning/Makefile

@@ -4,14 +4,24 @@ CONTAINER_REPO=
 DRACON_VERSION=
 SOURCE_CODE_REPO=
 PRODUCER_AGGREGATOR_BASE_IMAGE=$(shell test -e .custom_image && cat .custom_image || echo "scratch")
+# https://docs.docker.com/build/building/multi-platform/
+# Make sure to always build containers using AMD64 but allow to be overridden by users if need for cross-os compatibility.
+CONTAINER_OS_ARCH=linux/amd64
+# Allow to independently customise go OS and ARCH flags.
+# Defaulting to linux/amd64 as per CONTAINER_OS_ARCH.
+GOOS=linux
+GOARCH=amd64
 
 DOCKER=docker
 
 container:
 	$(DOCKER) build --tag $(CONTAINER_REPO)/components/producers/github-code-scanning:$(DRACON_VERSION) \
 					--file Dockerfile \
 					$$([ "${SOURCE_CODE_REPO}" != "" ] && echo "--label=org.opencontainers.image.source=${SOURCE_CODE_REPO}" ) \
-					 ../../../bin 1>&2
+				 	--build-arg GOOS=$(GOOS) \
+					--build-arg GOARCH=$(GOARCH) \
+				 	../../../bin 1>&2 \
+				 	--platform=$(CONTAINER_OS_ARCH)
 
 publish:
 	$(DOCKER) push $(CONTAINER_REPO)/components/producers/github-code-scanning:$(DRACON_VERSION) 1>&2

components/producers/typescript-eslint/eslint-wrapper/Dockerfile

@@ -1,10 +1,13 @@
 ARG ESLINT_WRAPPER_BASE_IMAGE
 FROM ${ESLINT_WRAPPER_BASE_IMAGE}
 
+ARG GOOS=linux
+ARG GOARCH=amd64
+
 WORKDIR /home/node/workspace
 COPY components/producers/typescript-eslint/eslint-wrapper/eslintrc.js /home/node/workspace
 COPY components/producers/typescript-eslint/eslint-wrapper/package.json /home/node/workspace
-COPY bin/components/producers/typescript-eslint/eslint-wrapper/eslint-wrapper-parser /home/node/workspace/
+COPY bin/components/producers/typescript-eslint/eslint-wrapper/${GOOS}/${GOARCH}/eslint-wrapper-parser /home/node/workspace/
 
 RUN npm uninstall --save bcrypt &&\
     npm install --save-dev \
@@ -14,4 +17,4 @@ RUN npm uninstall --save bcrypt &&\
     eslint-plugin-no-unsanitized \
     eslint-plugin-security-node
 
-ENTRYPOINT [ "/home/node/workspace/eslint-wrapper-parser"]
+ENTRYPOINT ["/home/node/workspace/eslint-wrapper-parser"]

components/producers/typescript-eslint/eslint-wrapper/Makefile

@@ -3,11 +3,21 @@
 CONTAINER_REPO=
 DRACON_VERSION=
 ESLINT_WRAPPER_BASE_IMAGE=$(shell test -e .custom_image && cat .custom_image || echo "node:lts")
+# https://docs.docker.com/build/building/multi-platform/
+# Make sure to always build containers using AMD64 but allow to be overridden by users if need for cross-os compatibility.
+CONTAINER_OS_ARCH=linux/amd64
+# Allow to independently customise go OS and ARCH flags.
+# Defaulting to linux/amd64 as per CONTAINER_OS_ARCH.
+GOOS=linux
+GOARCH=amd64
 
 DOCKER=docker
 
 container:
 	$(DOCKER) build --tag $(CONTAINER_REPO)/components/producers/typescript-eslint/eslint-wrapper:$(DRACON_VERSION) \
 					--file Dockerfile \
 					$$([ "${SOURCE_CODE_REPO}" != "" ] && echo "--label=org.opencontainers.image.source=${SOURCE_CODE_REPO}" ) \
-					--build-arg ESLINT_WRAPPER_BASE_IMAGE=$(ESLINT_WRAPPER_BASE_IMAGE) ../../../.. 1>&2
+					--build-arg GOOS=$(GOOS) \
+					--build-arg GOARCH=$(GOARCH) \
+					--build-arg ESLINT_WRAPPER_BASE_IMAGE=$(ESLINT_WRAPPER_BASE_IMAGE) ../../../.. 1>&2 \
+					--platform=$(CONTAINER_OS_ARCH)

containers/Dockerfile.draconctl

@@ -1,9 +1,13 @@
 ARG BASE_MIGRATION_IMAGE
+
 FROM ${BASE_MIGRATION_IMAGE:-scratch}
 
+ARG GOOS=linux
+ARG GOARCH=amd64
+
 LABEL org.opencontainers.image.description "Draconctl is a command line tool for interacting with Dracon, you can find documentation for it at github.com/ocurity/dracon"
 
-COPY ./bin/cmd/draconctl /bin/draconctl
+COPY ./bin/cmd/${GOOS}/${GOARCH}/draconctl /bin/draconctl
 COPY ./pkg/enrichment/migrations /etc/dracon/migrations/enrichment
 
 ENTRYPOINT [ "/bin/draconctl" ]

docs/getting-started.md

@@ -176,7 +176,8 @@ KiND cluster, that's not the case. Instead, the registry's host is
 deploy the pipelines and their image repositories will also have to be set to
 this value.*
 
-*\*\*Make sure that you use the draconctl image that you pushed in the repository.*
+*\*\*Make sure that you use the draconctl image that you pushed in the
+repository.*
 
 #### Using a different base image for your images
 
@@ -191,6 +192,45 @@ these components have their own Makefiles. In those cases you can place a
 `.custom_image` file in the directory with the base image you wish to use and
 that will be picked up by the Makefile and build the container.
 
+#### Building binaries and images for non linux/amd64 architecture
+
+*\*Useful for Apple Silicon chips users.*
+
+###### Containers
+
+If you need your images to be built for non linux/amd64 architecture,
+you can supply the flag `CONTAINER_OS_ARCH` for customisation of containers.
+
+This can be passed to the make commands used to build images, for example:
+
+```bash
+make CONTAINER_OS_ARCH=linux/arm64 components
+```
+
+or:
+
+```bash
+make CONTAINER_OS_ARCH=linux/arm64 publish-containers
+```
+
+By default, when `CONTAINER_ARCH` is not supplied, `linux/amd64` is used.
+
+###### Binaries
+
+`GOOS` and `GOARCH` can be supplied for customisation of the go binaries.
+
+These can be passed to the make commands used to build binaries, for example:
+
+```bash
+make GOOS=linux GOARCH=arm64 component-binaries
+```
+
+By default `linux` and `amd64` are used.
+
+\**For Apple Silicon chips, you might want to use
+`GOOS=darwin` and `GOARCH=arm64` when building binaries
+locally for development.*
+
 #### Deploying your custom Dracon components Helm package
 
 You can package your components into a Helm package by running the following