From e6c2e40ec2ddb5361220c71f94c82336062d0196 Mon Sep 17 00:00:00 2001
From: Brooks Newberry <brooks@newberry.com>
Date: Wed, 16 Oct 2024 13:16:41 -0700
Subject: [PATCH] fix cross-platform builds, multi-arch signing (#121)

Signed-off-by: Brooks Newberry <brooks@newberry.com>
---
 Dockerfile |  2 +-
 Makefile   | 13 ++++++++++---
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 3557ecf..5ebb528 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-ARG ARCH="amd64"
+ARG ARCH=${TARGETARCH}
 ARG BCI_IMAGE=registry.suse.com/bci/bci-base
 ARG GO_IMAGE=rancher/hardened-build-base:v1.22.8b1
 ARG CNI_IMAGE_VERSION=v1.5.1-build20241009
diff --git a/Makefile b/Makefile
index c5c9c2b..1d64221 100644
--- a/Makefile
+++ b/Makefile
@@ -20,6 +20,10 @@ ifndef TARGET_PLATFORMS
 	endif
 endif
 
+IMAGE_DIGESTS ?=
+IID_FILE_FLAG ?=
+IID_FILE_PATH := $(if $(IID_FILE_FLAG),$(word 2, $(IID_FILE_FLAG)))
+
 K3S_ROOT_VERSION ?= v0.14.0
 BUILD_META=-build$(shell date +%Y%m%d)
 MACHINE := rancher
@@ -40,7 +44,7 @@ $(error TAG $(TAG) needs to end with build metadata: $(BUILD_META))
 endif
 
 buildx-machine:
-	@docker buildx ls | grep $(MACHINE) || \
+	docker buildx inspect $(MACHINE) > /dev/null 2>&1 || \
 		docker buildx create --name=$(MACHINE) --platform=linux/arm64,linux/amd64
 
 .PHONY: image-build
@@ -72,8 +76,11 @@ push-image: buildx-machine
 		.
 
 .PHONY: manifest-push
-manifest-push:
-	docker buildx imagetools create -t $(IMAGE) -t $(REGISTRY_IMAGE):latest $(IMAGE_DIGESTS)
+manifest-push: buildx-machine
+	docker buildx imagetools create --builder=$(MACHINE) -t $(IMAGE) -t $(REGISTRY_IMAGE):latest $(IMAGE_DIGESTS)
+ifneq ($(strip $(IID_FILE_PATH)),)
+	docker buildx imagetools inspect --format "{{json .Manifest}}" $(IMAGE) | jq -r '.digest' > "$(IID_FILE_PATH)"
+endif
 
 .PHONY: image-scan
 image-scan: