From 7b97f7aaad8b5ea3ad10da35fe6f097c36574da6 Mon Sep 17 00:00:00 2001
From: Emmo00 <nwaforemmanuel005@gmail.com>
Date: Mon, 22 Dec 2025 23:16:00 +0100
Subject: [PATCH 1/2] chore: refactor Docker build workflow to support
 multi-architecture images and streamline image name normalization

---
 .github/workflows/build-images.yml | 194 ++++++++++++++++++++---------
 1 file changed, 137 insertions(+), 57 deletions(-)

diff --git a/.github/workflows/build-images.yml b/.github/workflows/build-images.yml
index 04852b9..06a17ae 100644
--- a/.github/workflows/build-images.yml
+++ b/.github/workflows/build-images.yml
@@ -2,88 +2,168 @@ name: Build and publish Docker images for Energy Tracker
 
 on:
   push:
-    branches: [ "main", "staging" ]
+    branches: [ "staging", "main" ]
+  pull_request:
+    branches: [ "staging", "main" ]
 
 env:
   REGISTRY: ghcr.io
-  PROVER_IMAGE_NAME: ${{ github.repository }}
-  STREAMR_IMAGE_NAME: ${{ github.repository }}/streamr-client
 
+permissions:
+  contents: read
+  packages: write
+  attestations: write
+  id-token: write
 
 jobs:
-  build-and-push-prover-image:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      packages: write
-      attestations: write
-      id-token: write
+  build-platform:
+    strategy:
+      matrix:
+        include:
+          - platform: linux/amd64
+            runner: ubuntu-latest
+            arch: amd64
+          - platform: linux/arm64
+            runner: ubuntu-24.04-arm
+            arch: arm64
+
+    runs-on: ${{ matrix.runner }}
+
     steps:
       - name: Checkout repository
         uses: actions/checkout@v5
-      - name: Log in to the Container registry
+
+      - name: Normalize image names
+        run: |
+          echo "PROVER_IMAGE_NAME=${GITHUB_REPOSITORY,,}" >> $GITHUB_ENV
+          echo "STREAMR_IMAGE_NAME=${GITHUB_REPOSITORY,,}/streamr-client" >> $GITHUB_ENV
+
+      - name: Free disk space
+        uses: jlumbroso/free-disk-space@main
+        with:
+          tool-cache: true
+          android: true
+          dotnet: true
+          haskell: true
+          large-packages: true
+          docker-images: true
+          swap-storage: true
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to GitHub Container Registry
         if: github.event_name != 'pull_request'
-        uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
+        uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Extract metadata (tags, labels) for Docker
-        id: meta
-        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
-        with:
-          images: ${{ env.REGISTRY }}/${{ env.PROVER_IMAGE_NAME }}
-      - name: Build and push Docker image
-        id: push
-        uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4
+
+      # Prover image - push by digest with repository name
+      - name: Build Prover image (single platform)
+        id: build-prover
+        uses: docker/build-push-action@v6
         with:
           context: .
+          platforms: ${{ matrix.platform }}
+          push: ${{ github.event_name != 'pull_request' }}
+          outputs: type=image,name=${{ env.REGISTRY }}/${{ env.PROVER_IMAGE_NAME }},push-by-digest=true
+          cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.PROVER_IMAGE_NAME }}:buildcache-${{ matrix.arch }}
+          cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.PROVER_IMAGE_NAME }}:buildcache-${{ matrix.arch }},mode=max
+
+      # Streamr client image - push by digest with repository name
+      - name: Build Streamr client image (single platform)
+        id: build-streamr
+        uses: docker/build-push-action@v6
+        with:
+          context: ./streamr-client
+          platforms: ${{ matrix.platform }}
           push: ${{ github.event_name != 'pull_request' }}
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
-      - name: Generate artifact attestation
+          outputs: type=image,name=${{ env.REGISTRY }}/${{ env.STREAMR_IMAGE_NAME }},push-by-digest=true
+          cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.STREAMR_IMAGE_NAME }}:buildcache-${{ matrix.arch }}
+          cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.STREAMR_IMAGE_NAME }}:buildcache-${{ matrix.arch }},mode=max
+
+      - name: Save digests to files
+        if: github.event_name != 'pull_request'
+        run: |
+          echo ${{ steps.build-prover.outputs.digest }} > digests-${{ matrix.arch }}-prover-digest.txt
+          echo ${{ steps.build-streamr.outputs.digest }} > digests-${{ matrix.arch }}-streamr-digest.txt
+
+      - name: Upload digests artifact
         if: github.event_name != 'pull_request'
-        uses: actions/attest-build-provenance@v3
+        uses: actions/upload-artifact@v4
         with:
-          subject-name: ${{ env.REGISTRY }}/${{ env.PROVER_IMAGE_NAME }}
-          subject-digest: ${{ steps.push.outputs.digest }}
-          push-to-registry: true
+          name: digests-${{ matrix.arch }}
+          path: |
+            digests-${{ matrix.arch }}-prover-digest.txt
+            digests-${{ matrix.arch }}-streamr-digest.txt
 
-  build-and-push-streamr-image:
+  create-manifests:
+    needs: build-platform
+    if: github.event_name != 'pull_request'
     runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      packages: write
-      attestations: write
-      id-token: write
+
     steps:
-      - name: Checkout repository
-        uses: actions/checkout@v5
-      - name: Log in to the Container registry
-        if: github.event_name != 'pull_request'
-        uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
+      - name: Normalize image names
+        run: |
+          echo "PROVER_IMAGE_NAME=${GITHUB_REPOSITORY,,}" >> $GITHUB_ENV
+          echo "STREAMR_IMAGE_NAME=${GITHUB_REPOSITORY,,}/streamr-client" >> $GITHUB_ENV
+
+      - name: Download all digests
+        uses: actions/download-artifact@v4
+        with:
+          pattern: digests-*
+          merge-multiple: true
+
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Extract metadata (tags, labels) for Docker
-        id: meta
-        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
-        with:
-          images: ${{ env.REGISTRY }}/${{ env.STREAMR_IMAGE_NAME }}
-      - name: Build and push Docker image
-        id: push
-        uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Extract metadata for Prover image
+        id: meta-prover
+        uses: docker/metadata-action@v5
         with:
-          context: ./streamr-client
-          push: ${{ github.event_name != 'pull_request' }}
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
-      
-      - name: Generate artifact attestation
-        if: github.event_name != 'pull_request'
-        uses: actions/attest-build-provenance@v3
+          images: ${{ env.REGISTRY }}/${{ env.PROVER_IMAGE_NAME }}
+
+      - name: Create multi-arch manifest for Prover
+        run: |
+          AMD64_DIGEST=$(cat digests-amd64-prover-digest.txt)
+          ARM64_DIGEST=$(cat digests-arm64-prover-digest.txt)
+          echo AMD64_DIGEST=$AMD64_DIGEST
+          echo ARM64_DIGEST=$ARM64_DIGEST
+          TAGS=(${{ steps.meta-prover.outputs.tags }})
+          TAG_ARGS=""
+          for tag in "${TAGS[@]}"; do
+            TAG_ARGS="$TAG_ARGS --tag $tag"
+          done
+          docker buildx imagetools create $TAG_ARGS \
+          ${{ env.REGISTRY }}/${{ env.PROVER_IMAGE_NAME }}@$AMD64_DIGEST \
+          ${{ env.REGISTRY }}/${{ env.PROVER_IMAGE_NAME }}@$ARM64_DIGEST
+
+      - name: Extract metadata for Streamr client image
+        id: meta-streamr
+        uses: docker/metadata-action@v5
         with:
-          subject-name: ${{ env.REGISTRY }}/${{ env.STREAMR_IMAGE_NAME }}
-          subject-digest: ${{ steps.push.outputs.digest }}
-          push-to-registry: true
\ No newline at end of file
+          images: ${{ env.REGISTRY }}/${{ env.STREAMR_IMAGE_NAME }}
+
+      - name: Create multi-arch manifest for Streamr client
+        run: |
+          AMD64_DIGEST=$(cat digests-amd64-streamr-digest.txt)
+          ARM64_DIGEST=$(cat digests-arm64-streamr-digest.txt)
+          echo AMD64_DIGEST=$AMD64_DIGEST
+          echo ARM64_DIGEST=$ARM64_DIGEST
+          TAGS=(${{ steps.meta-streamr.outputs.tags }})
+          TAG_ARGS=""
+          for tag in "${TAGS[@]}"; do
+            TAG_ARGS="$TAG_ARGS --tag $tag"
+          done
+          docker buildx imagetools create $TAG_ARGS \
+          ${{ env.REGISTRY }}/${{ env.STREAMR_IMAGE_NAME }}@$AMD64_DIGEST \
+          ${{ env.REGISTRY }}/${{ env.STREAMR_IMAGE_NAME }}@$ARM64_DIGEST

From 1648b6b586e146ce1888a546f7536ddb83e73cf3 Mon Sep 17 00:00:00 2001
From: Emmo00 <nwaforemmanuel005@gmail.com>
Date: Mon, 22 Dec 2025 23:23:41 +0100
Subject: [PATCH 2/2] ...

---
 .vscode/settings.json | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.vscode/settings.json b/.vscode/settings.json
index 617034b..a35f9f7 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -34,4 +34,10 @@
         "editor.formatOnSave": true,
         "editor.hover.enabled": "on"
     },
+    "cSpell.words": [
+        "buildcache",
+        "Buildx",
+        "imagetools",
+        "jlumbroso"
+    ],
 }
\ No newline at end of file