feat: Enable multi-platform builds for board server

.github/workflows/docker.yml

@@ -4,6 +4,9 @@ on:
   push:
     branches:
       - main
+  pull_request:
+    branches:
+      - main
 
 env:
   REGISTRY: ghcr.io
@@ -87,6 +90,11 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
 
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+        with:
+          platforms: all
+
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
@@ -104,14 +112,13 @@ jobs:
           context: .
           file: ./packages/board-server/Dockerfile
           cache-from: |
-            type=gha,ref=${{ needs.setup.outputs.board_server_sqlite_image_name }}
-            type=registry,ref=${{ needs.setup.outputs.board_server_sqlite_image_path }}
-          cache-to: type=gha,mode=max,ref=${{ needs.setup.outputs.board_server_sqlite_image_name }}
-          push: true
+            ${{ github.event_name != 'pull_request' && format('type=gha,ref={0}', needs.setup.outputs.board_server_sqlite_image_name) || 'type=gha,scope=pr' }}
+            ${{ github.event_name != 'pull_request' && format('type=registry,ref={0}', needs.setup.outputs.board_server_sqlite_image_path) || '' }}
+          cache-to: ${{ github.event_name != 'pull_request' && format('type=gha,mode=max,ref={0}', needs.setup.outputs.board_server_sqlite_image_name) || 'type=gha,mode=max,scope=pr' }}
+          push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' && !github.event.pull_request.head.repo.fork }}
           provenance: true
+          platforms: linux/amd64,linux/arm64
           tags: >
-            ${{ needs.setup.outputs.board_server_sqlite_image_path }}:${{ github.sha }},
-            ${{ needs.setup.outputs.board_server_sqlite_image_path }}:${{ needs.setup.outputs.short_hash }},
             ${{ needs.setup.outputs.board_server_sqlite_image_path }}:${{ needs.setup.outputs.package_version }},
             ${{ needs.setup.outputs.board_server_sqlite_image_path }}:latest
           build-args: |
@@ -121,6 +128,7 @@ jobs:
             breadboard=.
 
       - name: Generate artifact attestation
+        if: github.event_name == 'push' && github.ref == 'refs/heads/main' && !github.event.pull_request.head.repo.fork
         uses: actions/attest-build-provenance@v1
         with:
           subject-name: ${{ needs.setup.outputs.board_server_sqlite_image_path }}
@@ -143,6 +151,11 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
 
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+        with:
+          platforms: all
+
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
@@ -160,16 +173,13 @@ jobs:
           context: .
           file: ./packages/board-server/Dockerfile
           cache-from: |
-            type=gha,ref=${{ needs.setup.outputs.board_server_firestore_image_name }}
-            type=registry,ref=${{ needs.setup.outputs.board_server_firestore_image_path }}
-          cache-to: |
-            type=gha,mode=max,ref=${{ needs.setup.outputs.board_server_firestore_image_name }}
-            type=registry,mode=max,ref=${{ needs.setup.outputs.board_server_firestore_image_path }}
-          push: true
+            ${{ github.event_name != 'pull_request' && format('type=gha,ref={0}', needs.setup.outputs.board_server_firestore_image_name) || 'type=gha,scope=pr' }}
+            ${{ github.event_name != 'pull_request' && format('type=registry,ref={0}', needs.setup.outputs.board_server_firestore_image_path) || '' }}
+          cache-to: ${{ github.event_name != 'pull_request' && format('type=gha,mode=max,ref={0}|type=registry,mode=max,ref={1}', needs.setup.outputs.board_server_firestore_image_name, needs.setup.outputs.board_server_firestore_image_path) || 'type=gha,mode=max,scope=pr' }}
+          push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' && !github.event.pull_request.head.repo.fork }}
           provenance: true
+          platforms: linux/amd64,linux/arm64
           tags: >
-            ${{ needs.setup.outputs.board_server_firestore_image_path }}:${{ github.sha }},
-            ${{ needs.setup.outputs.board_server_firestore_image_path }}:${{ needs.setup.outputs.short_hash }},
             ${{ needs.setup.outputs.board_server_firestore_image_path }}:${{ needs.setup.outputs.package_version }},
             ${{ needs.setup.outputs.board_server_firestore_image_path }}:latest
           build-args: |
@@ -179,8 +189,9 @@ jobs:
             breadboard=.
 
       - name: Generate artifact attestation
+        if: github.event_name == 'push' && github.ref == 'refs/heads/main' && !github.event.pull_request.head.repo.fork
         uses: actions/attest-build-provenance@v1
         with:
           subject-name: ${{ needs.setup.outputs.board_server_firestore_image_path }}
           subject-digest: ${{ steps.push.outputs.digest }}
-          push-to-registry: true
+          push-to-registry: true

packages/board-server/Dockerfile

@@ -1,5 +1,6 @@
-# Build stage
-FROM node:20-slim AS build
+# Use a base image that supports multiple platforms for the build stage
+FROM --platform=$BUILDPLATFORM node:20 AS build
+
 WORKDIR /build
 
 # Copy the entire monorepo
@@ -12,8 +13,8 @@ RUN npm ci
 WORKDIR /build/packages/board-server
 RUN npm run build
 
-# Production stage
-FROM node:20-slim
+# Use a lightweight base image for the runtime stage
+FROM --platform=$TARGETPLATFORM node:20
 
 ARG STORAGE_BACKEND
 ARG ALLOWED_ORIGINS=""
@@ -35,4 +36,4 @@ RUN npm install --only=production && \
     npm install -g tsx
 
 EXPOSE 3000
-CMD ["node", "dist/server/index.js", "--host=0.0.0.0" ]
+CMD ["node", "dist/server/index.js", "--host=0.0.0.0"]