CI: Multi-arch binaries via Docker Buildx (Linux x86/x86_64/arm64 + macOS x86_64/arm64)

[SizzleUnrlsd]

Description

Update CI to build and publish downloadable binaries for:

Linux

• linux/386 (x86)
• linux/amd64 (x86_64)
• linux/arm64 (aarch64)

macOS

• darwin/amd64 (x86_64)
• darwin/arm64 (Apple Silicon)

Build system requirement: use Docker Buildx for the builds (multi-arch), producing archives as CI artifacts and attaching them to GitHub Releases on tags.

Motivation

• Standardize builds across platforms using a reproducible container pipeline
• Make multi-arch outputs deterministic (toolchains pinned in Dockerfiles)
• Simplify local reproduction: “build the same thing CI builds”

Scope

Expected artifacts

For each target produce:

• packaged binary archive (.tar.gz for Linux, .zip or .tar.gz for macOS)
• checksums (.sha256 or SHA256SUMS)
• optional: SBOM/provenance later (not required initially)

Suggested naming:

• projectname-<version>-linux-386.tar.gz
• projectname-<version>-linux-amd64.tar.gz
• projectname-<version>-linux-arm64.tar.gz
• projectname-<version>-macos-amd64.tar.gz
• projectname-<version>-macos-arm64.tar.gz

Implementation approach (Docker Buildx)

Strategy

Use Buildx multi-platform to build dedicated “builder” images that:

1. compile the project for the target triple/arch
2. export build outputs (binary + metadata) to the CI workspace

We will implement one Dockerfile (or a small set) supporting:

• Linux targets: build inside a multi-arch container (native under QEMU where needed)
• macOS targets: build via osxcross toolchain inside Linux containers (cross-compiling darwin/amd64 and darwin/arm64)

Note: macOS binaries cannot be natively built in Docker without Apple runners, but cross-compilation via osxcross is feasible for many C/C++ projects.

CI (GitHub Actions) high level

• Setup QEMU + Buildx
• Use docker buildx build with:
  • --platform linux/386,linux/amd64,linux/arm64
  • produce artifacts via --output type=local,dest=dist/ or type=tar
• For macOS, run separate build targets (still with buildx) that use osxcross:
  • --build-arg TARGET=darwin-amd64
  • --build-arg TARGET=darwin-arm64
  • --output type=local,dest=dist/

Dockerfile outline

• Multi-stage build:
  • base: deps (compiler, cmake/ninja, etc.)
  • build-linux: compile for current container arch
  • build-macos: compile with osxcross for selected Darwin target
  • package: copy binary + license/readme + generate checksums + archive

Release publishing

• On push tags (v*):
  • upload archives to GitHub Release assets
• On PR / main:
  • upload as workflow artifacts only

Validation

• For Linux artifacts, run smoke test in container (./bin --help / --version) for each arch where feasible (native amd64; others possibly under QEMU)
• For macOS artifacts:
  • validate file format (file reports Mach-O)
  • optionally validate version string via strings (best-effort)

Acceptance criteria

• CI produces 5 artifacts: Linux 386, Linux amd64, Linux arm64, macOS amd64, macOS arm64
• Build is performed via Docker Buildx
• Artifacts include checksums
• Artifacts are uploaded on every workflow run
• Tag builds attach artifacts to GitHub Releases

Tasks

• Add Docker Buildx setup in CI (QEMU + builder)
• Create Dockerfile(s) for Linux multi-arch build with Buildx
• Add osxcross-based stages for macOS amd64 + arm64
• Implement packaging + consistent naming
• Upload workflow artifacts + release assets on tag
• Add smoke checks / format checks per target

Notes / Risks

• linux/386 may require extra care depending on dependencies (some libs drop 32-bit support).
• macOS cross-compilation depends on osxcross availability and requires an Apple SDK; ensure licensing-compliant acquisition method (documented in repo, not vendored).
• Some dependencies may not build cleanly under QEMU; prefer deterministic toolchains and caching.