Xen project Mailing List

[XEN PATCH] CI: use --platform on `docker build` and `push`

From: Anthony PERARD <anthony.perard@xxxxxxxxxx>

Date: Wed, 29 Apr 2026 14:48:01 +0200

Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=selector1 header.d=vates.tech header.i="@vates.tech" header.h="From:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Feedback-ID"

Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Doug Goldstein <cardoe@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>

Delivery-date: Wed, 29 Apr 2026 12:48:29 +0000

Feedback-id: default:8631fc262581453bbf619ec5b2062170:Sweego

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Without --platform, it seems recent versions of docker ignores the platform of the image when pushing, and it's pushed as the platform of the runner. If we happen to build an arm64 image on x86, with recent version of docker, the image will be push as if it was an x86 image, then `docker run --platform=linux/arm64 ...` fails. Even if it would work without --platform, gitlab-runner will not be able to use the image. To go back to the previous behavior, we will extract --platform from the dockerfiles, and use it on the command line. --platform= is needed on both docker-build and docker-push. The first one so that the image is tagged with the right platform, and the second one so that we can push a "generic" image without been tagged to a particular platform. --platform on docker-push allow to easly use the container on any arch, without having to use --platform on docker-pull or docker-run. `docker push --platform` seem to have been added to 1.46, according to the [doc], and doesn't exist on Podman. So we need to check that we are using `docker` and that the API version is new enough. [doc] https://docs.docker.com/reference/cli/docker/image/push/ Also, introduce the $img variable, to make the lines a bit shorter. Signed-off-by: Anthony PERARD <anthony.perard@xxxxxxxxxx> --- automation/build/Makefile | 24 +++++++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) diff --git a/automation/build/Makefile b/automation/build/Makefile index fedf7524dacd..d578cd347615 100644 --- a/automation/build/Makefile +++ b/automation/build/Makefile @@ -15,10 +15,28 @@ help: include yocto/yocto.inc +# Find out if we are running Podman, if not is likely docker. +is-docker = $(if $(filter Podman,$(shell $(DOCKER_CMD) version)),,1) + +# Find out the docker API version is at least 1.46. We exploit `sort -V` to +# compare the versions at it can sort by version. +docker-api-version = $(shell $(DOCKER_CMD) version -f '{{.Client.APIVersion}}') +docker-min-version = $(firstword $(shell printf "1.46\n$(docker-api-version)" | sort -V)) +docker-have-push-platform = $(if $(filter 1.46,$(docker-min-version)),1) + +# check if we can use `X push --platform`. +# `podman push` doesn't support --platform. +# `docker` only have it on recent version. +builder-have-push-platform = $(and $(is-docker),$(docker-have-push-platform)) + %: %.dockerfile ## Builds containers - $(DOCKER_CMD) build --pull -t $(REGISTRY)/$(@D):$(@F) -f $< $(<D) - @if [ ! -z $${PUSH+x} ]; then \ - $(DOCKER_CMD) push $(REGISTRY)/$(@D):$(@F); \ + set -xe; \ + $(if $(builder-have-push-platform), \ + platform=$$(sed -n '/^FROM/{s/.*$--platform=[^ ]*$ .*/\1/p;q}' $<); ) \ + img="$(REGISTRY)/$(@D):$(@F)"; \ + $(DOCKER_CMD) build --pull $$platform -t $$img -f $< $(<D); \ + if [ ! -z $${PUSH+x} ]; then \ + $(DOCKER_CMD) push $$platform $$img; \ fi .PHONY: all clean -- | Vates XCP-ng & Xen Orchestra - Vates solutions web: https://vates.tech

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.