Update changelog

Signed-off-by: divyansh42 <diagrawa@redhat.com>

.editorconfig

@@ -0,0 +1,15 @@
+root = true
+
+[*]
+charset = utf-8
+tab_width = 4
+indent_size = 4
+end_of_line = lf
+indent_style = space
+max_line_length = 120
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+[*.{yml,yaml}]
+tab_width = 2
+indent_size = 2

.github/install_latest_buildah.sh

@@ -1,7 +1,3 @@
-# https://github.com/containers/buildah/blob/main/install.md
-. /etc/os-release
-sudo sh -c "echo 'deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/x${ID^}_${VERSION_ID}/ /' > /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list"
-wget -nv https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/x${ID^}_${VERSION_ID}/Release.key -O Release.key
 sudo apt-key add - < Release.key
 sudo apt-get update -qq
 sudo apt-get -qq -y install buildah

.github/workflows/check-lowercase.yaml

@@ -0,0 +1,66 @@
+# This workflow will perform a test whenever there
+# is some change in code done to ensure that the changes
+# are not buggy and we are getting the desired output.
+name: Check Case Normalization
+on:
+  push:
+  pull_request:
+  workflow_dispatch:
+  schedule:
+    - cron: '0 0 * * *'  # every day at midnight
+
+env:
+  IMAGE_NAME: ImageCaseTest
+  IMAGE_TAGS: v1 TagCaseTest
+
+jobs:
+  build:
+    name: Build image using Buildah
+    runs-on: ubuntu-22.04
+    strategy:
+      fail-fast: false
+      matrix:
+        install_latest: [ true, false ]
+
+    steps:
+
+      # Checkout buildah action github repository
+      - name: Checkout Buildah action
+        uses: actions/checkout@v4
+        with:
+          path: "buildah-build"
+
+      - name: Install latest buildah
+        if: matrix.install_latest
+        run: |
+          bash buildah-build/.github/install_latest_buildah.sh
+
+      - name: Create Dockerfile
+        run: |
+          cat > Containerfile<<EOF
+          FROM busybox
+          RUN echo "hello world"
+          EOF
+
+      # Build image using Buildah action
+      - name: Build Image
+        id: build_image
+        uses: ./buildah-build/
+        with:
+          image: ${{ env.IMAGE_NAME }}
+          layers: false
+          tags: ${{ env.IMAGE_TAGS }}
+          containerfiles: |
+            ./Containerfile
+          extra-args: |
+            --pull
+
+      - name: Echo Outputs
+        run: |
+          echo "Image: ${{ steps.build_image.outputs.image }}"
+          echo "Tags: ${{ steps.build_image.outputs.tags }}"
+          echo "Tagged Image: ${{ steps.build_image.outputs.image-with-tag }}"
+
+      # Check if image is build
+      - name: Check images created
+        run: buildah images

.github/workflows/ci.yml

@@ -6,21 +6,21 @@ on:
 jobs:
   lint:
     name: Run ESLint
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - run: npm ci
       - run: npm run lint
-  
+
   check-dist:
     name: Check Distribution
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     env:
       BUNDLE_FILE: "dist/index.js"
       BUNDLE_COMMAND: "npm run bundle"
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
 
       - name: Install
         run: npm ci
@@ -30,18 +30,18 @@ jobs:
         with:
           bundle_file: ${{ env.BUNDLE_FILE }}
           bundle_command: ${{ env.BUNDLE_COMMAND }}
-  
+
   check-inputs-outputs:
     name: Check Input and Output enums
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     env:
       IO_FILE: ./src/generated/inputs-outputs.ts
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
 
       - name: Install dependencies
         run: npm ci
-    
+
       - name: Verify Input and Output enums
         uses: redhat-actions/common/action-io-generator@v1
         with:

.github/workflows/containerfile_build.yml

@@ -15,7 +15,7 @@ env:
 jobs:
   build:
     name: Build image using Buildah
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     strategy:
       fail-fast: false
       matrix:
@@ -25,7 +25,7 @@ jobs:
 
       # Checkout buildah action github repository
       - name: Checkout Buildah action
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           path: "buildah-build"
 

.github/workflows/docker_metadata_action.yml

@@ -0,0 +1,185 @@
+# This workflow will perform a test whenever there
+# is some change in code done to ensure that the changes
+# are not buggy and we are getting the desired output.
+name: Build with docker/metadata-action
+on:
+  push:
+  pull_request:
+  workflow_dispatch:
+  schedule:
+    - cron: '0 0 * * *'  # every day at midnight
+
+jobs:
+  build-containerfile:
+    name: Build image with Containerfile
+    runs-on: ubuntu-22.04
+    strategy:
+      fail-fast: false
+      matrix:
+        install_latest: [ true, false ]
+
+    env:
+      IMAGE_NAME: "hello-world"
+
+    steps:
+
+      # Checkout buildah action github repository
+      - name: Checkout Buildah action
+        uses: actions/checkout@v4
+
+      - name: Docker Metadata
+        id: docker-metadata
+        uses: docker/metadata-action@v4
+        with:
+          images: |
+            ${{ env.IMAGE_NAME }}
+          tags: |
+            type=edge
+            type=sha
+            type=ref,event=branch
+            type=ref,event=pr
+            type=schedule
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}},enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }}
+
+      - name: Install latest buildah
+        if: matrix.install_latest
+        run: |
+          bash .github/install_latest_buildah.sh
+
+      - name: Create Dockerfile
+        run: |
+          cat > Containerfile<<EOF
+          FROM busybox
+          RUN echo "hello world"
+          EOF
+
+      # Build image using Buildah action
+      - name: Build Image
+        id: build_image
+        uses: ./
+        with:
+          layers: false
+          tags: ${{ steps.docker-metadata.outputs.tags }}
+          labels: ${{ steps.docker-metadata.outputs.labels }}
+          containerfiles: |
+            ./Containerfile
+          extra-args: |
+            --pull
+
+      - name: Echo Outputs
+        run: |
+          echo "Image: ${{ steps.build_image.outputs.image }}"
+          echo "Tags: ${{ steps.build_image.outputs.tags }}"
+          echo "Tagged Image: ${{ steps.build_image.outputs.image-with-tag }}"
+
+      # Check if image is build
+      - name: Check images created
+        run: buildah images | grep '${{ env.IMAGE_NAME }}'
+
+      - name: Check image metadata
+        run: |
+          set -x
+          buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.OCIv1.config.Labels."org.opencontainers.image.title"'
+          buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.OCIv1.config.Labels."org.opencontainers.image.description"'
+          buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.Docker.config.Labels."org.opencontainers.image.title"'
+          buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.Docker.config.Labels."org.opencontainers.image.description"'
+
+  build-scratch:
+    name: Build image without Containerfile
+    runs-on: ubuntu-22.04
+    strategy:
+      fail-fast: false
+      matrix:
+        install_latest: [ true, false ]
+
+    env:
+      PROJECT_DIR: spring-petclinic
+      IMAGE_NAME: spring-petclinic
+      MVN_REPO_DIR: ~/.m2/repository
+
+    steps:
+
+      # Checkout buildah action github repository
+      - name: Checkout Buildah action
+        uses: actions/checkout@v4
+
+      - name: Docker Metadata
+        id: docker-metadata
+        uses: docker/metadata-action@v4
+        with:
+          images: |
+            ${{ env.IMAGE_NAME }}
+          tags: |
+            type=edge
+            type=sha
+            type=ref,event=branch
+            type=ref,event=pr
+            type=schedule
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}},enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }}
+
+      - name: Install latest buildah
+        if: matrix.install_latest
+        run: |
+          bash .github/install_latest_buildah.sh
+
+      # Checkout spring-petclinic github repository
+      - name: Checkout spring-petclinic project
+        uses: actions/checkout@v4
+        with:
+          repository: "spring-projects/spring-petclinic"
+          path: ${{ env.PROJECT_DIR }}
+
+      # Setup java.
+      - name: Setup Java
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'temurin'
+          java-version: '17'
+          cache: 'maven'
+
+      # Run maven to build the project
+      - name: Maven
+        working-directory: ${{ env.PROJECT_DIR }}
+        run: |
+          mvn package -ntp -B
+
+      # Build image using Buildah action
+      - name: Build Image
+        id: build_image
+        uses: ./
+        with:
+          tags: ${{ steps.docker-metadata.outputs.tags }}
+          labels: ${{ steps.docker-metadata.outputs.labels }}
+          base-image: 'registry.access.redhat.com/openjdk/openjdk-11-rhel7'
+          # To avoid hardcoding a particular version of the binary.
+          content: |
+            ./spring-petclinic/target/spring-petclinic-*.jar
+          entrypoint: |
+            java
+            -jar
+            spring-petclinic-*.jar
+          port: 8080
+          arch: amd64
+          workdir: "."
+
+      - name: Echo Outputs
+        run: |
+          echo "Image: ${{ steps.build_image.outputs.image }}"
+          echo "Tags: ${{ steps.build_image.outputs.tags }}"
+          echo "Tagged Image: ${{ steps.build_image.outputs.image-with-tag }}"
+
+      # Check if image is build
+      - name: Check images created
+        run: buildah images | grep '${{ env.IMAGE_NAME }}'
+
+      - name: Check image metadata
+        run: |
+          set -x
+          buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.OCIv1.config.Labels."org.opencontainers.image.title"'
+          buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.OCIv1.config.Labels."org.opencontainers.image.description"'
+          buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.Docker.config.Labels."org.opencontainers.image.title"'
+          buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.Docker.config.Labels."org.opencontainers.image.description"'

.github/workflows/link_check.yml

@@ -12,9 +12,9 @@ on:
 jobs:
   markdown-link-check:
     name: Check links in markdown
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - uses: gaurav-nelson/github-action-markdown-link-check@v1
         with:
           use-verbose-mode: true

.github/workflows/multiarch.yml

@@ -7,24 +7,26 @@ on:
     - cron: '0 0 * * *'  # every day at midnight
 
 env:
-  IMAGE_NAME: hello-world-multiarch
+  PROJECT_DIR: spring-petclinic
+  MVN_REPO_DIR: ~/.m2/repository
   IMAGE_TAG: latest
 
 jobs:
-  build:
-    name: Build image using Buildah
-    runs-on: ubuntu-20.04
+  build-multiarch-containerfile:
+    name: Build multi-architecture image using Containerfile
+    env:
+      IMAGE_NAME: hello-world-multiarch
+    runs-on: ubuntu-22.04
     strategy:
       fail-fast: false
       matrix:
-        arch: [ amd64, i386, arm64v8 ]
         install_latest: [ true, false ]
 
     steps:
 
       # Checkout buildah action github repository
       - name: Checkout Buildah action
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           path: "buildah-build"
 
@@ -42,8 +44,7 @@ jobs:
         run: |
           cat > Containerfile<<EOF
 
-          ARG ARCH
-          FROM docker.io/\${ARCH}/alpine:3.14
+          FROM docker.io/alpine:3.14
 
           RUN echo "hello world"
 
@@ -51,21 +52,20 @@ jobs:
           EOF
 
       - name: Build Image
-        id: build_image
+        id: build_image_multiarch
         uses: ./buildah-build/
         with:
           image: ${{ env.IMAGE_NAME }}
-          tags: ${{ env.IMAGE_TAG }}
-          arch: ${{ matrix.arch }}
-          build-args: ARCH=${{ matrix.arch }}
+          tags: latest v1
+          archs: amd64                    # Single arch testcase
           containerfiles: |
             ./Containerfile
 
       - name: Echo Outputs
         run: |
-          echo "Image: ${{ steps.build_image.outputs.image }}"
-          echo "Tags: ${{ steps.build_image.outputs.tags }}"
-          echo "Tagged Image: ${{ steps.build_image.outputs.image-with-tag }}"
+          echo "Image: ${{ steps.build_image_multiarch.outputs.image }}"
+          echo "Tags: ${{ steps.build_image_multiarch.outputs.tags }}"
+          echo "Tagged Image: ${{ steps.build_image_multiarch.outputs.image-with-tag }}"
 
       - name: Check images created
         run: buildah images | grep '${{ env.IMAGE_NAME }}'
@@ -73,9 +73,157 @@ jobs:
       - name: Check image metadata
         run: |
           set -x
-          buildah inspect ${{ steps.build_image.outputs.image }}:${{ env.IMAGE_TAG }} | jq ".OCIv1.architecture"
-          buildah inspect ${{ steps.build_image.outputs.image }}:${{ env.IMAGE_TAG }} | jq ".Docker.architecture"
+          buildah inspect ${{ steps.build_image_multiarch.outputs.image }}:${{ env.IMAGE_TAG }} | jq ".OCIv1.architecture"
+          buildah inspect ${{ steps.build_image_multiarch.outputs.image }}:${{ env.IMAGE_TAG }} | jq ".Docker.architecture"
 
       - name: Run image
         run: |
-          podman run --rm ${{ steps.build_image.outputs.image }}:${{ env.IMAGE_TAG }}
+          podman run --rm ${{ steps.build_image_multiarch.outputs.image }}:${{ env.IMAGE_TAG }}
+
+  build-multiplatform-containerfile:
+    name: Build multi-platform image using Containerfile
+    env:
+      IMAGE_NAME: hello-world-multiplatform
+    runs-on: ubuntu-22.04
+    strategy:
+      fail-fast: false
+      matrix:
+        install_latest: [ true, false ]
+
+    steps:
+
+      # Checkout buildah action github repository
+      - name: Checkout Buildah action
+        uses: actions/checkout@v4
+        with:
+          path: "buildah-build"
+
+      - name: Install latest buildah
+        if: matrix.install_latest
+        run: |
+          bash buildah-build/.github/install_latest_buildah.sh
+
+      - name: Install qemu dependency
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y qemu-user-static
+
+      - name: Create Containerfile
+        run: |
+          cat > Containerfile<<EOF
+
+          FROM docker.io/alpine:3.16
+
+          RUN echo "hello world"
+
+          ENTRYPOINT [ "sh", "-c", "echo -n 'Machine: ' && uname -m && echo -n 'Bits: ' && getconf LONG_BIT && echo 'goodbye world'" ]
+          EOF
+
+      - name: Build Image
+        id: build_image_multiplatform
+        uses: ./buildah-build/
+        with:
+          image: ${{ env.IMAGE_NAME }}
+          tags: ${{ env.IMAGE_TAG }}
+          platforms: linux/amd64, linux/ppc64le
+          containerfiles: |
+            ./Containerfile
+
+      - name: Echo Outputs
+        run: |
+          echo "Image: ${{ steps.build_image_multiplatform.outputs.image }}"
+          echo "Tags: ${{ steps.build_image_multiplatform.outputs.tags }}"
+          echo "Tagged Image: ${{ steps.build_image_multiplatform.outputs.image-with-tag }}"
+
+      - name: Check images created
+        run: buildah images | grep '${{ env.IMAGE_NAME }}'
+
+      - name: Check manifest
+        run: |
+          set -x
+          buildah manifest inspect ${{ steps.build_image_multiplatform.outputs.image }}:${{ env.IMAGE_TAG }}
+
+      - name: Run image
+        run: |
+          podman run --rm ${{ steps.build_image_multiplatform.outputs.image }}:${{ env.IMAGE_TAG }}
+
+  build-multiarch-scratch:
+    name: Build multi-architecture image from scratch
+    env:
+      IMAGE_NAME: spring-petclinic-multiarch
+    runs-on: ubuntu-22.04
+    strategy:
+      fail-fast: false
+      matrix:
+        install_latest: [ true, false ]
+
+    steps:
+
+      # Checkout buildah action github repository
+      - name: Checkout Buildah action
+        uses: actions/checkout@v4
+        with:
+          path: "buildah-build"
+
+      - name: Install latest buildah
+        if: matrix.install_latest
+        run: |
+          bash buildah-build/.github/install_latest_buildah.sh
+
+      - name: Install qemu dependency
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y qemu-user-static
+
+      # Checkout spring-petclinic github repository
+      - name: Checkout spring-petclinic project
+        uses: actions/checkout@v4
+        with:
+          repository: "spring-projects/spring-petclinic"
+          path: ${{ env.PROJECT_DIR }}
+
+      # Setup java.
+      - name: Setup Java
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'temurin'
+          java-version: '17'
+          cache: 'maven'
+
+      # Run maven to build the project
+      - name: Maven
+        working-directory: ${{ env.PROJECT_DIR }}
+        run: |
+          mvn package -ntp -B
+
+      - name: Build Image
+        id: build_image_multiarch
+        uses: ./buildah-build/
+        with:
+          image: ${{ env.IMAGE_NAME }}
+          tags: ${{ env.IMAGE_TAG }}
+          base-image: 'registry.access.redhat.com/openjdk/openjdk-11-rhel7'
+          archs: amd64, i386, ppc64le
+          # To avoid hardcoding a particular version of the binary.
+          content: |
+            ./spring-petclinic/target/spring-petclinic-*.jar
+          entrypoint: |
+            java
+            -jar
+            spring-petclinic-*.jar
+          port: 8080
+          workdir: "."
+
+      - name: Echo Outputs
+        run: |
+          echo "Image: ${{ steps.build_image_multiarch.outputs.image }}"
+          echo "Tags: ${{ steps.build_image_multiarch.outputs.tags }}"
+          echo "Tagged Image: ${{ steps.build_image_multiarch.outputs.image-with-tag }}"
+
+      - name: Check images created
+        run: buildah images | grep '${{ env.IMAGE_NAME }}'
+
+      - name: Check manifest
+        run: |
+          set -x
+          buildah manifest inspect ${{ steps.build_image_multiarch.outputs.image }}:${{ env.IMAGE_TAG }}

.github/workflows/scratch_build.yml

@@ -17,7 +17,7 @@ env:
 jobs:
   build:
     name: Build image using Buildah
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     strategy:
       fail-fast: false
       matrix:
@@ -27,7 +27,7 @@ jobs:
 
       # Checkout buildah action github repository
       - name: Checkout Buildah action
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           path: "buildah-build"
 
@@ -38,31 +38,18 @@ jobs:
 
       # Checkout spring-petclinic github repository
       - name: Checkout spring-petclinic project
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           repository: "spring-projects/spring-petclinic"
           path: ${{ env.PROJECT_DIR }}
 
-      # If none of these files has changed, we assume that the contents of
-      # .m2/repository can be fetched from the cache.
-      - name: Hash Maven files
-        working-directory: ${{ env.PROJECT_DIR }}
-        run: |
-          echo "MVN_HASH=${{ hashFiles('**/pom.xml', '.mvn/**/*', 'mvnw*') }}" >> $GITHUB_ENV
-
-      # Download the m2 repository from the cache to speed up the build.
-      - name: Check for Maven cache
-        id: check-mvn-cache
-        uses: actions/cache@v2
-        with:
-          path: ${{ env.MVN_REPO_DIR }}
-          key: ${{ env.MVN_HASH }}
-
       # Setup java.
       - name: Setup Java
-        uses: actions/setup-java@v1
+        uses: actions/setup-java@v3
         with:
-          java-version: 11
+          distribution: 'temurin'
+          java-version: '17'
+          cache: 'maven'
 
       # Run maven to build the project
       - name: Maven
@@ -70,14 +57,6 @@ jobs:
         run: |
           mvn package -ntp -B
 
-       # If there was no cache hit above, store the output into the cache now.
-      - name: Save Maven repo into cache
-        if: ${{ steps.check-mvn-cache.outputs.cache-hit }} != 'true'
-        uses: actions/cache@v2
-        with:
-          path: ${{ env.MVN_REPO_DIR }}
-          key: ${{ env.MVN_HASH }}
-
       # Build image using Buildah action
       - name: Build Image
         id: build_image

.github/workflows/security_scan.yml

@@ -0,0 +1,36 @@
+name: Vulnerability Scan with CRDA
+on:
+  # push:
+  workflow_dispatch:
+  # pull_request_target:
+  #   types: [ assigned, opened, synchronize, reopened, labeled, edited ]
+  # schedule:
+  #   - cron: '0 0 * * *'  # every day at midnight
+
+jobs:
+  crda-scan:
+    runs-on: ubuntu-22.04
+    name: Scan project vulnerability with CRDA
+    steps:
+
+      - uses: actions/checkout@v4
+
+      - name: Setup Node
+        uses: actions/setup-node@v3
+        with:
+          node-version: '20'
+          cache: 'npm'
+
+      - name: Install CRDA
+        uses: redhat-actions/openshift-tools-installer@v1
+        with:
+          source: github
+          github_pat: ${{ github.token }}
+          crda: "latest"
+
+      - name: CRDA Scan
+        id: scan
+        uses: redhat-actions/crda@v1
+        with:
+          crda_key: ${{ secrets.CRDA_KEY }}
+          fail_on: never

.gitignore

@@ -1,2 +1,3 @@
 node_modules/
-out/
+out/
+.idea/

CHANGELOG.md

@@ -1,6 +1,29 @@
 # buildah-build Changelog
+
+## v2.13
+- Update action to run on Node20. https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/
+
+## v2.12
+- Forcibly remove existing manifest before creating a new one. [#103](https://github.com/redhat-actions/buildah-build/pull/103)
+
+## v2.11 
+- Update action to run on Node16. https://github.blog/changelog/2022-05-20-actions-can-now-run-in-a-node-js-16-runtime/
+
+## v2.10
+- Make image and tag in lowercase, if found in uppercase. https://github.com/redhat-actions/buildah-build/issues/89
+- Add `--tls-verify` and `extra-args` input for `buildah from` command. https://github.com/redhat-actions/buildah-build/issues/92
+- Remove kubic packages from test workflows. https://github.com/redhat-actions/buildah-build/issues/93
+
+## v2.9
+- Add support for multiple archs and platforms.
+- Allow building image manifest if multi arch or platform is provided.
+
+## v2.8
+- Allow fully qualified image names in `tags` input, for compatibility with [docker/metadata-action`](https://github.com/docker/metadata-action). [#74](https://github.com/redhat-actions/buildah-build/issues/74)
+- Support for `--platform` argument [#65](https://github.com/redhat-actions/buildah-build/issues/65)
+
 ## v2.7
-- Add output `image-with-tag` which provides image name and it's corresponding first tag present.
+- Add output `image-with-tag` which provides image name and its corresponding first tag present.
 - Replace input `dockerfiles` with `containerfiles`. Input `dockerfiles` will be present as alias of `containerfiles`.
 - Add matrix to install latest buildah. (Internal)
 

README.md

@@ -21,50 +21,86 @@ After building your image, use [push-to-registry](https://github.com/redhat-acti
 
 <a id="dockerfile-build-inputs"></a>
 
-### [Inputs for build from containerfile](https://github.com/containers/buildah/blob/main/docs/buildah-build.md)
+### [Inputs for build from containerfile](https://github.com/containers/buildah/blob/main/docs/buildah-build.1.md)
 
 | Input Name | Description | Default |
 | ---------- | ----------- | ------- |
-| arch | Label the image with this architecture, instead of defaulting to the host architecture. Refer to [Multi arch builds](#multi-arch-builds) for more information. | None (host architecture)
+| archs | Label the image with this architecture, instead of defaulting to the host architecture. Refer to [Multi arch builds](#multi-arch-builds) for more information. For multiple architectures, seperate them by a comma | None (host architecture)
+| platforms | Label the image with this platform, instead of defaulting to the host platform. Refer to [Multi arch builds](#multi-arch-builds) for more information. For multiple platforms, seperate them by a comma | None (host platform)
 | build-args | Build arguments to pass to the Docker build using `--build-arg`, if using a Containerfile that requires ARGs. Use the form `arg_name=arg_value`, and separate arguments with newlines. | None
 | context | Path to directory to use as the build context. | `.`
-| containerfiles* | The list of Containerfile paths to perform a build using docker instructions. This is a multiline input to allow multiple Containerfiles. | **Must be provided**
-| extra-args | Extra args to be passed to buildah bud. Separate arguments by newline. Do not use quotes. | None
-| image | Name to give to the output image. | **Must be provided**
+| containerfiles\* | The list of Containerfile paths to perform a build using docker instructions. Separate filenames by newline. | **Required**
+| extra-args | Extra args to be passed to `buildah bud`. Separate arguments by newline. Do not use quotes. | None
+| image | Name to give to the output image. Refer to the [Image and Tag Inputs](#image-tag-inputs) section. | **Required** - unless all `tags` include image name
 | layers | Set to true to cache intermediate layers during the build process. | None
-| oci | Build the image using the OCI format, instead of the Docker format. By default, this is `false`, because images built using the OCI format have issues when published to Dockerhub. | `false`
-| tags | The tags of the image to build. For multiple tags, separate by a space. For example, `latest ${{ github.sha }}` | `latest`
-> *The `containerfiles` input was previously `dockerfiles`. Now `dockerfiles` is an alias for `containerfiles`. For details see [the issue](https://github.com/redhat-actions/buildah-build/issues/57).
+| oci | Build the image using the OCI metadata format, instead of the Docker format. | `false`
+| tags | One or more tags to give the new image. Separate by whitespace. Refer to the [Image and Tag Inputs](#image-tag-inputs) section. | `latest`
+| labels | One or more labels to give the new image. Separate by newline. | None
+| tls-verify | Require HTTPS and verify certificates when accessing the registry. Set to `false` to skip the verification | `true`
+
+> \* The `containerfiles` input was previously `dockerfiles`. Refer to [this issue](https://github.com/redhat-actions/buildah-build/issues/57).
 
 <a id="scratch-build-inputs"></a>
 
-### [Inputs for build without containerfile](https://github.com/containers/buildah/blob/master/docs/buildah-config.md)
+### [Inputs for build without containerfile](https://github.com/containers/buildah/blob/main/docs/buildah-config.1.md)
 
 | Input Name | Description | Default |
 | ---------- | ----------- | ------- |
-| arch | Label the image with this architecture, instead of defaulting to the host architecture. Refer to [Multi arch builds](#multi-arch-builds) for more information. | None (host architecture)
-| base-image | The base image to use for the container. | **Must be provided**
+| archs | Label the image with this architecture, instead of defaulting to the host architecture. Refer to [Multi arch builds](#multi-arch-builds) for more information. For multiple architectures, seperate them by a comma | None (host architecture)
+| base-image | The base image to use for the container. | **Required**
 | content | Paths to files or directories to copy inside the container to create the file image. This is a multiline input to allow you to copy multiple files/directories.| None
-| entrypoint | The entry point to set for the container. This is a multiline input; split arguments across lines. | None
-| envs | The environment variables to be set when running the container. This is a multiline input to add multiple environment variables. | None
-| image | Name to give to the output image. | **Must be provided**
-| oci | Build the image using the OCI format, instead of the Docker format. By default, this is `false`, because images built using the OCI format have issues when published to Dockerhub. | `false`
+| entrypoint | The entry point to set for the container. Separate arguments by newline. | None
+| envs | The environment variables to be set when running the container. Separate key=value pairs by newline. | None
+| image | Name to give to the output image. Refer to the [Image and Tag Inputs](#image-tag-inputs) section. | **Required** - unless all tags include image name
+| oci | Build the image using the OCI metadata format, instead of the Docker format. | `false`
 | port | The port to expose when running the container. | None
-| tags | The tags of the image to build. For multiple tags, separate by a space. For example, `latest ${{ github.sha }}` | `latest`
+| tags | One or more tags to give the new image. Separate by whitespace. Refer to the [Image and Tag Inputs](#image-tag-inputs) section. | `latest`
+| labels | One or more labels to give the new image. Separate by newline. | None
 | workdir | The working directory to use within the container. | None
+| extra-args | Extra args to be passed to `buildah from`. Separate arguments by newline. Do not use quotes. | None
+| tls-verify | Require HTTPS and verify certificates when accessing the registry. Set to `false` to skip the verification. This will be used with `buildah from` command. | `true`
+
+<a id="image-tag-inputs"></a>
+### Image and Tags Inputs
+The `image` and `tags` inputs can be provided in one of two forms.
+
+At least one tag must always be provided in `tags`. Multiple tags are separated by whitespace.
+
+**Option 1**: Provide both `image` and `tags` inputs. The image will be built, and then tagged in the form `${image}:${tag}` for each tag.
+
+For example:
+```yaml
+image: quay.io/my-namespace/my-image
+tags: v1 v1.0.0
+```
+will create the image and apply two tags: `quay.io/my-namespace/my-image:v1` and `quay.io/my-namespace/my-image:v1.0.0`.
+
+**Option 2**: Provide only the `tags` input, including the image name in each tag. The image will be built, and then tagged with each `tag`. In this case, the `image` input is ignored.
+
+For example:
+```yaml
+# 'image' input is not set
+tags: quay.io/my-namespace/my-image:v1 quay.io/my-namespace/my-image:v1.0.0
+```
+will also apply two tags: `quay.io/my-namespace/my-image:v1` and `quay.io/my-namespace/my-image:v1.0.0`.
+
+If the `tags` input does not have image names in the `${name}:${tag}` form, then the `image` input must be set.
 
 <a id="outputs"></a>
 
 ## Action Outputs
 
-`image`: The name of the built image.<br>
-For example, `spring-image`.
+`image`: The name of the image as it was input.<br>
+`tags`: A space-separated list of the tags that were applied to the new image.<br>
+`image-with-tag`: The name of the image, tagged with the first tag.<br>
 
-`tags`: A list of the tags that were created, separated by spaces.<br>
-For example, `latest ${{ github.sha }}`.
+For example:
 
-`image-with-tag`: The name of the image tagged with the first tag present.<br>
-For example, `spring-image:latest`
+``` yml
+image: "spring-image"
+tags: "latest ${{ github.sha }}"
+image-with-tag: "spring-image:latest"
+```
 
 <a id="build-types"></a>
 
@@ -90,7 +126,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
 
     - name: Buildah Action
       uses: redhat-actions/buildah-build@v2
@@ -130,7 +166,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
 
     - run: mvn package
 
@@ -164,17 +200,26 @@ sudo podman run --rm --privileged docker.io/tonistiigi/binfmt --install all
 ```
 This registration remains active until the host reboots.
 
-### The `arch` input
-The `arch` argument overrides the Architecture label in the output image. It does not actually affect the architectures the output image will run on. The image must still be built for the required architecture.
+### The `archs` and `platforms` inputs
+
+The `archs` and `platforms` arguments override the Architecture and Platform labels in the output image, respectively. They do not actually affect the architectures and platforms the output image will run on. The image must still be built for the required architecture or platform.
 
 There is a simple example [in this issue](https://github.com/redhat-actions/buildah-build/issues/60#issuecomment-876552452).
 
 ### Creating a Multi-Arch Image List
-Use the [buildah manifest](https://github.com/containers/buildah/blob/main/docs/buildah-manifest.md) command to bundle images into an image list, so multiple image can be referenced by the same repository tag.
 
-There are examples and explanations of the `manifest` command [in this issue](https://github.com/containers/buildah/issues/1590).
+Input `archs` and `platforms` is provided to build the multi architecture images. If one of these input is provided with the multiple archs or platforms then a [manifest](https://github.com/containers/buildah/blob/main/docs/buildah-manifest.1.md) is built with the multiple architecture images. Name of the manifest is taken from the inputs `image` and `tags`.
+Incase multiple tags are provided then multiple manifest is created based on the provided tags.
 
-This action does not support the `manifest` command at this time, but there is [an issue open](https://github.com/redhat-actions/buildah-build/issues/61).
+Use the `archs` and `platforms` inputs to build multi-architecture images. The name of the manifest is determined by the image and tags inputs.
+
+If multiple tags are provided, multiple equivalent manifests will be created with the given tags.
+
+[`push-to-registry`](https://github.com/redhat-actions/push-to-registry) action can be used to push the generated image manifest.
+
+## Build with docker/metadata-action
+
+Refer to the [docker/metadata-action example](./.github/workflows/docker_metadata_action.yml).
 
 ## Using private images
 

action.yml

@@ -7,11 +7,14 @@ branding:
 inputs:
   image:
     description: 'The name (reference) of the image to build'
-    required: true
+    required: false
   tags:
-    description: 'The tags of the image to build. For multiple tags, seperate by a space. For example, "latest v1".'
+    description: 'The tags of the image to build. For multiple tags, seperate by whitespace. For example, "latest v1".'
     required: false
     default: latest
+  labels:
+    description: 'The labels of the image to build. Seperate by newline. For example, "io.containers.capabilities=sys_admin,mknod".'
+    required: false
   base-image:
     description: 'The base image to use to create a new container image'
     required: false
@@ -51,16 +54,34 @@ inputs:
     default: 'false'
     required: false
   arch:
-    description: 'Label the image with this ARCH, instead of defaulting to the host architecture.'
+    description:
+      'Label the image with this ARCH, instead of defaulting to the host architecture'
     required: false
   archs:
-    description: 'Alias for "arch". "arch" takes precedence if both are set.'
+    description: |
+      'Same as input 'arch', use this for multiple architectures.
+      Seperate them by a comma'
+    required: false
+  platform:
+    description: |
+      Label the image with this PLATFORM, instead of defaulting to the host platform.
+      Only supported for containerfile builds.
+    required: false
+  platforms:
+    description: |
+      'Same as input 'platform', use this for multiple platforms.
+      Seperate them by a comma'
     required: false
   extra-args:
     description: |
-      Extra args to be passed to buildah bud.
+      Extra args to be passed to buildah bud and buildah from.
       Separate arguments by newline. Do not use quotes - @actions/exec will do the quoting for you.
     required: false
+  tls-verify:
+    description: |
+      Require HTTPS and verify certificates when accessing the registry. Defaults to true.
+    required: false
+    default: 'true'
 outputs:
   image:
     description: 'Name of the image built'
@@ -69,5 +90,5 @@ outputs:
   image-with-tag:
     description: 'Name of the image tagged with the first tag present'
 runs:
-  using: 'node12'
+  using: 'node20'
   main: 'dist/index.js'

package.json

@@ -1,8 +1,8 @@
 {
   "name": "buildah-build",
-  "version": "1.0.0",
+  "version": "3.0",
   "engines": {
-    "node": "12"
+    "node": "20"
   },
   "description": "Action for building OCI-compatible images using buildah",
   "repository": {
@@ -14,27 +14,28 @@
     "compile": "tsc -p .",
     "bundle": "ncc build src/index.ts --source-map --minify",
     "clean": "rm -rf out/ dist/",
-    "lint": "eslint . --max-warnings=0"
+    "lint": "eslint . --max-warnings=0",
+    "generate-ios": "npx action-io-generator -w -o ./src/generated/inputs-outputs.ts"
   },
   "keywords": [],
   "author": "Red Hat",
   "license": "MIT",
   "dependencies": {
-    "@actions/core": "^1.2.6",
-    "@actions/exec": "^1.0.4",
-    "@actions/io": "^1.0.2",
-    "ini": "^2.0.0"
+    "@actions/core": "1.10.1",
+    "@actions/exec": "1.1.1",
+    "@actions/io": "1.1.3",
+    "ini": "4.1.1"
   },
   "devDependencies": {
-    "@redhat-actions/action-io-generator": "^1.5.0",
-    "@redhat-actions/eslint-config": "^1.3.2",
-    "@redhat-actions/tsconfig": "^1.1.1",
-    "@types/ini": "^1.3.30",
-    "@types/node": "^12",
-    "@typescript-eslint/eslint-plugin": "^4.28.2",
-    "@typescript-eslint/parser": "^4.28.2",
-    "@vercel/ncc": "^0.25.1",
-    "eslint": "^7.30.0",
-    "typescript": "^4.3.5"
+    "@redhat-actions/action-io-generator": "1.5.0",
+    "@redhat-actions/eslint-config": "1.3.2",
+    "@redhat-actions/tsconfig": "1.2.0",
+    "@types/ini": "1.3.31",
+    "@types/node": "^20.0",
+    "@typescript-eslint/eslint-plugin": "6.7.3",
+    "@typescript-eslint/parser": "6.7.3",
+    "@vercel/ncc": "0.38.0",
+    "eslint": "8.50.0",
+    "typescript": "5.2.2"
   }
 }

src/buildah.ts

@@ -7,7 +7,7 @@ import * as core from "@actions/core";
 import * as exec from "@actions/exec";
 import * as path from "path";
 import CommandResult from "./types";
-import { isStorageDriverOverlay, findFuseOverlayfsPath } from "./utils";
+import { isStorageDriverOverlay, findFuseOverlayfsPath, getFullImageName } from "./utils";
 
 export interface BuildahConfigSettings {
     entrypoint?: string[];
@@ -15,17 +15,21 @@ export interface BuildahConfigSettings {
     port?: string;
     workingdir?: string;
     arch?: string;
+    labels?: string[];
 }
 
 interface Buildah {
     buildUsingDocker(
         image: string, context: string, containerFiles: string[], buildArgs: string[],
-        useOCI: boolean, arch: string, layers: string, extraArgs: string[]
+        useOCI: boolean, labels: string[], layers: string,
+        extraArgs: string[], tlsVerify: boolean, arch?: string, platform?: string,
     ): Promise<CommandResult>;
-    from(baseImage: string): Promise<CommandResult>;
+    from(baseImage: string, tlsVerify: boolean, extraArgs: string[]): Promise<CommandResult>;
     config(container: string, setting: BuildahConfigSettings): Promise<CommandResult>;
     copy(container: string, contentToCopy: string[]): Promise<CommandResult | undefined>;
     commit(container: string, newImageName: string, useOCI: boolean): Promise<CommandResult>;
+    manifestCreate(manifest: string): Promise<void>;
+    manifestAdd(manifest: string, imageName: string, tags: string[]): Promise<void>;
 }
 
 export class BuildahCli implements Buildah {
@@ -62,23 +66,41 @@ export class BuildahCli implements Buildah {
     }
 
     async buildUsingDocker(
-        image: string, context: string, containerFiles: string[], buildArgs: string[],
-        useOCI: boolean, arch: string, layers: string, extraArgs: string[]
+        image: string,
+        context: string,
+        containerFiles: string[],
+        buildArgs: string[],
+        useOCI: boolean,
+        labels: string[],
+        layers: string,
+        extraArgs: string[],
+        tlsVerify: boolean,
+        arch?: string,
+        platform?: string
     ): Promise<CommandResult> {
         const args: string[] = [ "bud" ];
         if (arch) {
             args.push("--arch");
             args.push(arch);
         }
+        if (platform) {
+            args.push("--platform");
+            args.push(platform);
+        }
         containerFiles.forEach((file) => {
             args.push("-f");
             args.push(file);
         });
+        labels.forEach((label) => {
+            args.push("--label");
+            args.push(label);
+        });
         buildArgs.forEach((buildArg) => {
             args.push("--build-arg");
             args.push(buildArg);
         });
         args.push(...BuildahCli.getImageFormatOption(useOCI));
+        args.push(`--tls-verify=${tlsVerify}`);
         if (layers) {
             args.push(`--layers=${layers}`);
         }
@@ -91,8 +113,14 @@ export class BuildahCli implements Buildah {
         return this.execute(args);
     }
 
-    async from(baseImage: string): Promise<CommandResult> {
-        return this.execute([ "from", baseImage ]);
+    async from(baseImage: string, tlsVerify: boolean, extraArgs: string[]): Promise<CommandResult> {
+        const args: string[] = [ "from" ];
+        args.push(`--tls-verify=${tlsVerify}`);
+        if (extraArgs.length > 0) {
+            args.push(...extraArgs);
+        }
+        args.push(baseImage);
+        return this.execute(args);
     }
 
     async copy(container: string, contentToCopy: string[], contentPath?: string): Promise<CommandResult | undefined> {
@@ -102,8 +130,9 @@ export class BuildahCli implements Buildah {
 
         core.debug("copy");
         core.debug(container);
-        for (const content of contentToCopy) {
-            const args: string[] = [ "copy", container, content ];
+        core.debug("content: " + contentToCopy.join(" "));
+        if (contentToCopy.length > 0) {
+            const args: string[] = [ "copy", container ].concat(contentToCopy);
             if (contentPath) {
                 args.push(contentPath);
             }
@@ -139,6 +168,12 @@ export class BuildahCli implements Buildah {
             args.push("--workingdir");
             args.push(settings.workingdir);
         }
+        if (settings.labels) {
+            settings.labels.forEach((label) => {
+                args.push("--label");
+                args.push(label);
+            });
+        }
         args.push(container);
         return this.execute(args);
     }
@@ -154,13 +189,51 @@ export class BuildahCli implements Buildah {
         return this.execute(args);
     }
 
-    async tag(imageName: string, tags: string[]): Promise<CommandResult> {
+    async tag(imageName: string, tags: string[]): Promise<void> {
         const args: string[] = [ "tag" ];
+        const builtImage = [];
         for (const tag of tags) {
-            args.push(`${imageName}:${tag}`);
+            args.push(getFullImageName(imageName, tag));
+            builtImage.push(getFullImageName(imageName, tag));
         }
         core.info(`Tagging the built image with tags ${tags.toString()}`);
-        return this.execute(args);
+        await this.execute(args);
+        core.info(`✅ Successfully built image${builtImage.length !== 1 ? "s" : ""} "${builtImage.join(", ")}"`);
+    }
+
+    // Unfortunately buildah doesn't support the exists command yet
+    // https://github.com/containers/buildah/issues/4217
+
+    // async manifestExists(manifest: string): Promise<boolean> {
+    //     const args: string[] = [ "manifest", "exists" ];
+    //     args.push(manifest);
+    //     const execOptions: exec.ExecOptions = {ignoreReturnCode: true};
+    //     core.info(`Checking if manifest ${manifest} exists`);
+    //     const {exitCode} = await this.execute(args, execOptions);
+    //     return exitCode ? false : true;
+    // }
+
+    async manifestRm(manifest: string): Promise<void> {
+        const execOptions: exec.ExecOptions = { ignoreReturnCode: true };
+        const args: string[] = [ "manifest", "rm" ];
+        args.push(manifest);
+        core.info(`Removing existing manifest ${manifest}`);
+        await this.execute(args, execOptions);
+    }
+
+    async manifestCreate(manifest: string): Promise<void> {
+        const args: string[] = [ "manifest", "create" ];
+        args.push(manifest);
+        core.info(`Creating manifest ${manifest}`);
+        await this.execute(args);
+    }
+
+    async manifestAdd(manifest: string, image: string): Promise<void> {
+        const args: string[] = [ "manifest", "add" ];
+        args.push(manifest);
+        args.push(image);
+        core.info(`Adding image "${image}" to the manifest.`);
+        await this.execute(args);
     }
 
     private static convertArrayToStringArg(args: string[]): string {

src/generated/inputs-outputs.ts

@@ -1,13 +1,14 @@
 // This file was auto-generated by action-io-generator. Do not edit by hand!
 export enum Inputs {
     /**
-     * Label the image with this ARCH, instead of defaulting to the host architecture.
+     * Label the image with this ARCH, instead of defaulting to the host architecture
      * Required: false
      * Default: None.
      */
     ARCH = "arch",
     /**
-     * Alias for "arch". "arch" takes precedence if both are set.
+     * 'Same as input 'arch', use this for multiple architectures.
+     * Seperate them by a comma'
      * Required: false
      * Default: None.
      */
@@ -61,7 +62,7 @@ export enum Inputs {
      */
     ENVS = "envs",
     /**
-     * Extra args to be passed to buildah bud.
+     * Extra args to be passed to buildah bud and buildah from.
      * Separate arguments by newline. Do not use quotes - @actions/exec will do the quoting for you.
      * Required: false
      * Default: None.
@@ -69,10 +70,16 @@ export enum Inputs {
     EXTRA_ARGS = "extra-args",
     /**
      * The name (reference) of the image to build
-     * Required: true
+     * Required: false
      * Default: None.
      */
     IMAGE = "image",
+    /**
+     * The labels of the image to build. Seperate by newline. For example, "io.containers.capabilities=sys_admin,mknod".
+     * Required: false
+     * Default: None.
+     */
+    LABELS = "labels",
     /**
      * Set to true to cache intermediate layers during build process
      * Required: false
@@ -85,6 +92,20 @@ export enum Inputs {
      * Default: "false"
      */
     OCI = "oci",
+    /**
+     * Label the image with this PLATFORM, instead of defaulting to the host platform.
+     * Only supported for containerfile builds.
+     * Required: false
+     * Default: None.
+     */
+    PLATFORM = "platform",
+    /**
+     * 'Same as input 'platform', use this for multiple platforms.
+     * Seperate them by a comma'
+     * Required: false
+     * Default: None.
+     */
+    PLATFORMS = "platforms",
     /**
      * The port to expose when running containers based on image
      * Required: false
@@ -92,11 +113,17 @@ export enum Inputs {
      */
     PORT = "port",
     /**
-     * The tags of the image to build. For multiple tags, seperate by a space. For example, "latest v1".
+     * The tags of the image to build. For multiple tags, seperate by whitespace. For example, "latest v1".
      * Required: false
      * Default: "latest"
      */
     TAGS = "tags",
+    /**
+     * Require HTTPS and verify certificates when accessing the registry. Defaults to true.
+     * Required: false
+     * Default: "true"
+     */
+    TLS_VERIFY = "tls-verify",
     /**
      * The working directory to use within the container
      * Required: false

src/index.ts

@@ -9,7 +9,8 @@ import * as path from "path";
 import { Inputs, Outputs } from "./generated/inputs-outputs";
 import { BuildahCli, BuildahConfigSettings } from "./buildah";
 import {
-    getArch, getContainerfiles, getInputList, splitByNewline,
+    getArch, getPlatform, getContainerfiles, getInputList, splitByNewline,
+    isFullImageName, getFullImageName, removeIllegalCharacters,
 } from "./utils";
 
 export async function run(): Promise<void> {
@@ -30,38 +31,129 @@ export async function run(): Promise<void> {
     const DEFAULT_TAG = "latest";
     const workspace = process.env.GITHUB_WORKSPACE || process.cwd();
     const containerFiles = getContainerfiles();
-    const image = core.getInput(Inputs.IMAGE, { required: true });
+    const image = core.getInput(Inputs.IMAGE);
     const tags = core.getInput(Inputs.TAGS);
-    const tagsList: string[] = tags.split(" ");
+    const tagsList: string[] = tags.trim().split(/\s+/);
+    const labels = core.getInput(Inputs.LABELS);
+    const labelsList: string[] = labels ? splitByNewline(labels) : [];
+
+    const normalizedTagsList: string[] = [];
+    let isNormalized = false;
+    for (const tag of tagsList) {
+        normalizedTagsList.push(tag.toLowerCase());
+        if (tag.toLowerCase() !== tag) {
+            isNormalized = true;
+        }
+    }
+    const normalizedImage = image.toLowerCase();
+    if (isNormalized || image !== normalizedImage) {
+        core.warning(`Reference to image and/or tag must be lowercase.`
+        + ` Reference has been converted to be compliant with standard.`);
+    }
 
     // info message if user doesn't provides any tag
     if (tagsList.length === 0) {
         core.info(`Input "${Inputs.TAGS}" is not provided, using default tag "${DEFAULT_TAG}"`);
         tagsList.push(DEFAULT_TAG);
     }
-    const newImage = `${image}:${tagsList[0]}`;
+
+    const inputExtraArgsStr = core.getInput(Inputs.EXTRA_ARGS);
+    let buildahExtraArgs: string[] = [];
+    if (inputExtraArgsStr) {
+        // transform the array of lines into an array of arguments
+        // by splitting over lines, then over spaces, then trimming.
+        const lines = splitByNewline(inputExtraArgsStr);
+        buildahExtraArgs = lines.flatMap((line) => line.split(" ")).map((arg) => arg.trim());
+    }
+
+    // check if all tags provided are in `image:tag` format
+    const isFullImageNameTag = isFullImageName(normalizedTagsList[0]);
+    if (normalizedTagsList.some((tag) => isFullImageName(tag) !== isFullImageNameTag)) {
+        throw new Error(`Input "${Inputs.TAGS}" cannot have a mix of full name and non full name tags. Refer to https://github.com/redhat-actions/buildah-build#image-tag-inputs`);
+    }
+    if (!isFullImageNameTag && !normalizedImage) {
+        throw new Error(`Input "${Inputs.IMAGE}" must be provided when not using full image name tags. Refer to https://github.com/redhat-actions/buildah-build#image-tag-inputs`);
+    }
+
+    const newImage = getFullImageName(normalizedImage, normalizedTagsList[0]);
     const useOCI = core.getInput(Inputs.OCI) === "true";
 
-    const arch = getArch();
+    const archs = getArch();
+    const platforms = getPlatform();
 
+    if ((archs.length > 0) && (platforms.length > 0)) {
+        throw new Error("The --platform option may not be used in combination with the --arch option.");
+    }
+
+    const builtImage = [];
     if (containerFiles.length !== 0) {
-        await doBuildUsingContainerFiles(cli, newImage, workspace, containerFiles, useOCI, arch);
+        builtImage.push(...await doBuildUsingContainerFiles(
+            cli,
+            newImage,
+            workspace,
+            containerFiles,
+            useOCI,
+            archs,
+            platforms,
+            labelsList,
+            buildahExtraArgs
+        ));
     }
     else {
-        await doBuildFromScratch(cli, newImage, useOCI, arch);
+        if (platforms.length > 0) {
+            throw new Error("The --platform option is not supported for builds without containerfiles.");
+        }
+        builtImage.push(...await doBuildFromScratch(cli, newImage, useOCI, archs, labelsList, buildahExtraArgs));
     }
 
-    if (tagsList.length > 1) {
-        await cli.tag(image, tagsList);
+    if ((archs.length > 1) || (platforms.length > 1)) {
+        core.info(`Creating manifest with tag${normalizedTagsList.length !== 1 ? "s" : ""} `
+            + `"${normalizedTagsList.join(", ")}"`);
+        const builtManifest = [];
+        for (const tag of normalizedTagsList) {
+            const manifestName = getFullImageName(normalizedImage, tag);
+            // Force-remove existing manifest to prevent errors on recurring build on the same machine
+            await cli.manifestRm(manifestName);
+            await cli.manifestCreate(manifestName);
+            builtManifest.push(manifestName);
+
+            for (const arch of archs) {
+                const tagSuffix = removeIllegalCharacters(arch);
+                await cli.manifestAdd(manifestName, `${newImage}-${tagSuffix}`);
+            }
+
+            for (const platform of platforms) {
+                const tagSuffix = removeIllegalCharacters(platform);
+                await cli.manifestAdd(manifestName, `${newImage}-${tagSuffix}`);
+            }
+        }
+
+        core.info(`✅ Successfully built image${builtImage.length !== 1 ? "s" : ""} "${builtImage.join(", ")}" `
+            + `and manifest${builtManifest.length !== 1 ? "s" : ""} "${builtManifest.join(", ")}"`);
     }
-    core.setOutput(Outputs.IMAGE, image);
+    else if (normalizedTagsList.length > 1) {
+        await cli.tag(normalizedImage, normalizedTagsList);
+    }
+    else if (normalizedTagsList.length === 1) {
+        core.info(`✅ Successfully built image "${getFullImageName(normalizedImage, normalizedTagsList[0])}"`);
+    }
+
+    core.setOutput(Outputs.IMAGE, normalizedImage);
     core.setOutput(Outputs.TAGS, tags);
-    core.setOutput(Outputs.IMAGE_WITH_TAG, `${image}:${tagsList[0]}`);
+    core.setOutput(Outputs.IMAGE_WITH_TAG, newImage);
 }
 
 async function doBuildUsingContainerFiles(
-    cli: BuildahCli, newImage: string, workspace: string, containerFiles: string[], useOCI: boolean, arch: string
-): Promise<void> {
+    cli: BuildahCli,
+    newImage: string,
+    workspace: string,
+    containerFiles: string[],
+    useOCI: boolean,
+    archs: string[],
+    platforms: string[],
+    labels: string[],
+    extraArgs: string[]
+): Promise<string[]> {
     if (containerFiles.length === 1) {
         core.info(`Performing build from Containerfile`);
     }
@@ -73,23 +165,98 @@ async function doBuildUsingContainerFiles(
     const buildArgs = getInputList(Inputs.BUILD_ARGS);
     const containerFileAbsPaths = containerFiles.map((file) => path.join(workspace, file));
     const layers = core.getInput(Inputs.LAYERS);
+    const tlsVerify = core.getInput(Inputs.TLS_VERIFY) === "true";
 
-    const inputExtraArgsStr = core.getInput(Inputs.EXTRA_ARGS);
-    let buildahBudExtraArgs: string[] = [];
-    if (inputExtraArgsStr) {
-        // transform the array of lines into an array of arguments
-        // by splitting over lines, then over spaces, then trimming.
-        const lines = splitByNewline(inputExtraArgsStr);
-        buildahBudExtraArgs = lines.flatMap((line) => line.split(" ")).map((arg) => arg.trim());
+    const builtImage = [];
+    // since multi arch image can not have same tag
+    // therefore, appending arch/platform in the tag
+    if (archs.length > 0 || platforms.length > 0) {
+        for (const arch of archs) {
+            // handling it seperately as, there is no need of
+            // tagSuffix if only one image has to be built
+            let tagSuffix = "";
+            if (archs.length > 1) {
+                tagSuffix = `-${removeIllegalCharacters(arch)}`;
+            }
+            await cli.buildUsingDocker(
+                `${newImage}${tagSuffix}`,
+                context,
+                containerFileAbsPaths,
+                buildArgs,
+                useOCI,
+                labels,
+                layers,
+                extraArgs,
+                tlsVerify,
+                arch
+            );
+            builtImage.push(`${newImage}${tagSuffix}`);
+        }
+
+        for (const platform of platforms) {
+            let tagSuffix = "";
+            if (platforms.length > 1) {
+                tagSuffix = `-${removeIllegalCharacters(platform)}`;
+            }
+            await cli.buildUsingDocker(
+                `${newImage}${tagSuffix}`,
+                context,
+                containerFileAbsPaths,
+                buildArgs,
+                useOCI,
+                labels,
+                layers,
+                extraArgs,
+                tlsVerify,
+                undefined,
+                platform
+            );
+            builtImage.push(`${newImage}${tagSuffix}`);
+        }
     }
-    await cli.buildUsingDocker(
-        newImage, context, containerFileAbsPaths, buildArgs, useOCI, arch, layers, buildahBudExtraArgs
-    );
+
+    else if (archs.length === 1 || platforms.length === 1) {
+        await cli.buildUsingDocker(
+            newImage,
+            context,
+            containerFileAbsPaths,
+            buildArgs,
+            useOCI,
+            labels,
+            layers,
+            extraArgs,
+            tlsVerify,
+            archs[0],
+            platforms[0]
+        );
+        builtImage.push(newImage);
+    }
+    else {
+        await cli.buildUsingDocker(
+            newImage,
+            context,
+            containerFileAbsPaths,
+            buildArgs,
+            useOCI,
+            labels,
+            layers,
+            extraArgs,
+            tlsVerify
+        );
+        builtImage.push(newImage);
+    }
+
+    return builtImage;
 }
 
 async function doBuildFromScratch(
-    cli: BuildahCli, newImage: string, useOCI: boolean, arch: string
-): Promise<void> {
+    cli: BuildahCli,
+    newImage: string,
+    useOCI: boolean,
+    archs: string[],
+    labels: string[],
+    extraArgs: string[]
+): Promise<string[]> {
     core.info(`Performing build from scratch`);
 
     const baseImage = core.getInput(Inputs.BASE_IMAGE, { required: true });
@@ -98,20 +265,47 @@ async function doBuildFromScratch(
     const port = core.getInput(Inputs.PORT);
     const workingDir = core.getInput(Inputs.WORKDIR);
     const envs = getInputList(Inputs.ENVS);
+    const tlsVerify = core.getInput(Inputs.TLS_VERIFY) === "true";
 
-    const container = await cli.from(baseImage);
+    const container = await cli.from(baseImage, tlsVerify, extraArgs);
     const containerId = container.output.replace("\n", "");
 
-    const newImageConfig: BuildahConfigSettings = {
-        entrypoint,
-        port,
-        workingdir: workingDir,
-        envs,
-        arch,
-    };
-    await cli.config(containerId, newImageConfig);
-    await cli.copy(containerId, content);
-    await cli.commit(containerId, newImage, useOCI);
+    const builtImage = [];
+    if (archs.length > 0) {
+        for (const arch of archs) {
+            let tagSuffix = "";
+            if (archs.length > 1) {
+                tagSuffix = `-${removeIllegalCharacters(arch)}`;
+            }
+            const newImageConfig: BuildahConfigSettings = {
+                entrypoint,
+                port,
+                workingdir: workingDir,
+                envs,
+                arch,
+                labels,
+            };
+            await cli.config(containerId, newImageConfig);
+            await cli.copy(containerId, content);
+            await cli.commit(containerId, `${newImage}${tagSuffix}`, useOCI);
+            builtImage.push(`${newImage}${tagSuffix}`);
+        }
+    }
+    else {
+        const newImageConfig: BuildahConfigSettings = {
+            entrypoint,
+            port,
+            workingdir: workingDir,
+            envs,
+            labels,
+        };
+        await cli.config(containerId, newImageConfig);
+        await cli.copy(containerId, content);
+        await cli.commit(containerId, newImage, useOCI);
+        builtImage.push(newImage);
+    }
+
+    return builtImage;
 }
 
 run().catch(core.setFailed);

src/utils.ts

@@ -55,7 +55,9 @@ export async function findFuseOverlayfsPath(): Promise<string | undefined> {
         fuseOverlayfsPath = await io.which("fuse-overlayfs");
     }
     catch (err) {
-        core.debug(err);
+        if (err instanceof Error) {
+            core.debug(err.message);
+        }
     }
 
     return fuseOverlayfsPath;
@@ -65,20 +67,50 @@ export function splitByNewline(s: string): string[] {
     return s.split(/\r?\n/);
 }
 
-export function getArch(): string {
-    // 'arch' should be used over 'archs', see https://github.com/redhat-actions/buildah-build/issues/60
-    const archs = core.getInput(Inputs.ARCHS);
+export function getArch(): string[] {
+    const archs = getCommaSeperatedInput(Inputs.ARCHS);
+
     const arch = core.getInput(Inputs.ARCH);
 
-    if (arch && archs) {
+    if (arch && archs.length > 0) {
         core.warning(
             `Both "${Inputs.ARCH}" and "${Inputs.ARCHS}" inputs are set. `
-            + `Please use only one of these two inputs, as they are aliases of one another. `
-            + `"${Inputs.ARCH}" takes precedence.`
+            + `Please use "${Inputs.ARCH}" if you want to provide multiple `
+            + `ARCH else use ${Inputs.ARCH}". "${Inputs.ARCHS}" takes preference.`
         );
     }
 
-    return arch || archs;
+    if (archs.length > 0) {
+        return archs;
+    }
+    else if (arch) {
+        return [ arch ];
+    }
+    return [];
+}
+
+export function getPlatform(): string[] {
+    const platform = core.getInput(Inputs.PLATFORM);
+    const platforms = getCommaSeperatedInput(Inputs.PLATFORMS);
+
+    if (platform && platforms.length > 0) {
+        core.warning(
+            `Both "${Inputs.PLATFORM}" and "${Inputs.PLATFORMS}" inputs are set. `
+            + `Please use "${Inputs.PLATFORMS}" if you want to provide multiple `
+            + `PLATFORM else use ${Inputs.PLATFORM}". "${Inputs.PLATFORMS}" takes preference.`
+        );
+    }
+
+    if (platforms.length > 0) {
+        core.debug("return platforms");
+        return platforms;
+    }
+    else if (platform) {
+        core.debug("return platform");
+        return [ platform ];
+    }
+    core.debug("return empty");
+    return [];
 }
 
 export function getContainerfiles(): string[] {
@@ -110,3 +142,32 @@ export function getInputList(name: string): string[] {
             [],
         );
 }
+
+export function getCommaSeperatedInput(name: string): string[] {
+    const items = core.getInput(name);
+    if (items.length === 0) {
+        core.debug("empty");
+        return [];
+    }
+    const splitItems = items.split(",");
+    return splitItems
+        .reduce<string[]>(
+            (acc, line) => acc.concat(line).map((item) => item.trim()),
+            [],
+        );
+}
+
+export function isFullImageName(image: string): boolean {
+    return image.indexOf(":") > 0;
+}
+
+export function getFullImageName(image: string, tag: string): string {
+    if (isFullImageName(tag)) {
+        return tag;
+    }
+    return `${image}:${tag}`;
+}
+
+export function removeIllegalCharacters(item: string): string {
+    return item.replace(/[^a-zA-Z0-9 ]/g, "");
+}