Update changelog

Signed-off-by: divyansh42 <diagrawa@redhat.com>

.editorconfig

@@ -0,0 +1,15 @@
+root = true
+
+[*]
+charset = utf-8
+tab_width = 4
+indent_size = 4
+end_of_line = lf
+indent_style = space
+max_line_length = 120
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+[*.{yml,yaml}]
+tab_width = 2
+indent_size = 2

.github/install_latest_buildah.sh

@@ -1,7 +1,3 @@
-# https://github.com/containers/buildah/blob/main/install.md
-. /etc/os-release
-sudo sh -c "echo 'deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/x${ID^}_${VERSION_ID}/ /' > /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list"
-wget -nv https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/x${ID^}_${VERSION_ID}/Release.key -O Release.key
 sudo apt-key add - < Release.key
 sudo apt-get update -qq
 sudo apt-get -qq -y install buildah

.github/workflows/check-lowercase.yaml

@@ -0,0 +1,66 @@
+# This workflow will perform a test whenever there
+# is some change in code done to ensure that the changes
+# are not buggy and we are getting the desired output.
+name: Check Case Normalization
+on:
+  push:
+  pull_request:
+  workflow_dispatch:
+  schedule:
+    - cron: '0 0 * * *'  # every day at midnight
+
+env:
+  IMAGE_NAME: ImageCaseTest
+  IMAGE_TAGS: v1 TagCaseTest
+
+jobs:
+  build:
+    name: Build image using Buildah
+    runs-on: ubuntu-22.04
+    strategy:
+      fail-fast: false
+      matrix:
+        install_latest: [ true, false ]
+
+    steps:
+
+      # Checkout buildah action github repository
+      - name: Checkout Buildah action
+        uses: actions/checkout@v4
+        with:
+          path: "buildah-build"
+
+      - name: Install latest buildah
+        if: matrix.install_latest
+        run: |
+          bash buildah-build/.github/install_latest_buildah.sh
+
+      - name: Create Dockerfile
+        run: |
+          cat > Containerfile<<EOF
+          FROM busybox
+          RUN echo "hello world"
+          EOF
+
+      # Build image using Buildah action
+      - name: Build Image
+        id: build_image
+        uses: ./buildah-build/
+        with:
+          image: ${{ env.IMAGE_NAME }}
+          layers: false
+          tags: ${{ env.IMAGE_TAGS }}
+          containerfiles: |
+            ./Containerfile
+          extra-args: |
+            --pull
+
+      - name: Echo Outputs
+        run: |
+          echo "Image: ${{ steps.build_image.outputs.image }}"
+          echo "Tags: ${{ steps.build_image.outputs.tags }}"
+          echo "Tagged Image: ${{ steps.build_image.outputs.image-with-tag }}"
+
+      # Check if image is build
+      - name: Check images created
+        run: buildah images

.github/workflows/ci.yml

@@ -6,21 +6,21 @@ on:
 jobs:
   lint:
     name: Run ESLint
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - run: npm ci
       - run: npm run lint
 
   check-dist:
     name: Check Distribution
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     env:
       BUNDLE_FILE: "dist/index.js"
       BUNDLE_COMMAND: "npm run bundle"
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
 
       - name: Install
         run: npm ci
@@ -33,11 +33,11 @@ jobs:
 
   check-inputs-outputs:
     name: Check Input and Output enums
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     env:
       IO_FILE: ./src/generated/inputs-outputs.ts
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
 
       - name: Install dependencies
         run: npm ci

.github/workflows/containerfile_build.yml

@@ -15,7 +15,7 @@ env:
 jobs:
   build:
     name: Build image using Buildah
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     strategy:
       fail-fast: false
       matrix:
@@ -25,7 +25,7 @@ jobs:
 
       # Checkout buildah action github repository
       - name: Checkout Buildah action
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           path: "buildah-build"
 

.github/workflows/docker_metadata_action.yml

@@ -1,7 +1,7 @@
 # This workflow will perform a test whenever there
 # is some change in code done to ensure that the changes
 # are not buggy and we are getting the desired output.
-name: Build with docker/metadata-action@v2
+name: Build with docker/metadata-action
 on:
   push:
   pull_request:
@@ -12,7 +12,7 @@ on:
 jobs:
   build-containerfile:
     name: Build image with Containerfile
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     strategy:
       fail-fast: false
       matrix:
@@ -25,11 +25,11 @@ jobs:
 
       # Checkout buildah action github repository
       - name: Checkout Buildah action
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
       - name: Docker Metadata
         id: docker-metadata
-        uses: docker/metadata-action@v3
+        uses: docker/metadata-action@v4
         with:
           images: |
             ${{ env.IMAGE_NAME }}
@@ -88,7 +88,7 @@ jobs:
 
   build-scratch:
     name: Build image without Containerfile
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     strategy:
       fail-fast: false
       matrix:
@@ -103,11 +103,11 @@ jobs:
 
       # Checkout buildah action github repository
       - name: Checkout Buildah action
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
       - name: Docker Metadata
         id: docker-metadata
-        uses: docker/metadata-action@v3
+        uses: docker/metadata-action@v4
         with:
           images: |
             ${{ env.IMAGE_NAME }}
@@ -128,31 +128,18 @@ jobs:
 
       # Checkout spring-petclinic github repository
       - name: Checkout spring-petclinic project
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           repository: "spring-projects/spring-petclinic"
           path: ${{ env.PROJECT_DIR }}
 
-      # If none of these files has changed, we assume that the contents of
-      # .m2/repository can be fetched from the cache.
-      - name: Hash Maven files
-        working-directory: ${{ env.PROJECT_DIR }}
-        run: |
-          echo "MVN_HASH=${{ hashFiles('**/pom.xml', '.mvn/**/*', 'mvnw*') }}" >> $GITHUB_ENV
-
-      # Download the m2 repository from the cache to speed up the build.
-      - name: Check for Maven cache
-        id: check-mvn-cache
-        uses: actions/cache@v2
-        with:
-          path: ${{ env.MVN_REPO_DIR }}
-          key: ${{ env.MVN_HASH }}
-
       # Setup java.
       - name: Setup Java
-        uses: actions/setup-java@v1
+        uses: actions/setup-java@v3
         with:
-          java-version: 11
+          distribution: 'temurin'
+          java-version: '17'
+          cache: 'maven'
 
       # Run maven to build the project
       - name: Maven
@@ -160,14 +147,6 @@ jobs:
         run: |
           mvn package -ntp -B
 
-       # If there was no cache hit above, store the output into the cache now.
-      - name: Save Maven repo into cache
-        if: ${{ steps.check-mvn-cache.outputs.cache-hit }} != 'true'
-        uses: actions/cache@v2
-        with:
-          path: ${{ env.MVN_REPO_DIR }}
-          key: ${{ env.MVN_HASH }}
-
       # Build image using Buildah action
       - name: Build Image
         id: build_image

.github/workflows/link_check.yml

@@ -12,9 +12,9 @@ on:
 jobs:
   markdown-link-check:
     name: Check links in markdown
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - uses: gaurav-nelson/github-action-markdown-link-check@v1
         with:
           use-verbose-mode: true

.github/workflows/multiarch.yml

@@ -16,18 +16,17 @@ jobs:
     name: Build multi-architecture image using Containerfile
     env:
       IMAGE_NAME: hello-world-multiarch
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     strategy:
       fail-fast: false
       matrix:
-        arch: [ amd64, i386, arm64v8 ]
         install_latest: [ true, false ]
 
     steps:
 
       # Checkout buildah action github repository
       - name: Checkout Buildah action
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           path: "buildah-build"
 
@@ -45,8 +44,7 @@ jobs:
         run: |
           cat > Containerfile<<EOF
 
-          ARG ARCH
+          FROM docker.io/alpine:3.14
-          FROM docker.io/\${ARCH}/alpine:3.14
 
           RUN echo "hello world"
 
@@ -58,9 +56,8 @@ jobs:
         uses: ./buildah-build/
         with:
           image: ${{ env.IMAGE_NAME }}
-          tags: ${{ env.IMAGE_TAG }}
+          tags: latest v1
-          arch: ${{ matrix.arch }}
+          archs: amd64                    # Single arch testcase
-          build-args: ARCH=${{ matrix.arch }}
           containerfiles: |
             ./Containerfile
 
@@ -87,18 +84,17 @@ jobs:
     name: Build multi-platform image using Containerfile
     env:
       IMAGE_NAME: hello-world-multiplatform
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     strategy:
       fail-fast: false
       matrix:
-        platform: [ "linux/amd64", "linux/arm64/v8" ]
         install_latest: [ true, false ]
 
     steps:
 
       # Checkout buildah action github repository
       - name: Checkout Buildah action
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           path: "buildah-build"
 
@@ -116,7 +112,7 @@ jobs:
         run: |
           cat > Containerfile<<EOF
 
-          FROM docker.io/alpine:3.14
+          FROM docker.io/alpine:3.16
 
           RUN echo "hello world"
 
@@ -129,7 +125,7 @@ jobs:
         with:
           image: ${{ env.IMAGE_NAME }}
           tags: ${{ env.IMAGE_TAG }}
-          platform: ${{ matrix.platform }}
+          platforms: linux/amd64, linux/ppc64le
           containerfiles: |
             ./Containerfile
 
@@ -142,11 +138,10 @@ jobs:
       - name: Check images created
         run: buildah images | grep '${{ env.IMAGE_NAME }}'
 
-      - name: Check image metadata
+      - name: Check manifest
         run: |
           set -x
-          buildah inspect ${{ steps.build_image_multiplatform.outputs.image }}:${{ env.IMAGE_TAG }} | jq ".OCIv1.architecture"
+          buildah manifest inspect ${{ steps.build_image_multiplatform.outputs.image }}:${{ env.IMAGE_TAG }}
-          buildah inspect ${{ steps.build_image_multiplatform.outputs.image }}:${{ env.IMAGE_TAG }} | jq ".Docker.architecture"
 
       - name: Run image
         run: |
@@ -156,18 +151,17 @@ jobs:
     name: Build multi-architecture image from scratch
     env:
       IMAGE_NAME: spring-petclinic-multiarch
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     strategy:
       fail-fast: false
       matrix:
-        arch: [ amd64, i386, arm64v8 ]
         install_latest: [ true, false ]
 
     steps:
 
       # Checkout buildah action github repository
       - name: Checkout Buildah action
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           path: "buildah-build"
 
@@ -183,31 +177,18 @@ jobs:
 
       # Checkout spring-petclinic github repository
       - name: Checkout spring-petclinic project
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           repository: "spring-projects/spring-petclinic"
           path: ${{ env.PROJECT_DIR }}
 
-      # If none of these files has changed, we assume that the contents of
-      # .m2/repository can be fetched from the cache.
-      - name: Hash Maven files
-        working-directory: ${{ env.PROJECT_DIR }}
-        run: |
-          echo "MVN_HASH=${{ hashFiles('**/pom.xml', '.mvn/**/*', 'mvnw*') }}" >> $GITHUB_ENV
-
-      # Download the m2 repository from the cache to speed up the build.
-      - name: Check for Maven cache
-        id: check-mvn-cache
-        uses: actions/cache@v2
-        with:
-          path: ${{ env.MVN_REPO_DIR }}
-          key: ${{ env.MVN_HASH }}
-
       # Setup java.
       - name: Setup Java
-        uses: actions/setup-java@v1
+        uses: actions/setup-java@v3
         with:
-          java-version: 11
+          distribution: 'temurin'
+          java-version: '17'
+          cache: 'maven'
 
       # Run maven to build the project
       - name: Maven
@@ -215,14 +196,6 @@ jobs:
         run: |
           mvn package -ntp -B
 
-       # If there was no cache hit above, store the output into the cache now.
-      - name: Save Maven repo into cache
-        if: ${{ steps.check-mvn-cache.outputs.cache-hit }} != 'true'
-        uses: actions/cache@v2
-        with:
-          path: ${{ env.MVN_REPO_DIR }}
-          key: ${{ env.MVN_HASH }}
-
       - name: Build Image
         id: build_image_multiarch
         uses: ./buildah-build/
@@ -230,8 +203,7 @@ jobs:
           image: ${{ env.IMAGE_NAME }}
           tags: ${{ env.IMAGE_TAG }}
           base-image: 'registry.access.redhat.com/openjdk/openjdk-11-rhel7'
-          arch: ${{ matrix.arch }}
+          archs: amd64, i386, ppc64le
-          build-args: ARCH=${{ matrix.arch }}
           # To avoid hardcoding a particular version of the binary.
           content: |
             ./spring-petclinic/target/spring-petclinic-*.jar
@@ -251,8 +223,7 @@ jobs:
       - name: Check images created
         run: buildah images | grep '${{ env.IMAGE_NAME }}'
 
-      - name: Check image metadata
+      - name: Check manifest
         run: |
           set -x
-          buildah inspect ${{ steps.build_image_multiarch.outputs.image }}:${{ env.IMAGE_TAG }} | jq ".OCIv1.architecture"
+          buildah manifest inspect ${{ steps.build_image_multiarch.outputs.image }}:${{ env.IMAGE_TAG }}
-          buildah inspect ${{ steps.build_image_multiarch.outputs.image }}:${{ env.IMAGE_TAG }} | jq ".Docker.architecture"

.github/workflows/scratch_build.yml

@@ -17,7 +17,7 @@ env:
 jobs:
   build:
     name: Build image using Buildah
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     strategy:
       fail-fast: false
       matrix:
@@ -27,7 +27,7 @@ jobs:
 
       # Checkout buildah action github repository
       - name: Checkout Buildah action
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           path: "buildah-build"
 
@@ -38,31 +38,18 @@ jobs:
 
       # Checkout spring-petclinic github repository
       - name: Checkout spring-petclinic project
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           repository: "spring-projects/spring-petclinic"
           path: ${{ env.PROJECT_DIR }}
 
-      # If none of these files has changed, we assume that the contents of
-      # .m2/repository can be fetched from the cache.
-      - name: Hash Maven files
-        working-directory: ${{ env.PROJECT_DIR }}
-        run: |
-          echo "MVN_HASH=${{ hashFiles('**/pom.xml', '.mvn/**/*', 'mvnw*') }}" >> $GITHUB_ENV
-
-      # Download the m2 repository from the cache to speed up the build.
-      - name: Check for Maven cache
-        id: check-mvn-cache
-        uses: actions/cache@v2
-        with:
-          path: ${{ env.MVN_REPO_DIR }}
-          key: ${{ env.MVN_HASH }}
-
       # Setup java.
       - name: Setup Java
-        uses: actions/setup-java@v1
+        uses: actions/setup-java@v3
         with:
-          java-version: 11
+          distribution: 'temurin'
+          java-version: '17'
+          cache: 'maven'
 
       # Run maven to build the project
       - name: Maven
@@ -70,14 +57,6 @@ jobs:
         run: |
           mvn package -ntp -B
 
-       # If there was no cache hit above, store the output into the cache now.
-      - name: Save Maven repo into cache
-        if: ${{ steps.check-mvn-cache.outputs.cache-hit }} != 'true'
-        uses: actions/cache@v2
-        with:
-          path: ${{ env.MVN_REPO_DIR }}
-          key: ${{ env.MVN_HASH }}
-
       # Build image using Buildah action
       - name: Build Image
         id: build_image

.github/workflows/security_scan.yml

@@ -0,0 +1,36 @@
+name: Vulnerability Scan with CRDA
+on:
+  # push:
+  workflow_dispatch:
+  # pull_request_target:
+  #   types: [ assigned, opened, synchronize, reopened, labeled, edited ]
+  # schedule:
+  #   - cron: '0 0 * * *'  # every day at midnight
+
+jobs:
+  crda-scan:
+    runs-on: ubuntu-22.04
+    name: Scan project vulnerability with CRDA
+    steps:
+
+      - uses: actions/checkout@v4
+
+      - name: Setup Node
+        uses: actions/setup-node@v3
+        with:
+          node-version: '20'
+          cache: 'npm'
+
+      - name: Install CRDA
+        uses: redhat-actions/openshift-tools-installer@v1
+        with:
+          source: github
+          github_pat: ${{ github.token }}
+          crda: "latest"
+
+      - name: CRDA Scan
+        id: scan
+        uses: redhat-actions/crda@v1
+        with:
+          crda_key: ${{ secrets.CRDA_KEY }}
+          fail_on: never

.gitignore

@@ -1,2 +1,3 @@
 node_modules/
 out/
+.idea/

CHANGELOG.md

@@ -1,5 +1,23 @@
 # buildah-build Changelog
 
+## v2.13
+- Update action to run on Node20. https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/
+
+## v2.12
+- Forcibly remove existing manifest before creating a new one. [#103](https://github.com/redhat-actions/buildah-build/pull/103)
+
+## v2.11 
+- Update action to run on Node16. https://github.blog/changelog/2022-05-20-actions-can-now-run-in-a-node-js-16-runtime/
+
+## v2.10
+- Make image and tag in lowercase, if found in uppercase. https://github.com/redhat-actions/buildah-build/issues/89
+- Add `--tls-verify` and `extra-args` input for `buildah from` command. https://github.com/redhat-actions/buildah-build/issues/92
+- Remove kubic packages from test workflows. https://github.com/redhat-actions/buildah-build/issues/93
+
+## v2.9
+- Add support for multiple archs and platforms.
+- Allow building image manifest if multi arch or platform is provided.
+
 ## v2.8
 - Allow fully qualified image names in `tags` input, for compatibility with [docker/metadata-action`](https://github.com/docker/metadata-action). [#74](https://github.com/redhat-actions/buildah-build/issues/74)
 - Support for `--platform` argument [#65](https://github.com/redhat-actions/buildah-build/issues/65)

README.md

@@ -25,17 +25,18 @@ After building your image, use [push-to-registry](https://github.com/redhat-acti
 
 | Input Name | Description | Default |
 | ---------- | ----------- | ------- |
-| arch | Label the image with this architecture, instead of defaulting to the host architecture. Refer to [Multi arch builds](#multi-arch-builds) for more information. | None (host architecture)
+| archs | Label the image with this architecture, instead of defaulting to the host architecture. Refer to [Multi arch builds](#multi-arch-builds) for more information. For multiple architectures, seperate them by a comma | None (host architecture)
-| platform | Label the image with this platform, instead of defaulting to the host platform. Refer to [Multi arch builds](#multi-arch-builds) for more information. | None (host platform)
+| platforms | Label the image with this platform, instead of defaulting to the host platform. Refer to [Multi arch builds](#multi-arch-builds) for more information. For multiple platforms, seperate them by a comma | None (host platform)
 | build-args | Build arguments to pass to the Docker build using `--build-arg`, if using a Containerfile that requires ARGs. Use the form `arg_name=arg_value`, and separate arguments with newlines. | None
 | context | Path to directory to use as the build context. | `.`
 | containerfiles\* | The list of Containerfile paths to perform a build using docker instructions. Separate filenames by newline. | **Required**
-| extra-args | Extra args to be passed to buildah bud. Separate arguments by newline. Do not use quotes. | None
+| extra-args | Extra args to be passed to `buildah bud`. Separate arguments by newline. Do not use quotes. | None
 | image | Name to give to the output image. Refer to the [Image and Tag Inputs](#image-tag-inputs) section. | **Required** - unless all `tags` include image name
 | layers | Set to true to cache intermediate layers during the build process. | None
 | oci | Build the image using the OCI metadata format, instead of the Docker format. | `false`
 | tags | One or more tags to give the new image. Separate by whitespace. Refer to the [Image and Tag Inputs](#image-tag-inputs) section. | `latest`
 | labels | One or more labels to give the new image. Separate by newline. | None
+| tls-verify | Require HTTPS and verify certificates when accessing the registry. Set to `false` to skip the verification | `true`
 
 > \* The `containerfiles` input was previously `dockerfiles`. Refer to [this issue](https://github.com/redhat-actions/buildah-build/issues/57).
 
@@ -45,7 +46,7 @@ After building your image, use [push-to-registry](https://github.com/redhat-acti
 
 | Input Name | Description | Default |
 | ---------- | ----------- | ------- |
-| arch | Label the image with this architecture, instead of defaulting to the host architecture. Refer to [Multi arch builds](#multi-arch-builds) for more information. | None (host architecture)
+| archs | Label the image with this architecture, instead of defaulting to the host architecture. Refer to [Multi arch builds](#multi-arch-builds) for more information. For multiple architectures, seperate them by a comma | None (host architecture)
 | base-image | The base image to use for the container. | **Required**
 | content | Paths to files or directories to copy inside the container to create the file image. This is a multiline input to allow you to copy multiple files/directories.| None
 | entrypoint | The entry point to set for the container. Separate arguments by newline. | None
@@ -56,6 +57,8 @@ After building your image, use [push-to-registry](https://github.com/redhat-acti
 | tags | One or more tags to give the new image. Separate by whitespace. Refer to the [Image and Tag Inputs](#image-tag-inputs) section. | `latest`
 | labels | One or more labels to give the new image. Separate by newline. | None
 | workdir | The working directory to use within the container. | None
+| extra-args | Extra args to be passed to `buildah from`. Separate arguments by newline. Do not use quotes. | None
+| tls-verify | Require HTTPS and verify certificates when accessing the registry. Set to `false` to skip the verification. This will be used with `buildah from` command. | `true`
 
 <a id="image-tag-inputs"></a>
 ### Image and Tags Inputs
@@ -123,7 +126,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
 
     - name: Buildah Action
       uses: redhat-actions/buildah-build@v2
@@ -163,7 +166,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
 
     - run: mvn package
 
@@ -197,17 +200,22 @@ sudo podman run --rm --privileged docker.io/tonistiigi/binfmt --install all
 ```
 This registration remains active until the host reboots.
 
-### The `arch` and `platform` inputs
+### The `archs` and `platforms` inputs
-The `arch` and `platform` arguments override the Architecture and Platform labels in the output image, respectively. They do not actually affect the architectures and platforms the output image will run on. The image must still be built for the required architecture or platform.
+
+The `archs` and `platforms` arguments override the Architecture and Platform labels in the output image, respectively. They do not actually affect the architectures and platforms the output image will run on. The image must still be built for the required architecture or platform.
 
 There is a simple example [in this issue](https://github.com/redhat-actions/buildah-build/issues/60#issuecomment-876552452).
 
 ### Creating a Multi-Arch Image List
-Use the [buildah manifest](https://github.com/containers/buildah/blob/main/docs/buildah-manifest.1.md) command to bundle images into an image list, so multiple image can be referenced by the same repository tag.
 
-There are examples and explanations of the `manifest` command [in this issue](https://github.com/containers/buildah/issues/1590).
+Input `archs` and `platforms` is provided to build the multi architecture images. If one of these input is provided with the multiple archs or platforms then a [manifest](https://github.com/containers/buildah/blob/main/docs/buildah-manifest.1.md) is built with the multiple architecture images. Name of the manifest is taken from the inputs `image` and `tags`.
+Incase multiple tags are provided then multiple manifest is created based on the provided tags.
 
-This action does not support the `manifest` command at this time, but there is [an issue open](https://github.com/redhat-actions/buildah-build/issues/61).
+Use the `archs` and `platforms` inputs to build multi-architecture images. The name of the manifest is determined by the image and tags inputs.
+
+If multiple tags are provided, multiple equivalent manifests will be created with the given tags.
+
+[`push-to-registry`](https://github.com/redhat-actions/push-to-registry) action can be used to push the generated image manifest.
 
 ## Build with docker/metadata-action
 

action.yml

@@ -54,21 +54,34 @@ inputs:
     default: 'false'
     required: false
   arch:
-    description: 'Label the image with this ARCH, instead of defaulting to the host architecture.'
+    description:
+      'Label the image with this ARCH, instead of defaulting to the host architecture'
     required: false
   archs:
-    description: 'Alias for "arch". "arch" takes precedence if both are set.'
+    description: |
+      'Same as input 'arch', use this for multiple architectures.
+      Seperate them by a comma'
     required: false
   platform:
     description: |
       Label the image with this PLATFORM, instead of defaulting to the host platform.
       Only supported for containerfile builds.
     required: false
+  platforms:
+    description: |
+      'Same as input 'platform', use this for multiple platforms.
+      Seperate them by a comma'
+    required: false
   extra-args:
     description: |
-      Extra args to be passed to buildah bud.
+      Extra args to be passed to buildah bud and buildah from.
       Separate arguments by newline. Do not use quotes - @actions/exec will do the quoting for you.
     required: false
+  tls-verify:
+    description: |
+      Require HTTPS and verify certificates when accessing the registry. Defaults to true.
+    required: false
+    default: 'true'
 outputs:
   image:
     description: 'Name of the image built'
@@ -77,5 +90,5 @@ outputs:
   image-with-tag:
     description: 'Name of the image tagged with the first tag present'
 runs:
-  using: 'node12'
+  using: 'node20'
   main: 'dist/index.js'

package.json

@@ -1,8 +1,8 @@
 {
   "name": "buildah-build",
-  "version": "1.0.0",
+  "version": "3.0",
   "engines": {
-    "node": "12"
+    "node": "20"
   },
   "description": "Action for building OCI-compatible images using buildah",
   "repository": {
@@ -14,27 +14,28 @@
     "compile": "tsc -p .",
     "bundle": "ncc build src/index.ts --source-map --minify",
     "clean": "rm -rf out/ dist/",
-    "lint": "eslint . --max-warnings=0"
+    "lint": "eslint . --max-warnings=0",
+    "generate-ios": "npx action-io-generator -w -o ./src/generated/inputs-outputs.ts"
   },
   "keywords": [],
   "author": "Red Hat",
   "license": "MIT",
   "dependencies": {
-    "@actions/core": "^1.2.6",
+    "@actions/core": "1.10.1",
-    "@actions/exec": "^1.0.4",
+    "@actions/exec": "1.1.1",
-    "@actions/io": "^1.0.2",
+    "@actions/io": "1.1.3",
-    "ini": "^2.0.0"
+    "ini": "4.1.1"
   },
   "devDependencies": {
-    "@redhat-actions/action-io-generator": "^1.5.0",
+    "@redhat-actions/action-io-generator": "1.5.0",
-    "@redhat-actions/eslint-config": "^1.3.2",
+    "@redhat-actions/eslint-config": "1.3.2",
-    "@redhat-actions/tsconfig": "^1.1.1",
+    "@redhat-actions/tsconfig": "1.2.0",
-    "@types/ini": "^1.3.30",
+    "@types/ini": "1.3.31",
-    "@types/node": "^12",
+    "@types/node": "^20.0",
-    "@typescript-eslint/eslint-plugin": "^4.28.2",
+    "@typescript-eslint/eslint-plugin": "6.7.3",
-    "@typescript-eslint/parser": "^4.28.2",
+    "@typescript-eslint/parser": "6.7.3",
-    "@vercel/ncc": "^0.25.1",
+    "@vercel/ncc": "0.38.0",
-    "eslint": "^7.30.0",
+    "eslint": "8.50.0",
-    "typescript": "^4.3.5"
+    "typescript": "5.2.2"
   }
 }

src/buildah.ts

@@ -21,12 +21,15 @@ export interface BuildahConfigSettings {
 interface Buildah {
     buildUsingDocker(
         image: string, context: string, containerFiles: string[], buildArgs: string[],
-        useOCI: boolean, arch: string, platform: string, labels: string[], layers: string, extraArgs: string[]
+        useOCI: boolean, labels: string[], layers: string,
+        extraArgs: string[], tlsVerify: boolean, arch?: string, platform?: string,
     ): Promise<CommandResult>;
-    from(baseImage: string): Promise<CommandResult>;
+    from(baseImage: string, tlsVerify: boolean, extraArgs: string[]): Promise<CommandResult>;
     config(container: string, setting: BuildahConfigSettings): Promise<CommandResult>;
     copy(container: string, contentToCopy: string[]): Promise<CommandResult | undefined>;
     commit(container: string, newImageName: string, useOCI: boolean): Promise<CommandResult>;
+    manifestCreate(manifest: string): Promise<void>;
+    manifestAdd(manifest: string, imageName: string, tags: string[]): Promise<void>;
 }
 
 export class BuildahCli implements Buildah {
@@ -63,8 +66,17 @@ export class BuildahCli implements Buildah {
     }
 
     async buildUsingDocker(
-        image: string, context: string, containerFiles: string[], buildArgs: string[],
+        image: string,
-        useOCI: boolean, arch: string, platform: string, labels: string[], layers: string, extraArgs: string[]
+        context: string,
+        containerFiles: string[],
+        buildArgs: string[],
+        useOCI: boolean,
+        labels: string[],
+        layers: string,
+        extraArgs: string[],
+        tlsVerify: boolean,
+        arch?: string,
+        platform?: string
     ): Promise<CommandResult> {
         const args: string[] = [ "bud" ];
         if (arch) {
@@ -88,6 +100,7 @@ export class BuildahCli implements Buildah {
             args.push(buildArg);
         });
         args.push(...BuildahCli.getImageFormatOption(useOCI));
+        args.push(`--tls-verify=${tlsVerify}`);
         if (layers) {
             args.push(`--layers=${layers}`);
         }
@@ -100,8 +113,14 @@ export class BuildahCli implements Buildah {
         return this.execute(args);
     }
 
-    async from(baseImage: string): Promise<CommandResult> {
+    async from(baseImage: string, tlsVerify: boolean, extraArgs: string[]): Promise<CommandResult> {
-        return this.execute([ "from", baseImage ]);
+        const args: string[] = [ "from" ];
+        args.push(`--tls-verify=${tlsVerify}`);
+        if (extraArgs.length > 0) {
+            args.push(...extraArgs);
+        }
+        args.push(baseImage);
+        return this.execute(args);
     }
 
     async copy(container: string, contentToCopy: string[], contentPath?: string): Promise<CommandResult | undefined> {
@@ -111,8 +130,9 @@ export class BuildahCli implements Buildah {
 
         core.debug("copy");
         core.debug(container);
-        for (const content of contentToCopy) {
+        core.debug("content: " + contentToCopy.join(" "));
-            const args: string[] = [ "copy", container, content ];
+        if (contentToCopy.length > 0) {
+            const args: string[] = [ "copy", container ].concat(contentToCopy);
             if (contentPath) {
                 args.push(contentPath);
             }
@@ -169,13 +189,51 @@ export class BuildahCli implements Buildah {
         return this.execute(args);
     }
 
-    async tag(imageName: string, tags: string[]): Promise<CommandResult> {
+    async tag(imageName: string, tags: string[]): Promise<void> {
         const args: string[] = [ "tag" ];
+        const builtImage = [];
         for (const tag of tags) {
             args.push(getFullImageName(imageName, tag));
+            builtImage.push(getFullImageName(imageName, tag));
         }
         core.info(`Tagging the built image with tags ${tags.toString()}`);
-        return this.execute(args);
+        await this.execute(args);
+        core.info(`✅ Successfully built image${builtImage.length !== 1 ? "s" : ""} "${builtImage.join(", ")}"`);
+    }
+
+    // Unfortunately buildah doesn't support the exists command yet
+    // https://github.com/containers/buildah/issues/4217
+
+    // async manifestExists(manifest: string): Promise<boolean> {
+    //     const args: string[] = [ "manifest", "exists" ];
+    //     args.push(manifest);
+    //     const execOptions: exec.ExecOptions = {ignoreReturnCode: true};
+    //     core.info(`Checking if manifest ${manifest} exists`);
+    //     const {exitCode} = await this.execute(args, execOptions);
+    //     return exitCode ? false : true;
+    // }
+
+    async manifestRm(manifest: string): Promise<void> {
+        const execOptions: exec.ExecOptions = { ignoreReturnCode: true };
+        const args: string[] = [ "manifest", "rm" ];
+        args.push(manifest);
+        core.info(`Removing existing manifest ${manifest}`);
+        await this.execute(args, execOptions);
+    }
+
+    async manifestCreate(manifest: string): Promise<void> {
+        const args: string[] = [ "manifest", "create" ];
+        args.push(manifest);
+        core.info(`Creating manifest ${manifest}`);
+        await this.execute(args);
+    }
+
+    async manifestAdd(manifest: string, image: string): Promise<void> {
+        const args: string[] = [ "manifest", "add" ];
+        args.push(manifest);
+        args.push(image);
+        core.info(`Adding image "${image}" to the manifest.`);
+        await this.execute(args);
     }
 
     private static convertArrayToStringArg(args: string[]): string {

src/generated/inputs-outputs.ts

@@ -1,13 +1,14 @@
 // This file was auto-generated by action-io-generator. Do not edit by hand!
 export enum Inputs {
     /**
-     * Label the image with this ARCH, instead of defaulting to the host architecture.
+     * Label the image with this ARCH, instead of defaulting to the host architecture
      * Required: false
      * Default: None.
      */
     ARCH = "arch",
     /**
-     * Alias for "arch". "arch" takes precedence if both are set.
+     * 'Same as input 'arch', use this for multiple architectures.
+     * Seperate them by a comma'
      * Required: false
      * Default: None.
      */
@@ -61,7 +62,7 @@ export enum Inputs {
      */
     ENVS = "envs",
     /**
-     * Extra args to be passed to buildah bud.
+     * Extra args to be passed to buildah bud and buildah from.
      * Separate arguments by newline. Do not use quotes - @actions/exec will do the quoting for you.
      * Required: false
      * Default: None.
@@ -98,6 +99,13 @@ export enum Inputs {
      * Default: None.
      */
     PLATFORM = "platform",
+    /**
+     * 'Same as input 'platform', use this for multiple platforms.
+     * Seperate them by a comma'
+     * Required: false
+     * Default: None.
+     */
+    PLATFORMS = "platforms",
     /**
      * The port to expose when running containers based on image
      * Required: false
@@ -110,6 +118,12 @@ export enum Inputs {
      * Default: "latest"
      */
     TAGS = "tags",
+    /**
+     * Require HTTPS and verify certificates when accessing the registry. Defaults to true.
+     * Required: false
+     * Default: "true"
+     */
+    TLS_VERIFY = "tls-verify",
     /**
      * The working directory to use within the container
      * Required: false

src/index.ts

@@ -10,7 +10,7 @@ import { Inputs, Outputs } from "./generated/inputs-outputs";
 import { BuildahCli, BuildahConfigSettings } from "./buildah";
 import {
     getArch, getPlatform, getContainerfiles, getInputList, splitByNewline,
-    isFullImageName, getFullImageName,
+    isFullImageName, getFullImageName, removeIllegalCharacters,
 } from "./utils";
 
 export async function run(): Promise<void> {
@@ -37,53 +37,123 @@ export async function run(): Promise<void> {
     const labels = core.getInput(Inputs.LABELS);
     const labelsList: string[] = labels ? splitByNewline(labels) : [];
 
+    const normalizedTagsList: string[] = [];
+    let isNormalized = false;
+    for (const tag of tagsList) {
+        normalizedTagsList.push(tag.toLowerCase());
+        if (tag.toLowerCase() !== tag) {
+            isNormalized = true;
+        }
+    }
+    const normalizedImage = image.toLowerCase();
+    if (isNormalized || image !== normalizedImage) {
+        core.warning(`Reference to image and/or tag must be lowercase.`
+        + ` Reference has been converted to be compliant with standard.`);
+    }
+
     // info message if user doesn't provides any tag
     if (tagsList.length === 0) {
         core.info(`Input "${Inputs.TAGS}" is not provided, using default tag "${DEFAULT_TAG}"`);
         tagsList.push(DEFAULT_TAG);
     }
 
+    const inputExtraArgsStr = core.getInput(Inputs.EXTRA_ARGS);
+    let buildahExtraArgs: string[] = [];
+    if (inputExtraArgsStr) {
+        // transform the array of lines into an array of arguments
+        // by splitting over lines, then over spaces, then trimming.
+        const lines = splitByNewline(inputExtraArgsStr);
+        buildahExtraArgs = lines.flatMap((line) => line.split(" ")).map((arg) => arg.trim());
+    }
+
     // check if all tags provided are in `image:tag` format
-    const isFullImageNameTag = isFullImageName(tagsList[0]);
+    const isFullImageNameTag = isFullImageName(normalizedTagsList[0]);
-    if (tagsList.some((tag) => isFullImageName(tag) !== isFullImageNameTag)) {
+    if (normalizedTagsList.some((tag) => isFullImageName(tag) !== isFullImageNameTag)) {
         throw new Error(`Input "${Inputs.TAGS}" cannot have a mix of full name and non full name tags. Refer to https://github.com/redhat-actions/buildah-build#image-tag-inputs`);
     }
-    if (!isFullImageNameTag && !image) {
+    if (!isFullImageNameTag && !normalizedImage) {
         throw new Error(`Input "${Inputs.IMAGE}" must be provided when not using full image name tags. Refer to https://github.com/redhat-actions/buildah-build#image-tag-inputs`);
     }
 
-    const newImage = getFullImageName(image, tagsList[0]);
+    const newImage = getFullImageName(normalizedImage, normalizedTagsList[0]);
     const useOCI = core.getInput(Inputs.OCI) === "true";
 
-    const arch = getArch();
+    const archs = getArch();
-    const platform = getPlatform();
+    const platforms = getPlatform();
 
-    if (arch && platform) {
+    if ((archs.length > 0) && (platforms.length > 0)) {
         throw new Error("The --platform option may not be used in combination with the --arch option.");
     }
 
+    const builtImage = [];
     if (containerFiles.length !== 0) {
-        await doBuildUsingContainerFiles(cli, newImage, workspace, containerFiles, useOCI, arch, platform, labelsList);
+        builtImage.push(...await doBuildUsingContainerFiles(
+            cli,
+            newImage,
+            workspace,
+            containerFiles,
+            useOCI,
+            archs,
+            platforms,
+            labelsList,
+            buildahExtraArgs
+        ));
     }
     else {
-        if (platform) {
+        if (platforms.length > 0) {
             throw new Error("The --platform option is not supported for builds without containerfiles.");
         }
-        await doBuildFromScratch(cli, newImage, useOCI, arch, labelsList);
+        builtImage.push(...await doBuildFromScratch(cli, newImage, useOCI, archs, labelsList, buildahExtraArgs));
     }
 
-    if (tagsList.length > 1) {
+    if ((archs.length > 1) || (platforms.length > 1)) {
-        await cli.tag(image, tagsList);
+        core.info(`Creating manifest with tag${normalizedTagsList.length !== 1 ? "s" : ""} `
+            + `"${normalizedTagsList.join(", ")}"`);
+        const builtManifest = [];
+        for (const tag of normalizedTagsList) {
+            const manifestName = getFullImageName(normalizedImage, tag);
+            // Force-remove existing manifest to prevent errors on recurring build on the same machine
+            await cli.manifestRm(manifestName);
+            await cli.manifestCreate(manifestName);
+            builtManifest.push(manifestName);
+
+            for (const arch of archs) {
+                const tagSuffix = removeIllegalCharacters(arch);
+                await cli.manifestAdd(manifestName, `${newImage}-${tagSuffix}`);
             }
-    core.setOutput(Outputs.IMAGE, image);
+
+            for (const platform of platforms) {
+                const tagSuffix = removeIllegalCharacters(platform);
+                await cli.manifestAdd(manifestName, `${newImage}-${tagSuffix}`);
+            }
+        }
+
+        core.info(`✅ Successfully built image${builtImage.length !== 1 ? "s" : ""} "${builtImage.join(", ")}" `
+            + `and manifest${builtManifest.length !== 1 ? "s" : ""} "${builtManifest.join(", ")}"`);
+    }
+    else if (normalizedTagsList.length > 1) {
+        await cli.tag(normalizedImage, normalizedTagsList);
+    }
+    else if (normalizedTagsList.length === 1) {
+        core.info(`✅ Successfully built image "${getFullImageName(normalizedImage, normalizedTagsList[0])}"`);
+    }
+
+    core.setOutput(Outputs.IMAGE, normalizedImage);
     core.setOutput(Outputs.TAGS, tags);
     core.setOutput(Outputs.IMAGE_WITH_TAG, newImage);
 }
 
 async function doBuildUsingContainerFiles(
-    cli: BuildahCli, newImage: string, workspace: string, containerFiles: string[], useOCI: boolean, arch: string,
+    cli: BuildahCli,
-    platform: string, labels: string[],
+    newImage: string,
-): Promise<void> {
+    workspace: string,
+    containerFiles: string[],
+    useOCI: boolean,
+    archs: string[],
+    platforms: string[],
+    labels: string[],
+    extraArgs: string[]
+): Promise<string[]> {
     if (containerFiles.length === 1) {
         core.info(`Performing build from Containerfile`);
     }
@@ -95,23 +165,98 @@ async function doBuildUsingContainerFiles(
     const buildArgs = getInputList(Inputs.BUILD_ARGS);
     const containerFileAbsPaths = containerFiles.map((file) => path.join(workspace, file));
     const layers = core.getInput(Inputs.LAYERS);
+    const tlsVerify = core.getInput(Inputs.TLS_VERIFY) === "true";
 
-    const inputExtraArgsStr = core.getInput(Inputs.EXTRA_ARGS);
+    const builtImage = [];
-    let buildahBudExtraArgs: string[] = [];
+    // since multi arch image can not have same tag
-    if (inputExtraArgsStr) {
+    // therefore, appending arch/platform in the tag
-        // transform the array of lines into an array of arguments
+    if (archs.length > 0 || platforms.length > 0) {
-        // by splitting over lines, then over spaces, then trimming.
+        for (const arch of archs) {
-        const lines = splitByNewline(inputExtraArgsStr);
+            // handling it seperately as, there is no need of
-        buildahBudExtraArgs = lines.flatMap((line) => line.split(" ")).map((arg) => arg.trim());
+            // tagSuffix if only one image has to be built
+            let tagSuffix = "";
+            if (archs.length > 1) {
+                tagSuffix = `-${removeIllegalCharacters(arch)}`;
             }
             await cli.buildUsingDocker(
-        newImage, context, containerFileAbsPaths, buildArgs, useOCI, arch, platform, labels, layers, buildahBudExtraArgs
+                `${newImage}${tagSuffix}`,
+                context,
+                containerFileAbsPaths,
+                buildArgs,
+                useOCI,
+                labels,
+                layers,
+                extraArgs,
+                tlsVerify,
+                arch
             );
+            builtImage.push(`${newImage}${tagSuffix}`);
+        }
+
+        for (const platform of platforms) {
+            let tagSuffix = "";
+            if (platforms.length > 1) {
+                tagSuffix = `-${removeIllegalCharacters(platform)}`;
+            }
+            await cli.buildUsingDocker(
+                `${newImage}${tagSuffix}`,
+                context,
+                containerFileAbsPaths,
+                buildArgs,
+                useOCI,
+                labels,
+                layers,
+                extraArgs,
+                tlsVerify,
+                undefined,
+                platform
+            );
+            builtImage.push(`${newImage}${tagSuffix}`);
+        }
+    }
+
+    else if (archs.length === 1 || platforms.length === 1) {
+        await cli.buildUsingDocker(
+            newImage,
+            context,
+            containerFileAbsPaths,
+            buildArgs,
+            useOCI,
+            labels,
+            layers,
+            extraArgs,
+            tlsVerify,
+            archs[0],
+            platforms[0]
+        );
+        builtImage.push(newImage);
+    }
+    else {
+        await cli.buildUsingDocker(
+            newImage,
+            context,
+            containerFileAbsPaths,
+            buildArgs,
+            useOCI,
+            labels,
+            layers,
+            extraArgs,
+            tlsVerify
+        );
+        builtImage.push(newImage);
+    }
+
+    return builtImage;
 }
 
 async function doBuildFromScratch(
-    cli: BuildahCli, newImage: string, useOCI: boolean, arch: string, labels: string[],
+    cli: BuildahCli,
-): Promise<void> {
+    newImage: string,
+    useOCI: boolean,
+    archs: string[],
+    labels: string[],
+    extraArgs: string[]
+): Promise<string[]> {
     core.info(`Performing build from scratch`);
 
     const baseImage = core.getInput(Inputs.BASE_IMAGE, { required: true });
@@ -120,10 +265,18 @@ async function doBuildFromScratch(
     const port = core.getInput(Inputs.PORT);
     const workingDir = core.getInput(Inputs.WORKDIR);
     const envs = getInputList(Inputs.ENVS);
+    const tlsVerify = core.getInput(Inputs.TLS_VERIFY) === "true";
 
-    const container = await cli.from(baseImage);
+    const container = await cli.from(baseImage, tlsVerify, extraArgs);
     const containerId = container.output.replace("\n", "");
 
+    const builtImage = [];
+    if (archs.length > 0) {
+        for (const arch of archs) {
+            let tagSuffix = "";
+            if (archs.length > 1) {
+                tagSuffix = `-${removeIllegalCharacters(arch)}`;
+            }
             const newImageConfig: BuildahConfigSettings = {
                 entrypoint,
                 port,
@@ -134,7 +287,25 @@ async function doBuildFromScratch(
             };
             await cli.config(containerId, newImageConfig);
             await cli.copy(containerId, content);
+            await cli.commit(containerId, `${newImage}${tagSuffix}`, useOCI);
+            builtImage.push(`${newImage}${tagSuffix}`);
+        }
+    }
+    else {
+        const newImageConfig: BuildahConfigSettings = {
+            entrypoint,
+            port,
+            workingdir: workingDir,
+            envs,
+            labels,
+        };
+        await cli.config(containerId, newImageConfig);
+        await cli.copy(containerId, content);
         await cli.commit(containerId, newImage, useOCI);
+        builtImage.push(newImage);
+    }
+
+    return builtImage;
 }
 
 run().catch(core.setFailed);

src/utils.ts

@@ -55,7 +55,9 @@ export async function findFuseOverlayfsPath(): Promise<string | undefined> {
         fuseOverlayfsPath = await io.which("fuse-overlayfs");
     }
     catch (err) {
-        core.debug(err);
+        if (err instanceof Error) {
+            core.debug(err.message);
+        }
     }
 
     return fuseOverlayfsPath;
@@ -65,24 +67,50 @@ export function splitByNewline(s: string): string[] {
     return s.split(/\r?\n/);
 }
 
-export function getArch(): string {
+export function getArch(): string[] {
-    // 'arch' should be used over 'archs', see https://github.com/redhat-actions/buildah-build/issues/60
+    const archs = getCommaSeperatedInput(Inputs.ARCHS);
-    const archs = core.getInput(Inputs.ARCHS);
+
     const arch = core.getInput(Inputs.ARCH);
 
-    if (arch && archs) {
+    if (arch && archs.length > 0) {
         core.warning(
             `Both "${Inputs.ARCH}" and "${Inputs.ARCHS}" inputs are set. `
-            + `Please use only one of these two inputs, as they are aliases of one another. `
+            + `Please use "${Inputs.ARCH}" if you want to provide multiple `
-            + `"${Inputs.ARCH}" takes precedence.`
+            + `ARCH else use ${Inputs.ARCH}". "${Inputs.ARCHS}" takes preference.`
         );
     }
 
-    return arch || archs;
+    if (archs.length > 0) {
+        return archs;
+    }
+    else if (arch) {
+        return [ arch ];
+    }
+    return [];
 }
 
-export function getPlatform(): string {
+export function getPlatform(): string[] {
-    return core.getInput(Inputs.PLATFORM);
+    const platform = core.getInput(Inputs.PLATFORM);
+    const platforms = getCommaSeperatedInput(Inputs.PLATFORMS);
+
+    if (platform && platforms.length > 0) {
+        core.warning(
+            `Both "${Inputs.PLATFORM}" and "${Inputs.PLATFORMS}" inputs are set. `
+            + `Please use "${Inputs.PLATFORMS}" if you want to provide multiple `
+            + `PLATFORM else use ${Inputs.PLATFORM}". "${Inputs.PLATFORMS}" takes preference.`
+        );
+    }
+
+    if (platforms.length > 0) {
+        core.debug("return platforms");
+        return platforms;
+    }
+    else if (platform) {
+        core.debug("return platform");
+        return [ platform ];
+    }
+    core.debug("return empty");
+    return [];
 }
 
 export function getContainerfiles(): string[] {
@@ -115,6 +143,20 @@ export function getInputList(name: string): string[] {
         );
 }
 
+export function getCommaSeperatedInput(name: string): string[] {
+    const items = core.getInput(name);
+    if (items.length === 0) {
+        core.debug("empty");
+        return [];
+    }
+    const splitItems = items.split(",");
+    return splitItems
+        .reduce<string[]>(
+            (acc, line) => acc.concat(line).map((item) => item.trim()),
+            [],
+        );
+}
+
 export function isFullImageName(image: string): boolean {
     return image.indexOf(":") > 0;
 }
@@ -125,3 +167,7 @@ export function getFullImageName(image: string, tag: string): string {
     }
     return `${image}:${tag}`;
 }
+
+export function removeIllegalCharacters(item: string): string {
+    return item.replace(/[^a-zA-Z0-9 ]/g, "");
+}