ci(GITHUB): support multiple container platforms

.cicd-tools/container/Dockerfile

@@ -0,0 +1,63 @@
+FROM ubuntu:22.04 as sha
+
+ARG BUILD_ARG_ARCH_FORMAT_1
+ARG BUILD_ARG_ARCH_FORMAT_2
+ARG BUILD_ARG_ARCH_FORMAT_3
+ARG BUILD_ARG_ARCH_FORMAT_4
+
+# hadolint ignore=DL3008
+RUN apt-get update \
+    && apt-get install -y \
+       --no-install-recommends \
+       ca-certificates \
+       curl \
+       xz-utils \
+    && rm -rf /var/lib/apt/lists/*
+
+ENV ACTIONLINT_VERSION "https://github.com/rhysd/actionlint/releases/download/v1.6.26/actionlint_1.6.26_linux_${BUILD_ARG_ARCH_FORMAT_1}.tar.gz"
+ENV HADOLINT_VERSION "https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-${BUILD_ARG_ARCH_FORMAT_2}"
+ENV JQ_VERSION "https://github.com/jqlang/jq/releases/download/jq-1.7.1/jq-linux-${BUILD_ARG_ARCH_FORMAT_1}"
+ENV SHFMT_VERSION "https://github.com/mvdan/sh/releases/download/v3.7.0/shfmt_v3.7.0_linux_${BUILD_ARG_ARCH_FORMAT_1}"
+ENV SHELLCHECK_VERSION "https://github.com/koalaman/shellcheck/releases/download/v0.9.0/shellcheck-v0.9.0.linux.${BUILD_ARG_ARCH_FORMAT_3}.tar.xz"
+ENV TOMLL_VERSION "https://github.com/pelletier/go-toml/releases/download/v2.1.1/tomll_2.1.1_linux_${BUILD_ARG_ARCH_FORMAT_1}.tar.xz"
+ENV VALE_VERSION "https://github.com/errata-ai/vale/releases/download/v2.30.0/vale_2.30.0_Linux_${BUILD_ARG_ARCH_FORMAT_4}.tar.gz"
+
+RUN mkdir -p /dist
+
+RUN curl -sL --retry 3 "${ACTIONLINT_VERSION}" -o /tmp/actionlint.tar.gz \
+    && tar xvzf /tmp/actionlint.tar.gz actionlint \
+    && mv actionlint /dist
+
+RUN curl -sL --retry 3 "${HADOLINT_VERSION}" -o /dist/hadolint \
+    && chmod +x /dist/hadolint
+
+RUN curl -sL --retry 3 "${JQ_VERSION}" -o /dist/jq \
+    && chmod +x /dist/jq
+
+RUN curl -sL --retry 3 "${SHELLCHECK_VERSION}" -o /tmp/shellcheck.tar.xz \
+    && tar xvJf /tmp/shellcheck.tar.xz --strip-components=1 \
+    && mv shellcheck /dist
+
+RUN curl -sL --retry 3 "${SHFMT_VERSION}" -o /dist/shfmt \
+    && chmod +x /dist/shfmt
+
+RUN curl -sL --retry 3 "${TOMLL_VERSION}" -o /tmp/tomll.tar.xz \
+    && tar xvJf /tmp/tomll.tar.xz tomll \
+    && mv tomll /dist
+
+RUN curl -sL --retry 3 "${VALE_VERSION}" -o /tmp/vale.tar.gz \
+    && tar xvzf /tmp/vale.tar.gz vale \
+    && mv vale /dist
+
+COPY ${BUILD_ARG_ARCH_FORMAT_1}/Dockerfile.sha256 /dist
+
+WORKDIR /dist
+
+RUN sha256sum -c Dockerfile.sha256 && exit 0 || sha256sum /dist/* && exit 127
+
+FROM scratch as ship
+
+LABEL org.opencontainers.image.source=https://github.com/cicd-tools-org/cicd-tools
+LABEL org.opencontainers.image.description="FOSS binaries for CICD-Tools."
+
+COPY --from=sha /dist/* /bin/

.cicd-tools/container/amd64/Dockerfile.sha256

@@ -1,7 +1,7 @@
-e6e7df5554a0dd61a22b60f809b8211e0916522bb889163e4cae31794004b8cf  actionlint
+2682275749f9f86b958b35d8a48376466a30b2326a9d6b8f4ba3fe3adfe284cb  actionlint
 56de6d5e5ec427e17b74fa48d51271c7fc0d61244bf5c90e828aab8362d55010  hadolint
-af986793a515d500ab2d35f8d2aecd656e764504b789b66d7e1a0b727a124c44  jq
+5942c9b0934e510ee61eb3e30273f1b3fe2590df93933a93d7c58b81d19c8ff5  jq
 7087178d54de6652b404c306233264463cb9e7a9afeb259bb663cc4dbfd64149  shellcheck
-3526b10b76451f77c9c6e383465b0f54b20d010d539a08fdb831502f5e7b86c7  shfmt
-057497cf6c714fb636a6fac5c00845cb1db11bb889d713065c74ae6c6da94389  tomll
-be81bc799d5cf4c99c9fe6f0b2633b36d7cfb38d51483f050402eafade3ad781  vale
+0264c424278b18e22453fe523ec01a19805ce3b8ebf18eaf3aadc1edc23f42e3  shfmt
+f57a40a14636198a8bfa5ad0d27c0f5e62b4ecea069d447a0ddccee781c6a75a  tomll
+8d81028547b8724d25d85a686d9a6d189b9f02aca3ce9646737709c8e3898e57  vale

.cicd-tools/container/arm64/Dockerfile.sha256

@@ -0,0 +1,7 @@
+99c8f183eb4c492d7e859257790284ad7e0a375395ae4bc9a0c783f4b96df868  actionlint
+5798551bf19f33951881f15eb238f90aef023f11e7ec7e9f4c37961cb87c5df6  hadolint
+4dd2d8a0661df0b22f1bb9a1f9830f06b6f3b8f7d91211a1ef5d7c4f06a8b4a5  jq
+ef4c0f06039f2034dfba012251ddfeb1edba88e049fc5edfbc289fef179daaa0  shellcheck
+111612560d15bd53d8e8f8f85731176ce12f3b418ec473d39a40ed6bbec772de  shfmt
+4e3fb088a2dbb6a2001223e77bbe87dc7f85ad06c06f9c00d402d08e0e1436c2  tomll
+8a7a289c79ae0c19a9cc642bf98e8aee135981731c375bfd5cd6504f1a90bf1c  vale

.github/workflows/job-95-container-multiarch.yml

@@ -0,0 +1,173 @@
+---
+name: job-95-container-multiarch
+
+# Consuming Projects Must Implement:
+# - ./.github/scripts/step-setup-environment.sh
+
+on:
+  workflow_call:
+    inputs:
+      REGISTRY:
+        default: "ghcr.io"
+        description: "Optional, allows you to specify a Docker registry to use."
+        required: false
+        type: string
+      IMAGE_GIT:
+        default: false
+        description: "Optional, allows you to create image tags from git branches and tags."
+        required: false
+        type: boolean
+      IMAGE_NAME:
+        default: ""
+        description: "Optional, allows you to specify the image name, otherwise the configured script will generate one."
+        required: false
+        type: string
+      IMAGE_LATEST:
+        default: false
+        description: "Optional, allows you to designate this as the 'latest' image when pushed."
+        required: false
+        type: boolean
+      MULTIARCH_TAG:
+        default: "multiarch"
+        description: "Optional, allows you specify the multiarch tag that will be used to aggregate images from different platforms."
+        required: false
+        type: string
+      SOURCE_TAGS:
+        description: "The newline separated list of tags you wish to create the multiarch image from."
+        required: true
+        type: string
+      REMOTE_SCRIPT_DEFAULT_SETTER:
+        default: "ci/github/scripts/step-set-value-with-default.sh"
+        description: "Optional, allows you to specify different default value creation script."
+        required: false
+        type: string
+      REMOTE_SCRIPT_SET_VALUE:
+        default: "ci/github/scripts/step-set-value.sh"
+        description: "Optional, allows you to specify a workflow set value script."
+        required: false
+        type: string
+      TESTING_MODE:
+        default: false
+        description: "Optional, allows you to test a workflow failure."
+        required: false
+        type: boolean
+      VERBOSE_NOTIFICATIONS:
+        default: false
+        description: "Optional, allows you to adjust the notification verbosity."
+        required: false
+        type: boolean
+      WORKFLOW_NAME:
+        default: ""
+        description: "Identifies this workflow in notifications."
+        required: false
+        type: string
+    secrets:
+      REGISTRY_USERNAME:
+        description: "Optional, sets the username that will be used to login to the registry.  Default: github.actor"
+        required: false
+      REGISTRY_PASSWORD:
+        description: "Optional, sets the password that will be used to login to the registry.  Default: secrets.GITHUB_TOKEN"
+        required: false
+      SLACK_WEBHOOK:
+        description: "Optional, enables Slack notifications."
+        required: false
+
+jobs:
+
+  multiarch_image:
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Multiarch Image Management -- Checkout Repository
+        uses: actions/checkout@v3
+
+      - name: Multiarch Image Management --Setup Environment
+        env:
+          WORKFLOW_NAME: ${{ inputs.WORKFLOW_NAME }}
+        run: |
+          bash "./.github/scripts/step-setup-environment.sh"
+        shell: bash
+
+      - name: Multiarch Image Management -- Install Toolbox
+        uses: ./.github/actions/action-00-toolbox
+
+      - name: Multiarch Image Management -- Configure Registry
+        id: registry
+        run: |
+          bash "./.cicd-tools/boxes/active/${{ inputs.REMOTE_SCRIPT_DEFAULT_SETTER }}" \
+            -o "IMAGE_NAME" \
+            -d "${PROJECT_OWNER}/${PROJECT_NAME}" \
+            -s "${{ inputs.IMAGE_NAME }}"
+          bash "./.cicd-tools/boxes/active/${{ inputs.REMOTE_SCRIPT_DEFAULT_SETTER }}" \
+            -o "REGISTRY_USERNAME" \
+            -d "${{ github.actor }}" \
+            -s "${{ secrets.REGISTRY_USERNAME }}"
+          bash "./.cicd-tools/boxes/active/${{ inputs.REMOTE_SCRIPT_DEFAULT_SETTER }}" \
+            -o "REGISTRY_PASSWORD" \
+            -d "${{ secrets.GITHUB_TOKEN }}" \
+            -s "${{ secrets.REGISTRY_PASSWORD }}"
+        shell: bash
+
+      - name: Multiarch Image Management -- Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ inputs.REGISTRY }}
+          username: ${{ steps.registry.outputs.REGISTRY_USERNAME }}
+          password: ${{ steps.registry.outputs.REGISTRY_PASSWORD }}
+
+      - name: Multiarch Image Management -- Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Multiarch Image Management -- Build Tag to Platform Mappings
+        id: tags
+        run: |
+          PREFIX="${{ inputs.REGISTRY }}/${{ steps.registry.outputs.IMAGE_NAME }}"
+          IFS=$'\n' read -r -d '' -a TAGS <<< "${{ inputs.SOURCE_TAGS }}" || true
+          SOURCE_IMAGES=""
+          for TAG in "${TAGS[@]}"; do
+            SOURCE_IMAGE="${PREFIX}:$(echo "${TAG}" | tr -d '[:blank:]')"
+            SOURCE_IMAGES="${SOURCE_IMAGES} ${SOURCE_IMAGE}"
+          done
+          bash "./.cicd-tools/boxes/active/${{ inputs.REMOTE_SCRIPT_SET_VALUE }}" \
+            echo "${SOURCE_IMAGES}"
+        shell: bash
+
+      - name: Multiarch Image Management -- Create Multiarch Image
+        run: |
+          docker buildx imagetools create -t \
+            ${{ inputs.REGISTRY }}/${{ steps.registry.outputs.IMAGE_NAME }}:${{ inputs.MULTIARCH_TAG }} \
+            ${{ steps.tags.outputs.value }}
+        shell: bash
+
+      - name: Multiarch Image Management -- Append Latest Tag
+        if: inputs.IMAGE_LATEST == true
+        run: |
+          docker buildx imagetools create -t \
+            ${{ inputs.REGISTRY }}/${{ steps.registry.outputs.IMAGE_NAME }}:latest \
+            ${{ inputs.REGISTRY }}/${{ steps.registry.outputs.IMAGE_NAME }}:${{ inputs.MULTIARCH_TAG }}
+
+      - name: Multiarch Image Management -- Append Git Tag
+        if: inputs.IMAGE_GIT == true
+        run: |
+          docker buildx imagetools create -t \
+            ${{ inputs.REGISTRY }}/${{ steps.registry.outputs.IMAGE_NAME }}:${{ env.BRANCH_OR_TAG }} \
+            ${{ inputs.REGISTRY }}/${{ steps.registry.outputs.IMAGE_NAME }}:${{ inputs.MULTIARCH_TAG }}
+
+      - name: Multiarch Image Management -- Report Job Status on Success
+        if: inputs.VERBOSE_NOTIFICATIONS == true
+        uses: ./.cicd-tools/boxes/active/ci/github/actions/action-00-generic-notification
+        with:
+          NOTIFICATION_MESSAGE: |
+            Multiarch image has been created!
+            Pushed Image: ${{ inputs.REGISTRY }}/${{ steps.registry.outputs.IMAGE_NAME }}:${{ inputs.MULTIARCH_TAG }}
+          NOTIFICATION_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
+
+      - name: Multiarch Image Management -- Report Job Status on Failure
+        if: failure() || inputs.TESTING_MODE == true
+        uses: ./.cicd-tools/boxes/active/ci/github/actions/action-00-generic-notification
+        with:
+          NOTIFICATION_EMOJI: ":x:"
+          NOTIFICATION_MESSAGE: "Multiarch image creation has failed!"
+          NOTIFICATION_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
+          TESTING_MODE: ${{ inputs.TESTING_MODE }}