feat(builder): use docker-buildx plugin to build for non-native platforms

README.md

@@ -539,6 +539,30 @@ The `--dockerfile` option makes it possible to build a new minified image direct
 
 The `--use-local-mounts` option is used to choose how the `docker-slim` sensor is added to the target container and how the sensor artifacts are delivered back to the master. If you enable this option you'll get the original `docker-slim` behavior where it uses local file system volume mounts to add the sensor executable and to extract the artifacts from the target container. This option doesn't always work as expected in the dockerized environment where `docker-slim` itself is running in a Docker container. When this option is disabled (default behavior) then a separate Docker volume is used to mount the sensor and the sensor artifacts are explicitly copied from the target container.
 
+#### `docker-buildx` plugin
+
+You can build for multiple platforms using the `docker-buildx` plugin `build` command by setting `--use-buildx=true`.
+This plugin is automatically installed when installing newer versions of docker-ce.
+
+A subset of plugin flags are supported, eaching being prefixed with `--buildx-`.
+
+As an example, here we start a local registry, create a multi-platform builder,
+then run `docker-slim build` to build a manifest list for `linux/arm64` and `linux/amd64` platforms
+and push the list to the local registry:
+
+```console
+$ docker run -d -p 5000:5000 --name test-registry registry:2
+$ docker buildx create --use --driver-opt network=host --bootstrap --driver docker-container --name mybuilder
+$ docker-slim build --use-buildx=true --buildx-platforms linux/arm64,linux/amd64 --buildx-push=true --pull --tag localhost:5000/foo/nginx:slim nginx:latest
+cmd=build info=param.http.probe message='using default probe'
+cmd=build state=started
+...
+cmd=build state=building message="building optimized image" builder=buildx platforms=linux/arm64,linux/amd64
+...
+```
+
+Read more about installation and configuration [here](https://docs.docker.com/buildx/working-with-buildx/).
+
 ## RUNNING CONTAINERIZED
 
 The current version of `docker-slim` is able to run in containers. It will try to detect if it's running in a containerized environment, but you can also tell `docker-slim` explicitly using the `--in-container` global flag.

go.mod

@@ -18,12 +18,14 @@ require (
 	github.com/docker-slim/go-update v0.0.0-20190422071557-ed40247aff59
 	github.com/docker-slim/uilive v0.0.2 // indirect
 	github.com/docker-slim/uiprogress v0.0.0-20190505193231-9d4396e6d40b
+	github.com/docker/cli v20.10.12+incompatible
 	github.com/docker/docker v20.10.12+incompatible
 	github.com/docker/go-connections v0.4.0
 	github.com/dsnet/compress v0.0.1 // indirect
 	github.com/dustin/go-humanize v1.0.0
 	github.com/fatih/color v1.13.0
 	github.com/fsouza/go-dockerclient v1.7.4
+	github.com/fvbommel/sortorder v1.0.2 // indirect
 	github.com/getkin/kin-openapi v0.19.0
 	github.com/ghodss/yaml v1.0.0
 	github.com/gocolly/colly/v2 v2.0.1
@@ -38,13 +40,18 @@ require (
 	github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6
 	github.com/pkg/errors v0.9.1
 	github.com/pkg/term v0.0.0-20200520122047-c3ffed290a03 // indirect
-	github.com/robertkrimen/otto v0.0.0-20211024170158-b87d35c0b86f
 	github.com/sirupsen/logrus v1.8.1
 	github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635
+	github.com/theupdateframework/notary v0.7.0 // indirect
 	github.com/ulikunitz/xz v0.5.7 // indirect
 	github.com/urfave/cli/v2 v2.3.0
 	golang.org/x/net v0.0.0-20211216030914-fe4d6282115f
 	golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e
 )
 
 replace github.com/compose-spec/compose-go => ./pkg/third_party/compose-go
+
+replace (
+	github.com/docker/cli => github.com/docker/cli v20.10.3-0.20220408161037-b68db383d389+incompatible
+	github.com/docker/docker => github.com/docker/docker v20.10.3-0.20220414164044-61404de7df1a+incompatible
+)

pkg/app/master/builder/builder.go

@@ -0,0 +1,37 @@
+package builder
+
+import (
+	"context"
+	"path/filepath"
+
+	"github.com/docker-slim/docker-slim/pkg/util/fsutil"
+)
+
+// ImageBuilder builds an image and returns some data from the build.
+type ImageBuilder interface {
+	// Build the image.
+	Build(context.Context) error
+	// GetLogs from the image builder.
+	GetLogs() string
+	// HasData file/dir that got ADD'd or COPY'd into the image, respectively.
+	HasData() bool
+}
+
+const (
+	tarData = "files.tar"
+	dirData = "files"
+)
+
+// getDataName returns a predetermined name if it exists within the root dir.
+func getDataName(root string) string {
+
+	dataTar := filepath.Join(root, tarData)
+	dataDir := filepath.Join(root, dirData)
+	if fsutil.IsRegularFile(dataTar) {
+		return tarData
+	} else if fsutil.IsDir(dataDir) {
+		return dirData
+	}
+
+	return ""
+}