fix: 启用多架构 Docker 构建 (amd64 + arm64)

[AmintaCCCP]

问题

当前 GHCR 上的镜像只有 linux/amd64 平台，Apple Silicon Mac (M1/M2/M3) 用户无法直接使用。

修复

• 添加 docker/setup-qemu-action 步骤启用跨平台模拟
• 在 docker/build-push-action 中声明 platforms: linux/amd64,linux/arm64

合并后发布的镜像将同时支持：

• linux/amd64 — Intel/AMD 服务器和 PC
• linux/arm64 — Apple Silicon Mac、ARM 服务器（如 AWS Graviton）

注意： 多架构构建时间会比单架构长约 2-3 倍（arm64 通过 QEMU 模拟编译）。better-sqlite3 原生模块在 arm64 Alpine 上会从源码编译，node:22-alpine 已包含所需构建工具。

Summary by CodeRabbit

• Chores
  • Docker images are now built and published for both x86_64 and ARM64 architectures, extending compatibility across different hardware platforms and environments.

[coderabbitai]

📝 Walkthrough

Walkthrough

The Docker publish workflow now enables multi-architecture image builds by setting up QEMU before the build step and configuring the build/push step to target both linux/amd64 and linux/arm64 platforms. The 4-line change preserves existing tag extraction and push behavior while extending container image support.

Changes

Multi-architecture Docker image builds

Layer / File(s)	Summary
QEMU setup for cross-platform builds .github/workflows/docker-publish.yml	Added docker/setup-qemu-action step to enable Docker Buildx cross-platform build capability.
Multi-architecture platform targeting .github/workflows/docker-publish.yml	Docker build/push step specifies linux/amd64,linux/arm64 as target platforms.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• AmintaCCCP/GithubStarsManager#190: Directly related workflow modification that affects the same Docker publish pipeline configuration.

Poem

🐰 A rabbit hops through Docker's door,
With QEMU's magic, builds are more—
ARM and amd64 unite in cheer,
Cross-platform images are here! 🎉

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly indicates the main change: enabling multi-architecture Docker builds for amd64 and arm64, which matches the core objective and changes made to the workflow.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/docker-multi-arch

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (2)

.github/workflows/docker-publish.yml (2)

54-63: Consider cache storage and ARM64 testing implications.

Multi-architecture builds will generate separate cache layers for each platform, approximately doubling GitHub Actions cache storage usage. Additionally, consider testing the ARM64 images on actual ARM hardware (e.g., using ARM-based GitHub-hosted runners when available, or self-hosted ARM runners) to verify the better-sqlite3 native module compiles and runs correctly.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/docker-publish.yml around lines 54 - 63, Adjust the Docker
build step (the "Build and push Docker image" job using
docker/build-push-action) to avoid duplicating cache layers across platforms and
to add ARM64 test coverage: configure cache scoping by platform (use separate
cache keys/scopes per platforms value or include platform in the
cache-from/cache-to scope/key so cache-from: type=gha and cache-to:
type=gha,mode=max do not collide across linux/amd64 and linux/arm64), and add a
separate workflow job or matrix entry that runs the ARM64 variant on an ARM
runner (GitHub-hosted ARM runner or a self-hosted ARM64 runner) to build and run
tests that exercise the better-sqlite3 native module (so the "platforms" entry
remains multi-arch for push but ARM64 compilation/runtime validation happens on
an ARM runner).

---

26-27: Approve docker/setup-qemu-action v3 SHA; optional update to v4

• The pinned SHA c7c53464625b32c7a7e944ae62b3e17d2b600130 matches the v3 tag, and the GitHub vulnerability alert query returned no results.
• New releases exist (e.g., v4.1.0); consider bumping if you want the latest fixes/improvements (no security issue indicated by the alerts).

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/docker-publish.yml around lines 26 - 27, Approve the
pinned docker/setup-qemu-action SHA (c7c53464625b32c7a7e944ae62b3e17d2b600130)
for the v3 usage in the workflow or bump to the latest v4 release by replacing
the current uses entry
(docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130) with the v4
tag or its corresponding pinned commit SHA (e.g.,
docker/setup-qemu-action@v4.1.0 or the v4 commit SHA) to opt into newer fixes;
ensure the new reference is a full, verified tag or commit SHA before
committing.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In @.github/workflows/docker-publish.yml:
- Around line 54-63: Adjust the Docker build step (the "Build and push Docker
image" job using docker/build-push-action) to avoid duplicating cache layers
across platforms and to add ARM64 test coverage: configure cache scoping by
platform (use separate cache keys/scopes per platforms value or include platform
in the cache-from/cache-to scope/key so cache-from: type=gha and cache-to:
type=gha,mode=max do not collide across linux/amd64 and linux/arm64), and add a
separate workflow job or matrix entry that runs the ARM64 variant on an ARM
runner (GitHub-hosted ARM runner or a self-hosted ARM64 runner) to build and run
tests that exercise the better-sqlite3 native module (so the "platforms" entry
remains multi-arch for push but ARM64 compilation/runtime validation happens on
an ARM runner).
- Around line 26-27: Approve the pinned docker/setup-qemu-action SHA
(c7c53464625b32c7a7e944ae62b3e17d2b600130) for the v3 usage in the workflow or
bump to the latest v4 release by replacing the current uses entry
(docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130) with the v4
tag or its corresponding pinned commit SHA (e.g.,
docker/setup-qemu-action@v4.1.0 or the v4 commit SHA) to opt into newer fixes;
ensure the new reference is a full, verified tag or commit SHA before
committing.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: eaa14809-1486-4fc1-8210-9d4b1957c099

📥 Commits

Reviewing files that changed from the base of the PR and between bfe511e and a207ea4.

📒 Files selected for processing (1)

• .github/workflows/docker-publish.yml