deployment: fix distroless base arch (#2925)

.github/Dockerfile-release

@@ -1,5 +1,3 @@
-ARG ARCH
-
 # build our own root trust store from current stable
 FROM debian:stable as casource
 RUN apt-get update && apt-get install -y ca-certificates
@@ -10,7 +8,7 @@ RUN rm /usr/share/ca-certificates/mozilla/DST_Root_CA_X3.crt && update-ca-certif
 FROM busybox:latest as build
 RUN touch /config.yaml
 
-FROM gcr.io/distroless/base-debian10:latest-${ARCH}
+FROM gcr.io/distroless/base-debian10:latest-${TARGETARCH:-amd64}
 ENV AUTOCERT_DIR /data/autocert
 WORKDIR /pomerium
 COPY pomerium* /bin/

.github/goreleaser.yaml

@@ -67,7 +67,7 @@ dockers:
     dockerfile: .github/Dockerfile-release
     build_flag_templates:
       - "--pull"
-      - "--build-arg=ARCH=amd64"
+      - "--platform=linux/amd64"
       - "--label=org.opencontainers.image.created={{.Date}}"
       - "--label=org.opencontainers.image.name={{.ProjectName}}"
       - "--label=org.opencontainers.image.revision={{.FullCommit}}"
@@ -95,7 +95,7 @@ dockers:
     dockerfile: .github/Dockerfile-release
     build_flag_templates:
       - "--pull"
-      - "--build-arg=ARCH=arm64"
+      - "--platform=linux/arm64"
       - "--label=org.opencontainers.image.created={{.Date}}"
       - "--label=org.opencontainers.image.name={{.ProjectName}}"
       - "--label=org.opencontainers.image.revision={{.FullCommit}}"

Dockerfile

@@ -1,5 +1,3 @@
-ARG ARCH=amd64
-
 FROM golang:latest as build
 WORKDIR /go/src/github.com/pomerium/pomerium
 
@@ -22,7 +20,7 @@ RUN apt-get update && apt-get install -y ca-certificates
 # Remove expired root (https://github.com/pomerium/pomerium/issues/2653)
 RUN rm /usr/share/ca-certificates/mozilla/DST_Root_CA_X3.crt && update-ca-certificates
 
-FROM gcr.io/distroless/base:debug-${ARCH}
+FROM gcr.io/distroless/base:debug-${TARGETARCH:-amd64}
 ENV AUTOCERT_DIR /data/autocert
 WORKDIR /pomerium
 COPY --from=build /go/src/github.com/pomerium/pomerium/bin/* /bin/