Add multi-architecture Docker image build support

.github/workflows/docker-build-push.yml

@@ -7,9 +7,18 @@ on:
     branches: [master, main]
 
 jobs:
-  docker:
-    name: Build and Push Docker Image
-    runs-on: ubuntu-latest
+  build:
+    name: Build Docker Image (${{ matrix.arch }})
+    runs-on: ${{ matrix.runner }}
+    strategy:
+      matrix:
+        include:
+          - arch: amd64
+            runner: ubuntu-latest
+            platform: linux/amd64
+          - arch: arm64
+            runner: ubuntu-24.04-arm
+            platform: linux/arm64
 
     steps:
       - name: Checkout
@@ -28,23 +37,104 @@ jobs:
           nix build .#docker --print-build-logs
           ls -la result
 
-      - name: Push Docker Image with Commit SHA
+      - name: Push Docker Image with Arch Tag
         env:
           DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
           DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
         run: |
           nix-shell -p skopeo --run "skopeo copy \
             docker-archive:./result \
-            docker://wholelottahoopla/mcp-exec:${{ github.sha }} \
+            docker://wholelottahoopla/mcp-exec:${{ github.sha }}-${{ matrix.arch }} \
             --dest-creds \"\$DOCKER_USERNAME:\$DOCKER_PASSWORD\""
 
-      - name: Push Docker Image with Latest Tag
-        if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master'
+  manifest:
+    name: Create and Push Multi-Arch Manifest
+    runs-on: ubuntu-latest
+    needs: build
+
+    steps:
+      - name: Login to Docker Hub
         env:
           DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
           DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
         run: |
-          nix-shell -p skopeo --run "skopeo copy \
-            docker-archive:./result \
-            docker://wholelottahoopla/mcp-exec:latest \
-            --dest-creds \"\$DOCKER_USERNAME:\$DOCKER_PASSWORD\""
+          echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
+
+      - name: Create and Push Manifest with Commit SHA
+        run: |
+          docker manifest create wholelottahoopla/mcp-exec:${{ github.sha }} \
+            wholelottahoopla/mcp-exec:${{ github.sha }}-amd64 \
+            wholelottahoopla/mcp-exec:${{ github.sha }}-arm64
+          docker manifest annotate wholelottahoopla/mcp-exec:${{ github.sha }} \
+            wholelottahoopla/mcp-exec:${{ github.sha }}-amd64 --os linux --arch amd64
+          docker manifest annotate wholelottahoopla/mcp-exec:${{ github.sha }} \
+            wholelottahoopla/mcp-exec:${{ github.sha }}-arm64 --os linux --arch arm64
+          docker manifest push wholelottahoopla/mcp-exec:${{ github.sha }}
+
+      - name: Create and Push Latest Manifest
+        if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master'
+        run: |
+          docker manifest create wholelottahoopla/mcp-exec:latest \
+            wholelottahoopla/mcp-exec:${{ github.sha }}-amd64 \
+            wholelottahoopla/mcp-exec:${{ github.sha }}-arm64
+          docker manifest annotate wholelottahoopla/mcp-exec:latest \
+            wholelottahoopla/mcp-exec:${{ github.sha }}-amd64 --os linux --arch amd64
+          docker manifest annotate wholelottahoopla/mcp-exec:latest \
+            wholelottahoopla/mcp-exec:${{ github.sha }}-arm64 --os linux --arch arm64
+          docker manifest push wholelottahoopla/mcp-exec:latest
+
+  comment:
+    name: Comment Docker Tags on PR
+    runs-on: ubuntu-latest
+    needs: manifest
+    if: github.event_name == 'pull_request'
+    permissions:
+      pull-requests: write
+
+    steps:
+      - name: Find existing comment
+        uses: peter-evans/find-comment@v3
+        id: fc
+        with:
+          issue-number: ${{ github.event.pull_request.number }}
+          comment-author: 'github-actions[bot]'
+          body-includes: '<!-- docker-image-tags -->'
+
+      - name: Create or update comment
+        uses: peter-evans/create-or-update-comment@v4
+        with:
+          comment-id: ${{ steps.fc.outputs.comment-id }}
+          issue-number: ${{ github.event.pull_request.number }}
+          edit-mode: replace
+          body: |
+            <!-- docker-image-tags -->
+            ## 🐳 Docker Image Ready
+
+            **Multi-arch image (recommended):**
+            ```bash
+            docker pull wholelottahoopla/mcp-exec:${{ github.sha }}
+            ```
+
+            **Run with HTTP server:**
+            ```bash
+            docker run -d -p 8080:8080 -v /var/lib/mcp-exec:/logs \
+              wholelottahoopla/mcp-exec:${{ github.sha }} \
+              --http-port 8080 --bind-address 0.0.0.0 --directory-path /logs
+            ```
+
+            <details>
+            <summary>Architecture-specific tags</summary>
+
+            **AMD64:**
+            ```bash
+            docker pull wholelottahoopla/mcp-exec:${{ github.sha }}-amd64
+            ```
+
+            **ARM64:**
+            ```bash
+            docker pull wholelottahoopla/mcp-exec:${{ github.sha }}-arm64
+            ```
+            </details>
+
+            ---
+            *Built from commit ${{ github.sha }}*

flake.nix

@@ -26,7 +26,7 @@
             pkgs.inetutils
           ];
           config = {
-            Cmd = [ "${mcp-exec}/bin/mcp-exec" ];
+            Entrypoint = [ "${mcp-exec}/bin/mcp-exec" ];
             ExposedPorts = {
               "8080/tcp" = {};
             };