feat(php-hyperf): add arm-dev variant with per-entry platforms

[wilcorrea]

Summary

• Adds an arm-dev variant of devitools/php-hyperf:8.3 so Apple Silicon dev environments can pull a native arm64 image instead of running the amd64 :8.3-dev under Rosetta/QEMU emulation.
• Generalizes the variants.yaml schema with an optional platforms field (string, defaults to linux/amd64). Each entry can now opt into a different platform string (linux/arm64, linux/amd64,linux/arm64, etc.) without duplicating workflow logic.
• Sets up QEMU in the build workflow so the GHA amd64 runner can cross-build arm64.

Why

quoteguide-functions has a compose.override.yml that swaps the dev image for a hand-built arm tag (devitools/hyperf:8.3-arm-dev previously pushed manually). Publishing it as a first-class variant means:

• No more manual push out-of-band; the pipeline owns the tag.
• The override file just needs to reference the published tag.
• Other Apple Silicon consumers get the same benefit.

Keeping arm-dev as a separate tag (rather than making :8.3-dev multi-arch) was chosen because:

• arm-dev is only useful for local dev — pushing to production never lands on arm.
• A separate tag avoids doubling the build time of every other variant.
• It keeps the lean/otel/google production tags strictly amd64, matching where they actually run.

variants.yaml change

- suffix: arm-dev
  target: hyperf
  args:
    APP_TARGET: dev
  platforms: linux/arm64

Schema rule

platforms is optional. When omitted, the build defaults to linux/amd64 (current behavior — no change for aws-cli, node, quasar, vue, or any existing image without a manifest). When present, it must be a string. validate.yml enforces the type at PR time.

Tags produced from this PR (delta)

Target	Args	Platforms	Tag
hyperf	APP_TARGET=dev	linux/arm64	devitools/php-hyperf:8.3-arm-dev

Plus the matching devitools/php-hyperf:latest-arm-dev via the php-hyperf/latest symlink.

Workflow changes

• New step Set up QEMU (docker/setup-qemu-action@v3) registers binfmt handlers so the amd64 runner can cross-build for linux/arm64.
• The detect job now serializes platforms (with linux/amd64 default) into each matrix entry.
• The build step replaces the hardcoded platforms: linux/amd64 with ${{ matrix.build.platforms }}.

Local validation

• yq + jq parser produces 5 matrix entries from the updated manifest (lean, dev, arm-dev, otel, google) with correct platforms values.
• docker build --platform=linux/arm64 --target hyperf --build-arg APP_TARGET=dev succeeds natively on an Apple Silicon Mac.
• validate.yml's new platforms type check accepts strings and rejects non-strings (smoke-tested with a fake numeric value).

Test plan

• PR triggers validate.yml; passes (manifest is valid).
• Merge triggers build-images.yml with the matrix expanded to 5 builds for php-hyperf/8.3 + 5 for php-hyperf/latest.
• devitools/php-hyperf:8.3-arm-dev pull on an Apple Silicon host shows linux/arm64 (no amd64 warning from Docker).
• devitools/php-hyperf:8.3-dev pull on amd64 host still works (no regression).
• Existing variants without platforms: in their manifests continue to build as linux/amd64.

Summary by CodeRabbit

• New Features

  • Added ARM64 (linux/arm64) support for PHP Hyperf 8.3 builds, enabling deployments on ARM-based architectures.

• Infrastructure

  • Enhanced build system with cross-platform build capabilities and improved variant validation.

[coderabbitai]

Warning

Review limit reached

@wilcorrea, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 54 minutes and 54 seconds. Learn how PR review limits work.

Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file).

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based credits.

🚦 How do rate limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan refill rate.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, the refill rate gradually slows as usage increases. The highest same-day bursts are limited more strictly.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 5ac01d3d-d5e5-49e1-912f-b3a8daf05ed7

📥 Commits

Reviewing files that changed from the base of the PR and between 0c6c106 and 4ff72aa.

📒 Files selected for processing (1)

• .github/workflows/validate.yml

📝 Walkthrough

Walkthrough

The PR extends the Docker image build pipeline to support cross-platform builds. The variant schema gains optional platforms and args fields; validate.yml type-checks platforms; build-images.yml propagates both through the matrix, adds a QEMU setup step, and uses the dynamic platform value in the build action. A new arm-dev variant for php-hyperf/8.3 targeting linux/arm64 is added.

Changes

Cross-platform Docker build support

Layer / File(s)	Summary
Variant schema: new arm-dev entry and platforms validation php-hyperf/8.3/variants.yaml, .github/workflows/validate.yml	Adds the arm-dev variant targeting linux/arm64 with APP_TARGET: dev. Adds a validation step that checks the platforms field type is string when present, incrementing the error counter and printing offending entries on failure.
Build matrix generation, QEMU setup, and dynamic platforms .github/workflows/build-images.yml	Matrix generation now builds build_args from the variant .args map and defaults platforms to linux/amd64 when absent. The build job inserts a QEMU setup step before Buildx, and docker/build-push-action reads platforms from the matrix instead of a hardcoded value.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐇 Hop hop, the rabbit builds for ARM,
QEMU spins up with a whirr and a charm,
linux/arm64 now joins the queue,
Validation checks the field type too.
Cross-platform Docker, shiny and new! 🎉

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately and concisely describes the main change: adding a new arm-dev variant with platform-specific configuration to php-hyperf.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/arm-dev-variant

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/build-images.yml:
- Around line 162-163: The docker/setup-qemu-action step uses a mutable version
tag (`@v3`) which poses a security risk if the action's maintainer account is
compromised. Replace the mutable tag `@v3` with a full commit SHA in the uses
field of the Set up QEMU step to pin it to a specific, immutable version. Use
Dependabot or Renovate to automatically keep the pinned SHA updated to the
latest releases.

In @.github/workflows/validate.yml:
- Around line 77-82: The platforms validation check currently only verifies that
the platforms field is a string type but does not reject empty string values,
which later cause build failures. Update the jq filter in the bad_platforms
selection (the line starting with `jq -c`) to additionally reject entries where
platforms is an empty string by adding a condition that checks if the platforms
value is not empty in addition to the existing type check. This ensures that
both non-string values and empty strings are caught as validation errors.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 1311ddbe-ed34-4f04-a19f-f2a3dcee849c

📥 Commits

Reviewing files that changed from the base of the PR and between 03ba7e6 and 0c6c106.

📒 Files selected for processing (3)

• .github/workflows/build-images.yml
• .github/workflows/validate.yml
• php-hyperf/8.3/variants.yaml