fix(ci): use buildx imagetools for multi-arch manifest creation

[shikhar]

Summary

• docker manifest create fails when source images are manifest lists, which happens on newer runners where buildx adds provenance attestations
• Replaced docker manifest create + docker manifest push with docker buildx imagetools create, which handles manifest list inputs natively

Test plan

• Trigger a release and verify the create-manifest job succeeds

🤖 Generated with Claude Code

[greptile-apps]

Greptile Summary

Replaced raw docker build + docker push commands with docker/build-push-action@v6 and added provenance: false to prevent buildx from creating manifest lists with provenance attestations. This fixes the issue where docker manifest create fails when trying to compose multi-arch manifests from nested manifest lists.

• Consolidated build and push steps into a single action
• Added docker/setup-buildx-action@v3 to properly configure buildx
• Set provenance: false to disable attestations that cause manifest list conflicts
• Maintained same tags and build target (runtime)

Confidence Score: 5/5

• This PR is safe to merge with minimal risk
• The change correctly addresses a known Docker buildx issue with provenance attestations. The implementation follows Docker's official best practices by using build-push-action with provenance disabled. All build parameters (context, target, tags) are preserved from the original implementation.
• No files require special attention

Important Files Changed

Filename	Overview
.github/workflows/release-plz.yml	Replaced raw docker commands with build-push-action to prevent provenance attestation conflicts

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[release-plz job] -->|creates release| B{Release created?}
    B -->|true| C[build-images: x86-64]
    B -->|true| D[build-images: arm64]
    B -->|false| E[End]
    
    C --> F[Setup Buildx]
    D --> G[Setup Buildx]
    
    F --> H[Build & Push with provenance=false]
    G --> I[Build & Push with provenance=false]
    
    H --> J[Single-platform image x86-64]
    I --> K[Single-platform image arm64]
    
    J --> L[create-manifest job]
    K --> L
    
    L --> M[docker manifest create]
    M --> N[Multi-arch manifest]
    N --> O[docker manifest push]
    
    style H fill:#90EE90
    style I fill:#90EE90
    style J fill:#90EE90
    style K fill:#90EE90

Loading

_{Last reviewed commit: 31c530b}