OpenCHAMI · alexlovelltroy · May 30, 2026 · May 30, 2026
diff --git a/.github/workflows/PRBuild.yaml b/.github/workflows/PRBuild.yaml
@@ -49,23 +49,20 @@ jobs:
         with:
           fetch-tags: 1
           fetch-depth: 0
+      - name: Install cross-compilers for CGO builds
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y gcc-aarch64-linux-gnu libc6-dev-arm64-cross
       # Set environment variables required by GoReleaser
       - name: Set build environment variables
         run: |
           echo "GIT_STATE=$(if git diff-index --quiet HEAD --; then echo 'clean'; else echo 'dirty'; fi)" >> $GITHUB_ENV
           echo "BUILD_HOST=$(hostname)" >> $GITHUB_ENV
           echo "GO_VERSION=$(go version | awk '{print $3}')" >> $GITHUB_ENV
           echo "BUILD_USER=$(whoami)" >> $GITHUB_ENV
-          echo "CGO_ENABLED=0" >> $GITHUB_ENV
+          echo "CGO_ENABLED=1" >> $GITHUB_ENV
           echo "IS_PR_BUILD=true" >> $GITHUB_ENV
 
-      - name: Docker Login
-        uses: docker/login-action@v4.1.0
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
       - name: Create Tag for PR
         if: github.event_name == 'pull_request' || (github.event_name == 'workflow_dispatch' && inputs.pr_number != '')
         run: |

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -43,14 +43,18 @@ jobs:
         with:
           fetch-tags: 1
           fetch-depth: 0
+      - name: Install cross-compilers for CGO builds
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y gcc-aarch64-linux-gnu libc6-dev-arm64-cross
       # Set environment variables required by GoReleaser
       - name: Set build environment variables
         run: |
           echo "GIT_STATE=$(if git diff-index --quiet HEAD --; then echo 'clean'; else echo 'dirty'; fi)" >> $GITHUB_ENV
           echo "BUILD_HOST=$(hostname)" >> $GITHUB_ENV
           echo "GO_VERSION=$(go version | awk '{print $3}')" >> $GITHUB_ENV
           echo "BUILD_USER=$(whoami)" >> $GITHUB_ENV
-          echo "CGO_ENABLED=0" >> $GITHUB_ENV
+          echo "CGO_ENABLED=1" >> $GITHUB_ENV
           echo "IS_PR_BUILD=false" >> $GITHUB_ENV
 
       - name: Release with goreleaser

diff --git a/.gitignore b/.gitignore
@@ -7,6 +7,7 @@
 # Generated: 2025-11-17T12:21:32-08:00
 
 # Binaries
+dist/
 bin/
 *.exe
 *.exe~

diff --git a/.goreleaser.yaml b/.goreleaser.yaml
@@ -10,15 +10,34 @@ before:
     - go mod download
 
 builds:
-  - id: fru-tracker-server
+  - id: fru-tracker-server-linux-amd64
     main: ./cmd/server
     binary: fru-tracker-server
     env:
-      - CGO_ENABLED=0
+      - CGO_ENABLED=1
+      - CC=gcc
     goos:
       - linux
     goarch:
       - amd64
+
+    ldflags:
+      - -s -w
+      - -X main.version={{.Version}}
+      - -X main.commit={{.Commit}}
+      - -X main.date={{.Date}}
+    flags:
+      - -trimpath
+
+  - id: fru-tracker-server-linux-arm64
+    main: ./cmd/server
+    binary: fru-tracker-server
+    env:
+      - CGO_ENABLED=1
+      - CC=aarch64-linux-gnu-gcc
+    goos:
+      - linux
+    goarch:
       - arm64
     ldflags:
       - -s -w
@@ -33,7 +52,8 @@ archives:
     # Renamed from `builds` per goreleaser deprecation notice; same
     # semantics. See https://goreleaser.com/deprecations#archivesbuilds.
     ids:
-      - fru-tracker-server
+      - fru-tracker-server-linux-amd64
+      - fru-tracker-server-linux-arm64
     name_template: >-
       {{ .ProjectName }}_
       {{- .Version }}_
@@ -78,7 +98,7 @@ changelog:
 # semver value, not a tag identifier.
 dockers:
   - id: fru-tracker-amd64
-    ids: [fru-tracker-server]
+    ids: [fru-tracker-server-linux-amd64]
     goos: linux
     goarch: amd64
     image_templates:
@@ -96,7 +116,7 @@ dockers:
       - "--label=org.opencontainers.image.licenses=MIT"
 
   - id: fru-tracker-arm64
-    ids: [fru-tracker-server]
+    ids: [fru-tracker-server-linux-arm64]
     goos: linux
     goarch: arm64
     image_templates:

diff --git a/Dockerfile b/Dockerfile
@@ -3,20 +3,17 @@
 #
 # SPDX-License-Identifier: MIT
 
-# Pairs with .goreleaser.yaml's CGO_ENABLED=0 build: the resulting
-# fru-tracker-server binary is statically linked and only needs a
-# CA bundle for outbound TLS. distroless/static-debian12 ships
-# /etc/ssl/certs from ca-certificates and includes the nonroot
-# user (UID/GID 65532) — no apt-get step, no useradd, no chown,
-# nothing to break under multi-arch QEMU emulation. Image is ~10 MB.
+# Pairs with .goreleaser.yaml's CGO_ENABLED=1 build for sqlite3
+# support. A CGO binary expects glibc at runtime, so we use the
+# standard distroless Debian base rather than the static variant.
 #
 # Two-stage build only to pre-stage a writable /data directory
 # owned by the distroless nonroot user; the final image has no
 # shell so we can't chown there.
 FROM debian:bookworm-slim AS data-stage
 RUN mkdir -p /data && chown 65532:65532 /data
 
-FROM gcr.io/distroless/static-debian12:nonroot
+FROM gcr.io/distroless/base-debian12:nonroot
 
 COPY --from=data-stage /data /data
-Original file line number
+Diff line change
@@ Expand Up / @@ -7,6 +7,7 @@ @@
     # Generated: 2025-11-17T12:21:32-08:00
     # Binaries
+    dist/
     bin/
     *.exe
     *.exe~
@@ Expand Down @@