ROX-29116: (fix) Use ARM GH action workflow runners for ARM builds

[robbycochran]

Description

This reverts the original revert and fixes the error of using a runtime computed value within a job matrix.

Checklist

• Investigated and inspected CI test results
• Updated documentation accordingly

Automated testing

• Added unit tests
• Added integration tests
• Added regression tests

If any of these don't apply, please comment below.

Testing Performed

TODO(replace-me)
Use this space to explain how you tested your PR, or, if you didn't test it, why you did not do so. (Valid reasons include "CI is sufficient" or "No testable changes")
In addition to reviewing your code, reviewers must also review your testing instructions, and make sure they are sufficient.

For more details, ref the Confluence page about this section.

[sourcery-ai]

Hey @robbycochran - I've reviewed your changes - here's some feedback:

Overall Comments:

• Consider extracting the creation of ansible/secrets.yml into a reusable component to avoid duplication between local and remote build jobs.

Here's what I looked at during the review

• 🟡 General issues: 3 issues found
• 🟢 Security: all looks good
• 🟢 Testing: all looks good
• 🟢 Complexity: all looks good
• 🟢 Documentation: all looks good

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 28.52%. Comparing base (697c797) to head (192fb64).
Report is 3 commits behind head on master.

✅ All tests successful. No failed tests found.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #2106      +/-   ##
==========================================
+ Coverage   28.40%   28.52%   +0.11%     
==========================================
  Files          94       94              
  Lines        5717     5757      +40     
  Branches     2531     2547      +16     
==========================================
+ Hits         1624     1642      +18     
- Misses       3383     3393      +10     
- Partials      710      722      +12     

Flag	Coverage Δ
collector-unit-tests	28.52% <ø> (+0.11%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[Molter73]

a runtime computed value within a job matrix.

GHA and its tiny little corner cases...

I would recommend adding the run-multiarch-builds label before merging to make sure power and Z build correctly.

[Molter73]

Not something we need to do as part of this PR, but it might be easier to create the excludes array in the init.yml workflow, then pass it in to the workflows that need it. We could probably replace the architectures input entirely, but that might require some jq magic for us to translate the JSON to strings in the manifest script. I'll look into it after this is merged if you want to ignore this comment.

[robbycochran]

Agree -- we could also do something similar to stackrox and create a single object with named matrix strategies: https://github.com/stackrox/stackrox/blob/master/.github/workflows/build.yaml#L28

[Molter73]

Ok, but can we use python instead of bash? Because that thing is ungodly with all the $(jq ...) in there

https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsshell

https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#example-running-an-inline-python-script