Add multi-arch Docker image builds (amd64, arm64)

[Copilot]

Enables building Docker images for both linux/amd64 and linux/arm64 platforms in a single workflow run.

Workflow Changes

• Added QEMU and Docker Buildx setup steps for multi-platform builds
• Removed separate Go build step (buildx handles cross-compilation)
• Added platforms: linux/amd64,linux/arm64 to build-push action

Dockerfile Changes

• Converted to multi-stage build (builder + runtime stages)
• Added architecture-aware dumb-init binary selection using TARGETARCH:

  ARG TARGETARCH
  RUN case ${TARGETARCH} in \
          "amd64")  DUMB_INIT_ARCH=x86_64  ;; \
          "arm64")  DUMB_INIT_ARCH=aarch64  ;; \
      esac && \
      wget -O /usr/local/bin/dumb-init \
        https://github.com/Yelp/dumb-init/releases/download/v1.2.5/dumb-init_1.2.5_${DUMB_INIT_ARCH}

• Removed delve debugger from production image

Images are pushed as a manifest list; Docker automatically pulls the correct architecture for the host platform.

Original prompt

Modify docker-publish.yml workflow to build multi-arch images (arm, x86)

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

[Copilot]

Pull request overview

This PR enables building multi-architecture Docker images for both AMD64 and ARM64 platforms in a single workflow run, modernizing the build process for broader platform support.

Key Changes:

• Converted Dockerfile to a multi-stage build with separate builder and runtime stages
• Added QEMU and Docker Buildx setup to the GitHub Actions workflow for cross-platform builds
• Implemented architecture-aware dumb-init binary selection using Docker's TARGETARCH build argument

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File	Description
images/Dockerfile.prom2parquet	Converted to multi-stage build with architecture-aware dumb-init download; removed delve debugger from production image
.github/workflows/docker-publish.yml	Added QEMU and Buildx setup; removed separate Go build step; configured multi-platform builds

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

This RUN step downloads a precompiled dumb-init binary over HTTPS and executes it as PID 1 without any integrity verification (no checksum or signature check), creating a supply-chain risk if the GitHub release or delivery path is ever compromised. An attacker who can influence the downloaded binary could gain code execution inside every built container that uses this image. To mitigate this, pin the binary with a strong checksum or signature (or install via a trusted package source or vendored artifact) and verify it before making it executable.