diff --git a/.github/workflows/test-docker-build.yaml b/.github/workflows/test-docker-build.yaml
new file mode 100644
index 0000000000..070abba17d
--- /dev/null
+++ b/.github/workflows/test-docker-build.yaml
@@ -0,0 +1,53 @@
+# This is a GitHub workflow defining a set of jobs with a set of steps.
+# ref: https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions
+#
+name: Test docker multiarch build
+
+# Trigger the workflow's on all PRs and pushes so that other contributors can
+# run tests in their own forks. Avoid triggering these tests on changes to
+# documentation only changes.
+on:
+  pull_request:
+    paths-ignore:
+      - "doc/**"
+      - "**/test-docs.yaml"
+      - "**.md"
+      - "**/schema.yaml"
+  push:
+    paths-ignore:
+      - "doc/**"
+      - "**/test-docs.yaml"
+      - "**.md"
+      - "**/schema.yaml"
+    branches-ignore:
+      - "dependabot/**"
+  workflow_dispatch:
+
+jobs:
+  # TODO: this is just a quick test to check the arm64 docker images
+  # Based on
+  # https://github.com/docker/build-push-action/blob/v2.3.0/docs/advanced/local-registry.md
+  # https://github.com/docker/build-push-action/blob/v2.3.0/docs/advanced/multi-platform.md
+  build_images:
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v2
+
+      - uses: actions/setup-python@v2
+        with:
+          python-version: "3.8"
+
+      - name: Install chartpress
+        run: pip install chartpress
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Build a multiple architecture Docker image
+        run: >-
+          chartpress
+          --builder docker-buildx
+          --platform linux/amd64 --platform linux/arm64
diff --git a/chartpress.yaml b/chartpress.yaml
index 7b814ad989..df93fdbf6d 100644
--- a/chartpress.yaml
+++ b/chartpress.yaml
@@ -46,5 +46,8 @@ charts:
         valuesPath: prePuller.hook.image
 
       # singleuser-sample, a primitive user container to start with.
+      # Image is based on https://github.com/jupyter/docker-stacks/ which is amd64 only
       singleuser-sample:
         valuesPath: singleuser.image
+        skipPlatforms:
+          - linux/arm64
diff --git a/ci/publish b/ci/publish
index 996395d64f..a2b7482090 100755
--- a/ci/publish
+++ b/ci/publish
@@ -6,6 +6,11 @@
 # Exit on errors, assert env vars, log commands
 set -eux
 
+PUBLISH_ARGS="--push --publish-chart \
+    --builder docker-buildx \
+    --platform linux/amd64 --platform linux/arm64 \
+    "
+
 # chartpress use git to push to our Helm chart repository, which is the gh-pages
 # branch of jupyterhub/helm-chart. We have installed a private SSH key within
 # the ~/.ssh folder with permissions to push to jupyterhub/helm-chart.
@@ -26,11 +31,11 @@ if [[ $GITHUB_REF != refs/tags/* ]]; then
     PR_OR_HASH=$(git log -1 --pretty=%h-%B | head -n1 | sed 's/^.*\(#[0-9]*\).*/\1/' | sed 's/^\([0-9a-f]*\)-.*/@\1/')
     LATEST_COMMIT_TITLE=$(git log -1 --pretty=%B | head -n1)
     EXTRA_MESSAGE="${GITHUB_REPOSITORY}${PR_OR_HASH} ${LATEST_COMMIT_TITLE}"
-    chartpress --push --publish-chart --extra-message "${EXTRA_MESSAGE}"
+    chartpress $PUBLISH_ARGS --extra-message "${EXTRA_MESSAGE}"
 else
     # Setting a tag explicitly enforces a rebuild if this tag had already been
     # built and we wanted to override it.
-    chartpress --push --publish-chart --tag "${GITHUB_REF:10}"
+    chartpress $PUBLISH_ARGS --tag "${GITHUB_REF:10}"
 fi
 
 # Let us log the changes chartpress did, it should include replacements for
diff --git a/dev-requirements.txt b/dev-requirements.txt
index ad2cf86d0b..a999cc71cd 100644
--- a/dev-requirements.txt
+++ b/dev-requirements.txt
@@ -5,7 +5,7 @@
 #
 # ref: https://github.com/jupyterhub/chartpress
 #
-chartpress>=1.0.4
+chartpress>=1.1.0
 
 # pytest run tests that require requests and pyyaml
 pytest>=3.7.1
diff --git a/images/hub/Dockerfile b/images/hub/Dockerfile
index 26177f5aa7..d6ed141ae5 100644
--- a/images/hub/Dockerfile
+++ b/images/hub/Dockerfile
@@ -4,7 +4,13 @@ FROM ubuntu:20.04
 
 ENV DEBIAN_FRONTEND=noninteractive \
     LANG=C.UTF-8
-RUN apt-get update && \
+
+# psycopg2-binary in requirements.txt is not compiled for linux/arm64
+# TODO: Use build stages to compile psycopg2-binary separately instead of
+# bloating the image size
+RUN EXTRA_APT_PACKAGES=; \
+    if [ `uname -m` != 'x86_64' ]; then EXTRA_APT_PACKAGES=libpq-dev; fi; \
+    apt-get update && \
     apt-get install -y --no-install-recommends \
       git \
       vim \
@@ -20,6 +26,7 @@ RUN apt-get update && \
       sqlite3 \
       curl \
       dnsutils \
+      $EXTRA_APT_PACKAGES \
       && \
     rm -rf /var/lib/apt/lists/*
 
diff --git a/images/secret-sync/Dockerfile b/images/secret-sync/Dockerfile
index 60a1480969..29983030d6 100644
--- a/images/secret-sync/Dockerfile
+++ b/images/secret-sync/Dockerfile
@@ -3,7 +3,10 @@ FROM python:3.8-alpine
 # VULN_SCAN_TIME=2021-03-27_00:01:53
 
 # Note that we use tini-static, it embeds dependencies missing in alpine
-RUN wget -qO /tini https://github.com/krallin/tini/releases/download/v0.19.0/tini-static \
+RUN ARCH=`uname -m`; date; \
+    if [ "$ARCH" = x86_64 ]; then ARCH=amd64; fi; \
+    if [ "$ARCH" = aarch64 ]; then ARCH=arm64; fi; \
+    wget -qO /tini "https://github.com/krallin/tini/releases/download/v0.19.0/tini-static-$ARCH" \
  && chmod +x /tini
 
 # Ensures written logs are made available directly