Added dockerfile and conf file

Source/Dockerfile.gateway.mtls

@@ -0,0 +1,69 @@
+# The "non-standalone" CdrAuthServer has gateways. 
+# This image seems to only be needed for the "build-for-fapi-testing" pipeline
+
+###############################################################################
+# Build base layer
+###############################################################################
+FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base
+
+WORKDIR /app
+EXPOSE 8082
+
+ENV ASPNETCORE_ENVIRONMENT=Release
+
+
+###############################################################################
+# Build CdrAuthServer API layer
+###############################################################################
+FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build
+WORKDIR /src
+COPY ./ .
+
+FROM build AS publish
+
+COPY ./CdrAuthServer.Infrastructure/. /app/CdrAuthServer.Infrastructure
+COPY ./CdrAuthServer.mTLS.Gateway/. /app/CdrAuthServer.mTLS.Gateway
+
+WORKDIR /app/CdrAuthServer.mTLS.Gateway
+RUN dotnet publish -c Release -o /app/publish/gateway-mtls
+
+COPY supervisord.gateway.mtls.conf /app/publish/supervisord.gateway.mtls.conf
+
+###############################################################################
+# Build final layer
+###############################################################################
+FROM base AS final
+WORKDIR /app
+
+# Auth API ####################################################################
+COPY --from=publish /app/publish/supervisord.gateway.mtls.conf .
+COPY --from=publish /app/publish/gateway-mtls ./gateway-mtls
+
+
+RUN apt-get update && apt-get install -y supervisor
+RUN apt-get update && apt-get install -y sudo
+
+# Install wget for use in health checks
+RUN apt-get update && apt-get install -y wget && rm -rf /var/lib/apt/lists/*
+RUN sudo cp ./gateway-mtls/Certificates/ca.crt /usr/local/share/ca-certificates/ca.crt
+RUN sudo update-ca-certificates
+
+# Run as non-root user
+RUN addgroup --group appgroup --gid 2000
+RUN adduser --uid 1000 --gid 2000 "appuser"
+RUN chown -R appuser:appgroup /app
+RUN chown -R appuser:appgroup /usr/bin
+RUN chown -R appuser:appgroup /usr/local
+RUN chown -R appuser:appgroup /tmp
+USER appuser:appgroup
+
+ENV ASPNETCORE_URLS=https://+:8081;https://+:8082
+ENV CdrAuthServer__BaseUri=https://localhost:8081
+ENV CdrAuthServer__SecureBaseUri=https://localhost:8082
+ENV CdrAuthServer__Issuer=https://localhost:8081
+ENV CdrAuthServer__CdrRegister__SsaJwksUri=https://localhost:7000/cdr-register/v1/jwks
+ENV CdrAuthServer__HttpsPort=8001
+
+
+# Entry point #################################################################
+ENTRYPOINT ["/usr/bin/supervisord", "-c", "/app/supervisord.gateway.mtls.conf", "-u", "1000"]

Source/Dockerfile.gateway.tls

@@ -0,0 +1,68 @@
+# The "non-standalone" CdrAuthServer has gateways. 
+# This image seems to only be needed for the "build-for-fapi-testing" pipeline
+
+###############################################################################
+# Build base layer
+###############################################################################
+FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base
+
+WORKDIR /app
+EXPOSE 8081
+
+ENV ASPNETCORE_ENVIRONMENT=Release
+
+
+###############################################################################
+# Build CdrAuthServer API layer
+###############################################################################
+FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build
+WORKDIR /src
+COPY ./ .
+
+FROM build AS publish
+
+COPY ./CdrAuthServer.Infrastructure/. /app/CdrAuthServer.Infrastructure
+COPY ./CdrAuthServer.TLS.Gateway/. /app/CdrAuthServer.TLS.Gateway
+
+WORKDIR /app/CdrAuthServer.TLS.Gateway
+RUN dotnet publish -c Release -o /app/publish/gateway-tls
+
+COPY supervisord.gateway.tls.conf /app/publish/supervisord.gateway.tls.conf
+COPY ./CdrAuthServer.mTLS.Gateway/Certificates/ca.crt /app/publish/gateway-tls/Certificates/ca.crt
+###############################################################################
+# Build final layer
+###############################################################################
+FROM base AS final
+WORKDIR /app
+
+# Auth API ####################################################################
+COPY --from=publish /app/publish/supervisord.gateway.tls.conf .
+COPY --from=publish /app/publish/gateway-tls ./gateway-tls
+
+RUN apt-get update && apt-get install -y supervisor
+RUN apt-get update && apt-get install -y sudo
+
+# Install wget for use in health checks
+RUN apt-get update && apt-get install -y wget && rm -rf /var/lib/apt/lists/*
+RUN sudo cp ./gateway-tls/Certificates/ca.crt /usr/local/share/ca-certificates/ca.crt
+RUN sudo update-ca-certificates
+
+# Run as non-root user
+RUN addgroup --group appgroup --gid 2000
+RUN adduser --uid 1000 --gid 2000 "appuser"
+RUN chown -R appuser:appgroup /app
+RUN chown -R appuser:appgroup /usr/bin
+RUN chown -R appuser:appgroup /usr/local
+RUN chown -R appuser:appgroup /tmp
+USER appuser:appgroup
+
+ENV ASPNETCORE_URLS=https://+:8081;https://+:8082
+ENV CdrAuthServer__BaseUri=https://localhost:8081
+ENV CdrAuthServer__SecureBaseUri=https://localhost:8082
+ENV CdrAuthServer__Issuer=https://localhost:8081
+ENV CdrAuthServer__CdrRegister__SsaJwksUri=https://localhost:7000/cdr-register/v1/jwks
+ENV CdrAuthServer__HttpsPort=8001
+
+
+# Entry point #################################################################
+ENTRYPOINT ["/usr/bin/supervisord", "-c", "/app/supervisord.gateway.tls.conf", "-u", "1000"]

Source/supervisord.gateway.mtls.conf

@@ -0,0 +1,11 @@
+[supervisord]
+nodaemon=true
+logfile=/tmp/supervisord.log
+childlogdir=/tmp
+
+[program:CdrAuthServer.mTLS.Gateway]
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+directory=/app/gateway-mtls
+command=/usr/bin/dotnet /app/gateway-mtls/CdrAuthServer.mTLS.Gateway.dll
+

Source/supervisord.gateway.tls.conf

@@ -0,0 +1,11 @@
+[supervisord]
+nodaemon=true
+logfile=/tmp/supervisord.log
+childlogdir=/tmp
+
+[program:CdrAuthServer.TLS.Gateway]
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+directory=/app/gateway-tls
+command=/usr/bin/dotnet /app/gateway-tls/CdrAuthServer.TLS.Gateway.dll
+