From 0f699bec68a5a570f926b2b8cb6ede40f4fbe6fa Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 25 Jan 2026 21:07:29 +0000 Subject: [PATCH 1/5] Initial plan From a3af5c30c76fcef7238f2b47a0e1abd163609f94 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 25 Jan 2026 21:10:37 +0000 Subject: [PATCH 2/5] Add Dockerfiles and update workflow for multi-arch builds Co-authored-by: raniellyferreira <4237908+raniellyferreira@users.noreply.github.com> --- .github/workflows/image.yml | 38 +++++++++++++------ .../Microsoft.McpGateway.Service/Dockerfile | 38 +++++++++++++++++++ dotnet/Microsoft.McpGateway.Tools/Dockerfile | 38 +++++++++++++++++++ 3 files changed, 102 insertions(+), 12 deletions(-) create mode 100644 dotnet/Microsoft.McpGateway.Service/Dockerfile create mode 100644 dotnet/Microsoft.McpGateway.Tools/Dockerfile diff --git a/.github/workflows/image.yml b/.github/workflows/image.yml index 3d9951e..aee3eb0 100644 --- a/.github/workflows/image.yml +++ b/.github/workflows/image.yml @@ -19,6 +19,12 @@ jobs: - name: Checkout source uses: actions/checkout@v3 + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Log in to the Container registry uses: docker/login-action@v3 with: @@ -26,16 +32,24 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Setup .NET SDK - uses: actions/setup-dotnet@v4 + - name: Build and push mcp-gateway multi-arch image + uses: docker/build-push-action@v5 with: - dotnet-version: '8.x' - - - name: Restore dependencies - run: dotnet restore dotnet/Microsoft.McpGateway.sln --runtime linux-x64 - - - name: Publish and push the mcp-gateway container image - run: dotnet publish dotnet/Microsoft.McpGateway.Service/src/Microsoft.McpGateway.Service.csproj --configuration Release --no-restore /p:PublishProfile=github.pubxml /p:ContainerRepository=${{ github.repository_owner }}/mcp-gateway - - - name: Publish and push the tool-gateway container image - run: dotnet publish dotnet/Microsoft.McpGateway.Tools/src/Microsoft.McpGateway.Tools.csproj --configuration Release --no-restore /p:PublishProfile=github.pubxml /p:ContainerRepository=${{ github.repository_owner }}/tool-gateway + context: . + file: ./dotnet/Microsoft.McpGateway.Service/Dockerfile + platforms: linux/amd64,linux/arm64 + push: true + tags: | + ghcr.io/${{ github.repository_owner }}/mcp-gateway:latest + ghcr.io/${{ github.repository_owner }}/mcp-gateway:${{ github.sha }} + + - name: Build and push tool-gateway multi-arch image + uses: docker/build-push-action@v5 + with: + context: . + file: ./dotnet/Microsoft.McpGateway.Tools/Dockerfile + platforms: linux/amd64,linux/arm64 + push: true + tags: | + ghcr.io/${{ github.repository_owner }}/tool-gateway:latest + ghcr.io/${{ github.repository_owner }}/tool-gateway:${{ github.sha }} diff --git a/dotnet/Microsoft.McpGateway.Service/Dockerfile b/dotnet/Microsoft.McpGateway.Service/Dockerfile new file mode 100644 index 0000000..586e138 --- /dev/null +++ b/dotnet/Microsoft.McpGateway.Service/Dockerfile @@ -0,0 +1,38 @@ +# Build stage +FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build +WORKDIR /src + +# Copy solution and project files +COPY dotnet/Directory.Packages.props dotnet/ +COPY dotnet/Microsoft.McpGateway.sln dotnet/ +COPY dotnet/Microsoft.McpGateway.Management/src/Microsoft.McpGateway.Management.csproj dotnet/Microsoft.McpGateway.Management/src/ +COPY dotnet/Microsoft.McpGateway.Service/src/Microsoft.McpGateway.Service.csproj dotnet/Microsoft.McpGateway.Service/src/ + +# Restore dependencies +RUN dotnet restore dotnet/Microsoft.McpGateway.Service/src/Microsoft.McpGateway.Service.csproj + +# Copy the rest of the source code +COPY dotnet/Microsoft.McpGateway.Management/src dotnet/Microsoft.McpGateway.Management/src/ +COPY dotnet/Microsoft.McpGateway.Service/src dotnet/Microsoft.McpGateway.Service/src/ + +# Build and publish the application +WORKDIR /src/dotnet/Microsoft.McpGateway.Service/src +RUN dotnet publish Microsoft.McpGateway.Service.csproj -c Release -o /app/publish --no-restore + +# Runtime stage +FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS runtime +WORKDIR /app + +# Copy published application from build stage +COPY --from=build /app/publish . + +# Create non-root user +RUN groupadd -r appuser && useradd -r -g appuser appuser && \ + chown -R appuser:appuser /app +USER appuser + +# Expose port +EXPOSE 8080 + +# Set entrypoint +ENTRYPOINT ["dotnet", "Microsoft.McpGateway.Service.dll"] diff --git a/dotnet/Microsoft.McpGateway.Tools/Dockerfile b/dotnet/Microsoft.McpGateway.Tools/Dockerfile new file mode 100644 index 0000000..3d817b5 --- /dev/null +++ b/dotnet/Microsoft.McpGateway.Tools/Dockerfile @@ -0,0 +1,38 @@ +# Build stage +FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build +WORKDIR /src + +# Copy solution and project files +COPY dotnet/Directory.Packages.props dotnet/ +COPY dotnet/Microsoft.McpGateway.sln dotnet/ +COPY dotnet/Microsoft.McpGateway.Management/src/Microsoft.McpGateway.Management.csproj dotnet/Microsoft.McpGateway.Management/src/ +COPY dotnet/Microsoft.McpGateway.Tools/src/Microsoft.McpGateway.Tools.csproj dotnet/Microsoft.McpGateway.Tools/src/ + +# Restore dependencies +RUN dotnet restore dotnet/Microsoft.McpGateway.Tools/src/Microsoft.McpGateway.Tools.csproj + +# Copy the rest of the source code +COPY dotnet/Microsoft.McpGateway.Management/src dotnet/Microsoft.McpGateway.Management/src/ +COPY dotnet/Microsoft.McpGateway.Tools/src dotnet/Microsoft.McpGateway.Tools/src/ + +# Build and publish the application +WORKDIR /src/dotnet/Microsoft.McpGateway.Tools/src +RUN dotnet publish Microsoft.McpGateway.Tools.csproj -c Release -o /app/publish --no-restore + +# Runtime stage +FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS runtime +WORKDIR /app + +# Copy published application from build stage +COPY --from=build /app/publish . + +# Create non-root user +RUN groupadd -r appuser && useradd -r -g appuser appuser && \ + chown -R appuser:appuser /app +USER appuser + +# Expose port +EXPOSE 8080 + +# Set entrypoint +ENTRYPOINT ["dotnet", "Microsoft.McpGateway.Tools.dll"] From 8caec50ca8b2466c184d98c620a484fd3216ef36 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 25 Jan 2026 21:11:52 +0000 Subject: [PATCH 3/5] Fix Dockerfile ownership and keep only latest tag Co-authored-by: raniellyferreira <4237908+raniellyferreira@users.noreply.github.com> --- .github/workflows/image.yml | 8 ++------ dotnet/Microsoft.McpGateway.Service/Dockerfile | 10 +++++----- dotnet/Microsoft.McpGateway.Tools/Dockerfile | 10 +++++----- 3 files changed, 12 insertions(+), 16 deletions(-) diff --git a/.github/workflows/image.yml b/.github/workflows/image.yml index aee3eb0..8d35e17 100644 --- a/.github/workflows/image.yml +++ b/.github/workflows/image.yml @@ -39,9 +39,7 @@ jobs: file: ./dotnet/Microsoft.McpGateway.Service/Dockerfile platforms: linux/amd64,linux/arm64 push: true - tags: | - ghcr.io/${{ github.repository_owner }}/mcp-gateway:latest - ghcr.io/${{ github.repository_owner }}/mcp-gateway:${{ github.sha }} + tags: ghcr.io/${{ github.repository_owner }}/mcp-gateway:latest - name: Build and push tool-gateway multi-arch image uses: docker/build-push-action@v5 @@ -50,6 +48,4 @@ jobs: file: ./dotnet/Microsoft.McpGateway.Tools/Dockerfile platforms: linux/amd64,linux/arm64 push: true - tags: | - ghcr.io/${{ github.repository_owner }}/tool-gateway:latest - ghcr.io/${{ github.repository_owner }}/tool-gateway:${{ github.sha }} + tags: ghcr.io/${{ github.repository_owner }}/tool-gateway:latest diff --git a/dotnet/Microsoft.McpGateway.Service/Dockerfile b/dotnet/Microsoft.McpGateway.Service/Dockerfile index 586e138..0ec3486 100644 --- a/dotnet/Microsoft.McpGateway.Service/Dockerfile +++ b/dotnet/Microsoft.McpGateway.Service/Dockerfile @@ -23,12 +23,12 @@ RUN dotnet publish Microsoft.McpGateway.Service.csproj -c Release -o /app/publis FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS runtime WORKDIR /app -# Copy published application from build stage -COPY --from=build /app/publish . - # Create non-root user -RUN groupadd -r appuser && useradd -r -g appuser appuser && \ - chown -R appuser:appuser /app +RUN groupadd -r appuser && useradd -r -g appuser appuser + +# Copy published application from build stage with proper ownership +COPY --from=build --chown=appuser:appuser /app/publish . + USER appuser # Expose port diff --git a/dotnet/Microsoft.McpGateway.Tools/Dockerfile b/dotnet/Microsoft.McpGateway.Tools/Dockerfile index 3d817b5..373aee1 100644 --- a/dotnet/Microsoft.McpGateway.Tools/Dockerfile +++ b/dotnet/Microsoft.McpGateway.Tools/Dockerfile @@ -23,12 +23,12 @@ RUN dotnet publish Microsoft.McpGateway.Tools.csproj -c Release -o /app/publish FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS runtime WORKDIR /app -# Copy published application from build stage -COPY --from=build /app/publish . - # Create non-root user -RUN groupadd -r appuser && useradd -r -g appuser appuser && \ - chown -R appuser:appuser /app +RUN groupadd -r appuser && useradd -r -g appuser appuser + +# Copy published application from build stage with proper ownership +COPY --from=build --chown=appuser:appuser /app/publish . + USER appuser # Expose port From 13b957361a855d74118b64ecf4102f46c3874ded Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 25 Jan 2026 21:12:23 +0000 Subject: [PATCH 4/5] Use specific UID/GID for container user Co-authored-by: raniellyferreira <4237908+raniellyferreira@users.noreply.github.com> --- dotnet/Microsoft.McpGateway.Service/Dockerfile | 2 +- dotnet/Microsoft.McpGateway.Tools/Dockerfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/dotnet/Microsoft.McpGateway.Service/Dockerfile b/dotnet/Microsoft.McpGateway.Service/Dockerfile index 0ec3486..535a72c 100644 --- a/dotnet/Microsoft.McpGateway.Service/Dockerfile +++ b/dotnet/Microsoft.McpGateway.Service/Dockerfile @@ -24,7 +24,7 @@ FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS runtime WORKDIR /app # Create non-root user -RUN groupadd -r appuser && useradd -r -g appuser appuser +RUN groupadd -r -g 1000 appuser && useradd -r -u 1000 -g appuser appuser # Copy published application from build stage with proper ownership COPY --from=build --chown=appuser:appuser /app/publish . diff --git a/dotnet/Microsoft.McpGateway.Tools/Dockerfile b/dotnet/Microsoft.McpGateway.Tools/Dockerfile index 373aee1..2c3c471 100644 --- a/dotnet/Microsoft.McpGateway.Tools/Dockerfile +++ b/dotnet/Microsoft.McpGateway.Tools/Dockerfile @@ -24,7 +24,7 @@ FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS runtime WORKDIR /app # Create non-root user -RUN groupadd -r appuser && useradd -r -g appuser appuser +RUN groupadd -r -g 1000 appuser && useradd -r -u 1000 -g appuser appuser # Copy published application from build stage with proper ownership COPY --from=build --chown=appuser:appuser /app/publish . From eaa9cac8e04cce7fedfa9cc51a99bddb82f81f25 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 25 Jan 2026 21:24:17 +0000 Subject: [PATCH 5/5] Fix port to 8000 and remove appuser from Dockerfiles Co-authored-by: raniellyferreira <4237908+raniellyferreira@users.noreply.github.com> --- dotnet/Microsoft.McpGateway.Service/Dockerfile | 11 +++-------- dotnet/Microsoft.McpGateway.Tools/Dockerfile | 11 +++-------- 2 files changed, 6 insertions(+), 16 deletions(-) diff --git a/dotnet/Microsoft.McpGateway.Service/Dockerfile b/dotnet/Microsoft.McpGateway.Service/Dockerfile index 535a72c..c37fe30 100644 --- a/dotnet/Microsoft.McpGateway.Service/Dockerfile +++ b/dotnet/Microsoft.McpGateway.Service/Dockerfile @@ -23,16 +23,11 @@ RUN dotnet publish Microsoft.McpGateway.Service.csproj -c Release -o /app/publis FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS runtime WORKDIR /app -# Create non-root user -RUN groupadd -r -g 1000 appuser && useradd -r -u 1000 -g appuser appuser - -# Copy published application from build stage with proper ownership -COPY --from=build --chown=appuser:appuser /app/publish . - -USER appuser +# Copy published application from build stage +COPY --from=build /app/publish . # Expose port -EXPOSE 8080 +EXPOSE 8000 # Set entrypoint ENTRYPOINT ["dotnet", "Microsoft.McpGateway.Service.dll"] diff --git a/dotnet/Microsoft.McpGateway.Tools/Dockerfile b/dotnet/Microsoft.McpGateway.Tools/Dockerfile index 2c3c471..b6b2bd4 100644 --- a/dotnet/Microsoft.McpGateway.Tools/Dockerfile +++ b/dotnet/Microsoft.McpGateway.Tools/Dockerfile @@ -23,16 +23,11 @@ RUN dotnet publish Microsoft.McpGateway.Tools.csproj -c Release -o /app/publish FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS runtime WORKDIR /app -# Create non-root user -RUN groupadd -r -g 1000 appuser && useradd -r -u 1000 -g appuser appuser - -# Copy published application from build stage with proper ownership -COPY --from=build --chown=appuser:appuser /app/publish . - -USER appuser +# Copy published application from build stage +COPY --from=build /app/publish . # Expose port -EXPOSE 8080 +EXPOSE 8000 # Set entrypoint ENTRYPOINT ["dotnet", "Microsoft.McpGateway.Tools.dll"]