Skip to content

Comments

Configure multi-architecture Docker builds (amd64/arm64)#50

Open
raniellyferreira wants to merge 6 commits intomicrosoft:mainfrom
raniellyferreira:main
Open

Configure multi-architecture Docker builds (amd64/arm64)#50
raniellyferreira wants to merge 6 commits intomicrosoft:mainfrom
raniellyferreira:main

Conversation

@raniellyferreira
Copy link

@raniellyferreira raniellyferreira commented Jan 25, 2026
edited
Loading

This PR adds multi-architecture support (amd64/arm64) to the Docker image builds, replacing the previous dotnet publish approach with Docker Buildx.

Changes

Dockerfiles

  • Added multi-stage Dockerfiles for Microsoft.McpGateway.Service and Microsoft.McpGateway.Tools
  • Build stage: .NET SDK 8.0 with optimized layer caching
  • Runtime stage: ASP.NET 8.0 runtime (smaller image size)
  • Exposes port 8000

GitHub Actions Workflow

  • Added QEMU and Docker Buildx setup
  • Replaced dotnet publish with docker/build-push-action@v5
  • Platforms: linux/amd64,linux/arm64
  • Removed .NET SDK setup (no longer needed)

Benefits

Multi-Architecture Support: Works on AMD64 and ARM64 (Apple Silicon, AWS Graviton)
Optimized Layer Caching: Multi-stage builds leverage Docker cache
Smaller Images: Runtime stage uses only ASP.NET runtime
Automatic Manifest List: Docker automatically creates manifest lists

Testing

Both images have been built and validated locally:

  • mcp-gateway - multi-stage build completes successfully
  • tool-gateway - multi-stage build completes successfully

Usage

docker pull ghcr.io/microsoft/mcp-gateway:latest
# Automatically pulls the correct architecture (AMD64 or ARM64)

docker manifest inspect ghcr.io/microsoft/mcp-gateway:latest
# Shows both architectures in manifest

Validation Results

Tested on: raniellyferreira#1

Copilot AI and others added 6 commits January 25, 2026 21:07
Initial plan
0f699be
@raniellyferreira
Add Dockerfiles and update workflow for multi-arch builds
a3af5c3 
Co-authored-by: raniellyferreira <4237908+raniellyferreira@users.noreply.github.com>
@raniellyferreira
Fix Dockerfile ownership and keep only latest tag
8caec50 
Co-authored-by: raniellyferreira <4237908+raniellyferreira@users.noreply.github.com>
@raniellyferreira
Use specific UID/GID for container user
13b9573 
Co-authored-by: raniellyferreira <4237908+raniellyferreira@users.noreply.github.com>
@raniellyferreira
Fix port to 8000 and remove appuser from Dockerfiles
eaa9cac 
Co-authored-by: raniellyferreira <4237908+raniellyferreira@users.noreply.github.com>
@raniellyferreira
Merge pull request #1 from raniellyferreira/copilot/configure-multi-a…
9c593e7 
…rch-build

Configure multi-architecture Docker builds (amd64/arm64)
Copilot AI review requested due to automatic review settings January 25, 2026 21:51
@raniellyferreira
Copy link
Author

raniellyferreira commented Jan 25, 2026

@microsoft-github-policy-service agree

Copilot AI reviewed Jan 25, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR migrates the Docker image build process from dotnet publish to Docker Buildx with multi-architecture support for AMD64 and ARM64 platforms. The change enables the application to run natively on Apple Silicon and AWS Graviton processors.

Changes:

  • Added multi-stage Dockerfiles for both Microsoft.McpGateway.Service and Microsoft.McpGateway.Tools using .NET SDK 8.0 for build and ASP.NET 8.0 runtime for deployment
  • Updated GitHub Actions workflow to use Docker Buildx with QEMU for cross-platform builds targeting linux/amd64 and linux/arm64
  • Removed .NET SDK setup and dotnet publish commands from the CI workflow in favor of Docker-based builds

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 8 comments.

File Description
dotnet/Microsoft.McpGateway.Service/Dockerfile New multi-stage Dockerfile for the main gateway service with build and runtime stages
dotnet/Microsoft.McpGateway.Tools/Dockerfile New multi-stage Dockerfile for the tools gateway with build and runtime stages
.github/workflows/image.yml Updated to use Docker Buildx with multi-architecture support, replacing dotnet publish approach

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

dotnet/Microsoft.McpGateway.Service/Dockerfile

# Build and publish the application
WORKDIR /src/dotnet/Microsoft.McpGateway.Service/src
RUN dotnet publish Microsoft.McpGateway.Service.csproj -c Release -o /app/publish --no-restore
Copy link

Copilot AI Jan 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The project file specifies <Platforms>x64</Platforms>, which may conflict with ARM64 builds. While dotnet publish without an explicit runtime identifier can auto-detect the target platform in Docker, this constraint might cause build issues or prevent proper ARM64 compilation. Consider either removing this constraint or adding explicit runtime identifier arguments to the publish command (e.g., --runtime linux-arm64 for ARM64 builds). Alternatively, you could verify that the multi-arch build actually produces native ARM64 binaries rather than running x64 binaries through emulation.

Copilot uses AI. Check for mistakes.
dotnet/Microsoft.McpGateway.Tools/Dockerfile

# Build and publish the application
WORKDIR /src/dotnet/Microsoft.McpGateway.Tools/src
RUN dotnet publish Microsoft.McpGateway.Tools.csproj -c Release -o /app/publish --no-restore
Copy link

Copilot AI Jan 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The project file specifies <Platforms>x64</Platforms>, which may conflict with ARM64 builds. While dotnet publish without an explicit runtime identifier can auto-detect the target platform in Docker, this constraint might cause build issues or prevent proper ARM64 compilation. Consider either removing this constraint or adding explicit runtime identifier arguments to the publish command (e.g., --runtime linux-arm64 for ARM64 builds). Alternatively, you could verify that the multi-arch build actually produces native ARM64 binaries rather than running x64 binaries through emulation.

Copilot uses AI. Check for mistakes.
.github/workflows/image.yml
Comment on lines +35 to +42
- name: Build and push mcp-gateway multi-arch image
uses: docker/build-push-action@v5
with:
dotnet-version: '8.x'

- name: Restore dependencies
run: dotnet restore dotnet/Microsoft.McpGateway.sln --runtime linux-x64

- name: Publish and push the mcp-gateway container image
run: dotnet publish dotnet/Microsoft.McpGateway.Service/src/Microsoft.McpGateway.Service.csproj --configuration Release --no-restore /p:PublishProfile=github.pubxml /p:ContainerRepository=${{ github.repository_owner }}/mcp-gateway

- name: Publish and push the tool-gateway container image
run: dotnet publish dotnet/Microsoft.McpGateway.Tools/src/Microsoft.McpGateway.Tools.csproj --configuration Release --no-restore /p:PublishProfile=github.pubxml /p:ContainerRepository=${{ github.repository_owner }}/tool-gateway
context: .
file: ./dotnet/Microsoft.McpGateway.Service/Dockerfile
platforms: linux/amd64,linux/arm64
push: true
tags: ghcr.io/${{ github.repository_owner }}/mcp-gateway:latest
Copy link

Copilot AI Jan 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The build action doesn't configure Docker layer caching, which can significantly improve build times, especially for multi-architecture builds. Consider adding cache-from and cache-to parameters to leverage GitHub Actions cache. For example:

cache-from: type=gha
cache-to: type=gha,mode=max

This will cache Docker layers between builds and speed up subsequent builds.

Copilot uses AI. Check for mistakes.
.github/workflows/image.yml
Comment on lines +44 to +51
- name: Build and push tool-gateway multi-arch image
uses: docker/build-push-action@v5
with:
context: .
file: ./dotnet/Microsoft.McpGateway.Tools/Dockerfile
platforms: linux/amd64,linux/arm64
push: true
tags: ghcr.io/${{ github.repository_owner }}/tool-gateway:latest
Copy link

Copilot AI Jan 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The build action doesn't configure Docker layer caching, which can significantly improve build times, especially for multi-architecture builds. Consider adding cache-from and cache-to parameters to leverage GitHub Actions cache. For example:

cache-from: type=gha
cache-to: type=gha,mode=max

This will cache Docker layers between builds and speed up subsequent builds.

Copilot uses AI. Check for mistakes.
.github/workflows/image.yml
file: ./dotnet/Microsoft.McpGateway.Service/Dockerfile
platforms: linux/amd64,linux/arm64
push: true
tags: ghcr.io/${{ github.repository_owner }}/mcp-gateway:latest
Copy link

Copilot AI Jan 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The Docker image is only tagged with latest, which makes it difficult to track versions and roll back if needed. Consider adding versioning tags based on git SHA, tag, or semantic version. For example, you could add tags like ghcr.io/${{ github.repository_owner }}/mcp-gateway:${{ github.sha }} or use docker/metadata-action to automatically generate appropriate tags.

Copilot uses AI. Check for mistakes.
.github/workflows/image.yml
file: ./dotnet/Microsoft.McpGateway.Tools/Dockerfile
platforms: linux/amd64,linux/arm64
push: true
tags: ghcr.io/${{ github.repository_owner }}/tool-gateway:latest
Copy link

Copilot AI Jan 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The Docker image is only tagged with latest, which makes it difficult to track versions and roll back if needed. Consider adding versioning tags based on git SHA, tag, or semantic version. For example, you could add tags like ghcr.io/${{ github.repository_owner }}/tool-gateway:${{ github.sha }} or use docker/metadata-action to automatically generate appropriate tags.

Copilot uses AI. Check for mistakes.
dotnet/Microsoft.McpGateway.Service/Dockerfile
Comment on lines +23 to +24
FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS runtime
WORKDIR /app
Copy link

Copilot AI Jan 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The Docker container is running as root user, which poses a security risk. The sample Dockerfiles in this repository (e.g., sample-servers/mcp-example/Dockerfile:4-24) create and switch to a non-root user. Consider adding a similar security measure by creating a non-root user and switching to it before the ENTRYPOINT.

Copilot uses AI. Check for mistakes.
dotnet/Microsoft.McpGateway.Tools/Dockerfile
Comment on lines +23 to +24
FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS runtime
WORKDIR /app
Copy link

Copilot AI Jan 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The Docker container is running as root user, which poses a security risk. The sample Dockerfiles in this repository (e.g., sample-servers/mcp-example/Dockerfile:4-24) create and switch to a non-root user. Consider adding a similar security measure by creating a non-root user and switching to it before the ENTRYPOINT.

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@raniellyferreira