Add Docker arm64 builds

[vgrassia]

📔 Objective

This PR modifies all of the Dockerfiles in this repository to use multi-stage builds. This is very similar to the logic used to build the container image for Bitwarden Unified. Making this change enables us to build for multiple architectures. I have specified the architectures linux/amd64, linux/arm64, and linux/arm/v7 in this PR.

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[github-actions]

Checkmarx One – Scan Summary & Details – cd3f999b-03c6-400d-ad0a-e055c83ea429

New Issues (5)

Checkmarx found the following issues in this Pull Request

Severity	Issue	Source File / Package	Checkmarx Insight
	CSRF	/src/Api/AdminConsole/Controllers/GroupsController.cs: 164	details Method Put at line 164 of /src/Api/AdminConsole/Controllers/GroupsController.cs gets a parameter from a user request from model. This parameter val... Attack Vector
	CSRF	/bitwarden_license/src/Scim/Controllers/v2/GroupsController.cs: 94	details Method Put at line 94 of /bitwarden_license/src/Scim/Controllers/v2/GroupsController.cs gets a parameter from a user request from model. This param... Attack Vector
	CSRF	/bitwarden_license/src/Scim/Controllers/v2/GroupsController.cs: 104	details Method Patch at line 104 of /bitwarden_license/src/Scim/Controllers/v2/GroupsController.cs gets a parameter from a user request from model. This pa... Attack Vector
	CSRF	/src/Api/AdminConsole/Public/Controllers/GroupsController.cs: 133	details Method Put at line 133 of /src/Api/AdminConsole/Public/Controllers/GroupsController.cs gets a parameter from a user request from model. This parame... Attack Vector
	Missing_CSP_Header	/src/Core/MailTemplates/Handlebars/SecurityTasksNotification.html.hbs: 21	details A Content Security Policy is not explicitly defined within the web-application. Attack Vector

Fixed Issues (4)

Great job! The following issues were fixed in this Pull Request

Severity	Issue	Source File / Package
	CSRF	/src/Api/KeyManagement/Controllers/AccountsKeyManagementController.cs: 93
	CSRF	/src/Api/KeyManagement/Controllers/AccountsKeyManagementController.cs: 93
	Use_Of_Hardcoded_Password	/src/Core/Constants.cs: 173
	Use_Of_Hardcoded_Password	/src/Core/Constants.cs: 172

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 44.99%. Comparing base (b309de1) to head (997d9b8).

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #5529   +/-   ##
=======================================
  Coverage   44.99%   44.99%           
=======================================
  Files        1562     1562           
  Lines       71469    71469           
  Branches     6399     6399           
=======================================
  Hits        32158    32158           
  Misses      37945    37945           
  Partials     1366     1366           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

[github-advanced-security]

Checkmarx One found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.

[sonarqubecloud]

Quality Gate passed

Issues
34 New issues
0 Accepted issues

Measures
3 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[addisonbeck]

LGMT, though I am not a SME on our Dockerfiles. Those CVE alerts seem out of place and are clearly unrelated. Any idea what's triggering them @vgrassia ?

[vgrassia]

LGMT, though I am not a SME on our Dockerfiles. Those CVE alerts seem out of place and are clearly unrelated. Any idea what's triggering them @vgrassia ?

I have no idea why those CVE alerts are happening. They all point to the first line in the Dockerfiles which is a stylized comment block.