Add Docker Images and CI Workflow

[lbatalha]

This PR is meant to add:

• Dockerfiles for building images
• Github Actions Workflow to build images on release and for PR/Branch commits
• Simple Docker documentation

The contribution guidelines are not very clear on what this type of PR would fall under, and the Roadmap seems to be a bit outdated and focused on the actual RNS codebase itself.
Since this is more of an Ops type of thing, hopefully this PR is not annoying.

Docker Images

There are two dockerfiles, one for end-users to quickly get started and one for CI use in github actions.

The created image has the following properties:

• Rootless execution of rnsd and all tooling
• RNS tooling installed as system packages instead of a venv, files owned by root to ensure a compromised user account cannot replace binaries with malicious versions (but it is also unnecessary to use venvs or user home directories to compartmentalize since we are running in a container, which by definition is compartmentalized)
• Dedicated config directory (/config) for easy of mounting (see previous wrt. home directories)
• rnsd executed as PID1, no other processes running in the container
• RNS tooling still available for use via docker exec
• Small image footprint by using multi-stage builds
• Support for compiling dependencies from source (dependencies like cryptography do not have ready-made wheels for architectures outside of amd64 and arm64, so pip will need to compile from source

The current footprint sits at around ~70MB uncompressed vs ~43MB for the base alpine python image, which means the image is almost as size efficient as it could possibly be - the multi-stage build only adds <1MB vs if you just pip installed rns without any compilation dependencies:

❯ docker images
REPOSITORY                   TAG                    IMAGE ID       CREATED             SIZE
reticulum                    small                  ed736e10ab90   1 second ago        76.1MB
reticulum                    large                  cd6bbf9ca222   5 minutes ago       77.5MB

(Built on macos, the actual github generated images are 5-15MB smaller)

Github Actions

I have added jobs to the existing github workflows that will build docker images (multi-platform in parallel using matrix strategy) for the architectures most likely to be used by end-users (more can be added in the future, if needed)

I have changed the package job to always run (not just on tag events), so that users can access build artifacts as well as docker images for branches/PRs (might help users with testing). Example Execution

When a tag/release is created, docker images are also created with the same tag, which also auto-updates the latest image tag, example from my fork:

Users can choose to get images tagged by latest, by major.minor version or by major.minor.patch

Certain architectures take a LONG time to build due to compilation times and emulation, armv6 and v7 take roughly 15 minutes for example

Documentation

I have created a simple README relating to docker usage, as well as an example docker-compose file, which should help people quickly get started with containerized deployments

Improvements

I think in the future, looking into distroless final images would be nice if greatly reducing the image size is a priority (as well as reduced attack surface)

Perhaps having examples of a more advanced docker-compose deployment with multiple RNS-based services talking to each other using docker networks would be nice