Add Dockerfile for agent

[kate-osborn]

Adds Dockerfile for the agent and Makefile command to build the agent container (#376)

I had to add a couple workarounds in the Dockerfile that are outlined below and in the comments of the file itself:

1. For now, we install the agent by downloading the .apk file from their github releases. Ideally, we would install the agent via a pre-built and published package. If/when that is supported, we will update our installation process.
2. We do not add the Linux capability (CAP_NET_BIND_SERVICE) to the nginx and nginx debug binaries. This capability allows nginx to bind to privileged ports. Adding this capability prevents the agent from reading nginx's /proc/<pid>/exe symlink which the agent requires to determine the path to the nginx binary. While we wait for a more permanent fix, we will work around this by having nginx bind to non-privileged ports. See this write-up for more details: https://dxuuu.xyz/filecaps.html

In addition to the Dockerfile, I added a deployment manifest for the agent. This is for testing purposes only, and is not the agent's final manifest.

One final note, CI build/publish steps are out of scope for this PR

[brianehlert]

Is the intention to then use this container and add a layer with NGINX?
Asking since this appeared to be agent only and not NGINX / NGINX Plus.
And I didn't think we were following a sidecar pattern (nor do I think that in the best interest of the customer).

[kate-osborn]

Is the intention to then use this container and add a layer with NGINX? Asking since this appeared to be agent only and not NGINX / NGINX Plus. And I didn't think we were following a sidecar pattern (nor do I think that in the best interest of the customer).

The docker container runs both NGINX OSS and the agent processes. The docker image is based off the nginx image and the entrypoint.sh script kicks off nginx and nginx-agent processes.