cid/Dockerfile

FROM golang:1.25.3
RUN go env -w GO111MODULE=on
RUN go env -w GOPROXY=https://goproxy.cn,direct
ENV WORKDIR /usr/local/bin/app
WORKDIR $WORKDIR

ENV TIME_ZONE=Asia/Seoul
RUN useradd -ms /bin/bash golang


RUN ln -sf /usr/share/zoneinfo/$TIME_ZONE /etc/localtime \
    && chmod 0755 /usr/bin/wall \
    && chmod 0755 /usr/bin/passwd \
    && chmod 0755 /usr/bin/newgrp \
    && chmod 0755 /usr/bin/chfn \
    && chmod 0755 /usr/bin/chage \
    && chmod 0755 /usr/bin/gpasswd \
    && chmod 0755 /usr/bin/chsh \
    && chmod 0755 /usr/bin/expiry \
    && chmod 0755 /bin/umount \
    && chmod 0755 /bin/mount \
    && chmod 0755 /bin/su \
    && chmod 0755 /sbin/unix_chkpwd \
    && chmod 110 /usr/bin/chfn \
    && chmod 110 /usr/bin/passwd \
    && chmod 110 /usr/bin/newgrp \
    && chmod 110 /usr/bin/chsh \
    && chmod 110 /usr/bin/wall \
    && chmod 110 /usr/bin/gpasswd \
    && chmod 110 /usr/bin/expiry \
    && chmod 110 /usr/bin/chage \
    && chmod 110 /bin/mount \
    && chmod 110 /bin/umount \
    && chmod 110 /bin/su \
    && chmod 110 /sbin/unix_chkpwd \
    && chmod 110 /usr/lib/openssh/ssh-keysign \
    && chmod 110 /usr/bin/ssh-agent

COPY go.mod go.sum ./
# RUN chown -R golang:golang $WORKDIR
RUN go mod download && go mod verify
COPY ../../cidService $WORKDIR
RUN chown -R golang:golang $WORKDIR
# Remove SetUID, SetGID
RUN chmod 0755 /usr/local/bin/app/api \
    && chmod 0755 /usr/local/bin/app/common \
    && chmod 0755 /usr/local/bin/app/middleware \
    && chmod 0755 /usr/local/bin/app/model \
    && rm -rf .git \
    && rm -rf .gitignore \
    && rm -rf .gitlab-ci.yml \
    && rm -rf Dockerfile \
    && rm -rf config-local.yml
USER golang
RUN go build -v -o /usr/local/bin/app ./...
EXPOSE 3002
CMD ./cidService