FROM docker.io/library/alpine:3.22
LABEL maintainer="contact@mengning.com.cn"
LABEL version="1.0"
LABEL description="Alpine-based development environment"

# 设置环境变量
ENV WORKSPACE=/workspace \
    USERNAME=devstar

# 创建非root用户，提高安全性
RUN addgroup -g 1000 $USERNAME && \
    adduser -u 1000 -G $USERNAME -s /bin/sh -D $USERNAME

# 安装开发工具（合并RUN层，减少镜像大小）
RUN apk add --no-cache \
    build-base \
    openssh-server openssh-keygen openssh-client \
    openrc \
    git \
    bash \
    curl \
    ca-certificates \
    && update-ca-certificates \
    && rm -rf /var/cache/apk/*

# 创建工作目录并设置权限
WORKDIR $WORKSPACE
RUN mkdir -p $WORKSPACE && \
    chown -R $USERNAME:$USERNAME $WORKSPACE

# 切换到非root用户
USER $USERNAME

# 使用bash作为默认shell
SHELL ["/bin/bash", "-c"]

# 设置默认命令
CMD ["/bin/bash"]