# Dockerfile for Lab 02 - Network & VPC
# Test container image for network isolation verification

# Use Alpine 3.19 as base image
FROM alpine:3.19

# Create non-root user for security (INF-01 compliance)
RUN addgroup -g 1000 appgroup && \
    adduser -D -u 1000 -G appgroup appuser

# Install network testing tools
RUN apk add --no-cache \
    iputils \
    bind-tools \
    curl \
    netcat-openbsd \
    tcpdump \
    strace \
    && rm -rf /var/cache/apk/*

# Switch to non-root user
USER appuser

# Set working directory
WORKDIR /home/appuser

# Default command - sleep for testing
CMD ["sh", "-c", "sleep 3600"]