| @@ | |
| FROM alpine:3.20 | |
| RUN addgroup -S app && adduser -S app -G app | |
| WORKDIR /app | |
| -RUN apk add --no-cache ca-certificates tzdata socat && update-ca-certificates | |
| +RUN apk add --no-cache ca-certificates tzdata socat && update-ca-certificates | |
| COPY --from=go-builder /build/gpt-load /app/gpt-load | |
| +## 关键:为非 root 账户准备可写目录 | |
| +RUN mkdir -p /app/data && chown -R app:app /app | |
| COPY ./run.sh /app/run.sh | |
| RUN chmod +x /app/run.sh | |
| @@ | |
| -USER app | |
| +USER app | |
| ENTRYPOINT ["/app/run.sh"] | |