# Build stage
FROM docker.io/library/golang:1.26-alpine AS builder

WORKDIR /build
COPY network-go/go.mod network-go/go.sum ./
RUN go mod download

COPY network-go/ .
RUN go build -o network-go -ldflags="-s -w" .

# Runtime stage
FROM docker.io/library/alpine:latest

RUN apk add --update --no-cache \
    iptables \
    iptables-legacy \
    ca-certificates \
    util-linux \
    nsenter \
    && rm -rf /var/cache/apk/*

COPY --from=builder /build/network-go /usr/local/bin/network-go

CMD ["/usr/local/bin/network-go"]