Restricting container acess

HI Team,
I am new to docker.
We have a requirement to host our app container in client’s environment.
So, I have to restrict the shell access and no one should be able to extract the code.
I have tried to restrict shell access by removing bash access in it, but I am still able to copy the content in the container to server using docker cp command.
Basically my container should be running and it should be locked , no one should be able to extract the code inside it using docker cp or any other way.
can anyone help with this.

No. That’s the way Docker works.

You could try to obfuscated your source code, but they could still extract it.

You might look into “confidential computing”, but that’s a very new and complex beast.