From 2632cd0195bf059189029d0a927746ce5352ab01 Mon Sep 17 00:00:00 2001
From: Tuan Anh Tran <me@tuananh.org>
Date: Mon, 3 Jul 2023 09:51:51 +0700
Subject: [PATCH] dockerfile: switch to chainguard image to reduce CVEs

---
 Dockerfile | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 7bbf1f3..899a311 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,14 +1,14 @@
 # Build in Docker container
-FROM golang:1.19.2 as builder
+FROM cgr.dev/chainguard/go:1.19.2@sha256:3f7206a2cfbf680b63f71188cd76c7597d35720a0a9a6c95fc5c9556ba74e332 as builder
 
 ENV CGO_ENABLED 0
 WORKDIR /src/s3sync
+COPY go.mod go.sum ./
+RUN go mod download
 COPY . ./
-RUN go mod vendor && \
-    go build -o s3sync ./cli
+RUN go build -o s3sync ./cli
 
 # Create s3sync image
-FROM debian:buster-slim
-RUN apt update && apt install -y ca-certificates
+FROM cgr.dev/chainguard/glibc-dynamic:latest
 COPY --from=builder /src/s3sync/s3sync /s3sync
 ENTRYPOINT ["/s3sync"]