From 8c2b98213c49ea7d6fb5355d3dc467ca5ba883aa Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 18 Mar 2022 01:38:02 +0000
Subject: [PATCH] fix: Dockerfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-ALPINE315-OPENSSL-2426331
- https://snyk.io/vuln/SNYK-ALPINE315-OPENSSL-2426331
---
 Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index b7c0a17..93e997c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -40,7 +40,7 @@ RUN GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -ldflags="-w -s" -o /go/bin/s
 #################################
 # STEP 3 create permissioned user
 #################################
-FROM alpine AS user
+FROM alpine:3.15 AS user
 # Install git + SSL ca certificates.
 # Git is required for fetching the dependencies.
 # Ca-certificates is required to call HTTPS endpoints.
@@ -65,7 +65,7 @@ RUN adduser \
 # STEP 4 build a small image
 ############################
 # Can't run from sratch, need to be able to `chmod`
-FROM alpine
+FROM alpine:3.15
 
 # Install curl
 RUN apk update && apk --no-cache add curl