From d2dd6e37df4e4723950b9b03b148337cb8090d74 Mon Sep 17 00:00:00 2001
From: Derrick DaCosta <derrick_dacosta@cable.comcast.com>
Date: Tue, 23 Apr 2024 12:41:26 -0400
Subject: [PATCH 1/2] Add cert bundle to scratch image

---
 Dockerfile | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index 1dc624d..9a5cf89 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -27,9 +27,13 @@ COPY vendor /sources/vendor/
 # Build the sources tarball outside of /deps so it has to be copied explicitly
 RUN cd /; tar -czf /sources.tgz sources
 
+FROM alpine:latest as certs
+RUN apk --update add ca-certificates
+
 # 'bin' stage, copy in only the binary and dependencies
 FROM scratch AS bin
 WORKDIR /
+COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
 COPY --from=build /go/src/github.com/comcast/fishymetrics/fishymetrics /
 
 ENTRYPOINT ["/fishymetrics"]

From e012a112ca319a82bfb9c28a2535d1e780ed1142 Mon Sep 17 00:00:00 2001
From: Derrick DaCosta <derrick_dacosta@cable.comcast.com>
Date: Tue, 23 Apr 2024 12:46:19 -0400
Subject: [PATCH 2/2] add no-cache flag

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 9a5cf89..3bcbdb4 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -28,7 +28,7 @@ COPY vendor /sources/vendor/
 RUN cd /; tar -czf /sources.tgz sources
 
 FROM alpine:latest as certs
-RUN apk --update add ca-certificates
+RUN apk --update --no-cache add ca-certificates
 
 # 'bin' stage, copy in only the binary and dependencies
 FROM scratch AS bin