FROM golang:alpine AS builder
WORKDIR /app
COPY . .
RUN CGO_ENABLED=0 go build -o aws-vault-proxy

FROM scratch
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=builder /app/aws-vault-proxy /aws-vault-proxy

# Use the same executable to send ourselves a http healthcheck
HEALTHCHECK CMD ["/aws-vault-proxy", "-check-running"]
CMD ["/aws-vault-proxy"]
