From 130de2965c31d9e2a24085662a6d0dde3c8982f0 Mon Sep 17 00:00:00 2001
From: Martin Redolatti <martin.redolatti@split.io>
Date: Wed, 24 Jan 2024 16:14:44 -0300
Subject: [PATCH] use debian for the builder stage to avoid issues with
 musl+boringcrypo for fips compliant builds

---
 docker/Dockerfile.proxy        | 13 +++++--------
 docker/Dockerfile.synchronizer | 15 +++++++--------
 2 files changed, 12 insertions(+), 16 deletions(-)

diff --git a/docker/Dockerfile.proxy b/docker/Dockerfile.proxy
index 831e67b9..5677e160 100644
--- a/docker/Dockerfile.proxy
+++ b/docker/Dockerfile.proxy
@@ -1,22 +1,19 @@
 # Build stage
-FROM golang:1.21.5-alpine3.19 AS builder
+FROM golang:1.21.6-bookworm AS builder
 
 ARG EXTRA_BUILD_ARGS
 ARG FIPS_MODE
 
-RUN apk add \
-    bash \
-    build-base \
-    python3 \
-    git
+RUN apt update -y
+RUN apt install -y build-essential ca-certificates python3 git
 
 WORKDIR /code
 
 COPY . .
 
 RUN if [[ "${FIPS_MODE}" = "enabled" ]]; \
-    then echo "building in standard mode"; make clean split-proxy entrypoints EXTRA_BUILD_ARGS="${EXTRA_BUILD_ARGS}"; \
-    else echo "building in fips mode"; make clean split-proxy-fips entrypoints EXTRA_BUILD_ARGS="${EXTRA_BUILD_ARGS}"; mv split-proxy-fips split-proxy; \
+    then echo "building in fips mode"; make clean split-proxy-fips entrypoints EXTRA_BUILD_ARGS="${EXTRA_BUILD_ARGS}"; mv split-proxy-fips split-proxy; \
+    else echo "building in standard mode"; make clean split-proxy entrypoints EXTRA_BUILD_ARGS="${EXTRA_BUILD_ARGS}"; \
     fi
 
 # Runner stage
diff --git a/docker/Dockerfile.synchronizer b/docker/Dockerfile.synchronizer
index 44e604b4..7f27526d 100644
--- a/docker/Dockerfile.synchronizer
+++ b/docker/Dockerfile.synchronizer
@@ -1,24 +1,23 @@
 # Build stage
-FROM golang:1.21.5-alpine3.19 AS builder
+FROM golang:1.21.6-bookworm AS builder
 
 ARG EXTRA_BUILD_ARGS
 ARG FIPS_MODE
 
-RUN apk add \
-    bash \
-    build-base \
-    python3 \
-    git
+RUN apt update -y
+RUN apt install -y build-essential ca-certificates python3 git
 
 WORKDIR /code
 
 COPY . .
 
 RUN if [[ "${FIPS_MODE}" = "enabled" ]]; \
-    then echo "building in standard mode"; make clean split-sync entrypoints EXTRA_BUILD_ARGS="${EXTRA_BUILD_ARGS}"; \
-    else echo "building in fips mode"; make clean split-sync-fips entrypoints EXTRA_BUILD_ARGS="${EXTRA_BUILD_ARGS}"; mv split-sync-fips split-sync; \
+    then echo "building in fips mode"; make clean split-sync-fips entrypoints EXTRA_BUILD_ARGS="${EXTRA_BUILD_ARGS}"; mv split-sync-fips split-sync; \
+    else echo "building in standard mode"; make clean split-sync entrypoints EXTRA_BUILD_ARGS="${EXTRA_BUILD_ARGS}"; \
     fi
 
+RUN ls -l /code
+
 # Runner stage
 FROM alpine:3.19.0 AS runner