diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..e9d29f2
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,9 @@
+.bin/
+.circleci/
+.github/
+test/results/
+.git*
+*.js
+*.md
+*.yaml
+config.secret.json
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..f85b921
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,64 @@
+### Git ###
+# Created by git for backups. To disable backups in Git:
+# $ git config --global mergetool.keepBackup false
+*.orig
+
+# Created by git when using merge tools for conflicts
+*.BACKUP.*
+*.BASE.*
+*.LOCAL.*
+*.REMOTE.*
+*_BACKUP_*.txt
+*_BASE_*.txt
+*_LOCAL_*.txt
+*_REMOTE_*.txt
+
+### Go ###
+# Binaries for programs and plugins
+*.exe
+*.exe~
+*.dll
+*.so
+*.dylib
+
+# Test binary, built with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+# Dependency directories (remove the comment below to include it)
+# /vendor/
+
+# Go workspace file
+go.work
+
+### Go Patch ###
+/vendor/
+/Godeps/
+
+### Helm ###
+# Chart dependencies
+/helm/**/charts/*.tgz
+
+/helm/config.secret.json
+
+### Test results ###
+/test/results
+
+### IDEs ###
+.idea
+.vscode
+.dccache
+
+### Tooling ###
+/.bin/
+
+### Local development ###
+# Local config file
+/config.local.json
+# Local build system configuration
+/local.mk
+
+### Node.js ###
+/node_modules
diff --git a/Dockerfile b/Dockerfile
index cde9e5c..4045570 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -7,7 +7,7 @@ ARG COMMIT_SHA
 ARG GIT_TAG
 
 RUN go mod download
-RUN CGO_ENABLED=0 go build \
+RUN CGO_ENABLED=0 GOEXPERIMENT=boringcrypto go build \
     -ldflags="-s -w \
         -X github.com/snyk/kubernetes-scanner/build.commitSHA=$COMMIT_SHA \
         -X github.com/snyk/kubernetes-scanner/build.tag=$GIT_TAG\
@@ -18,4 +18,4 @@ RUN CGO_ENABLED=0 go build \
 FROM gcr.io/distroless/static
 
 COPY --from=build /go/bin/kubernetes-scanner /
-CMD ["/kubernetes-scanner"]
+ENTRYPOINT ["/kubernetes-scanner"]