From b857528ba024459c627c39547455e22bd15b5bb4 Mon Sep 17 00:00:00 2001
From: Anthony Ucci <anthony.ucci@dn-analytics.com>
Date: Mon, 15 Jun 2026 14:23:33 +0200
Subject: [PATCH 1/3] Harden Dockerfile and update base images

---
 Dockerfile | 39 ++++++++++++++++++++++++++++++---------
 1 file changed, 30 insertions(+), 9 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 2b4a9867..2325d95f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,16 +1,37 @@
-FROM docker.io/library/golang:1 AS builder
+FROM docker.io/library/golang:1.26.4-alpine AS builder
+
 WORKDIR /usr/src/app
+
+COPY go.mod go.sum ./
+RUN go mod download
+
 COPY . ./
-RUN CGO_ENABLED=0 go build -ldflags="-s -w" -a -installsuffix cgo -o bin/s3manager
 
-FROM docker.io/library/alpine:latest
+RUN CGO_ENABLED=0 go build \
+    -ldflags="-s -w" \
+    -a \
+    -installsuffix cgo \
+    -o bin/s3manager
+
+FROM docker.io/library/alpine:3.23
+
 WORKDIR /usr/src/app
-RUN addgroup -S s3manager && adduser -S s3manager -G s3manager
-RUN apk add --no-cache \
-  ca-certificates \
-  dumb-init
+
+RUN apk update \
+    && apk upgrade --no-cache \
+    && apk add --no-cache \
+        ca-certificates \
+        dumb-init \
+    && addgroup -S s3manager \
+    && adduser -S s3manager -G s3manager \
+    && rm -rf /var/cache/apk/*
+
 COPY --from=builder --chown=s3manager:s3manager /usr/src/app/bin/s3manager ./
+
 USER s3manager
+
 EXPOSE 8080
-ENTRYPOINT [ "/usr/bin/dumb-init", "--" ]
-CMD [ "/usr/src/app/s3manager" ]
+
+ENTRYPOINT ["/usr/bin/dumb-init", "--"]
+
+CMD ["/usr/src/app/s3manager"]
\ No newline at end of file

From a6a38926148207b7fcd41048ca9f37c8389e9895 Mon Sep 17 00:00:00 2001
From: Anthony Ucci <anthony.ucci@dn-analytics.com>
Date: Mon, 15 Jun 2026 14:23:33 +0200
Subject: [PATCH 2/3] Harden Dockerfile and update base images

---
 Dockerfile | 39 ++++++++++++++++++++++++++++++---------
 1 file changed, 30 insertions(+), 9 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index c82884ae..2325d95f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,16 +1,37 @@
-FROM docker.io/golang:1 AS builder
+FROM docker.io/library/golang:1.26.4-alpine AS builder
+
 WORKDIR /usr/src/app
+
+COPY go.mod go.sum ./
+RUN go mod download
+
 COPY . ./
-RUN CGO_ENABLED=0 go build -ldflags="-s -w" -a -installsuffix cgo -o bin/s3manager
 
-FROM docker.io/alpine:latest
+RUN CGO_ENABLED=0 go build \
+    -ldflags="-s -w" \
+    -a \
+    -installsuffix cgo \
+    -o bin/s3manager
+
+FROM docker.io/library/alpine:3.23
+
 WORKDIR /usr/src/app
-RUN addgroup -S s3manager && adduser -S s3manager -G s3manager
-RUN apk add --no-cache \
-  ca-certificates \
-  dumb-init
+
+RUN apk update \
+    && apk upgrade --no-cache \
+    && apk add --no-cache \
+        ca-certificates \
+        dumb-init \
+    && addgroup -S s3manager \
+    && adduser -S s3manager -G s3manager \
+    && rm -rf /var/cache/apk/*
+
 COPY --from=builder --chown=s3manager:s3manager /usr/src/app/bin/s3manager ./
+
 USER s3manager
+
 EXPOSE 8080
-ENTRYPOINT [ "/usr/bin/dumb-init", "--" ]
-CMD [ "/usr/src/app/s3manager" ]
+
+ENTRYPOINT ["/usr/bin/dumb-init", "--"]
+
+CMD ["/usr/src/app/s3manager"]
\ No newline at end of file

From 95ee67bd14677cee42a981604ffaa7cc98407983 Mon Sep 17 00:00:00 2001
From: Anthony Ucci <anthony.ucci@dn-analytics.com>
Date: Mon, 15 Jun 2026 16:20:14 +0200
Subject: [PATCH 3/3] disable list all buckets by defaut

---
 internal/app/s3manager/manager_handlers.go |  5 +++++
 main.go                                    | 12 ++++++++----
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/internal/app/s3manager/manager_handlers.go b/internal/app/s3manager/manager_handlers.go
index 9337328e..bc55db6f 100644
--- a/internal/app/s3manager/manager_handlers.go
+++ b/internal/app/s3manager/manager_handlers.go
@@ -49,6 +49,11 @@ func HandleBucketsViewWithManager(manager *MultiS3Manager, templates fs.FS, allo
 			return
 		}
 
+		if bucketName != "" {
+			http.Redirect(w, r, rootURL+"/"+instanceName+"/buckets/"+bucketName, http.StatusTemporaryRedirect)
+			return
+		}
+
 		s3 := current.Client
 		instances := manager.GetAllInstances()
 
diff --git a/main.go b/main.go
index aba499f6..60aab5b0 100644
--- a/main.go
+++ b/main.go
@@ -166,13 +166,17 @@ func main() {
 	// Set up router
 	r := mux.NewRouter()
 
-	// Root redirects to first instance's buckets page
+	// Root redirects to first instance's buckets page (or directly to the configured bucket)
 	r.Handle("/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		instances := s3Manager.GetAllInstances()
-		if len(instances) > 0 {
-			http.Redirect(w, r, rootURL+"/"+instances[0].Name+"/buckets", http.StatusPermanentRedirect)
-		} else {
+		if len(instances) == 0 {
 			http.Error(w, "No S3 instances configured", http.StatusInternalServerError)
+			return
+		}
+		if configuration.BucketName != "" {
+			http.Redirect(w, r, rootURL+"/"+instances[0].Name+"/buckets/"+configuration.BucketName, http.StatusPermanentRedirect)
+		} else {
+			http.Redirect(w, r, rootURL+"/"+instances[0].Name+"/buckets", http.StatusPermanentRedirect)
 		}
 	})).Methods(http.MethodGet)