diff --git a/.drone.yml b/.drone.yml
index 2f3017d..f7ca354 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -1,35 +1,84 @@
 kind: pipeline
-type: docker
-name: default
+type: kubernetes
+name: build
 
-platform:
-  os: linux
-  arch: amd64
+trigger:
+  branch:
+    - main
+
+clone:
+  # disable: true
+  depth: 1
+
+image_pull_secrets:
+- dockerconfig
+
+volumes:
+- name: cache
+  host:
+    path: /mnt/kub.drone
+- name: gocache
+  host:
+    path: /mnt/kub.drone/${DRONE_REPO}/gocache
+- name: golangcilintcache
+  host:
+    path: /mnt/kub.drone/${DRONE_REPO}/golangcilintcache
 
 steps:
+
+  - name: prepare cache
+    image: harbor.1sept.ru/docker/library/busybox
+    commands:
+      - mkdir -p /cache/${DRONE_REPO}/gocache
+      - mkdir -p /cache/${DRONE_REPO}/golangcilintcache
+    volumes:
+      - name: cache
+        path: /cache
+
   - name: test
-    image: golang:1.13
+    image: golangci/golangci-lint:v1.48.0
+    environment:
+      GOCACHE: /drone/src/gocache
+      GOLANGCI_LINT_CACHE: /drone/src/golangcilintcache
     commands:
-      - go test ./cmd/... ./internal/...
-      - go vet ./cmd/... ./internal/...
-  - name: lint
-    image: cytopia/golint
-    commands:
-      - golint -set_exit_status ./cmd/... ./internal/...
-  - name: build
-    image: golang:1.13
-    commands:
-      - GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o build/drone-helm cmd/drone-helm/main.go
+      - go mod download
+      - make test
+    volumes:
+      - name: gocache
+        path: /drone/src/gocache
+      - name: golangcilintcache
+        path: /drone/src/golangcilintcache
+    resources:
+      limits:
+        memory: 3GiB
+  
+  # - name: build
+  #   image: golang:1.19
+  #   environment:
+  #     GOCACHE: /drone/src/gocache
+  #     GOLANGCI_LINT_CACHE: /drone/src/golangcilintcache
+  #   commands:
+  #     - GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o build/drone-helm cmd/drone-helm/main.go
+  #   volumes:
+  #     - name: gocache
+  #       path: /drone/src/gocache
+  #     - name: golangcilintcache
+  #       path: /drone/src/golangcilintcache
+
   - name: publish_linux_amd64
-    image: plugins/docker
+    image: harbor.1sept.ru/drone/drone-kaniko
     settings:
-      auto_tag: true
-      username:
-        from_secret: docker_username
-      password:
-        from_secret: docker_password
-      repo:
-        from_secret: plugin_repo
-      dockerfile: Dockerfile
-    when:
-      event: [ tag, push ]
+      registry: harbor.1sept.ru
+      repo: harbor.1sept.ru/drone/drone-helm3
+      cache: true
+      tags:
+        - git-${DRONE_COMMIT_SHA:0:7}
+        - latest
+      username: 
+        from_secret: harbor-username
+      password: 
+        from_secret: harbor-password
+
+---
+kind: signature
+hmac: 94caa65765078801fd56960cdccacf3a1017ebfb41484099f3e3237ee9f868ef
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
index 8b08db3..e0ed496 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,10 +1,19 @@
-FROM alpine/helm:3.8.1
-MAINTAINER Joachim Hill-Grannec <joachim@pelo.tech>
+FROM golang:1.22-alpine3.19 as builder
 
-COPY build/drone-helm /bin/drone-helm
-COPY assets/kubeconfig.tpl /root/.kube/config.tpl
+ENV GO111MODULE=on
+WORKDIR /app
 
-LABEL description="Helm 3 plugin for Drone 3"
-LABEL base="alpine/helm"
+COPY --link go.mod .
+COPY --link go.sum .
+RUN go mod download
+COPY --link . .
 
-ENTRYPOINT [ "/bin/drone-helm" ]
+RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o /go/bin/drone-helm ./cmd/drone-helm
+
+# --- Copy the cli to an image with helm already installed ---
+FROM alpine/helm:3.14.0
+
+COPY --link --from=builder /go/bin/drone-helm /bin/drone-helm
+COPY --link ./assets/kubeconfig.tpl /root/.kube/config.tpl
+
+ENTRYPOINT [ "/bin/drone-helm" ]
\ No newline at end of file
diff --git a/internal/run/initkube.go b/internal/run/initkube.go
index bf4de3f..193deed 100644
--- a/internal/run/initkube.go
+++ b/internal/run/initkube.go
@@ -3,10 +3,11 @@ package run
 import (
 	"errors"
 	"fmt"
-	"github.com/pelotech/drone-helm3/internal/env"
 	"io"
 	"os"
 	"text/template"
+
+	"github.com/pelotech/drone-helm3/internal/env"
 )
 
 // InitKube is a step in a helm Plan that initializes the kubernetes config file.
@@ -87,7 +88,7 @@ func (i *InitKube) Prepare() error {
 		fmt.Fprintf(i.stderr, "kubeconfig file at %s\n", i.configFilename)
 	}
 
-	i.configFile, err = os.Create(i.configFilename)
+	i.configFile, err = os.OpenFile(i.configFilename, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600)
 	if err != nil {
 		return fmt.Errorf("could not open kubeconfig file for writing: %w", err)
 	}