diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index a8e098c..caf3c46 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -7,7 +7,6 @@ on:
       - develop
       - main
   pull_request:
-
 permissions:
   contents: read
   pull-requests: read
@@ -17,42 +16,30 @@ jobs:
   build-and-test:
     name: Build and test
     runs-on: ubuntu-latest
+
     steps:
       - uses: actions/checkout@v3
         with:
           fetch-depth: 1
           path: ${{ env.__W_SRC_REL }}
-      - uses: actions/setup-go@v3
-        with:
-          go-version: "=1.21.0"
-          cache: false
-      - name: Build binary
-        run: |
-          cd $__W_SRC_REL
-          go mod tidy
-          make build
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+
+      - uses: docker/setup-qemu-action@v2
+      - uses: docker/setup-docker-action@v4
+      - uses: docker/setup-buildx-action@v2
+
       - name: Login to Docker Registry
         uses: docker/login-action@v2
         with:
           username: ${{ secrets.DOCKERREGISTRY_USERNAME }}
           password: ${{ secrets.DOCKERREGISTRY_PASSWORD }}
-      - name: Build Docker image
-        uses: docker/build-push-action@v3
-        with:
-          context: ${{ env.__W_SRC_REL }}
-          file: ${{ env.__W_SRC_REL }}/Dockerfile
-          platforms: linux/amd64,linux/arm64,linux/arm/v7
-          push: false
-      - name: Push Docker image
+      - name: Build and push
         uses: docker/build-push-action@v3
         with:
-          context: ${{ env.__W_SRC_REL }}
-          file: ${{ env.__W_SRC_REL }}/Dockerfile
-          platforms: linux/amd64,linux/arm64,linux/arm/v7
+          file: Dockerfile
+          platforms: linux/amd64,linux/arm64
           push: true
+          secrets: |
+            PRIVATE_REPO_ACCESS_KEY=${{ secrets.PRIVATE_REPO_ACCESS_KEY }}
+            GOPRIVATE=github.com/RocketChat
           tags: |
             rocketchat/airlock:${{github.sha}}
diff --git a/Dockerfile b/Dockerfile
index 9084bb2..1e0ac95 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,10 +1,28 @@
+FROM golang:1.21-alpine AS builder
+
+WORKDIR /app
+RUN apk add git
+ENV PRIVATE_REPO_ACCESS_KEY=
+ENV GOPRIVATE=
+RUN \
+    git config \
+    --global \
+    url."https://rocketchat-cloudbot:$PRIVATE_REPO_ACCESS_KEY@github.com".insteadOf "https://github.com"
+
+COPY go.mod go.sum ./
+RUN go mod tidy
+COPY . .
+
+RUN \
+    CGO_ENABLED=0 \
+    go build -o /app/manager main.go
 # Use distroless as minimal base image to package the manager binary
 # Refer to https://github.com/GoogleContainerTools/distroless for more details
 FROM gcr.io/distroless/static:nonroot
 WORKDIR /
 
 # Copy the binary the GH Action built on an earlier step
-COPY bin/manager .
+COPY --from=builder /app/manager .
 
 USER 65532:65532