Hi, I was looking at the golang template and noticed the image being based on an Alpine image.
Wouldn't it make more sense to base ourselves on a scratch image with non-root user?
e.g. look at https://github.com/ironpeakservices/iron-scratch/blob/master/Dockerfile

I can imagine smaller images (and no shell!) greatly reduce the size again and the attack surface.
Additional templates that require some additional binaries can use a full linux distribution, but the default behavior should be as secure/optimized as possible.

If you want I can open a PR for this.