Migrate to alpine linux

Makefile

@@ -77,7 +77,7 @@ export E2E_CHECK_LEAKS
 export SLOW_E2E_THRESHOLD
 
 # Set default base image dynamically for each arch
-BASEIMAGE?=quay.io/kubernetes-ingress-controller/nginx-$(ARCH):23612cfde79b6ae7af4d30c3a7aaac0dcb5e6a27
+BASEIMAGE?=quay.io/kubernetes-ingress-controller/nginx-$(ARCH):4cad1304ef05799cd5b7eae5d2f49e36d12c5b21
 
 ifeq ($(ARCH),arm)
 	QEMUARCH=arm

deploy/cloud-generic/deployment.yaml

@@ -30,8 +30,8 @@ spec:
                 - ALL
               add:
                 - NET_BIND_SERVICE
-            # www-data -> 33
-            runAsUser: 33
+            # www-data -> 101
+            runAsUser: 101
           env:
             - name: POD_NAME
               valueFrom:

deploy/static/mandatory.yaml

@@ -232,8 +232,8 @@ spec:
                 - ALL
               add:
                 - NET_BIND_SERVICE
-            # www-data -> 33
-            runAsUser: 33
+            # www-data -> 101
+            runAsUser: 101
           env:
             - name: POD_NAME
               valueFrom:

deploy/static/with-rbac.yaml

@@ -43,8 +43,8 @@ spec:
                 - ALL
               add:
                 - NET_BIND_SERVICE
-            # www-data -> 33
-            runAsUser: 33
+            # www-data -> 101
+            runAsUser: 101
           env:
             - name: POD_NAME
               valueFrom:

docs/examples/psp/psp.yaml

@@ -35,7 +35,7 @@ spec:
   runAsUser:
     rule: 'MustRunAsNonRoot'
     ranges:
-    - min: 33
+    - min: 101
       max: 65535
   seLinux:
     rule: 'RunAsAny'

rootfs/Dockerfile

@@ -25,21 +25,21 @@ CROSS_BUILD_COPY qemu-QEMUARCH-static /usr/bin/
 
 WORKDIR  /etc/nginx
 
-RUN clean-install \
+RUN apk add -U --no-cache \
   diffutils \
-  libcap2-bin
+  libcap
 
 COPY --chown=www-data:www-data . /
 
 # Fix permission during the build to avoid issues at runtime
 # with volumes (custom templates)
-RUN bash -eu -c ' \
+RUN bash -xeu -c ' \
   writeDirs=( \
+    /etc/ingress-controller \
     /etc/ingress-controller/ssl \
     /etc/ingress-controller/auth \
     /var/log \
     /var/log/nginx \
-    /tmp \
   ); \
   for dir in "${writeDirs[@]}"; do \
     mkdir -p ${dir}; \