From 025d4eacebae831206820e14347e327fc6f60e61 Mon Sep 17 00:00:00 2001
From: Manuel Alejandro de Brito Fontes <aledbf@gmail.com>
Date: Fri, 27 Dec 2019 20:08:30 -0300
Subject: [PATCH] Migrate to alpine linux

---
 Makefile                             | 2 +-
 deploy/cloud-generic/deployment.yaml | 4 ++--
 deploy/static/mandatory.yaml         | 4 ++--
 deploy/static/with-rbac.yaml         | 4 ++--
 docs/examples/psp/psp.yaml           | 2 +-
 rootfs/Dockerfile                    | 8 ++++----
 6 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/Makefile b/Makefile
index 334c5bdae..afa9726b9 100644
--- a/Makefile
+++ b/Makefile
@@ -77,7 +77,7 @@ export E2E_CHECK_LEAKS
 export SLOW_E2E_THRESHOLD
 
 # Set default base image dynamically for each arch
-BASEIMAGE?=quay.io/kubernetes-ingress-controller/nginx-$(ARCH):23612cfde79b6ae7af4d30c3a7aaac0dcb5e6a27
+BASEIMAGE?=quay.io/kubernetes-ingress-controller/nginx-$(ARCH):4cad1304ef05799cd5b7eae5d2f49e36d12c5b21
 
 ifeq ($(ARCH),arm)
 	QEMUARCH=arm
diff --git a/deploy/cloud-generic/deployment.yaml b/deploy/cloud-generic/deployment.yaml
index 1efb26907..d75943a9d 100644
--- a/deploy/cloud-generic/deployment.yaml
+++ b/deploy/cloud-generic/deployment.yaml
@@ -30,8 +30,8 @@ spec:
                 - ALL
               add:
                 - NET_BIND_SERVICE
-            # www-data -> 33
-            runAsUser: 33
+            # www-data -> 101
+            runAsUser: 101
           env:
             - name: POD_NAME
               valueFrom:
diff --git a/deploy/static/mandatory.yaml b/deploy/static/mandatory.yaml
index d0d245c87..e55e3276f 100644
--- a/deploy/static/mandatory.yaml
+++ b/deploy/static/mandatory.yaml
@@ -232,8 +232,8 @@ spec:
                 - ALL
               add:
                 - NET_BIND_SERVICE
-            # www-data -> 33
-            runAsUser: 33
+            # www-data -> 101
+            runAsUser: 101
           env:
             - name: POD_NAME
               valueFrom:
diff --git a/deploy/static/with-rbac.yaml b/deploy/static/with-rbac.yaml
index ac068b0c2..aacb085ad 100644
--- a/deploy/static/with-rbac.yaml
+++ b/deploy/static/with-rbac.yaml
@@ -43,8 +43,8 @@ spec:
                 - ALL
               add:
                 - NET_BIND_SERVICE
-            # www-data -> 33
-            runAsUser: 33
+            # www-data -> 101
+            runAsUser: 101
           env:
             - name: POD_NAME
               valueFrom:
diff --git a/docs/examples/psp/psp.yaml b/docs/examples/psp/psp.yaml
index 047e86601..f840103bd 100644
--- a/docs/examples/psp/psp.yaml
+++ b/docs/examples/psp/psp.yaml
@@ -35,7 +35,7 @@ spec:
   runAsUser:
     rule: 'MustRunAsNonRoot'
     ranges:
-    - min: 33
+    - min: 101
       max: 65535
   seLinux:
     rule: 'RunAsAny'
diff --git a/rootfs/Dockerfile b/rootfs/Dockerfile
index 27b8fa224..1ff30e443 100644
--- a/rootfs/Dockerfile
+++ b/rootfs/Dockerfile
@@ -25,21 +25,21 @@ CROSS_BUILD_COPY qemu-QEMUARCH-static /usr/bin/
 
 WORKDIR  /etc/nginx
 
-RUN clean-install \
+RUN apk add -U --no-cache \
   diffutils \
-  libcap2-bin
+  libcap
 
 COPY --chown=www-data:www-data . /
 
 # Fix permission during the build to avoid issues at runtime
 # with volumes (custom templates)
-RUN bash -eu -c ' \
+RUN bash -xeu -c ' \
   writeDirs=( \
+    /etc/ingress-controller \
     /etc/ingress-controller/ssl \
     /etc/ingress-controller/auth \
     /var/log \
     /var/log/nginx \
-    /tmp \
   ); \
   for dir in "${writeDirs[@]}"; do \
     mkdir -p ${dir}; \