switch kratos runtime container to ubuntu

Security-Onion-Solutions · Mar 4, 2024 · d9e878b · d9e878b
1 parent dacffa8
commit d9e878b
Showing 1 changed file with 4 additions and 7 deletions.
diff --git a/Dockerfile.kratos b/Dockerfile.kratos
@@ -32,19 +32,16 @@ RUN go mod download
 RUN go build -tags sqlite -ldflags="-X 'github.com/ory/kratos/driver/config.Version=${VERSION}' -X 'github.com/ory/kratos/driver/config.Date=$(date -I)' -X 'github.com/ory/kratos/driver/config.Commit=$(git rev-parse --short HEAD)'"
 
 
-FROM ghcr.io/security-onion-solutions/alpine:latest
+FROM ghcr.io/security-onion-solutions/ubuntu:23.04
 
 ENV DSN=sqlite:///kratos-data/db.sqlite?_fk=true
 
 ARG UID=928
 ARG GID=928
 ARG OWNER=ory
 
-RUN addgroup --gid "$GID" -S kratos; \
-    adduser -u "$UID" -S kratos -G kratos -D -H -s /bin/nologin
-RUN apk add -U --no-cache ca-certificates
-
-RUN [ ! -e /etc/nsswitch.conf ] && echo 'hosts: files dns' > /etc/nsswitch.conf
+RUN groupadd --system ory; \
+    useradd --system ory --no-create-home -g ory
 
 RUN echo "#!/bin/sh" > /start-kratos.sh
 RUN echo "kratos -c /kratos-conf/kratos.yaml migrate sql -e --yes >> /kratos-log/kratos-migrate.log 2>&1" >> /start-kratos.sh
@@ -55,7 +52,7 @@ RUN chmod a+x /start-kratos.sh
 
 COPY --from=builder /go/src/github.com/$OWNER/kratos/kratos /usr/bin/kratos
 COPY --from=builder /go/src/github.com/$OWNER/kratos/.schema /.schema
-USER kratos
+USER ory
 
 
 EXPOSE 4433