From 271d4d05182227e0e4c08ab23f7692f33707f6a3 Mon Sep 17 00:00:00 2001
From: Michal Jura <mjura@suse.com>
Date: Tue, 12 Mar 2024 17:39:24 +0100
Subject: [PATCH] security: bump operator base image to bci-micro:15.5

Issue: https://github.com/rancher/aks-operator/issues/427
---
 Dockerfile.dapper  |  2 +-
 package/Dockerfile | 13 +++++++++----
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/Dockerfile.dapper b/Dockerfile.dapper
index 47f69b5d..e1c94e71 100644
--- a/Dockerfile.dapper
+++ b/Dockerfile.dapper
@@ -1,4 +1,4 @@
-FROM registry.suse.com/bci/bci-base:15.4
+FROM registry.suse.com/bci/bci-base:15.6
 
 ARG DAPPER_HOST_ARCH
 ENV ARCH=${DAPPER_HOST_ARCH}
diff --git a/package/Dockerfile b/package/Dockerfile
index e4ac3563..8656690c 100644
--- a/package/Dockerfile
+++ b/package/Dockerfile
@@ -1,8 +1,13 @@
-FROM registry.suse.com/bci/bci-base:15.4
-RUN zypper update -y && \
-    zypper -n clean -a && \
-    rm -rf /tmp/* /var/tmp/* /usr/share/doc/packages/*
+FROM registry.suse.com/bci/bci-base:15.5 AS builder
+RUN sed -i 's/^CREATE_MAIL_SPOOL=yes/CREATE_MAIL_SPOOL=no/' /etc/default/useradd
 RUN useradd --uid 1007 aks-operator
+
+FROM registry.suse.com/bci/bci-micro:15.5
+COPY --from=builder /etc/passwd /etc/passwd
+COPY --from=builder /etc/shadow /etc/shadow
+
+RUN rm -rf /tmp/* /var/tmp/* /usr/share/doc/packages/*
+
 ENV KUBECONFIG /home/aks-operator/.kube/config
 ENV SSL_CERT_DIR /etc/rancher/ssl