From d70ba1f03c261d77dd8cd9e9e149eb6237a41450 Mon Sep 17 00:00:00 2001
From: Arnob Kumar Saha <arnob@appscode.com>
Date: Thu, 23 Nov 2023 21:05:24 +0600
Subject: [PATCH] Make changes to run init-container as non-root user (#27)

Signed-off-by: Arnob kumar saha <arnob@appscode.com>
---
 Dockerfile | 2 +-
 install.sh | 4 +---
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 7cac58c..5e3f697 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -12,7 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-FROM debian:stretch as builder
+FROM debian:bookworm as builder
 
 ENV DEBIAN_FRONTEND noninteractive
 ENV DEBCONF_NONINTERACTIVE_SEEN true
diff --git a/install.sh b/install.sh
index 36f60d5..f3c9d7c 100644
--- a/install.sh
+++ b/install.sh
@@ -49,7 +49,6 @@ if [[ "$SSL_MODE" != "disabled" ]] && [[ -f "$client_pem" ]]; then
     envsubst '${INJECT_USER}' <${INIT_DIR}/replicaset.sh >${DEST_DIR}/replicaset.sh
     envsubst '${INJECT_USER}' <${INIT_DIR}/sharding.sh >${DEST_DIR}/sharding.sh
     envsubst '${INJECT_USER}' <${INIT_DIR}/mongos.sh >${DEST_DIR}/mongos.sh
-    rm ${INIT_DIR}/replicaset.sh ${INIT_DIR}/mongos.sh ${INIT_DIR}/sharding.sh
     chmod -c 755 ${DEST_DIR}/replicaset.sh ${DEST_DIR}/sharding.sh ${DEST_DIR}/mongos.sh
 fi
 
@@ -69,6 +68,5 @@ fi
 
 if [ -f "/keydir-readonly/key.txt" ]; then
     cp /keydir-readonly/key.txt /data/configdb/key.txt
-    chmod 600 /data/configdb/key.txt
-    chown -R 1001:0 /data/configdb/key.txt
+    chmod 400 /data/configdb/key.txt
 fi