From 08a3ef1502ec6af125f782f57c2fd11654574f08 Mon Sep 17 00:00:00 2001
From: Anish Ramasekar <anish.ramasekar@gmail.com>
Date: Tue, 2 May 2023 00:25:26 -0700
Subject: [PATCH] feat: use distroless-iptables for proxy-init (#816)

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
---
 docker/proxy-init.Dockerfile | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/docker/proxy-init.Dockerfile b/docker/proxy-init.Dockerfile
index 6d1421b47..d42988f38 100644
--- a/docker/proxy-init.Dockerfile
+++ b/docker/proxy-init.Dockerfile
@@ -1,10 +1,7 @@
-ARG BASEIMAGE=registry.k8s.io/build-image/debian-iptables:bullseye-v1.5.5
+ARG BASEIMAGE=registry.k8s.io/build-image/distroless-iptables:v0.2.3
 
 FROM --platform=${TARGETPLATFORM:-linux/amd64} ${BASEIMAGE}
 
-RUN apt update && \
-    apt upgrade -y && \
-    clean-install ca-certificates
 COPY ./init/init-iptables.sh /bin/
 RUN chmod +x /bin/init-iptables.sh
 # Kubernetes runAsNonRoot requires USER to be numeric