BRE-917 Update to Alpine base (#5976)

* testing-wolfi

* testing alpine

* fix gosu download

* fix Admin dockerfile

* update dockerfiles

* alpine-compatible-entrypoint-script-for-api-test

* make-entrypoint-scripts-alpine-compatible

* testing nginx with alpine

* cleaning up comments from dockerfile from testing

* restore accidentally deleted icon

* remove unused file

* pin alpine, update apk add no cache

* remove comments from testing

* test shadow implementtaion for entrypoints

* add shadow package, revert entrypoints, change from bash to shell for entry

* add icu to setup container, update helpers to use shell

* update migrator utility

* add missing krb5 libraries

util/Nginx/Dockerfile

@@ -1,15 +1,13 @@
-FROM --platform=$BUILDPLATFORM nginx:stable
+FROM --platform=$BUILDPLATFORM nginx:stable-alpine3.21
 
 ARG TARGETPLATFORM
 LABEL com.bitwarden.product="bitwarden"
 
 ENV SSL_CERT_DIR=/etc/bitwarden/ca-certificates
 
-RUN apt-get update \
-    && apt-get install -y --no-install-recommends \
-    gosu \
-    curl \
-    && rm -rf /var/lib/apt/lists/*
+RUN apk add --no-cache curl \
+    shadow \
+    && apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community gosu 
 
 COPY util/Nginx/nginx.conf /etc/nginx
 COPY util/Nginx/proxy.conf /etc/nginx

util/Nginx/Dockerfile-k8s

@@ -1,40 +0,0 @@
-FROM nginx:stable
-
-LABEL com.bitwarden.product="bitwarden"
-
-ENV USERNAME="bitwarden"
-ENV GROUPNAME="bitwarden"
-
-RUN apt-get update && \
-    apt-get install -y --no-install-recommends \
-        gosu \
-        curl && \
-    rm -rf /var/lib/apt/lists/*
-
-COPY nginx.conf /etc/nginx/nginx.conf
-COPY proxy.conf /etc/nginx/proxy.conf
-COPY mime.types /etc/nginx/mime.types
-COPY security-headers.conf /etc/nginx/security-headers.conf
-COPY security-headers-ssl.conf /etc/nginx/security-headers.conf
-
-COPY setup-bwuser.sh /
-
-EXPOSE 8000
-
-EXPOSE 8080
-EXPOSE 8443
-
-RUN chmod +x /setup-bwuser.sh
-
-RUN ./setup-bwuser.sh $USERNAME $GROUPNAME
-
-RUN mkdir -p /var/run/nginx && \
-    touch /var/run/nginx/nginx.pid
-RUN chown -R $USERNAME:$GROUPNAME /var/run/nginx && \
-    chown -R $USERNAME:$GROUPNAME /var/cache/nginx && \
-    chown -R $USERNAME:$GROUPNAME /var/log/nginx
-    
-
-HEALTHCHECK CMD curl --insecure -Lfs https://localhost:8443/alive || curl -Lfs http://localhost:8080/alive || exit 1
-
-USER bitwarden

util/Nginx/entrypoint.sh

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
 
 # Setup
 

util/Nginx/setup-bwuser.sh

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
 
 # Setup
 
@@ -32,8 +32,7 @@ fi
 
 # Create user and group
 
-groupadd -o -g $LGID $GROUPNAME >/dev/null 2>&1 ||
-groupmod -o -g $LGID $GROUPNAME >/dev/null 2>&1
-useradd -o -u $LUID -g $GROUPNAME -s /bin/false $USERNAME >/dev/null 2>&1 ||
-usermod -o -u $LUID -g $GROUPNAME -s /bin/false $USERNAME >/dev/null 2>&1
-mkhomedir_helper $USERNAME
+addgroup -g "$LGID" -S "$GROUPNAME" 2>/dev/null || true
+adduser -u "$LUID" -G "$GROUPNAME" -S -D -H "$USERNAME" 2>/dev/null || true
+mkdir -p /home/$USERNAME
+chown $USERNAME:$GROUPNAME /home/$USERNAME