Adjusted user creation in UBI 8 image

Added chown and chmod flags to COPY commands
Added update step to UBI 8
Updated UBI 8 to point at Docker Hub container

docker/Dockerfile

@@ -6,6 +6,8 @@ COPY . .
 
 RUN ./gradlew copyDockerBuildCtx
 
+#############################################################
+
 # The datastax base image is not multiarch presently, so we use the openjdk
 # image as our base for arm builds instead.
 FROM eclipse-temurin:8-jdk as cass-config-builder
@@ -30,6 +32,8 @@ ENTRYPOINT ["/usr/local/bin/entrypoint"]
 
 USER ${USER_UID}
 
+#############################################################
+
 FROM registry.access.redhat.com/ubi7/ubi-minimal:7.9 AS builder-ubi
 
 # Update the builder packages and create user
@@ -61,14 +65,14 @@ COPY --from=builder-ubi /etc/group /etc/group
 COPY --from=builder-ubi /etc/gshadow /etc/gshadow
 
 # Install the uber jar
-COPY --from=builder build/docker/*.jar /usr/local/bin/
+COPY --from=builder --chown=cassandra:root --chmod=444 build/docker/*.jar /usr/local/bin/
 
 # Install definition files
-COPY --from=builder build/docker/definitions /definitions
+COPY --from=builder --chown=cassandra:root --chmod=444 build/docker/definitions /definitions
 
-COPY --from=builder build/docker/bin/* /usr/local/bin/
+COPY --from=builder --chown=cassandra:root --chmod=555 build/docker/bin/* /usr/local/bin/
 
-COPY --from=builder build/docker/LICENSE /licenses/
+COPY --from=builder --chown=cassandra:root --chmod=444 build/docker/LICENSE /licenses/
 
 # Fix permissions
 RUN chown cassandra:root -Rv /usr/local/bin/* && \
@@ -80,32 +84,40 @@ ENV PATH=$PATH:/usr/local/bin
 
 ENTRYPOINT ["/usr/local/bin/entrypoint"]
 
+#############################################################
+
 # Build the UBI8 image
-FROM registry.access.redhat.com/ubi8/openjdk-8:1.18 as cass-config-builder-ubi-8
+FROM redhat/ubi8-minimal:8.9 as cass-config-builder-ubi-8
 LABEL maintainer="DataStax, Inc <[email protected]>"
 LABEL name="cass-config-builder"
 LABEL vendor="DataStax, Inc"
 LABEL release="1.0.0"
 LABEL summary="Configuration templating engine for Apache Cassandra®."
 LABEL description="Configuration templating engine for Apache Cassandra®. Powers the configuration of containers deployed via the DataStax Kubernetes Operator for Apache Cassandra."
 
-# Create user
-USER root
-RUN microdnf install shadow-utils && useradd -r -s /bin/false -U -G root cassandra
+# Update base packages
+RUN microdnf update && \
+    rm -rf /var/cache/yum && \
+    microdnf install java-1.8.0-openjdk-headless && \
+    microdnf clean all
+
+# Copy user accounts information
+COPY --from=builder-ubi /etc/passwd /etc/passwd
+COPY --from=builder-ubi /etc/shadow /etc/shadow
+COPY --from=builder-ubi /etc/group /etc/group
+COPY --from=builder-ubi /etc/gshadow /etc/gshadow
 
 # Install the uber jar
-COPY --from=builder build/docker/*.jar /usr/local/bin/
+COPY --from=builder --chown=cassandra:root --chmod=444 build/docker/*.jar /usr/local/bin/
 
 # Install definition files
-COPY --from=builder build/docker/definitions /definitions
-
-COPY --from=builder build/docker/bin/* /usr/local/bin/
+COPY --from=builder --chown=cassandra:root --chmod=444 build/docker/definitions /definitions
 
-COPY --from=builder build/docker/LICENSE /licenses/
+# Install scripts
+COPY --from=builder --chown=cassandra:root --chmod=555 build/docker/bin/* /usr/local/bin/
 
-# Fix permissions
-RUN chown cassandra:root -Rv /usr/local/bin/* && \
-    chmod -Rv g+x /usr/local/bin
+# Install licenses
+COPY --from=builder --chown=cassandra:root --chmod=444 build/docker/LICENSE /licenses/
 
 USER cassandra:root