From 4918b5a0853675da1470e701c675bed25e08e8b9 Mon Sep 17 00:00:00 2001
From: Vladyslav Simonenko <vlad.simonenko@temporal.io>
Date: Thu, 24 Jul 2025 23:13:23 -0700
Subject: [PATCH] Fix TLS setup

---
 docker-compose-tls.yml         | 4 ++--
 tls/Dockerfile.admin-tools-tls | 3 +++
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/docker-compose-tls.yml b/docker-compose-tls.yml
index 11258af7..5fe7cb65 100644
--- a/docker-compose-tls.yml
+++ b/docker-compose-tls.yml
@@ -96,8 +96,8 @@ services:
       context: .
       dockerfile: tls/Dockerfile.admin-tools-tls
       args:
-        - BASEIMAGE=admin-tools:${TEMPORAL_VERSION}
-    image: temporalio/admin-tools-tls:${TEMPORAL_VERSION}
+        - BASEIMAGE=admin-tools:${TEMPORAL_ADMINTOOLS_VERSION}
+    image: temporalio/admin-tools-tls:${TEMPORAL_ADMINTOOLS_VERSION}
     networks:
       - temporal-network
     stdin_open: true
diff --git a/tls/Dockerfile.admin-tools-tls b/tls/Dockerfile.admin-tools-tls
index b48b4f9f..f3d8b45c 100644
--- a/tls/Dockerfile.admin-tools-tls
+++ b/tls/Dockerfile.admin-tools-tls
@@ -1,6 +1,9 @@
 ARG BASEIMAGE
 FROM temporalio/${BASEIMAGE}
 
+USER root
 COPY ./.pki/ca.pem /usr/local/share/ca-certificates/ca.crt
 
 RUN update-ca-certificates
+
+USER temporal