diff --git a/build/Dockerfile b/build/Dockerfile
index 14d8ba16..1f8e78e4 100644
--- a/build/Dockerfile
+++ b/build/Dockerfile
@@ -1,8 +1,25 @@
-FROM debian:stretch-slim
+FROM golang:1.13-alpine as builder
+
+ENV USER=event_exporter
+ENV UID=10001
+RUN adduser \
+		--disabled-password \
+		--gecos "" \
+		--home "/nonexistent" \
+		--shell "/sbin/nologin" \
+		--no-create-home \
+		--uid "${UID}" \
+		"${USER}" && \
+	apk update && apk add --no-cache git ca-certificates gcc
+
+FROM scratch
 
 COPY bin/event_exporter /
+COPY --from=builder /etc/passwd /etc/passwd
+COPY --from=builder /etc/group /etc/group
+COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
 
-USER nobody
+USER event-exporter
 
 ENTRYPOINT ["/event_exporter"]
 
diff --git a/deploy/deploy.yml b/deploy/deploy.yml
index 67cd272c..b82792dd 100644
--- a/deploy/deploy.yml
+++ b/deploy/deploy.yml
@@ -45,6 +45,9 @@ spec:
       labels:
         app: event-exporter
     spec:
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 10001
       containers:
         - name: event-exporter
           image: 'caicloud/event-exporter:v1.0.0'