Create a user for the Docker container #10
Description
There's no reason to run scanner adapter service as root in the Docker container. We should update the Dockerfile respectively.
$ dockle docker.io/goharbor/harbor-scanner-clair:1.0.1-rc1
WARN - CIS-DI-0001: Create a user for the container
* Last user should not be root
INFO - CIS-DI-0005: Enable Content trust for Docker
* export DOCKER_CONTENT_TRUST=1 before docker pull/build
INFO - CIS-DI-0006: Add HEALTHCHECK instruction to the container image
* not found HEALTHCHECK statement
PASS - CIS-DI-0007: Do not use update instructions alone in the Dockerfile
PASS - CIS-DI-0008: Confirm safety of setuid/setgid files
PASS - CIS-DI-0009: Use COPY instead of ADD in Dockerfile
PASS - CIS-DI-0010: Do not store secrets in ENVIRONMENT variables
PASS - CIS-DI-0010: Do not store secret files
PASS - DKL-DI-0001: Avoid sudo command
PASS - DKL-DI-0002: Avoid sensitive directory mounting
PASS - DKL-DI-0003: Avoid apt-get/apk/dist-upgrade
PASS - DKL-DI-0004: Use apk add with --no-cache
PASS - DKL-DI-0005: Clear apt-get caches
PASS - DKL-DI-0006: Avoid latest tag
SKIP - DKL-LI-0001: Avoid empty password
SKIP - DKL-LI-0002: Be unique UID
SKIP - DKL-LI-0002: Be unique GROUP
PASS - DKL-LI-0003: Only put necessary files