[CAI-758] docker as user

[batdevis]

List of Changes

Run dockerfile as normal user

Motivation and Context

Improve security, no need to be root.

How Has This Been Tested?

locally. Production environment Dockerfiles will be tested after deploy.

Screenshots (if appropriate):

Types of changes

• Chore (nothing changes by a user perspective)
• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)

Checklist:

• My change requires a change to the documentation.
• I have updated the documentation accordingly.

[changeset-bot]

🦋 Changeset detected

Latest commit: d866526

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 4 packages

Name	Type
chatbot-evaluate	Patch
chatbot-monitor	Patch
chatbot-index	Patch
chatbot	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[Copilot]

Pull request overview

Updates the chatbot-related Dockerfiles and local compose configs to run containers as a non-root user to reduce security risk.

Changes:

• Add non-root user setup (appuser / UID 1000) and switch USER in multiple Dockerfiles
• Update docker-compose AWS credentials mount path from /root/.aws to /home/appuser/.aws
• Add a changeset bumping patched packages

Reviewed changes

Copilot reviewed 13 out of 13 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
apps/chatbot/docker/sqs_to_lambda.Dockerfile	Create/switch to non-root user for SQS listener container
apps/chatbot/docker/compose.yaml	Mount AWS credentials under non-root user path
apps/chatbot/docker/compose.test.yaml	Mount AWS credentials under non-root user path in test compose
apps/chatbot/docker/app.test.Dockerfile	Create/switch to non-root user for test image
apps/chatbot/docker/app.local.Dockerfile	Create/switch to non-root user for local dev image
apps/chatbot/docker/app.Dockerfile	Switch Lambda image runtime to UID 1000
apps/chatbot-monitor/docker/lambda_monitor.test.Dockerfile	Switch Lambda test image runtime to UID 1000
apps/chatbot-monitor/docker/lambda_monitor.Dockerfile	Switch Lambda image runtime to UID 1000
apps/chatbot-index/docker/lambda_refresh_index.test.Dockerfile	Switch Lambda test image runtime to UID 1000
apps/chatbot-index/docker/lambda_refresh_index.Dockerfile	Switch Lambda image runtime to UID 1000
apps/chatbot-index/docker/create_index.Dockerfile	Define task root + create/switch to non-root user
apps/chatbot-evaluate/docker/lambda.Dockerfile	Switch Lambda image runtime to UID 1000
.changeset/solid-areas-marry.md	Patch releases for affected packages

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[github-actions]

Jira Pull Request Link

This Pull Request refers to the following Jira issue CAI-758