Use numeric owner and group to avoid data leaking

[trmdi]

By default the tar command embbed the username and group in the tar file, so it could be a privacy issue. For example, when the user runs the command osc service ra locally to generate a vendor.tar file to upload to OBS. So it would be better to use the numeric owner and group instead.

[Firstyear]

We don't use the tar command - we are using python tarfile.

I have updated master to have a filter to change the uid/gid to 0:0 root:root during compression.