TRG 4.03 image has `USER` command and Non Root Container

[FaGru3n]

regarding to https://eclipse-tractusx.github.io/docs/release/trg-4/trg-4-03

was found during an demo deployment and our kyverno policy no root

policy require-non-root-groups/check-runasgroup fail: validation error: Running with root group IDs is disallowed. The fields spec.securityContext.runAsGroup, spec.containers[].securityContext.runAsGroup, spec.initContainers[].securityContext.runAsGroup, and spec.ephemeralContainers[*].securityContext.runAsGroup must be set to a value greater than zero. rule check-runasgroup[0] failed at path /spec/securityContext/runAsGroup/ rule check-runasgroup[1] failed at path /spec/containers/0/securityContext/runAsGroup/

https://github.com/eclipse-tractusx/sldt-bpn-discovery/blob/b6d4765beaf5f020d394e2431f80ec0c3e44899e/backend/Dockerfile#L32-L35

As far as i know if you don´t point out a dedicated user or group id then this id could also include root group and userid´s

in your current deployment shoud be user 100 https://github.com/eclipse-tractusx/sldt-bpn-discovery/blob/f46c54f9606bfc86cf6cacbf0a57ac55c6d5952c/charts/bpndiscovery/templates/deployment.yaml#L50

some example i found for the same spring content

https://github.com/eclipse-tractusx/sldt-semantic-hub/blob/6fee9339d0edcad1e2bcd8adb901349b9d99270a/backend/Dockerfile#L29-L32

[tunacicek]

Hi @FaGru3n , thanks for your feedback. I created a PR: https://github.com/eclipse-tractusx/sldt-bpn-discovery/pull/117