The GitHub Actions job "Required Checks" on texera.git/main has succeeded. Run started by GitHub user bobbai00 (triggered by bobbai00).
Head commit for run: b9c899f32f65eef94a2c39d5c5cfc1c5df09825f / Jiadong Bai <[email protected]> feat(docker): run service containers as non-root user (#4941) ### What changes were proposed in this PR? Add a system user (UID/GID `1001`, name `texera`) and a `USER 1001:1001` directive at the end of every service runtime stage in `bin/*.dockerfile`. Aligns with Docker Hub's recommendation *"Ensures the image specifies a non-root username (or UID) for the final stage."* - **7 Debian-derived runtimes** (`eclipse-temurin:*-jammy`): `groupadd`/`useradd --system`, `chown -R texera:texera /texera`, `USER 1001:1001`. - **`texera-web-application`** also chowns `/frontend` (frontend dist). - **`agent-service`** uses Alpine syntax (`addgroup -S` / `adduser -S`), chowns `/app`. ### Any related issues, documentation, discussions? Closes #4940. ### How was this PR tested? Tested locally by building the images ### Was this PR authored or co-authored using generative AI tooling? Generated-by: Claude Code (Opus 4.7) Report URL: https://github.com/apache/texera/actions/runs/25405217800 With regards, GitHub Actions via GitBox
