feat: Allow running container as non-root UID/GID for ownership issues (docker) (#433)

Co-authored-by: George L. Yermulnik <yz@yz.kiev.ua>
Co-authored-by: MaxymVlasov <MaxymVlasov@users.noreply.github.com>
Co-authored-by: Anton Babenko <anton@antonbabenko.com>

.github/.container-structure-test-config.yaml

@@ -60,6 +60,19 @@ commandTests:
     args: [ "version" ]
     expectedOutput: [ "([0-9]+\\.){2}[0-9]+\\n$" ]
 
+  - name: "entrypoint.sh"
+    envVars:
+      - key: "USERID"
+        value: "1000:1000"
+    command: "/entrypoint.sh"
+    args: [ "-V" ]
+    expectedError: ["^ERROR:  uid:gid 1000:1000 lacks permissions to //\\n$"]
+    exitCode: 1
+
+  - name: "su-exec"
+    command: "su-exec"
+    expectedOutput: ["^Usage: su-exec user-spec command \\[args\\]\\n$"]
+
 fileExistenceTests:
   - name: 'terrascan init'
     path: '/root/.terrascan/pkg/policies/opa/rego/github/github_repository/privateRepoEnabled.rego'

.github/workflows/build-image-test.yaml

@@ -19,6 +19,8 @@ jobs:
         with:
           files: |
             Dockerfile
+            .dockerignore
+            tools/entrypoint.sh
 
       - name: Build if Dockerfile changed
         if: steps.changed-files-specific.outputs.any_changed == 'true'