feat(infrastructure): rootless container

7project/backend/Dockerfile

@@ -1,8 +1,12 @@
 FROM python:3.11-slim
 
 WORKDIR /app
-RUN useradd -m appuser
+# Create a non-root user with a fixed numeric UID/GID so Kubernetes can verify runAsNonRoot
-USER appuser
+RUN groupadd -g 1000 appgroup \
+    && useradd -u 1000 -g 1000 -m appuser \
+    && chown -R 1000:1000 /app
+# Use numeric UID to avoid "non-numeric user" errors in Kubernetes
+USER 1000
 
 COPY requirements.txt .
 RUN pip install --no-cache-dir -r requirements.txt