Fix containers running as root in Dockerfiles

[Copilot]

Containers were running as root due to missing USER instructions — a high-severity security issue flagged by Codacy (missing-user-entrypoint).

Changes

• SecurityService/Dockerfile — adds USER app before ENTRYPOINT
• SecurityServiceTestUI/Dockerfile — same fix applied proactively

COPY --from=publish /app .
USER app
ENTRYPOINT ["dotnet", "SecurityService.dll"]

app is the non-root user built into Microsoft's .NET base images (≥ .NET 8).

Original prompt

---

This section details on the original issue you should resolve

<issue_title>[Codacy] High issue(s) in SecurityService/Dockerfile</issue_title>
<issue_description>Codacy detected 1 occurrence(s) of rule Semgrep_dockerfile.security.missing-user-entrypoint.missing-user-entrypoint:

• High at SecurityService/Dockerfile:36 → By not specifying a USER, a program in the container may run as 'root'. This is a security hazard.

See full details in Codacy Report

Unique ID: codacy-issue-25bbb5b61fbc369b427e4148a8211785</issue_description>

Comments on the Issue (you are @copilot in this section)

• Fixes [Codacy] High issue(s) in SecurityService/Dockerfile #1040

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.