From 85afca022e8a65dd6dd78a42be854fa6b1cbd1a3 Mon Sep 17 00:00:00 2001
From: orbisai0security <mediratta01.pally@gmail.com>
Date: Tue, 11 Nov 2025 06:01:59 +0000
Subject: [PATCH] fix:
 semgrep_dockerfile.security.missing-user.missing-user_cicd/Dockerfile_36

---
 cicd/Dockerfile | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/cicd/Dockerfile b/cicd/Dockerfile
index 4edeed1c..69992b65 100644
--- a/cicd/Dockerfile
+++ b/cicd/Dockerfile
@@ -9,6 +9,10 @@ RUN --mount=target=/var/lib/apt/lists,type=cache,id=apt-lists-${TARGETPLATFORM},
 
 # Copy project definitions
 WORKDIR /app
+# Create a non-root user and switch to it for security
+RUN useradd -m -s /bin/bash appuser && \
+    chown -R appuser:appuser /app
+USER appuser
 COPY pyproject.toml uv.lock ./
 
 # Install Python dependencies