Apply best practices to Docker

[vmercierfr]

Is your feature request related to a problem? Please describe.

The checkov audit tool reported that Docker images needed to be corrected for security purposes.

Describe the solution you'd like

Fix following checkov alert:

Check: CKV_DOCKER_3: "Ensure that a user for the container has been created"
	FAILED for resource: /run/scan/src/configs/debian/tests/Dockerfile.
	File: /run/scan/src/configs/debian/tests/Dockerfile:1-9
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-that-a-user-for-the-container-has-been-created

		1 | FROM debian:bookworm
		2 | 
		3 | RUN apt-get update \
		4 |     && apt-get install -y bats bats-assert bats-file \
		5 |     && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
		6 | 
		7 | COPY . /tmp/
		8 | 
		9 | CMD [ "/tmp/test.bats" ]

Check: CKV_DOCKER_2: "Ensure that HEALTHCHECK instructions have been added to container images"
	FAILED for resource: /run/scan/src/configs/debian/tests/Dockerfile.
	File: /run/scan/src/configs/debian/tests/Dockerfile:1-9
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-that-healthcheck-instructions-have-been-added-to-container-images

		1 | FROM debian:bookworm
		2 | 
		3 | RUN apt-get update \
		4 |     && apt-get install -y bats bats-assert bats-file \
		5 |     && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
		6 | 
		7 | COPY . /tmp/
		8 | 
		9 | CMD [ "/tmp/test.bats" ]

Check: CKV_DOCKER_2: "Ensure that HEALTHCHECK instructions have been added to container images"
	FAILED for resource: /run/scan/src/configs/goreleaser/Dockerfile.
	File: /run/scan/src/configs/goreleaser/Dockerfile:1-17
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-that-healthcheck-instructions-have-been-added-to-container-images

		1  | FROM alpine:3
		2  | 
		3  | ARG USER=exporter
		4  | ARG HOME=/app
		5  | 
		6  | RUN addgroup -g 1001 -S exporter \
		7  |     && adduser --home /app -u 1001 -S exporter -G exporter \
		8  |     && mkdir -p /app \
		9  |     && chown exporter:exporter -R /app
		10 | 
		11 | WORKDIR $HOME
		12 | USER $USER
		13 | 
		14 | EXPOSE 9043
		15 | 
		16 | COPY prometheus-rds-exporter /app/
		17 | ENTRYPOINT ["/app/prometheus-rds-exporter"]

Check: CKV_DOCKER_2: "Ensure that HEALTHCHECK instructions have been added to container images"
	FAILED for resource: /run/scan/src/scripts/prometheus/Dockerfile.
	File: /run/scan/src/scripts/prometheus/Dockerfile:1-33
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-that-healthcheck-instructions-have-been-added-to-container-images

		1  | FROM golang:1.21 AS builder
		2  | 
		3  | WORKDIR /build
		4  | 
		5  | COPY go.mod go.sum ./
		6  | 
		7  | RUN go mod download
		8  | 
		9  | COPY . .
		10 | 
		11 | RUN make build
		12 | 
		13 | 
		14 | FROM alpine:3.19
		15 | 
		16 | RUN apk add aws-cli curl
		17 | 
		18 | ARG USER=exporter
		19 | ARG HOME=/app
		20 | 
		21 | RUN addgroup -g 1001 -S exporter \
		22 |     && adduser --home /app -u 1001 -S exporter -G exporter \
		23 |     && mkdir -p /app \
		24 |     && chown exporter:exporter -R /app
		25 | 
		26 | WORKDIR $HOME
		27 | USER $USER
		28 | 
		29 | COPY --from=builder /build/prometheus-rds-exporter $HOME/prometheus-rds-exporter
		30 | 
		31 | EXPOSE 9043
		32 | 
		33 | ENTRYPOINT [ "/app/prometheus-rds-exporter" ]

Describe alternatives you've considered

n/a

Additional context

n/a