Use non-root user by default in Secret Detection analyzer

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Problem to solve

In Support non-root user in secrets analyzer (#498924 - closed) • Craig Smith • 17.6 the Secret Detection Analyzer was updated to support running as a non-root user however, running as the root user is still the default behavior.

To improve our security posture further, the Secrets Detection Analyzer should be updated to run as a non-root user by default.

Implementation Plan

1. Communicate (deprecation announcement?) that we will run analyzers with a non-root user by default in 18.0, since it will be a breaking change.
2. Write MR to use gitlab user in Dockerfile and Dockerfile.fips (must happen in %18.0)
3. Update documentation stating non-root user is used by default