Summary

Currently the running user in the dockerfile is root - which is bad from security perspective.

Ideally we have to create a user and after downloading and building all the global dependencies switch to a less privileged user (without root capabilities).

Acceptance Criteria

• An a2a group is created
• An agent user is created
• The agent user is a part of the a2a group
• Container image switches to this user at the end of the build