run vault-manager as non-root

Docker image security scan complains about running as root.  Add a
'manager' user/group for vault-manager.

Test Plan:
PASS  vault application sanity
PASS  Twistlock scan

Story: 2011073
Task: 50522

Change-Id: I87a00a8bc41a39a00e871dbe84aa32f76e8ec768
Signed-off-by: Michel Thebeau <Michel.Thebeau@windriver.com>

stx-vault-manager/debian/docker/Dockerfile

@@ -1,5 +1,7 @@
 FROM debian:stable-slim
 
+USER root
+
 # Support versions of kubernetes back two releases of starlingx
 # Versions older than 1.26 can be listed from:
 # https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.22.md
@@ -11,6 +13,7 @@ ENV KUBE_VERSIONS="v1.29.6 v1.28.11 v1.27.15 v1.26.15 v1.25.16 v1.24.17"
 ENV KUBECTL_DL_URL="https://storage.googleapis.com/kubernetes-release/release/${KUBE_LATEST_VERSION}/bin/linux/amd64/kubectl"
 ENV KUBECTL_INSTALL_PATH="/usr/local/bin"
 
+# install vault-manager's required packages
 RUN set -ex; \
     PKG_LIST="mawk bash coreutils curl grep sed jq uuid-runtime"; \
     apt-get update && apt-get install -y $PKG_LIST \
@@ -31,4 +34,11 @@ RUN set -ex; \
     ln -s ${KUBECTL_INSTALL_PATH}/kubectl.${KUBE_LATEST_VERSION%.*} \
         ${KUBECTL_INSTALL_PATH}/kubectl
 
+# create a non-root user/group for vault-manager
+RUN groupadd --gid 1000 manager \
+    && adduser --uid 1000 --gid 1000 manager \
+        --home /workdir --shell /bin/bash
+
+USER manager
+
 CMD ["bash"]