Update Dockerfile-rules to use user ID (vs. name) for consistency with Dockerfile and to work beter with Kubernetes.

Co-authored-by: David Anson <[email protected]>

Author: candrews

docker/Dockerfile-rules

@@ -3,7 +3,8 @@
 ARG VERSION
 FROM davidanson/markdownlint-cli2:${VERSION}
 
-USER root
+USER 0
+# 0 is the documented user ID for the "root" user: https://www.docker.com/blog/understanding-the-docker-user-instruction
 
 RUN npm install --global --no-package-lock --production \
     @github/markdownlint-github \
@@ -25,4 +26,6 @@ RUN npm install --global --no-package-lock --production \
     markdownlint-rules-grav-pages \
     sentences-per-line
 
-USER node
+USER 1000
+# 1000 is the documented user ID for the unprivileged "node" user: https://github.com/nodejs/docker-node/blob/main/docs/BestPractices.md#non-root-user
+# Kubernetes running as non-root requires user ID (implied by the docs for "runAsUser"): https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.32/#securitycontext-v1-core