Support for non-root container

Added glider user and group to final image. Support for running Glider container as non-root user. Build image is now pinned to Golang 1.16 to avoid future issues when 1.17 is released.

Dockerfile

@@ -1,13 +1,25 @@
-# build stage
+# Build Stage
-FROM golang:alpine AS build-env
+FROM golang:1.16-alpine AS build-env
-RUN apk --no-cache add build-base git gcc
-ADD . /src
-RUN cd /src && go build -v -ldflags "-s -w"
 
-# final stage
+ADD . /src
+
+RUN apk --no-cache add build-base git gcc \
+    && cd /src && go build -v -ldflags "-s -w"
+
+# Final Stage
 FROM alpine
-RUN apk -U upgrade --no-cache && \
+
-    apk add --no-cache bind-tools ca-certificates
-WORKDIR /app
 COPY --from=build-env /src/glider /app/
+
+RUN apk -U upgrade \
+    && apk add bind-tools ca-certificates shadow \
+    && groupadd -g 1000 glider \
+    && useradd -r -u 1000 -g glider glider \
+    && apk del shadow \
+    && chown -R glider:glider /app
+    && apk -v cache clean
+    
+WORKDIR /app
+USER glider
+
 ENTRYPOINT ["./glider"]