update Debian base image to Trixie

[kalinstaykov]

Update the base image for Debian to Trixie.

[jit-ci]

❌ Jit has detected 1 important finding in this PR that you should review.
The finding is detailed below as a comment.
It’s highly recommended that you fix this security issue before merge.

Repository Risks:

• Database Integration: Connects to a database, often involving sensitive data that must be securely managed.
• Internally Accessible: Accessible only within the internal network, reducing exposure to external threats but still requiring proper controls.
• High Severity Findings: Indicates that the resource has high severity security findings that need attention.

Repository Context:

graph LR
    GitHub$Repository_U23_redis/docker_U2D_library_U2D_redis["GitHub Repository<br/>redis/docker-library-redis"]:::GitHub$Repository
    Team_U23_client_U2D_developers["Team<br/>client-developers"]:::Team
    Team_U23_core_U2D_team["Team<br/>core-team"]:::Team
    Team_U23_redis_U2D_packaging_U2D_admins["Team<br/>redis-packaging-admins"]:::Team
    DBIntegration_U23_redis["DBIntegration<br/>redis"]:::DBIntegration
    Team_U23_client_U2D_developers -- "Owns" --> GitHub$Repository_U23_redis/docker_U2D_library_U2D_redis
    Team_U23_core_U2D_team -- "Owns" --> GitHub$Repository_U23_redis/docker_U2D_library_U2D_redis
    Team_U23_redis_U2D_packaging_U2D_admins -- "Owns" --> GitHub$Repository_U23_redis/docker_U2D_library_U2D_redis
    GitHub$Repository_U23_redis/docker_U2D_library_U2D_redis -- "Is accessible to" --> DBIntegration_U23_redis

Loading

[jit-ci]

Security control: Docker Scan

Image User Should Not Be 'Root'

Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.

Severity: HIGH

Learn more about this issue

---

Fix suggestion:

This fix suggestion was generated by Jit. Please note that the suggestion might not always fit every use case. It is highly recommended that you check and review it before merging.

Suggestion guidelines

• First of all, check if your container is running as a root user. In most of the cases, you can do it by running a command like this: docker run <image> whoami. If it returns root, then you should consider using a non-root user, by following one of the next steps:
  • If a non-root user already exists in your container, consider using it.
  • If not, you can create a new user by adding a USER command to the Dockerfile, with a non-root user as argument, for example: USER <non-root-user-name>.

Suggested change

	FROM debian:trixie-slim
	FROM debian:trixie-slim
	RUN addgroup --system <group>
	RUN adduser --system <user> --ingroup <group>
	USER <user>:<group>

---

Jit Bot commands and options (e.g., ignore issue)

You can trigger Jit actions by commenting on this PR review:

• #jit_ignore_fp Ignore and mark this specific single instance of finding as “False Positive”
• #jit_ignore_accept Ignore and mark this specific single instance of finding as “Accept Risk”
• #jit_ignore_type_in_file Ignore any finding of type "Image user should not be 'root'" in debian/Dockerfile; future occurrences will also be ignored.
• #jit_undo_ignore Undo ignore command