FIX: Ensure USER has permissions for chmod in Dockerfile (#26)

* FIX: Ensure USER has permissions for chmod in Dockerfile

* For security reasons the default user in mambaorg/micromamba:1.4.9-bullseye-slim
  is non-root with uid 1000 (mambauser) but this requires the user
  permissions to be escalated to one with chmod powers. The simplest way
  to do this is to chown to mambauser on COPY.

* To ensure that the micromamba environment is setup correctly on entry
  fallback to the mambaorg/micromamba's base image ENTRYPOINT and set this
  action's /entrypoint.sh as CMD.
   - c.f. https://github.com/mamba-org/micromamba-docker/blob/604ebafb09543a3d852e437886f1c782f0367911/_entrypoint.sh

* MNT: Rename action's script from entrypoint.sh to cmd.sh for clarity

* As the action is relying on the mambaorg/micromamba container's
  entrypoint to setup the shell environment correctly let this be
  clearly the ENTRYPOINT and rename the action's entrypoint script to
  cmd.sh as it is being passed as CMD.

Author: matthewfeickert

Dockerfile

@@ -1,12 +1,21 @@
 FROM mambaorg/micromamba:1.4.9-bullseye-slim
 
+USER mambauser
+
 SHELL [ "/bin/bash", "-c" ]
 
 # Use C.UTF-8 locale to avoid issues with unicode encoding
 ENV LC_ALL=C.UTF-8
 ENV LANG=C.UTF-8
 
-COPY entrypoint.sh /entrypoint.sh
-RUN chmod +x /entrypoint.sh
+COPY --chown=mambauser cmd.sh /cmd.sh
+RUN chmod +x /cmd.sh
 
-ENTRYPOINT ["/entrypoint.sh"]
+# The mambaorg/micromamba base image's entrypoint is
+# /usr/local/bin/_entrypoint.sh which ensures the shell environment is
+# correctly set for micromamba to be accessible by the given user.
+# c.f. https://github.com/mamba-org/micromamba-docker/blob/604ebafb09543a3d852e437886f1c782f0367911/_entrypoint.sh
+# Instead of replicating this, continue to use it as the ENTRYPOINT
+# and then pass the action's script as CMD.
+ENTRYPOINT [ "/usr/local/bin/_entrypoint.sh" ]
+CMD [ "/cmd.sh" ]