Dockerfile Security Changes (#64)

<!-- markdownlint-disable-next-line first-line-heading -->
## Description

<!-- Describe your changes in detail. -->
This modifies the dockerfile to use a non-root user and actually copy
all files needed over into the docker image.

## Context

<!-- Why is this change required? What problem does it solve? -->
This makes the dockerfile more secure by not running as a root user and
will remove security issues in SonarCloud (once enabled for this
project).

## Type of changes

<!-- What types of changes does your code introduce? Put an `x` in all
the boxes that apply. -->

- [x] Refactoring (non-breaking change)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would change existing
functionality)
- [ ] Bug fix (non-breaking change which fixes an issue)

## Checklist

<!-- Go over all the following points, and put an `x` in all the boxes
that apply. -->

- [x] I am familiar with the [contributing
guidelines](https://github.com/nhs-england-tools/playwright-python-blueprint/blob/main/CONTRIBUTING.md)
- [x] I have followed the code style of the project
- [ ] I have added tests to cover my changes (where appropriate)
- [ ] I have updated the documentation accordingly
- [ ] This PR is a result of pair or mob programming

---

## Sensitive Information Declaration

To ensure the utmost confidentiality and protect your and others
privacy, we kindly ask you to NOT including [PII (Personal Identifiable
Information) / PID (Personal Identifiable
Data)](https://digital.nhs.uk/data-and-information/keeping-data-safe-and-benefitting-the-public)
or any other sensitive data in this PR (Pull Request) and the codebase
changes. We will remove any PR that do contain any sensitive
information. We really appreciate your cooperation in this matter.

- [x] I confirm that neither PII/PID nor sensitive data are included in
this PR and the codebase changes.

Author: davethepunkyone

buildBase.dockerfile

@@ -1,18 +1,37 @@
+# This dockerfile allows for the code from the project to be built into a Docker image,
+# for use in a CI/CD-style environment such as GitHub Actions or Jenkins.
+# Further reading on this: https://docs.docker.com/get-started/docker-concepts/the-basics/what-is-an-image/
+
 FROM python:3.13-slim
 
+# Create non-root OS user/group and configure environment
+RUN addgroup --system nonroot \
+  && adduser --system --home /home/nonroot nonroot --ingroup nonroot
+
 WORKDIR /test
 
+ENV HOME=/home/nonroot
+ENV PATH="$HOME/.local/bin:$PATH"
+
 # Install dependencies
 COPY ./requirements.txt ./requirements.txt
-RUN pip install --no-cache-dir -r requirements.txt
-RUN playwright install --with-deps
-RUN playwright install chrome
+RUN pip install --no-cache-dir -r requirements.txt && \
+  playwright install --with-deps && \
+  mkdir -p /tests/ && \
+  mkdir -p /utils/ && \
+  mkdir -p /pages/
 
-RUN mkdir -p /tests/
+# Copy project files
 COPY ./tests/ ./tests/
-RUN mkdir -p /utils/
 COPY ./utils/ ./utils/
+COPY ./pages/ ./pages/
+COPY ./conftest.py ./conftest.py
 COPY ./pytest.ini ./pytest.ini
 COPY ./run_tests.sh ./run_tests.sh
+COPY ./users.json ./users.json
+
+# Set permissions, make the script executable and switch OS user
+RUN chmod +x ./run_tests.sh \
+  && chown -R nonroot:nonroot /test
 
-RUN chmod +x ./run_tests.sh
+USER nonroot