Currently the wdqs docker images in the wikibase-docker repo run blazegraph as root and should not.
A new user "blazegraph" should be created in the docker image and used for running the blazegraph process.
In order to remain backward compatible the entry point may have to have checks in place running as root to alter file permissions of files such as the wdqs journal file.
The final blazegraph process however should run as the new user "blazegraph".
- blazegraph process is not run as root, instead run as the new "blazegraph" user
- Users previously running blazegraph as root should not have any issues when upgrading to new image (with file permissions etc)
- All wdqs docker image version are updated
- Follow best practices for creating users and groups in docker images, this probably means specifying the user ID and group ID when creating the user