Fix semgrep findings (#2061)

Author: GarrettBeatty

.semgrepignore

@@ -0,0 +1,15 @@
+# Ignore test and example files containing dummy credentials
+**/test/**/*.json
+**/tests/**/*.json
+**/SampleRequests/**/*.json
+**/*.example.*
+**/*.test.*
+**/*.min.js
+**/env.configs.yml
+
+# Ignore third-party libraries
+**/node_modules/**
+**/vendor/**
+**/dist/**
+**/build/**
+**/bootstrap/**/*.js

LambdaRuntimeDockerfiles/sample/Sample/Dockerfile

@@ -17,4 +17,7 @@ RUN dotnet publish "Sample.csproj" -c Release -o /app/publish
 FROM base AS final
 COPY --from=publish /app/publish ${LAMBDA_TASK_ROOT}
 # ref. https://docs.aws.amazon.com/lambda/latest/dg/csharp-handler.html#csharp-handler-signatures
+# Create a non-root user and switch to it
+RUN adduser --disabled-password --gecos "" appuser
+USER appuser
 CMD [ "Sample::Sample.Function::FunctionHandler" ]