Is it safe to run OpenJDK images like Eclipse Temurin as root?

I noticed that the examples for running the Eclipse Temurin Docker images run the images as root and not as non-root user.

I thought it always would be better to run Docker images as non-root user?

Is it safe to run the Temurin images as root? (For example in a Azure K8s cluster?)

If not, which user should I use? Uid 65534 (nobody)? Or should I create a new user?

Solution

I found out that using the user nobody with uid 65534 works quite fine.

Now my Dockerfile looks like this:

FROM eclipse-temurin:17-jre-alpine
ARG JAR_FILE=target/*.jar

RUN mkdir /home/nobody
WORKDIR /home/nobody

COPY ${JAR_FILE} app.jar

USER 65534

...

npm install takes forever when running docker-compose
Is there a way to get the Docker Hub username of the current user?
Can not connect to ClickHouse via Apache Airflow (all inside Docker)
containerd client + soci snapshotter: http: server gave HTTP response to HTTPS client
How to force 'docker login' command to ignore existing credentials helper?
How to force Docker for a clean build of an image
How do you fix a docker push error, tag does not exist?
How to run a cron job inside a docker container?
MXE Qt5 application builds fail in Docker container
Docker compose Invalid volume destination path: '.' mount path must be absolute
Connecting SQL Server on Docker to Python
Docker - Bind for 0.0.0.0:4000 failed: port is already allocated
How can i solve "unable to prepare context: path "Dockerfile.xxx" not found" error
How to configure NGINX to use multiple subdomains on local network to service more than one application?
How to deploy Angular 17 with SSR with Docker?
MaxScale doesn't connect to Galera Cluster
Combine several docker images to avoid long build times
Mongo as replica set in Testcontainers in .NET
Equivalent of "context" in docker build for apptainer build?
is there parallelism inside Ollama?
docker-compose.yml invalid: app.build contains an invalid type, it should be a string
How to load initial realm in keycloak server with docker?
Docker container with CUDA does not see my GPU | WSL2 / Ubuntu / Win10 | nvcc & nvidia-smi work
"Unknown host" error calling containerized backend from frontend
Python won't find the ENV in my docker container
Run emulator android and docker for windows
PUBLIC_BACKEND_SERVER_URL is not exported error During Docker Build Despite Being Set in .env File in SvelteKit Project
how to pull model automatically with container creation?
Docker compose V2: unknown shorthand flag 'f' (windows)
Python multiprocessing.Queue put kills process in Docker container