Improve container image size and enhance security

[Copilot]

This PR addresses image size optimization and security enhancements for the debug container:

Image Size Optimization

• Changed base image from CentOS Stream 9 to Ubuntu 22.04 for a smaller footprint
• Reduced image size by excluding non-essential packages
• Added .dockerignore file to exclude unnecessary files from build context
• Optimized package installation with proper cleanup of package manager cache

Security Enhancements

• Created a non-root user (debuguser) with sudo privileges for better security
• Added tini as the init process to properly handle signals and prevent zombie processes
• Added container HEALTHCHECK for better observability
• Updated ENTRYPOINT to ensure proper signal handling
• Enhanced documentation with security best practices section in README

Other Improvements

• Updated tool listing in README to reflect current container contents
• Added secure execution example with limited capabilities
• Maintained all existing container functionality while improving security

Testing

The changes have been tested to verify:

• All included tools work properly
• The non-root user works correctly with sudo privileges
• Container health check functions as expected

Fixes #1.

Warning

Firewall rules blocked me from connecting to one or more addresses

I tried to connect to the following addresses, but was blocked by firewall rules:

• 168.63.129.16
• mirrors.centos.org
  • Triggering command: /usr/bin/python3.9 /usr/bin/yum -y install epel-release (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to my firewall allow list

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.