Sonarqube quality gates and coverage

back to 92% coverage on sonarqube and passing quality gates

• Sonraqube quality gates are failing due to too many duplicated lines in HiPeRTA and phoenix dependencies.
  • Check if some files can be excluded from analysis, implement relevant refactoring
  • Duplicated lines do not consider langage, therefore c++ const and non-const or duplicated functions are considered duplicated. There are few enough lines that it is ok.
    • Generated code was excluded from duplication analysis
• Sonarqube finds bugs in scripts to create packages
  • Review scripts (somme can be deleted ?)
• Sonarqube line coverage is 89% where it should be 93%. That is because sonarqube considers code that is not compiled as well in the analysis. Sonarqube coverage is a mixture of line coverage and branch coverage, so it is lower (we don't cover as many branches as lines)
• Update Dockerfiles to use a non-root user, fixing acknowledged security issues Only do this for the production image, users need to be root in other images to be able to install stuff.
• The sonar-project_cpp.properties file is unused, to be removed

Note: I already updated sonarqube configuration to only look at source code in https://gitlab.cta-observatory.org/cta-computing/acada/sag-reconstruction/-/merge_requests/8 so lets continue from there (changes are in the CTAO repo)

FYI @sami.caroff @paubert