USER improvements to prevent root users when possible

[jdolitsky]

The following improvements could help prevent having USER root in an image:

1. Embedding base images' "nonroot" user(s) and possibly use a default such as "nonroot", then simply asserting USER <nonroot> at the end of a final stage post conversion
2. Detecting the creation/use of existing users in the original Dockerfile and preserve them, especially after finished running apk add ... commands which require the addition of USER root