Fix permissions for config files and introduce entrypoint testing (#451)

This PR attempts to address permissions and ownership issues in the Redis config and data directories, but only for simple, default cases where it's safe to assume we won't overwrite or alter user-specific files (e.g., if a user's home directory is mistakenly mounted).

**Key Changes:**

* Fixes config file and directory permissions when they are insufficient for server startup.
* Introduces the `SKIP_FIX_PERMS` environment variable to completely skip permission fixes, if desired.
* Introduces the `SKIP_DROP_PRIVS` environment variable to optionally disable privilege dropping. This is not recommended, but may be necessary for compatibility with older image versions.
* Adds a comprehensive entrypoint test suite that simulates a wide range of real-world scenarios.

**Breaking Change Notice:**

Users who previously relied on automatic permission fixes in the data directory but have non-standard configurations (e.g., a custom `appendonlydir`) or unrelated files in the data volume may find that these fixes no longer apply. We've chosen to err on the side of caution to avoid unintended data loss or misconfiguration caused by overly aggressive permission handling.

Fixes: #446

Author: Peter-Sh

.github/actions/build-and-tag-locally/action.yml

@@ -204,6 +204,26 @@ runs:
           exit 1
         fi
 
+    - name: Test the entrypoint
+      id: test_entrypoint
+      if: ${{ contains(fromJSON('["amd64", "i386"]'), steps.platform.outputs.display_name) }}
+      shell: bash
+      run: >
+        cd test && env
+        PLATFORM=${{ steps.platform.outputs.display_name }}
+        REDIS_IMG=${{ github.sha }}:${{ steps.platform.outputs.display_name }}
+        ./run-entrypoint-tests.sh
+        -- --output-junit-xml=report-entrypoint.xml
+
+    - name: Test Report
+      uses: dorny/test-reporter@v2
+      # run this step even if previous step failed, but not if it was skipped
+      if: ${{ !cancelled() && steps.test_entrypoint.conclusion != 'skipped' }}
+      with:
+        name: Entrypoint Tests
+        path: test/report-entrypoint.xml
+        reporter: java-junit
+
     - name: Push image
       uses: docker/build-push-action@v6
       if: ${{ inputs.publish_image == 'true' && contains(fromJSON('["amd64"]'), steps.platform.outputs.display_name) }}
@@ -212,4 +232,4 @@ runs:
         push: true
         tags: ${{ inputs.registry_repository }}:${{ github.sha }}-${{ inputs.distribution }}
         cache-from: type=gha
-        cache-to: type=gha,mode=max
+        cache-to: type=gha,mode=max