try a build with node user

services/clsi/Dockerfile

@@ -19,7 +19,6 @@ WORKDIR /app
 # All app and node_modules will be owned by root.
 # The app will run as the 'app' user, and so not have write permissions
 # on any files it doesn't need.
-RUN useradd --user-group --create-home --home-dir /app --shell /bin/false app
 RUN ./install_deps.sh
 ENTRYPOINT ["/bin/sh", "entrypoint.sh"]
 

services/clsi/entrypoint.sh

@@ -5,11 +5,10 @@ echo "Changing permissions of /var/run/docker.sock for sibling containers"
 chown root:docker /var/run/docker.sock
 
 mkdir -p /app/cache
-chown -R app:app /app/cache
+chown -R node:node /app/cache
 
 mkdir -p /app/compiles
-chown -R app:app /app/compiles
-chmod -R 777 /app/compiles #TODO why do I need this?
+chown -R node:node /app/compiles
 
 ./bin/install_texlive_gce.sh
-exec runuser -u app "$@"
+exec runuser -u node "$@"

services/clsi/install_deps.sh

@@ -2,12 +2,12 @@
 wget -qO- https://get.docker.com/ | sh
 apt-get install poppler-utils vim ghostscript --yes
 npm rebuild
-usermod -aG docker app
+usermod -aG docker node
 
 mkdir -p /app/cache
-chown -R app:app /app/cache
+chown -R node:node /app/cache
 
 mkdir -p /app/compiles
-chown -R app:app /app/compiles
+chown -R node:node /app/compiles
 
-chown -R app:app /app/bin/synctex
+chown -R node:node /app/bin/synctex