Integrate changes from various other images

I've created a few container images for Jenkins jobs over the past few
weeks, and many of them have several steps in common.  Moving those
steps to the *jenkins-base* image will simplify the rest and make it
easier to create new ones.

* Use UID 1000 for the *jenkins* user, since this is the UID the Jenkins
  agent JNLP container uses
* Configure the SSH client `KnownHostsCommand` setting to fetch the SSH
  host key database from the file server
* Run as the unprivileged user
* Add a "sleep forever" type entry point: Python's `signal.pause()`
  waits for a signal from the operating system, where as other solutions
  are either uninterruptable (`sleep infinity`) or wake frequently
  (`tail -f /dev/null`)

Containerfile

@@ -1,3 +1,10 @@
 FROM registry.fedoraproject.org/fedora:36
 
-RUN useradd -l -u 3000018 jenkins
+RUN groupadd -g 1000 jenkins \
+    && useradd -c 'Jenkins user' -g 1000 -l -M -s /bin/sh -u 1000 jenkins
+
+COPY known-hosts-command.ssh.conf /etc/ssh/ssh_config.d/10-known-hosts-command.conf
+
+USER jenkins:jenkins
+
+CMD ["python3", "-c", "import signal;signal.pause()"]

known-hosts-command.ssh.conf

@@ -0,0 +1 @@
+KnownHostsCommand /usr/bin/curl -sL https://files.pyrocufflink.blue/ssh_known_hosts