Docker actions must be run by the default Docker user (root).
So, even if we are indeed using USER here to enforce root, us removing this line will not solve your issue. The files in the workspace will still be owned by root.
The technical (and historical) reason for putting that USER line in the Dockerfile is because this image extends sonarsource/sonar-scanner-cli. And that image used to have a USER directive as well, which was different from root. So in order for the GitHub Action to work as expected, we had to override it to root.
Today, this isn’t the case anymore; we removed the USER directive from sonarsource/sonar-scanner-cli. So we could update the sonarqube-scan-action and remove the USER line over there as well. But as I wrote above, this wouldn’t really solve your problem: GitHub will still run the action as root .