Put a regular user step first.

2025-02-23 13:18:10 -05:00 · 2025-02-23 13:18:10 -05:00 · caf789e7af
commit caf789e7af
parent 23916baa61
1 changed files with 11 additions and 0 deletions
--- a/task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml
+++ b/task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml
@ -69,6 +69,17 @@ spec:
    - name: metadata-out
      emptyDir: {}
  steps:
+    - name: run-as-user
+      image: $(params.BUILDER_IMAGE)
+      workingDir: "$(workspaces.source.path)"
+      script: |
+        #!/usr/bin/env sh
+        set -euo pipefail
+        echo "yo"
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+        runAsGroup: 1000
    - name: setup-cache-ownership
      image: $(params.BUILDER_IMAGE)
      workingDir: "$(workspaces.source.path)"