Put a regular user step first.

Put back in chown.
Switch to real mount path.
2025-02-23 13:18:10 -05:00 · 2025-02-23 13:15:24 -05:00 · 2025-02-23 13:11:15 -05:00
1 changed files with 25 additions and 2 deletions
--- a/task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml
+++ b/task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml
@@ -25,8 +25,8 @@ spec:
    - name: buildkit-cache
      description: For preserving buildkit type=cache mounts between builds.
      optional: true
-      mountPath: /home/user/.local/share/foo
-      # mountPath: /home/user/.local/share/buildkit
+      # mountPath: /home/user/.local/share/foo
+      mountPath: /home/user/.local/share/buildkit
  params:
    - name: OUTPUT
      type: string
@@ -69,6 +69,29 @@ spec:
    - name: metadata-out
      emptyDir: {}
  steps:
+    - name: run-as-user
+      image: $(params.BUILDER_IMAGE)
+      workingDir: "$(workspaces.source.path)"
+      script: |
+        #!/usr/bin/env sh
+        set -euo pipefail
+        echo "yo"
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+        runAsGroup: 1000
+    - name: setup-cache-ownership
+      image: $(params.BUILDER_IMAGE)
+      workingDir: "$(workspaces.source.path)"
+      script: |
+        #!/usr/bin/env sh
+        set -euo pipefail
+        chown 1000:1000 /home/user/.local/share/buildkit
+        chmod 0777 /home/user/.local/share/buildkit
+      securityContext:
+        # runAsNonRoot: false
+        runAsUser: 0
+        runAsGroup: 0
    - name: write-config
      image: $(params.BUILDER_IMAGE)
      workingDir: "$(workspaces.source.path)"
Author	SHA1	Message	Date
Tom Alexander	caf789e7af	Put a regular user step first.	2025-02-23 13:18:10 -05:00
Tom Alexander	23916baa61	Put back in chown.	2025-02-23 13:15:24 -05:00
Tom Alexander	8cf07d7693	Switch to real mount path.	2025-02-23 13:11:15 -05:00