fix: mismatched container fs permissions (#2946)

2025-07-24 19:54:08 +09:00 · 2025-07-24 19:54:08 +09:00 · d04ff0a378
parent e06397d5c7
commit d04ff0a378
1 changed files with 3 additions and 2 deletions
--- a/pkg/k8s/security_context.go
+++ b/pkg/k8s/security_context.go
@ -14,11 +14,12 @@ func defaultPodSecurityContext() *corev1.PodSecurityContext {
 		return nil
 	}
 	runAsUser := int64(1001)
-	runAsGroup := int64(1002)
+	runAsGroup := int64(0) // Match Tekton buildpack task group
+	fsGroup := int64(1002) // Keep FSGroup for volume ownership
 	return &corev1.PodSecurityContext{
 		RunAsUser:  &runAsUser,
 		RunAsGroup: &runAsGroup,
-		FSGroup:    &runAsGroup,
+		FSGroup:    &fsGroup,
 	}
 }