From a83e6691aac3e4543d296fbf8fc3cbc5b204f5ce Mon Sep 17 00:00:00 2001
From: Bakery Admin <admin@bakewise.ai>
Date: Thu, 22 Jan 2026 21:26:00 +0100
Subject: [PATCH] Fix resources isues 28

---
 .../cicd/tekton-helm/templates/task-kaniko-build.yaml    | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/infrastructure/cicd/tekton-helm/templates/task-kaniko-build.yaml b/infrastructure/cicd/tekton-helm/templates/task-kaniko-build.yaml
index 1e838b37..70a5f31d 100644
--- a/infrastructure/cicd/tekton-helm/templates/task-kaniko-build.yaml
+++ b/infrastructure/cicd/tekton-helm/templates/task-kaniko-build.yaml
@@ -40,13 +40,12 @@ spec:
   steps:
     - name: build-and-push
       image: gcr.io/kaniko-project/executor:v1.15.0-debug
+      # Note: Kaniko requires root to unpack image layers and perform chown operations
+      # This is a known requirement for container image building
       securityContext:
-        runAsNonRoot: true
-        runAsUser: 65532
+        runAsNonRoot: false
+        runAsUser: 0
         allowPrivilegeEscalation: false
-        capabilities:
-          drop:
-            - ALL
         seccompProfile:
           type: RuntimeDefault
       env: