From bf2cf88d7603ff8592e45b5af7c0add6cc870668 Mon Sep 17 00:00:00 2001
From: Jason Montleon <jmontleo@redhat.com>
Date: Mon, 11 Nov 2024 13:09:42 -0500
Subject: [PATCH] :bug: Run task pods with hub UID

Signed-off-by: Jason Montleon <jmontleo@redhat.com>
---
 task/manager.go | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/task/manager.go b/task/manager.go
index c939c3d0..9fa6aba4 100644
--- a/task/manager.go
+++ b/task/manager.go
@@ -7,6 +7,7 @@ import (
 	"fmt"
 	"io"
 	"os"
+	"os/user"
 	"path"
 	"sort"
 	"strconv"
@@ -1699,6 +1700,14 @@ func (r *Task) containers(
 			},
 		},
 	}
+	user, err := user.Current()
+	if err != nil {
+		err = liberr.Wrap(err)
+	}
+	uid, err := strconv.ParseInt(user.Uid, 10, 64)
+	if err != nil {
+		err = liberr.Wrap(err)
+	}
 	plain = append(plain, addon.Spec.Container)
 	plain[0].Name = "addon"
 	for i := range extensions {
@@ -1714,6 +1723,9 @@ func (r *Task) containers(
 		container := &plain[i]
 		injector.Inject(container)
 		r.propagateEnv(&plain[0], container)
+		container.SecurityContext = &core.SecurityContext{
+			RunAsUser: &uid,
+		}
 		container.VolumeMounts = append(
 			container.VolumeMounts,
 			core.VolumeMount{