spec:
  containers:
  - name: buildah
    image: quay.io/containers/buildah:v1.37
    command:
    - cat
    stdin: true
    tty: true
    securityContext:
      capabilities:
        add:
        - SYS_ADMIN
        - MKNOD
        - SYS_CHROOT
        - SETFCAP
    resources:
      limits:
        github.com/fuse: 1
  hostUsers: false
  tolerations:
  - key: du5t1n.me/jenkins