spec:
  containers:
  - name: buildroot
    image: registry.pyrocufflink.blue/buildroot
    command:
    - sleep
    - infinity
    volumeMounts:
    - name: tmp
      mountPath: /tmp
    securityContext:
      readOnlyRootFilesystem: true
      runAsUser: 1000
  volumes:
  - name: tmp
    emptyDir:
      medium: Memory
      sizeLimit: 100Mi
  - name: workspace-volume
    ephemeral:
      volumeClaimTemplate:
        spec:
          accessModes:
          - ReadWriteOnce
          storageClassName: longhorn
          resources:
            requests:
              storage: 10Gi