spec:
  containers:
  - name: jnlp
    securityContext:
      fsGroup: 1000
  - name: buildroot
    image: registry.pyrocufflink.blue/buildroot
    command:
    - sleep
    - infinity
    volumeMounts:
    - name: tmp
      mountPath: /tmp
    securityContext:
      readOnlyRootFilesystem: true
      runAsUser: 1000
  volumes:
  - name: tmp
    emptyDir:
      medium: Memory
      sizeLimit: 100Mi