spec:
  containers:
  - name: build
    image: git.pyrocufflink.net/aimeeos/build/build-aarch64-unknown-linux-gnu
    command:
    - /bin/sh
    - -c
    - |
      trap 'kill $!; exit' TERM
      sleep infinity &
      wait
    securityContext:
      capabilities:
        add:
        - CAP_SETFCAP
    volumeMounts:
    - mountPath: /build
      name: workspace-volume
      subPath: _build
    - mountPath: /mnt/gentoo
      name: workspace-volume
      subPath: gentoo
    - mountPath: /usr/aarch64-unknown-linux-gnu/var/cache/binpkgs
      name: workspace-volume
      subPath: binpkgs
    - mountPath: /var/cache/binpkgs
      name: workspace-volume
      subPath: binpkgs
    - mountPath: /var/cache/distfiles
      name: workspace-volume
      subPath: distfiles
  hostUsers: false