warmer:v1.3.0 docker image has a file owned by a user with high uid

[evansonm]

Actual behavior The file docker-credential-gcr is owned by user uid=205001 gid=89939 in the warmer:v1.3.0 docker image, instead of uid=0 gid=0 usually. This cause issues in our CI as we are using user namespace, and this goes out of the range we defined.

Similar issue was reported earlier this year in executor image via issue #1303 .

Expected behavior Have all files owned by the same user, ideally with a low enough uid (plagiarized from #1303).

Perhaps add --no-same-owner to tar extraction command in Dockerfile_warmer

To Reproduce Steps to reproduce the behavior (URL below is referenced in Dockerfile_warmer):

$ url=https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v2.0.1/docker-credential-gcr_linux_amd64-2.0.1.tar.gz
$ wget -q -O - $url | tar -tvzf - --numeric-owner
-rwxr-x--- 205001/89939 6435607 2020-03-05 15:25 ./docker-credential-gcr

Additional Information

Appears in: gcr.io/kaniko-project/warmer:v1.3.0@sha256:3fa564396f51d471ceaa64d53505762a9d714836a6537255b2ef732606c4b9bb

Triage Notes for the Maintainers

Description	Yes/No
Please check if this a new feature you are proposing	- [ ]
Please check if the build works in docker but not in kaniko	- [ ]
Please check if this error is seen when you use --cache flag	- [ ]
Please check if your dockerfile is a multistage dockerfile	- [ ]

[ankitm123]

missing --no-same-owner for the tar command seems likely to be the issue.

[evansonm]

Thanks @ankitm123 and @tejal29!