diff --git a/Makefile b/Makefile
index f161d5c85..0d4ace0da 100644
--- a/Makefile
+++ b/Makefile
@@ -92,9 +92,16 @@ k8s-executor-build-push:
 	DOCKER_BUILDKIT=1 docker build ${BUILD_ARG} --build-arg=GOARCH=$(GOARCH) -t $(REGISTRY)/executor:latest -f deploy/Dockerfile .
 	docker push $(REGISTRY)/executor:latest
 
+files/kaniko:
+	mkdir files/kaniko
+
+files/kaniko.tar: files/kaniko
+	chmod 777 files/kaniko
+	cd files && tar cf kaniko.tar kaniko
+
 .PHONY: images
 images: DOCKER_BUILDKIT=1
-images:
+images: files/kaniko.tar
 	docker build ${BUILD_ARG} --build-arg=GOARCH=$(GOARCH) -t $(REGISTRY)/executor:latest -f deploy/Dockerfile .
 	docker build ${BUILD_ARG} --build-arg=GOARCH=$(GOARCH) -t $(REGISTRY)/executor:debug -f deploy/Dockerfile_debug .
 	docker build ${BUILD_ARG} --build-arg=GOARCH=$(GOARCH) -t $(REGISTRY)/executor:slim -f deploy/Dockerfile_slim .
diff --git a/deploy/Dockerfile b/deploy/Dockerfile
index a41d97a9a..1603755ee 100644
--- a/deploy/Dockerfile
+++ b/deploy/Dockerfile
@@ -45,6 +45,8 @@ FROM debian:bullseye-slim AS certs
 RUN apt update && apt install -y ca-certificates
 
 FROM scratch
+# Create kaniko directory with world write permission to allow non root run
+ADD files/kaniko.tar /
 COPY --from=0 /src/out/executor /kaniko/executor
 COPY --from=0 /usr/local/bin/docker-credential-gcr /kaniko/docker-credential-gcr
 COPY --from=0 /usr/local/bin/docker-credential-ecr-login /kaniko/docker-credential-ecr-login