diff --git a/cmd/executor/cmd/root.go b/cmd/executor/cmd/root.go
index 937e7f4a4..f39e011ed 100644
--- a/cmd/executor/cmd/root.go
+++ b/cmd/executor/cmd/root.go
@@ -215,7 +215,7 @@ func resolveEnvironmentBuildArgs(arguments []string, resolver func(string) strin
 // copy Dockerfile to /kaniko/Dockerfile so that if it's specified in the .dockerignore
 // it won't be copied into the image
 func copyDockerfile() error {
-	if _, err := util.CopyFile(opts.DockerfilePath, constants.DockerfilePath, "", -1, -1); err != nil {
+	if _, err := util.CopyFile(opts.DockerfilePath, constants.DockerfilePath, "", util.DoNotChangeUID, util.DoNotChangeGID); err != nil {
 		return errors.Wrap(err, "copying dockerfile")
 	}
 	opts.DockerfilePath = constants.DockerfilePath
diff --git a/pkg/commands/copy.go b/pkg/commands/copy.go
index 7af0b34f1..25a78cdb9 100644
--- a/pkg/commands/copy.go
+++ b/pkg/commands/copy.go
@@ -45,8 +45,8 @@ func (c *CopyCommand) ExecuteCommand(config *v1.Config, buildArgs *dockerfile.Bu
 		c.buildcontext = filepath.Join(constants.KanikoDir, c.cmd.From)
 	}
 	var uid, gid int64
-	uid = -1
-	gid = -1
+	uid = util.DoNotChangeUID
+	gid = util.DoNotChangeGID
 
 	replacementEnvs := buildArgs.ReplacementEnvs(config.Env)
 
diff --git a/pkg/util/fs_util.go b/pkg/util/fs_util.go
index aff1f325c..dca42b90d 100644
--- a/pkg/util/fs_util.go
+++ b/pkg/util/fs_util.go
@@ -41,6 +41,9 @@ import (
 	"github.com/sirupsen/logrus"
 )
 
+const DoNotChangeUID = -1
+const DoNotChangeGID = -1
+
 type WhitelistEntry struct {
 	Path            string
 	PrefixMatchOnly bool
@@ -539,6 +542,18 @@ func DownloadFileToDest(rawurl, dest string) error {
 	return os.Chtimes(dest, mTime, mTime)
 }
 
+// DetermineTargetFileOwnership returns the user provided uid/gid combination.
+// If they are set to -1, the uid/gid from the original file is used.
+func DetermineTargetFileOwnership(fi os.FileInfo, uid, gid int64) (int64, int64) {
+	if uid <= DoNotChangeUID {
+		uid = int64(fi.Sys().(*syscall.Stat_t).Uid)
+	}
+	if gid <= DoNotChangeGID {
+		gid = int64(fi.Sys().(*syscall.Stat_t).Gid)
+	}
+	return uid, gid
+}
+
 // CopyDir copies the file or directory at src to dest
 // It returns a list of files it copied over
 func CopyDir(src, dest, buildcontext string, uid, gid int64) ([]string, error) {
@@ -563,12 +578,7 @@ func CopyDir(src, dest, buildcontext string, uid, gid int64) ([]string, error) {
 			logrus.Tracef("Creating directory %s", destPath)
 
 			mode := fi.Mode()
-			if uid < 0 {
-				uid = int64(int(fi.Sys().(*syscall.Stat_t).Uid))
-			}
-			if gid < 0 {
-				gid = int64(int(fi.Sys().(*syscall.Stat_t).Gid))
-			}
+			uid, gid = DetermineTargetFileOwnership(fi, uid, gid)
 			if err := mkdirAllWithPermissions(destPath, mode, uid, gid); err != nil {
 				return nil, err
 			}
@@ -631,12 +641,7 @@ func CopyFile(src, dest, buildcontext string, uid, gid int64) (bool, error) {
 		return false, err
 	}
 	defer srcFile.Close()
-	if uid < 0 {
-		uid = int64(fi.Sys().(*syscall.Stat_t).Uid)
-	}
-	if gid < 0 {
-		gid = int64(fi.Sys().(*syscall.Stat_t).Gid)
-	}
+	uid, gid = DetermineTargetFileOwnership(fi, uid, gid)
 	return false, CreateFile(dest, srcFile, fi.Mode(), uint32(uid), uint32(gid))
 }
 
diff --git a/pkg/util/fs_util_test.go b/pkg/util/fs_util_test.go
index 109f2337a..ad0d935a2 100644
--- a/pkg/util/fs_util_test.go
+++ b/pkg/util/fs_util_test.go
@@ -963,7 +963,7 @@ func Test_CopyFile_skips_self(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	ignored, err := CopyFile(tempFile, tempFile, "", -1, -1)
+	ignored, err := CopyFile(tempFile, tempFile, "", DoNotChangeUID, DoNotChangeGID)
 	if err != nil {
 		t.Fatal(err)
 	}