Right now the plugin will launch a single Docker container and mount the job folder from host machine. The parameters used will start the container with the same user and group as the host so that the Docker container can write these files.
This is a problem when you need to run Docker as root, for example when running Docker-in-Docker.
To address this, the plugin could create a separate, storage only container, which mounts the host's folder with the right credentials. After that, the job Docker container would start with whatever user we need and mount the data container with 'volumes-from'.
This way we have best of both worlds - ability to use any user in the job container, and write to host's filesystem.
It might be worth exploring which option would work better in terms of performance and concurrency - having a single storage container per host or create a storage container for each job that is being requested.