Currently, the kubernetes plugin can't run jobs in containers that have unpriveleged users baked into their image metadata.
Supporting jobs running as unpriveleged users is a more difficult task. Maybe a minimal solution to this is to allow the user to override the user. Kubernetes supports this, so it should be reasonably straight forward to add a "user" field to the containerTemplate() call.
When a job is run as an unpriveleged user, we see the following error: