docs: buildkit POC findings + restrict to manual trigger

Andrew Dunnrequested to merge
docs/buildkit-poc-findings into main

POC sim verdict: rootless buildkit on SaaS runner needs non-root USER + subuid setup in ci-buildkit. Deferred to later v2.x.

Changes:

  • sim-buildkit-poc rule narrowed to REBUILD_BUILDKIT_POC=true so the failing sim no longer runs on every main pipeline.
  • CHANGELOG [Unreleased] documents the buildkit and kaniko deferrals.

Merge request reports