diff --git a/charts/osbuilder/templates/deployment.yaml b/charts/osbuilder/templates/deployment.yaml
index e52f20c..151ee44 100644
--- a/charts/osbuilder/templates/deployment.yaml
+++ b/charts/osbuilder/templates/deployment.yaml
@@ -6,7 +6,7 @@ metadata:
     labels:
       {{- include "helm-chart.labels" . | nindent 8 }}
 spec:
-    replicas: 1
+    replicas: {{ .Values.replicas | default 1}}
     selector:
         matchLabels:
             {{- include "helm-chart.selectorLabels" . | nindent 10 }}
diff --git a/charts/osbuilder/values.yaml b/charts/osbuilder/values.yaml
index cf86ab9..d25b07a 100644
--- a/charts/osbuilder/values.yaml
+++ b/charts/osbuilder/values.yaml
@@ -15,6 +15,8 @@ image:
   # tag of the controller image. Leave empty to use chart's AppVersion
   tag:
 
+replicas: 1
+
 # The PVC storage size for the build process
 pvcStorageSize: "20Gi"
 
diff --git a/controllers/job.go b/controllers/job.go
index 4a00d3b..69952ba 100644
--- a/controllers/job.go
+++ b/controllers/job.go
@@ -50,17 +50,23 @@ func unpackContainer(id, containerImage, pullImage string) corev1.Container {
 }
 
 func unpackFileContainer(id, pullImage, name string) corev1.Container {
+	//var rootID int64 = 0
+
 	return corev1.Container{
 		ImagePullPolicy: corev1.PullAlways,
 		Name:            fmt.Sprintf("pull-image-%s", id),
 		Image:           "gcr.io/go-containerregistry/crane:latest",
 		Command:         []string{"crane"},
 		Args:            []string{"--platform=linux/arm64", "pull", pullImage, fmt.Sprintf("/rootfs/oem/%s.tar", name)},
+		//SecurityContext: &corev1.SecurityContext{
+		//	RunAsUser:  &rootID,
+		//	RunAsGroup: &rootID,
+		//},
 		VolumeMounts: []corev1.VolumeMount{
 			{
 				Name:      "artifacts",
 				MountPath: "/rootfs/oem",
-				SubPath:   "rootfs",
+				SubPath:   "rootfs/oem",
 			},
 		},
 	}
@@ -226,9 +232,9 @@ func (r *OSArtifactReconciler) newBuilderPod(pvcName string, artifact *osbuilder
 		)
 	}
 	if artifact.Spec.Model != nil {
-		cmd = fmt.Sprintf("/build-arm-image.sh --model %s --directory %s /artifacts/%s.iso", *artifact.Spec.Model, "/rootfs", artifact.Name)
+		cmd = fmt.Sprintf("/build-arm-image.sh --model %s --directory %s --recovery-partition-size 5120 --state-parition-size 6144 --size 16384 --images-size 4096 /artifacts/%s.iso", *artifact.Spec.Model, "/rootfs", artifact.Name)
 		if artifact.Spec.CloudConfigRef != nil {
-			cmd = fmt.Sprintf("/build-arm-image.sh --model %s --config /iso/iso-overlay/cloud_config.yaml --directory %s /artifacts/%s.iso", *artifact.Spec.Model, "/rootfs", artifact.Name)
+			cmd = fmt.Sprintf("/build-arm-image.sh --model %s --config /iso/iso-overlay/cloud_config.yaml --directory %s --recovery-partition-size 5120 --state-partition-size 6144 --size 16384 --images-size 4096 /artifacts/%s.iso", *artifact.Spec.Model, "/rootfs", artifact.Name)
 		}
 	}
 
@@ -372,6 +378,7 @@ func (r *OSArtifactReconciler) newBuilderPod(pvcName string, artifact *osbuilder
 	// - built from a dockerfile and converted to a kairos one
 	// - built by converting an existing image to a kairos one
 	// - a prebuilt kairos image
+
 	if artifact.Spec.BaseImageDockerfile != nil {
 		podSpec.InitContainers = append(podSpec.InitContainers, baseImageBuildContainers()...)
 	} else if artifact.Spec.BaseImageName != "" { // Existing base image - non kairos
@@ -436,6 +443,19 @@ func (r *OSArtifactReconciler) newBuilderPod(pvcName string, artifact *osbuilder
 
 	if artifact.Spec.ISO && artifact.Spec.Model != nil {
 		podSpec.InitContainers = []corev1.Container{}
+
+		podSpec.InitContainers = append(podSpec.InitContainers, corev1.Container{
+			Name:    "create-directories",
+			Image:   "busybox",
+			Command: []string{"sh", "-c", "mkdir -p /mnt/pv/artifacts && mkdir -p /mnt/pv/rootfs/oem && chown -R 65532:65532 /mnt/pv/artifacts && chown -R 65532:65532 /mnt/pv/rootfs && chown -R 65532:65532 /mnt/pv/rootfs/oem"},
+			VolumeMounts: []corev1.VolumeMount{
+				{
+					Name:      "artifacts",
+					MountPath: "/mnt/pv",
+				},
+			},
+		})
+
 		i := 0
 		for name, bundle := range artifact.Spec.FileBundles {
 			i++
diff --git a/controllers/osartifact_controller.go b/controllers/osartifact_controller.go
index 75bea07..9e8d76a 100644
--- a/controllers/osartifact_controller.go
+++ b/controllers/osartifact_controller.go
@@ -249,7 +249,8 @@ func (r *OSArtifactReconciler) checkExport(ctx context.Context, artifact *osbuil
 			artifactLabel: artifact.Name,
 		}),
 	}); err != nil {
-		return ctrl.Result{Requeue: true}, err
+		log.FromContext(ctx).Error(err, "failed to list jobs")
+		return ctrl.Result{Requeue: true}, nil
 	}
 
 	indexedJobs := make(map[string]*batchv1.Job, len(artifact.Spec.Exporters))
@@ -264,7 +265,8 @@ func (r *OSArtifactReconciler) checkExport(ctx context.Context, artifact *osbuil
 	var pvcs corev1.PersistentVolumeClaimList
 	var pvc *corev1.PersistentVolumeClaim
 	if err := r.List(ctx, &pvcs, &client.ListOptions{LabelSelector: labels.SelectorFromSet(labels.Set{artifactLabel: artifact.Name})}); err != nil {
-		return ctrl.Result{Requeue: true}, err
+		log.FromContext(ctx).Error(err, "failed to list PVCs")
+		return ctrl.Result{Requeue: true}, nil
 	}
 
 	for _, item := range pvcs.Items {
@@ -308,11 +310,13 @@ func (r *OSArtifactReconciler) checkExport(ctx context.Context, artifact *osbuil
 			})
 
 			if err := controllerutil.SetOwnerReference(artifact, job, r.Scheme); err != nil {
-				return ctrl.Result{Requeue: true}, err
+				log.FromContext(ctx).Error(err, "failed to set owner reference on job")
+				return ctrl.Result{Requeue: true}, nil
 			}
 
 			if err := r.Create(ctx, job); err != nil {
-				return ctrl.Result{Requeue: true}, err
+				log.FromContext(ctx).Error(err, "failed to create job")
+				return ctrl.Result{Requeue: true}, nil
 			}
 
 		} else if job.Spec.Completions == nil || *job.Spec.Completions == 1 {
@@ -322,7 +326,8 @@ func (r *OSArtifactReconciler) checkExport(ctx context.Context, artifact *osbuil
 		} else if *job.Spec.BackoffLimit <= job.Status.Failed {
 			artifact.Status.Phase = osbuilder.Error
 			if err := r.Status().Update(ctx, artifact); err != nil {
-				return ctrl.Result{Requeue: true}, err
+				log.FromContext(ctx).Error(err, "failed to update artifact status")
+				return ctrl.Result{Requeue: true}, nil
 			}
 			break
 		}
@@ -331,7 +336,8 @@ func (r *OSArtifactReconciler) checkExport(ctx context.Context, artifact *osbuil
 	if succeeded == len(artifact.Spec.Exporters) {
 		artifact.Status.Phase = osbuilder.Ready
 		if err := r.Status().Update(ctx, artifact); err != nil {
-			return ctrl.Result{Requeue: true}, err
+			log.FromContext(ctx).Error(err, "failed to update artifact status")
+			return ctrl.Result{Requeue: true}, nil
 		}
 	}