gitlab-ci: Work around umask giving root-owned world-writable files

Explicitly call `chmod` to work around the upstream GitLab issue
https://gitlab.com/gitlab-org/gitlab-runner/issues/1736


"File/directory creation umask when cloning is `0000`".

To work with Docker images that run with a specific non-root user,
GitLab clones git repositories with umask set to 000: that is, to
make non-root users from Docker be able to write in the repositories
they are made world-writable.

This has nasty consequences with tools like Debos or the Docker image
builders which copy files from the repository and trust the original
permissions. In the case here, all the overlays resulted world-writable
on the generated images, enabling trivial privilege escalations.

This commit should be reverted once the GitLab issue is fixed.

Signed-off-by: Emanuele Aina <emanuele.aina@collabora.com>