apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: docker-build-and-publish
  namespace: tekton-pipelines
spec:
  params:
  - name: DOCKERFILE
    type: string
    description: The path to the dockerfile to build
    default: Dockerfile
  - name: CONTEXT
    type: string
    description: The build context used by Docker.
    default: .
  - name: IMAGE
    type: string
  resources:
    inputs:
    - name: src
      type: git
  results:
  - name: IMAGE_DIGEST
    description: Digest of the image just built.
  steps:
  - name: build-and-push
    workingDir: /workspace/src
    image: moby/buildkit:latest
    env:
    - name: DOCKER_CONFIG
      value: /root/.docker
    command:
      - sh
      - -c
      - |
        PLATFORMS=$(grep 'PLATFORMS ?= ' Makefile | sed -E 's/^PLATFORMS \?= (.+)$/\1/')
        if [ -z $PLATFORMS ]; then
          PLATFORMS=linux/amd64
        fi

        buildctl-daemonless.sh --debug \
          build \
          --progress=plain \
          --frontend=dockerfile.v0 \
          --opt filename=$(params.DOCKERFILE) \
          --opt platform=${PLATFORMS} \
          --local context=$(params.CONTEXT) \
          --local dockerfile=. \
          --output type=image,name=$(params.IMAGE),push=true \
          --export-cache type=inline \
          --import-cache type=registry,ref=$(params.IMAGE)
    securityContext:
      privileged: true
    volumeMounts:
      - name: docker-config
        mountPath: /root/.docker/config.json
        subPath: config.json
  volumes:
    - name: docker-config
      secret:
        secretName: docker-config