apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: docker-build-and-publish
  namespace: tekton-pipelines
spec:
  params:
  - name: DOCKERFILE
    type: string
    description: The path to the dockerfile to build
    default: Dockerfile
  - name: CONTEXT
    type: string
    description: The build context used by Docker.
    default: .
  - name: IMAGE
    type: string
  resources:
    inputs:
    - name: src
      type: git
  results:
  - name: IMAGE_DIGEST
    description: Digest of the image just built.
  steps:
  - name: build-and-push
    workingDir: /workspace/src
    image: moby/buildkit:latest
    env:
    - name: DOCKER_CONFIG
      value: /root/.docker
    command:
      - buildctl-daemonless.sh
      - --debug
      - build
      - --progress=plain
      - --frontend=dockerfile.v0
      - --opt
      - filename=$(params.DOCKERFILE)
      - --opt
      - platform=linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64
      - --local
      - context=$(params.CONTEXT)
      - --local
      - dockerfile=.
      - --output
      - type=image,name=$(params.IMAGE),push=true
      - --export-cache
      - type=inline
      - --import-cache
      - type=registry,ref=$(params.IMAGE)
    securityContext:
      privileged: true
    volumeMounts:
      - name: docker-config
        mountPath: /root/.docker/config.json
        subPath: config.json
  volumes:
    - name: docker-config
      secret:
        secretName: docker-config