apiVersion: tekton.dev/v1beta1 kind: Task metadata: name: buildah spec: params: - name: buildahVersion type: string default: latest - name: outputContainerImage type: string results: - name: imageDigest description: The digest of the built image manifest workspaces: - name: src mountPath: /src - name: containers mountPath: /var/lib/containers steps: - name: buildah image: quay.io/containers/buildah:$(params.buildahVersion) workingDir: /src env: - name: RESULT_IMAGE_DIGEST value: "$(results.imageDigest.path)" - name: TARGET_IMAGE value: "$(params.outputContainerImage)" - name: "CONTAINERFILE" value: "src/main/docker/Dockerfile.native" securityContext: capabilities: add: - 'SYS_ADMIN' privileged: true script: | #!/bin/bash set -Eeuo pipefail function build () { echo "=========================================================" echo " buildah build $TARGET_IMAGE" echo "=========================================================" echo extra_args="" if [ -n "${CONTAINERFILE:-}" ]; then extra_args="$extra_args --file $CONTAINERFILE" fi buildah bud --storage-driver vfs -t localhost/build:latest $extra_args . echo } function push () { echo "=========================================================" echo " buildah push $TARGET_IMAGE" echo "=========================================================" echo buildah push --storage-driver vfs --digestfile "$RESULT_IMAGE_DIGEST" localhost/build:latest "docker://$1" echo } function login () { echo "=========================================================" echo " buildah login $1" echo "=========================================================" echo buildah login -u sa -p $(cat /var/run/secrets/kubernetes.io/serviceaccount/token) "$1" echo } login image-registry.openshift-image-registry.svc:5000 build push "$TARGET_IMAGE:latest" exit 0