diff --git a/tekton/pipeline-build-multiarch.yaml b/tekton/pipeline-build-multiarch.yaml
index e90f7f7..5aa2c53 100644
--- a/tekton/pipeline-build-multiarch.yaml
+++ b/tekton/pipeline-build-multiarch.yaml
@@ -16,6 +16,9 @@ spec:
   - name: manifest-name
     type: string
     default: "tekton"
+  - name: context-dir
+    type: string
+    default: "."
 
   tasks:
 
@@ -39,8 +42,8 @@ spec:
     params:
     - name: manifest-name
       value: $(params.manifest-name)
-    - name: arch
-      value: "amd64"
+    - name: context-dir
+      value: $(params.context-dir)
     workspaces:
     - name: source-workspace
       workspace: source-workspace
@@ -54,8 +57,8 @@ spec:
     params:
     - name: manifest-name
       value: $(params.manifest-name)
-    - name: arch
-      value: "arm64"
+    - name: context-dir
+      value: $(params.context-dir)
     workspaces:
     - name: source-workspace
       workspace: source-workspace
diff --git a/tekton/pipelinerun.yaml b/tekton/pipelinerun.yaml
index 14737c8..8ed9d58 100644
--- a/tekton/pipelinerun.yaml
+++ b/tekton/pipelinerun.yaml
@@ -10,6 +10,8 @@ spec:
     value: https://github.com/nmasse-itix/tekton-pipeline-multiarch.git
   - name: docker-image-name
     value: quay.io/nmasse_itix/htop-multiarch
+  - name: context-dir
+    value: src
   workspaces:
   - name: container-storage
     volumeClaimTemplate:
diff --git a/tekton/serviceaccount-buildbot.yaml b/tekton/serviceaccount-buildbot.yaml
index 219cbdc..ba2c61b 100644
--- a/tekton/serviceaccount-buildbot.yaml
+++ b/tekton/serviceaccount-buildbot.yaml
@@ -4,3 +4,29 @@ metadata:
   name: buildbot
 imagePullSecrets:
 - name: quay-authentication
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: buildbot-scc
+rules:
+- apiGroups:
+  - security.openshift.io
+  resourceNames:
+  - privileged
+  resources:
+  - securitycontextconstraints
+  verbs:
+  - use
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: buildbot-scc
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: buildbot-scc
+subjects:
+- kind: ServiceAccount
+  name: buildbot
diff --git a/tekton/task-podman-build.yaml b/tekton/task-podman-build.yaml
index 82f351f..62d83cc 100644
--- a/tekton/task-podman-build.yaml
+++ b/tekton/task-podman-build.yaml
@@ -9,8 +9,6 @@ spec:
   - name: context-dir
     type: string
     default: .
-  - name: arch
-    type: string
   workspaces:
   - name: source-workspace
     description: Workspace containing source code
@@ -19,9 +17,13 @@ spec:
     mountPath: /var/lib/containers
   steps:
   - name: build
-    image: quay.io/podman/stable
+    image: registry.redhat.io/rhel8/buildah@sha256:b48f410efa0ff8ab0db6ead420a5d8d866d64af846fece5efb185230d7ecf591
     script: |
       #!/bin/bash
       set -Eeuo pipefail
-      export STORAGE_DRIVER=vfs
-      podman build --no-cache --manifest $(params.manifest-name) $(workspaces.source-workspace.path)/$(params.context-dir)
+      buildah bud --storage-driver=vfs --no-cache --manifest $(params.manifest-name) $(workspaces.source-workspace.path)/$(params.context-dir)
+      #podman build --no-cache --manifest $(params.manifest-name) $(workspaces.source-workspace.path)/$(params.context-dir)
+    securityContext:
+      capabilities:
+        add:
+          - SETFCAP