j7s-ci/j7s-os/j7s-os-buildah.yaml

---
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: j7s-os-buildah
spec:
  description: Build the deployment container image for j7s-os.
  params:
  - name: image
    description: Reference of the image buildah will produce.
  - name: commit
    description: Repo directory to put inside the image.
  - name: registry
    description: Registry to push to.
  - name: version
    description: Version for the image.
  - name: registry-secret-name
    description: Name of secret to get credentials for registry from.
  workspaces:
  - name: source
  steps:
  - name: build
    image: quay.io/buildah/stable:v1.23.3
    workingDir: $(workspaces.source.path)
    script: |
      set -x
      # Login
      buildah login --tls-verify=false --username=$USERNAME --password=$PASSWORD $(params.registry)
      # Build
      buildah --storage-driver=overlay bud --tls-verify=false --no-cache \
        --build-arg commit=./$(params.commit) \
        -f ./hosting/Dockerfile -t $(params.image):$(params.version) .
      # Push
      buildah --storage-driver=overlay push --tls-verify=false $(params.image) docker://$(params.registry)/$(params.image):$(params.version)
      buildah --storage-driver=overlay push --tls-verify=false $(params.image) docker://$(params.registry)/$(params.image):latest      
    env:
    - name: USERNAME
      valueFrom:
        secretKeyRef:
          name: $(params.registry-login-secret-name)
          key: username
    - name: PASSWORD
      valueFrom:
        secretKeyRef:
          name: $(params.registry-login-secret-name)
          key: password
    volumeMounts:
    - name: varlibcontainers
      mountPath: /var/lib/containers
    securityContext:
      privileged: true
  volumes:
  - name: varlibcontainers
    emptyDir: {}