apache-php/pipeline/task.yaml

apiVersion: tekton.dev/v1alpha1
kind: Task
metadata:
  name: apache-php-build-image-from-git-source
  namespace: cdci-librecloud-online
spec:
  #serviceAccount: build-bot
  inputs:
    params:
    - name: pathToDockerFile
      type: string
      description: The path to the dockerfile to build
      default: /workspace/source/src/Dockerfile
    - name: pathToContext
      type: string
      description:
        The build context used by Kaniko
        (https://github.com/GoogleContainerTools/kaniko#kaniko-build-contexts)
      default: /workspace/source/src
    - name: DOCKERFILE
      type: string
      description: The name of the Dockerfile
      default: "Dockerfile"
    - name: BUILDKIT_CLIENT_IMAGE
      type: string
      description: The name of the BuildKit client (buildctl) image

      default: "docker.io/moby/buildkit:master-rootless"
    - name: BUILDKIT_DAEMON_ADDRESS
      type: string
      description: The address of the BuildKit daemon (buildkitd) service
      default: "tcp://buildkitd:1234"
    resources:
    - name: source
      type: git
  outputs:
    resources:
    - name: builtImage
      type: image
  volumes:

    - name: dckr-cfg-volume
      secret:
        secretName: regcred
    - name: ssh-volume
      secret:
        secretName: ssh-key
    - name: certs
      secret:
        secretName: buildkit-client-certs

  steps:
  - name: build-and-push
    image: $(inputs.params.BUILDKIT_CLIENT_IMAGE)


    workingDir: /workspace/source

    command: [ "buildctl" ]
    args:
      - --tlscacert
      - /certs/ca.pem
      - --tlscert
      - /certs/cert.pem
      - --tlskey
      - /certs/key.pem
      - --debug
      - --addr=$(inputs.params.BUILDKIT_DAEMON_ADDRESS)
      - build
      - --progress=plain
      - --frontend=dockerfile.v0
      - --opt
      - filename=$(inputs.params.DOCKERFILE)
      - --local
      - context=$(inputs.params.pathToContext)
      - --local
      - dockerfile=$(inputs.params.pathToDockerFile)
      - --output
      - type=image,name=$(outputs.resources.builtImage.url),push=true
      - --export-cache
      - type=inline
      - --import-cache
      - type=registry,ref=$(outputs.resources.builtImage.url)
    volumeMounts:
      - name: certs
        readOnly: true
        mountPath: /certs
      - name: ssh-volume
        readOnly: true
        mountPath: /.ssh