apiVersion: tekton.dev/v1 kind: Task metadata: name: docker-registry spec: params: - name: subdirectory type: string description: Subdirectory within the repo where the source code is located default: "" - name: imageName description: Base image name with registry (e.g. docker.unbox-x.net/registry/unbox-x-aisi-cron-app) type: string - name: tag description: Version tag to apply to the image (e.g. v0.2.0) type: string - name: dockerfile description: Path to Dockerfile type: string default: ./Dockerfile - name: context description: Build context path (relative to subdirectory) type: string default: . - name: kanikoArgs description: arguments for kaniko type: string default: "" workspaces: - name: source description: Source code workspace - name: docker-auth description: Docker registry credentials (username + password) results: - name: imageUrl description: Final pushed image URL with tag (e.g. registry/app:v0.2.0) steps: - name: write-docker-config image: alpine:3.21.3 workingDir: /workspace/source script: | #!/bin/sh set -e if [ -n "$(params.subdirectory)" ]; then cd "$(params.subdirectory)" fi IMAGE="$(params.imageName):$(params.tag)" USERNAME=$(cat /workspace/docker-auth/username) PASSWORD=$(cat /workspace/docker-auth/password) REGISTRY=$(echo "$IMAGE" | cut -d/ -f1) AUTH=$(echo -n "$USERNAME:$PASSWORD" | base64) echo "📦 Using image: $IMAGE" echo -n "$IMAGE" > /tekton/results/imageUrl echo "🔐 Writing Docker config for $REGISTRY..." mkdir -p /tekton/home/.docker cat < /tekton/home/.docker/config.json { "auths": { "$REGISTRY": { "auth": "$AUTH" } } } EOF - name: kaniko-build image: gcr.io/kaniko-project/executor:v1.23.2 workingDir: $(workspaces.source.path)/$(params.subdirectory) env: - name: DOCKER_CONFIG value: /tekton/home/.docker command: - /kaniko/executor args: - --dockerfile=$(params.dockerfile) - --context=$(params.context) - --destination=$(params.imageName):$(params.tag) - --skip-tls-verify - --verbosity=info - --reproducible {{- range splitList " " .Params.kanikoArgs }} - {{ . }} {{- end }}