[skip ci] Add rendered and modified Helm chart

stakater-buildah-as-user/rendered/stakater-buildah-as-user-0.0.2.yaml

@@ -0,0 +1,143 @@
+---
+# Source: stakater-buildah-as-user/templates/clustertask.yaml
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: stakater-buildah-as-user-0.0.2
+spec:
+  description: >-
+    Buildah task builds source into a container image and then pushes it to a
+    container registry.
+    Buildah Task builds source into a container image using Project Atomic's
+    Buildah build tool.It uses Buildah's support for building from Dockerfiles,
+    using its buildah bud command.This command executes the directives in the
+    Dockerfile to assemble a container image, then pushes that image to a
+    container registry.
+  params:
+    - description: Reference of the image buildah will produce.
+      name: IMAGE
+      type: string
+    - default: registry.redhat.io/rhel8/buildah@sha256:99cae35f40c7ec050fed3765b2b27e0b8bbea2aa2da7c16408e2ca13c60ff8ee
+      description: The location of the buildah builder image.
+      name: BUILDER_IMAGE
+      type: string
+    - default: vfs
+      description: Set buildah storage driver
+      name: STORAGE_DRIVER
+      type: string
+    - default: ./Dockerfile
+      description: Path to the Dockerfile to build.
+      name: DOCKERFILE
+      type: string
+    - default: .
+      description: Path to the directory to use as context.
+      name: CONTEXT
+      type: string
+    - default: 'true'
+      description: >-
+        Verify the TLS on the registry endpoint (for push/pull to a non-TLS
+        registry)
+      name: TLSVERIFY
+      type: string
+    - default: oci
+      description: 'The format of the built container, oci or docker'
+      name: FORMAT
+      type: string
+    - default: ''
+      description: Extra parameters passed for the build command when building images.
+      name: BUILD_EXTRA_ARGS
+      type: string
+    - default: ''
+      description: Extra parameters passed for the push command when pushing images.
+      name: PUSH_EXTRA_ARGS
+      type: string
+    - default: 'true'
+      description: Flag specifying whether image should be built again.
+      name: BUILD_IMAGE
+      type: string
+    - default: ''
+      description: Image registry url.
+      name: IMAGE_REGISTRY
+      type: string
+    - default: ''
+      description: Current version of the application/image in dev.
+      name: CURRENT_GIT_TAG
+      type: string
+  results:
+    - description: Digest of the image just built.
+      name: IMAGE_DIGEST
+  steps:
+    - image: $(params.BUILDER_IMAGE)
+      name: build
+      resources: {}
+      env:
+        - name: WORKSPACE_BUILDAH_GIT_DEPENDENCY_TOKEN_BOUND
+          value: $(workspaces.buildah-git-dependency-token.bound)
+      script: |
+        echo "Running as USER ID `id`"
+        if [ "${WORKSPACE_BUILDAH_GIT_DEPENDENCY_TOKEN_BOUND}" = "true"  ]; then
+          token=$(ls ../buildah-git-dependency-token/)
+          FILE=../buildah-git-dependency-token/$token 
+          echo "$FILE exists."
+          GIT_DEPENDENCY_TOKEN=`cat $FILE` 
+        else 
+          echo "$FILE does not exist."
+          GIT_DEPENDENCY_TOKEN=''
+        fi
+        
+        buildah pull docker://$(params.IMAGE_REGISTRY):$(params.CURRENT_GIT_TAG) || Image_unavailable=$?
+
+        if [[ $(params.BUILD_IMAGE) == true ||  $Image_unavailable != ''
+        ]]; then
+          buildah --storage-driver=$(params.STORAGE_DRIVER) bud \
+            $(params.BUILD_EXTRA_ARGS)$GIT_DEPENDENCY_TOKEN --format=$(params.FORMAT) \
+            --tls-verify=$(params.TLSVERIFY) --no-cache \
+            -f $(params.DOCKERFILE) -t $(params.IMAGE) $(params.CONTEXT)
+        fi
+      securityContext:
+        runAsUser: 1000
+      volumeMounts:
+        - mountPath: /home/build/.local/share/containers
+          name: varlibcontainers
+      workingDir: $(workspaces.source.path)
+    - image: $(params.BUILDER_IMAGE)
+      name: push
+      resources: {}
+      script: >
+        echo "Running as USER ID `id`"
+        buildah pull
+        docker://$(params.IMAGE_REGISTRY):$(params.CURRENT_GIT_TAG)||
+        Image_unavailable=$?
+
+        if [[ $(params.BUILD_IMAGE) == true || $Image_unavailable != ''
+        ]]; then
+          buildah --storage-driver=$(params.STORAGE_DRIVER) push \
+            $(params.PUSH_EXTRA_ARGS) --tls-verify=$(params.TLSVERIFY) \
+            --digestfile $(workspaces.source.path)/image-digest $(params.IMAGE) \
+            docker://$(params.IMAGE)
+        else
+          buildah pull docker://$(params.IMAGE_REGISTRY):$(params.CURRENT_GIT_TAG)
+          buildah tag $(params.IMAGE_REGISTRY):$(params.CURRENT_GIT_TAG) $(params.IMAGE)
+          buildah --storage-driver=$(params.STORAGE_DRIVER) push \
+            $(params.PUSH_EXTRA_ARGS) --tls-verify=$(params.TLSVERIFY) \
+            $(params.IMAGE) docker://$(params.IMAGE)
+        fi
+      securityContext:
+        runAsUser: 1000
+      volumeMounts:
+        - mountPath: /home/build/.local/share/containers
+          name: varlibcontainers
+      workingDir: $(workspaces.source.path)
+    - image: $(params.BUILDER_IMAGE)
+      name: digest-to-results
+      resources: {}
+      script: >-
+        cat $(workspaces.source.path)/image-digest | tee
+        /tekton/results/IMAGE_DIGEST
+  volumes:
+    - emptyDir: {}
+      name: varlibcontainers
+  workspaces:
+    - name: source
+    - name: buildah-git-dependency-token
+      optional: true