Support building and pushing images through buildkit without a docker daemon

[valerian-roche]

Is your feature request related to a problem? Please describe.

In some restricted environments, machines executing build code (e.g. CI) may not be running a local docker daemon and rely on buildx to handle docker images build on remote buildkit executors.
In this context the current use of --load in the docker buildx build command (https://github.com/goreleaser/goreleaser/blob/main/internal/pipe/docker/api_docker.go#L76) is not working as this requires a docker daemon to push the image to. The use of --push instead allows to completely build and push images without a docker daemon. It is also not an issue for manifests as those do not use the docker daemon at all.

Describe the solution you'd like

When using buildx builder, allow to push the image directly from the remote builder rather than the daemon.
As this can impact current workflows (as the machine pushing the image might then be different from the current one), a specific flag might be needed to not break existing use cases.
In the general case I would expect this change to improve user experience as it would avoid the transfer of the image to/from the client machine. When the remote executor is running in a higher bandwidth environment (e.g. public cloud), this might greatly improve the build speed.

Describe alternatives you've considered

The main alternatives I considered:

• use flags in a way allowing to push through the build command: this nearly works, but docker buildx build does not override load with push but errors if both are set. As the load flag is hardcoded in goreleaser, this cannot be avoided and will require the docker daemon to be available for the client
• configure the client to use a full-fledge docker daemon. This would likely work, but in constrained environment this is potentially out of user control. A major advantage of buildkit is to allow the build of oci images without the need for a privileged docker daemon (e.g. by running buildkit executors on a kubernetes cluster)
• bypass the docker build part in goreleaser, and only use it to build go. This would work, but is somewhat defeating the goal of goreleaser

Search

• I did search for other open and closed issues before opening this.

Code of Conduct

• I agree to follow this project's Code of Conduct

Additional context

I checked on the code side if there was an easy way to do this change. It is non-trivial given the currently provided interfaces, as the imager interface assumes distinct build and push phases.
It can be done by running the build command without the load flag if requested and then running the push command with the same build flags and the --push -q flags, but this leads to strict coupling between the two phases that breaks the context.
If the imager object was not common to all goroutines, some context could be passed but this again requires a significant rewrite of the interface

[caarlos0]

this would probably have to be implemented more or less like we implemented the Ko integration.