k8s cloud agents build images

Hi. As I understand to connect to each other (TC server and TC agent) any cloud agents have to have java runtime and java agent itself. It's super inconvenient if I just want to run e.g. kaniko to build docker images in cloud k8s. Also, docker-in-docker solution requires a docker socket that has a huge security impact.

So, is there a way to build docker images in k8s and not to use docker-in-docker?

Other CI systems like Jenkins or GitLab allows it. E.g. Jenkins runs its agent as a container sidecar. This container clones git repo and share code through mount directory. I guess it can be achieved using a custom pod template with kaniko as build container and teamcity agent as a TC agent. But it doesn't allow to run a command inside build container, not agent sidecar.