mirror of
https://github.com/home-assistant/core.git
synced 2025-12-25 13:38:04 +00:00
545 lines
20 KiB
YAML
545 lines
20 KiB
YAML
name: Build images
|
|
|
|
# yamllint disable-line rule:truthy
|
|
on:
|
|
workflow_dispatch:
|
|
release:
|
|
types: ["published"]
|
|
schedule:
|
|
- cron: "0 2 * * *"
|
|
|
|
env:
|
|
BUILD_TYPE: core
|
|
DEFAULT_PYTHON: "3.13"
|
|
PIP_TIMEOUT: 60
|
|
UV_HTTP_TIMEOUT: 60
|
|
UV_SYSTEM_PYTHON: "true"
|
|
BASE_IMAGE_VERSION: "2025.11.0"
|
|
|
|
jobs:
|
|
init:
|
|
name: Initialize build
|
|
if: github.repository_owner == 'home-assistant'
|
|
runs-on: ubuntu-latest
|
|
outputs:
|
|
version: ${{ steps.version.outputs.version }}
|
|
channel: ${{ steps.version.outputs.channel }}
|
|
publish: ${{ steps.version.outputs.publish }}
|
|
steps:
|
|
- name: Checkout the repository
|
|
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
|
|
|
|
- name: Set up Python ${{ env.DEFAULT_PYTHON }}
|
|
uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
|
|
with:
|
|
python-version: ${{ env.DEFAULT_PYTHON }}
|
|
|
|
- name: Get information
|
|
id: info
|
|
uses: home-assistant/actions/helpers/info@master
|
|
|
|
- name: Get version
|
|
id: version
|
|
uses: home-assistant/actions/helpers/version@master
|
|
with:
|
|
type: ${{ env.BUILD_TYPE }}
|
|
|
|
- name: Verify version
|
|
uses: home-assistant/actions/helpers/verify-version@master
|
|
with:
|
|
ignore-dev: true
|
|
|
|
- name: Fail if translations files are checked in
|
|
run: |
|
|
if [ -n "$(find homeassistant/components/*/translations -type f)" ]; then
|
|
echo "Translations files are checked in, please remove the following files:"
|
|
find homeassistant/components/*/translations -type f
|
|
exit 1
|
|
fi
|
|
|
|
- name: Download Translations
|
|
run: python3 -m script.translations download
|
|
env:
|
|
LOKALISE_TOKEN: ${{ secrets.LOKALISE_TOKEN }}
|
|
|
|
- name: Archive translations
|
|
shell: bash
|
|
run: find ./homeassistant/components/*/translations -name "*.json" | tar zcvf translations.tar.gz -T -
|
|
|
|
- name: Upload translations
|
|
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
|
|
with:
|
|
name: translations
|
|
path: translations.tar.gz
|
|
if-no-files-found: error
|
|
|
|
build_base:
|
|
name: Build ${{ matrix.arch }} base core image
|
|
if: github.repository_owner == 'home-assistant'
|
|
needs: init
|
|
runs-on: ${{ matrix.os }}
|
|
permissions:
|
|
contents: read
|
|
packages: write
|
|
id-token: write
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
arch: ["amd64", "aarch64"]
|
|
include:
|
|
- arch: amd64
|
|
os: ubuntu-latest
|
|
- arch: aarch64
|
|
os: ubuntu-24.04-arm
|
|
steps:
|
|
- name: Checkout the repository
|
|
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
|
|
|
|
- name: Download nightly wheels of frontend
|
|
if: needs.init.outputs.channel == 'dev'
|
|
uses: dawidd6/action-download-artifact@ac66b43f0e6a346234dd65d4d0c8fbb31cb316e5 # v11
|
|
with:
|
|
github_token: ${{secrets.GITHUB_TOKEN}}
|
|
repo: home-assistant/frontend
|
|
branch: dev
|
|
workflow: nightly.yaml
|
|
workflow_conclusion: success
|
|
name: wheels
|
|
|
|
- name: Download nightly wheels of intents
|
|
if: needs.init.outputs.channel == 'dev'
|
|
uses: dawidd6/action-download-artifact@ac66b43f0e6a346234dd65d4d0c8fbb31cb316e5 # v11
|
|
with:
|
|
github_token: ${{secrets.GITHUB_TOKEN}}
|
|
repo: OHF-Voice/intents-package
|
|
branch: main
|
|
workflow: nightly.yaml
|
|
workflow_conclusion: success
|
|
name: package
|
|
|
|
- name: Set up Python ${{ env.DEFAULT_PYTHON }}
|
|
if: needs.init.outputs.channel == 'dev'
|
|
uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
|
|
with:
|
|
python-version: ${{ env.DEFAULT_PYTHON }}
|
|
|
|
- name: Adjust nightly version
|
|
if: needs.init.outputs.channel == 'dev'
|
|
shell: bash
|
|
env:
|
|
UV_PRERELEASE: allow
|
|
run: |
|
|
python3 -m pip install "$(grep '^uv' < requirements.txt)"
|
|
uv pip install packaging tomli
|
|
uv pip install .
|
|
python3 script/version_bump.py nightly --set-nightly-version "${{ needs.init.outputs.version }}"
|
|
|
|
if [[ "$(ls home_assistant_frontend*.whl)" =~ ^home_assistant_frontend-(.*)-py3-none-any.whl$ ]]; then
|
|
echo "Found frontend wheel, setting version to: ${BASH_REMATCH[1]}"
|
|
frontend_version="${BASH_REMATCH[1]}" yq \
|
|
--inplace e -o json \
|
|
'.requirements = ["home-assistant-frontend=="+env(frontend_version)]' \
|
|
homeassistant/components/frontend/manifest.json
|
|
|
|
sed -i "s|home-assistant-frontend==.*|home-assistant-frontend==${BASH_REMATCH[1]}|" \
|
|
homeassistant/package_constraints.txt
|
|
|
|
sed -i "s|home-assistant-frontend==.*||" requirements_all.txt
|
|
fi
|
|
|
|
if [[ "$(ls home_assistant_intents*.whl)" =~ ^home_assistant_intents-(.*)-py3-none-any.whl$ ]]; then
|
|
echo "Found intents wheel, setting version to: ${BASH_REMATCH[1]}"
|
|
yq \
|
|
--inplace e -o json \
|
|
'del(.requirements[] | select(contains("home-assistant-intents")))' \
|
|
homeassistant/components/conversation/manifest.json
|
|
|
|
intents_version="${BASH_REMATCH[1]}" yq \
|
|
--inplace e -o json \
|
|
'.requirements += ["home-assistant-intents=="+env(intents_version)]' \
|
|
homeassistant/components/conversation/manifest.json
|
|
|
|
sed -i "s|home-assistant-intents==.*|home-assistant-intents==${BASH_REMATCH[1]}|" \
|
|
homeassistant/package_constraints.txt
|
|
|
|
sed -i "s|home-assistant-intents==.*||" requirements_all.txt
|
|
fi
|
|
|
|
- name: Download translations
|
|
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
|
|
with:
|
|
name: translations
|
|
|
|
- name: Extract translations
|
|
run: |
|
|
tar xvf translations.tar.gz
|
|
rm translations.tar.gz
|
|
|
|
- name: Write meta info file
|
|
shell: bash
|
|
run: |
|
|
echo "${{ github.sha }};${{ github.ref }};${{ github.event_name }};${{ github.actor }}" > rootfs/OFFICIAL_IMAGE
|
|
|
|
- name: Login to GitHub Container Registry
|
|
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.repository_owner }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Install Cosign
|
|
uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0
|
|
with:
|
|
cosign-release: "v2.5.3"
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
|
|
|
|
- name: Build variables
|
|
id: vars
|
|
shell: bash
|
|
run: |
|
|
echo "base_image=ghcr.io/home-assistant/${{ matrix.arch }}-homeassistant-base:${{ env.BASE_IMAGE_VERSION }}" >> "$GITHUB_OUTPUT"
|
|
echo "cache_image=ghcr.io/home-assistant/${{ matrix.arch }}-homeassistant:latest" >> "$GITHUB_OUTPUT"
|
|
echo "created=$(date --rfc-3339=seconds --utc)" >> "$GITHUB_OUTPUT"
|
|
|
|
- name: Verify base image signature
|
|
run: |
|
|
cosign verify \
|
|
--certificate-oidc-issuer https://token.actions.githubusercontent.com \
|
|
--certificate-identity-regexp "https://github.com/home-assistant/docker/.*" \
|
|
"${{ steps.vars.outputs.base_image }}"
|
|
|
|
- name: Verify cache image signature
|
|
id: cache
|
|
continue-on-error: true
|
|
run: |
|
|
cosign verify \
|
|
--certificate-oidc-issuer https://token.actions.githubusercontent.com \
|
|
--certificate-identity-regexp "https://github.com/home-assistant/core/.*" \
|
|
"${{ steps.vars.outputs.cache_image }}"
|
|
|
|
- name: Build base image
|
|
id: build
|
|
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
|
|
with:
|
|
context: .
|
|
file: ./Dockerfile
|
|
platforms: ${{ steps.vars.outputs.platform }}
|
|
push: true
|
|
cache-from: ${{ steps.cache.outcome == 'success' && steps.vars.outputs.cache_image || '' }}
|
|
build-args: |
|
|
BUILD_FROM=${{ steps.vars.outputs.base_image }}
|
|
tags: ghcr.io/home-assistant/${{ matrix.arch }}-homeassistant:${{ needs.init.outputs.version }}
|
|
labels: |
|
|
io.hass.arch=${{ matrix.arch }}
|
|
io.hass.version=${{ needs.init.outputs.version }}
|
|
org.opencontainers.image.created=${{ steps.vars.outputs.created }}
|
|
org.opencontainers.image.version=${{ needs.init.outputs.version }}
|
|
|
|
- name: Sign image
|
|
run: |
|
|
cosign sign --yes "ghcr.io/home-assistant/${{ matrix.arch }}-homeassistant:${{ needs.init.outputs.version }}@${{ steps.build.outputs.digest }}"
|
|
|
|
build_machine:
|
|
name: Build ${{ matrix.machine }} machine core image
|
|
if: github.repository_owner == 'home-assistant'
|
|
needs: ["init", "build_base"]
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
packages: write
|
|
id-token: write
|
|
strategy:
|
|
matrix:
|
|
machine:
|
|
- generic-x86-64
|
|
- intel-nuc
|
|
- khadas-vim3
|
|
- odroid-c2
|
|
- odroid-c4
|
|
- odroid-m1
|
|
- odroid-n2
|
|
- qemuarm-64
|
|
- qemux86-64
|
|
- raspberrypi3-64
|
|
- raspberrypi4-64
|
|
- raspberrypi5-64
|
|
- yellow
|
|
- green
|
|
steps:
|
|
- name: Checkout the repository
|
|
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
|
|
|
|
- name: Set build additional args
|
|
run: |
|
|
# Create general tags
|
|
if [[ "${{ needs.init.outputs.version }}" =~ d ]]; then
|
|
echo "BUILD_ARGS=--additional-tag dev" >> $GITHUB_ENV
|
|
elif [[ "${{ needs.init.outputs.version }}" =~ b ]]; then
|
|
echo "BUILD_ARGS=--additional-tag beta" >> $GITHUB_ENV
|
|
else
|
|
echo "BUILD_ARGS=--additional-tag stable" >> $GITHUB_ENV
|
|
fi
|
|
|
|
- name: Login to GitHub Container Registry
|
|
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.repository_owner }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
# home-assistant/builder doesn't support sha pinning
|
|
- name: Build base image
|
|
uses: home-assistant/builder@2025.09.0
|
|
with:
|
|
args: |
|
|
$BUILD_ARGS \
|
|
--target /data/machine \
|
|
--cosign \
|
|
--machine "${{ needs.init.outputs.version }}=${{ matrix.machine }}"
|
|
|
|
publish_ha:
|
|
name: Publish version files
|
|
environment: ${{ needs.init.outputs.channel }}
|
|
if: github.repository_owner == 'home-assistant'
|
|
needs: ["init", "build_machine"]
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout the repository
|
|
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
|
|
|
|
- name: Initialize git
|
|
uses: home-assistant/actions/helpers/git-init@master
|
|
with:
|
|
name: ${{ secrets.GIT_NAME }}
|
|
email: ${{ secrets.GIT_EMAIL }}
|
|
token: ${{ secrets.GIT_TOKEN }}
|
|
|
|
- name: Update version file
|
|
uses: home-assistant/actions/helpers/version-push@master
|
|
with:
|
|
key: "homeassistant[]"
|
|
key-description: "Home Assistant Core"
|
|
version: ${{ needs.init.outputs.version }}
|
|
channel: ${{ needs.init.outputs.channel }}
|
|
exclude-list: '["odroid-xu","qemuarm","qemux86","raspberrypi","raspberrypi2","raspberrypi3","raspberrypi4","tinker"]'
|
|
|
|
- name: Update version file (stable -> beta)
|
|
if: needs.init.outputs.channel == 'stable'
|
|
uses: home-assistant/actions/helpers/version-push@master
|
|
with:
|
|
key: "homeassistant[]"
|
|
key-description: "Home Assistant Core"
|
|
version: ${{ needs.init.outputs.version }}
|
|
channel: beta
|
|
exclude-list: '["odroid-xu","qemuarm","qemux86","raspberrypi","raspberrypi2","raspberrypi3","raspberrypi4","tinker"]'
|
|
|
|
publish_container:
|
|
name: Publish meta container for ${{ matrix.registry }}
|
|
environment: ${{ needs.init.outputs.channel }}
|
|
if: github.repository_owner == 'home-assistant'
|
|
needs: ["init", "build_base"]
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
packages: write
|
|
id-token: write
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
registry: ["ghcr.io/home-assistant", "docker.io/homeassistant"]
|
|
steps:
|
|
- name: Checkout the repository
|
|
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
|
|
|
|
- name: Install Cosign
|
|
uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0
|
|
with:
|
|
cosign-release: "v2.2.3"
|
|
|
|
- name: Login to DockerHub
|
|
if: matrix.registry == 'docker.io/homeassistant'
|
|
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
|
|
with:
|
|
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
|
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
|
|
|
- name: Login to GitHub Container Registry
|
|
if: matrix.registry == 'ghcr.io/home-assistant'
|
|
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.repository_owner }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Build Meta Image
|
|
shell: bash
|
|
run: |
|
|
export DOCKER_CLI_EXPERIMENTAL=enabled
|
|
|
|
function create_manifest() {
|
|
local tag_l=${1}
|
|
local tag_r=${2}
|
|
local registry=${{ matrix.registry }}
|
|
|
|
docker manifest create "${registry}/home-assistant:${tag_l}" \
|
|
"${registry}/amd64-homeassistant:${tag_r}" \
|
|
"${registry}/aarch64-homeassistant:${tag_r}"
|
|
|
|
docker manifest annotate "${registry}/home-assistant:${tag_l}" \
|
|
"${registry}/amd64-homeassistant:${tag_r}" \
|
|
--os linux --arch amd64
|
|
|
|
docker manifest annotate "${registry}/home-assistant:${tag_l}" \
|
|
"${registry}/aarch64-homeassistant:${tag_r}" \
|
|
--os linux --arch arm64 --variant=v8
|
|
|
|
docker manifest push --purge "${registry}/home-assistant:${tag_l}"
|
|
cosign sign --yes "${registry}/home-assistant:${tag_l}"
|
|
}
|
|
|
|
function validate_image() {
|
|
local image=${1}
|
|
if ! cosign verify --certificate-oidc-issuer https://token.actions.githubusercontent.com --certificate-identity-regexp https://github.com/home-assistant/core/.* "${image}"; then
|
|
echo "Invalid signature!"
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
function push_dockerhub() {
|
|
local image=${1}
|
|
local tag=${2}
|
|
|
|
docker tag "ghcr.io/home-assistant/${image}:${tag}" "docker.io/homeassistant/${image}:${tag}"
|
|
docker push "docker.io/homeassistant/${image}:${tag}"
|
|
cosign sign --yes "docker.io/homeassistant/${image}:${tag}"
|
|
}
|
|
|
|
# Pull images from github container registry and verify signature
|
|
docker pull "ghcr.io/home-assistant/amd64-homeassistant:${{ needs.init.outputs.version }}"
|
|
docker pull "ghcr.io/home-assistant/aarch64-homeassistant:${{ needs.init.outputs.version }}"
|
|
|
|
validate_image "ghcr.io/home-assistant/amd64-homeassistant:${{ needs.init.outputs.version }}"
|
|
validate_image "ghcr.io/home-assistant/aarch64-homeassistant:${{ needs.init.outputs.version }}"
|
|
|
|
if [[ "${{ matrix.registry }}" == "docker.io/homeassistant" ]]; then
|
|
# Upload images to dockerhub
|
|
push_dockerhub "amd64-homeassistant" "${{ needs.init.outputs.version }}"
|
|
push_dockerhub "aarch64-homeassistant" "${{ needs.init.outputs.version }}"
|
|
fi
|
|
|
|
# Create version tag
|
|
create_manifest "${{ needs.init.outputs.version }}" "${{ needs.init.outputs.version }}"
|
|
|
|
# Create general tags
|
|
if [[ "${{ needs.init.outputs.version }}" =~ d ]]; then
|
|
create_manifest "dev" "${{ needs.init.outputs.version }}"
|
|
elif [[ "${{ needs.init.outputs.version }}" =~ b ]]; then
|
|
create_manifest "beta" "${{ needs.init.outputs.version }}"
|
|
create_manifest "rc" "${{ needs.init.outputs.version }}"
|
|
else
|
|
create_manifest "stable" "${{ needs.init.outputs.version }}"
|
|
create_manifest "latest" "${{ needs.init.outputs.version }}"
|
|
create_manifest "beta" "${{ needs.init.outputs.version }}"
|
|
create_manifest "rc" "${{ needs.init.outputs.version }}"
|
|
|
|
# Create series version tag (e.g. 2021.6)
|
|
v="${{ needs.init.outputs.version }}"
|
|
create_manifest "${v%.*}" "${{ needs.init.outputs.version }}"
|
|
fi
|
|
|
|
build_python:
|
|
name: Build PyPi package
|
|
environment: ${{ needs.init.outputs.channel }}
|
|
needs: ["init", "build_base"]
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
id-token: write
|
|
if: github.repository_owner == 'home-assistant' && needs.init.outputs.publish == 'true'
|
|
steps:
|
|
- name: Checkout the repository
|
|
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
|
|
|
|
- name: Set up Python ${{ env.DEFAULT_PYTHON }}
|
|
uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
|
|
with:
|
|
python-version: ${{ env.DEFAULT_PYTHON }}
|
|
|
|
- name: Download translations
|
|
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
|
|
with:
|
|
name: translations
|
|
|
|
- name: Extract translations
|
|
run: |
|
|
tar xvf translations.tar.gz
|
|
rm translations.tar.gz
|
|
|
|
- name: Build package
|
|
shell: bash
|
|
run: |
|
|
# Remove dist, build, and homeassistant.egg-info
|
|
# when build locally for testing!
|
|
pip install build
|
|
python -m build
|
|
|
|
- name: Upload package to PyPI
|
|
uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0
|
|
with:
|
|
skip-existing: true
|
|
|
|
hassfest-image:
|
|
name: Build and test hassfest image
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
packages: write
|
|
attestations: write
|
|
id-token: write
|
|
needs: ["init"]
|
|
if: github.repository_owner == 'home-assistant'
|
|
env:
|
|
HASSFEST_IMAGE_NAME: ghcr.io/home-assistant/hassfest
|
|
HASSFEST_IMAGE_TAG: ghcr.io/home-assistant/hassfest:${{ needs.init.outputs.version }}
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
|
|
|
|
- name: Login to GitHub Container Registry
|
|
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.repository_owner }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Build Docker image
|
|
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
|
|
with:
|
|
context: . # So action will not pull the repository again
|
|
file: ./script/hassfest/docker/Dockerfile
|
|
load: true
|
|
tags: ${{ env.HASSFEST_IMAGE_TAG }}
|
|
|
|
- name: Run hassfest against core
|
|
run: docker run --rm -v ${{ github.workspace }}:/github/workspace ${{ env.HASSFEST_IMAGE_TAG }} --core-path=/github/workspace
|
|
|
|
- name: Push Docker image
|
|
if: needs.init.outputs.channel != 'dev' && needs.init.outputs.publish == 'true'
|
|
id: push
|
|
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
|
|
with:
|
|
context: . # So action will not pull the repository again
|
|
file: ./script/hassfest/docker/Dockerfile
|
|
push: true
|
|
tags: ${{ env.HASSFEST_IMAGE_TAG }},${{ env.HASSFEST_IMAGE_NAME }}:latest
|
|
|
|
- name: Generate artifact attestation
|
|
if: needs.init.outputs.channel != 'dev' && needs.init.outputs.publish == 'true'
|
|
uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0
|
|
with:
|
|
subject-name: ${{ env.HASSFEST_IMAGE_NAME }}
|
|
subject-digest: ${{ steps.push.outputs.digest }}
|
|
push-to-registry: true
|