Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: home-assistant/builder
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 2024.03.1
Choose a base ref
...
head repository: home-assistant/builder
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: master
Choose a head ref
Loading
Showing with 67 additions and 39 deletions.
  1. +1 −1 .devcontainer/devcontainer.json
  2. +3 −3 .github/workflows/publish.yml
  3. +2 −1 .github/workflows/test.yml
  4. +1 −0 Dockerfile
  5. +7 −2 action.yml
  6. +9 −6 build.yaml
  7. +44 −26 builder.sh
2 changes: 1 addition & 1 deletion .devcontainer/devcontainer.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "Alpine",
"image": "mcr.microsoft.com/vscode/devcontainers/base:0-alpine-3.13",
"image": "mcr.microsoft.com/vscode/devcontainers/base:0-alpine-3.20",
"settings": {
"terminal.integrated.shell.linux": "/bin/ash",
"shellcheck.enable": true,
6 changes: 3 additions & 3 deletions .github/workflows/publish.yml
Original file line number Diff line number Diff line change
@@ -40,19 +40,19 @@ jobs:
- name: Checkout the repository
uses: actions/checkout@v4

- uses: olegtarasov/get-tag@v2.1
- uses: olegtarasov/get-tag@v2.1.4
if: github.event_name == 'release'
name: Set tag envronment variable

- name: Login to GitHub Container Registry
uses: docker/login-action@v3.1.0
uses: docker/login-action@v3.3.0
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Publish ${{ matrix.architecture }} builder
uses: ./
uses: home-assistant/builder@2024.08.2
with:
args: |
--${{ matrix.architecture }} \
3 changes: 2 additions & 1 deletion .github/workflows/test.yml
Original file line number Diff line number Diff line change
@@ -30,7 +30,7 @@ jobs:
uses: actions/checkout@v4

- name: Build the builder
uses: home-assistant/builder@master
uses: home-assistant/builder@2024.08.2
with:
args: |
--test \
@@ -46,3 +46,4 @@ jobs:
--${{ matrix.architecture }} \
--target /data \
--generic ${{ github.sha }}
pull: "false"
1 change: 1 addition & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -29,6 +29,7 @@ RUN \
else \
exit 1; \
fi \
&& git config --global --add safe.directory "*" \
&& chmod +x /usr/bin/yq \
&& chmod +x /usr/bin/cosign

9 changes: 7 additions & 2 deletions action.yml
Original file line number Diff line number Diff line change
@@ -5,13 +5,17 @@ inputs:
description: "Arguments passed to the builder"
required: true
default: "--help"
pull:
description: "Pull the latest version of builder (set to `false` for testing)"
required: false
default: "true"
runs:
using: "composite"
steps:
- name: Install Cosign
uses: sigstore/cosign-installer@v3.4.0
uses: sigstore/cosign-installer@v3.7.0
with:
cosign-release: "v2.2.3"
cosign-release: "v2.4.0"

- shell: bash
id: version
@@ -23,6 +27,7 @@ runs:
echo "version=${input}" >> "$GITHUB_OUTPUT"
- shell: bash
if: ${{ inputs.pull == 'true' }}
run: |
docker pull ghcr.io/home-assistant/amd64-builder:${{ steps.version.outputs.version }}
cosign verify \
15 changes: 9 additions & 6 deletions build.yaml
Original file line number Diff line number Diff line change
@@ -1,13 +1,16 @@
image: "ghcr.io/home-assistant/{arch}-builder"
build_from:
aarch64: "ghcr.io/home-assistant/aarch64-base:3.18"
armv7: "ghcr.io/home-assistant/armv7-base:3.18"
armhf: "ghcr.io/home-assistant/armhf-base:3.18"
amd64: "ghcr.io/home-assistant/amd64-base:3.18"
i386: "ghcr.io/home-assistant/i386-base:3.18"
aarch64: "ghcr.io/home-assistant/aarch64-base:3.20"
armv7: "ghcr.io/home-assistant/armv7-base:3.20"
armhf: "ghcr.io/home-assistant/armhf-base:3.20"
amd64: "ghcr.io/home-assistant/amd64-base:3.20"
i386: "ghcr.io/home-assistant/i386-base:3.20"
cosign:
base_identity: https://github.com/home-assistant/docker-base/.*
identity: https://github.com/home-assistant/builder/.*
args:
YQ_VERSION: "v4.13.2"
COSIGN_VERSION: "2.2.3"
COSIGN_VERSION: "2.4.0"
labels:
io.hass.type: builder
org.opencontainers.image.title: "Home Assistant Builder"
70 changes: 44 additions & 26 deletions builder.sh
Original file line number Diff line number Diff line change
@@ -386,10 +386,13 @@ function run_build() {
fi
done
done
fi

# Singing image (cosign)
cosign_sign "${repository}/${image}:${version}"
# Singing image (cosign)
if bashio::var.true "${COSIGN}"; then
image_digest=$(docker inspect --format='{{index .RepoDigests 0}}' "${repository}/${image}:${version}")
cosign_sign "${image_digest}"
fi
fi
}

function convert_to_json() {
@@ -431,14 +434,17 @@ function build_base() {
local docker_tags=()

# Read build.json
if bashio::fs.file_exists "/tmp/build_config/build.json"; then
build_from="$(jq --raw-output ".build_from.${build_arch} // empty" "/tmp/build_config/build.json")"
args="$(jq --raw-output '.args // empty | keys[]' "/tmp/build_config/build.json")"
labels="$(jq --raw-output '.labels // empty | keys[]' "/tmp/build_config/build.json")"
raw_image="$(jq --raw-output '.image // empty' "/tmp/build_config/build.json")"
shadow_repository="$(jq --raw-output '.shadow_repository // empty' "/tmp/build_config/build.json")"
if ! bashio::fs.file_exists "/tmp/build_config/build.json"; then
bashio::log.error "Build information not found!"
return 1
fi

build_from="$(jq --raw-output ".build_from.${build_arch} // empty" "/tmp/build_config/build.json")"
args="$(jq --raw-output '.args // empty | keys[]' "/tmp/build_config/build.json")"
labels="$(jq --raw-output '.labels // empty | keys[]' "/tmp/build_config/build.json")"
raw_image="$(jq --raw-output '.image // empty' "/tmp/build_config/build.json")"
shadow_repository="$(jq --raw-output '.shadow_repository // empty' "/tmp/build_config/build.json")"

# Set defaults build things
if ! bashio::var.has_value "${build_from}"; then
bashio::log.error "${build_arch} not supported for this build"
@@ -516,11 +522,13 @@ function build_addon() {
if bashio::fs.file_exists "/tmp/build_config/build.json"; then
build_from="$(jq --raw-output ".build_from.$build_arch // empty" "/tmp/build_config/build.json")"
args="$(jq --raw-output '.args // empty | keys[]' "/tmp/build_config/build.json")"
labels="$(jq --raw-output '.labels // empty | keys[]' "/tmp/build_config/build.json")"
shadow_repository="$(jq --raw-output '.shadow_repository // empty' "/tmp/build_config/build.json")"
fi

# Set defaults build things
if [ -z "$build_from" ]; then
bashio::log.info "No build information or from not provided. Using default base image."
build_from="homeassistant/${build_arch}-base:latest"
fi

@@ -532,13 +540,21 @@ function build_addon() {
done
fi

# Additional build labels
if bashio::var.has_value "${labels}"; then
for label in ${labels}; do
value="$(jq --raw-output ".labels.\"${label}\"" "/tmp/build_config/build.json")"
docker_cli+=("--label" "${label}=${value}")
done
fi

# Read addon config.json
name="$(jq --raw-output '.name // empty' "/tmp/build_config/config.json" | sed "s/'//g")"
description="$(jq --raw-output '.description // empty' "/tmp/build_config/config.json" | sed "s/'//g")"
url="$(jq --raw-output '.url // empty' "/tmp/build_config/config.json")"
raw_image="$(jq --raw-output '.image // empty' "/tmp/build_config/config.json")"
mapfile -t supported_arch < <(jq --raw-output '.arch // empty' "/tmp/build_config/config.json")

# Read version from config.json when VERSION is not set
if [ -n "$VERSION" ]; then
version="$VERSION"
@@ -586,14 +602,17 @@ function build_generic() {
local docker_tags=()

# Read build.json
if bashio::fs.file_exists "/tmp/build_config/build.json"; then
build_from="$(jq --raw-output ".build_from.$build_arch // empty" "/tmp/build_config/build.json")"
args="$(jq --raw-output '.args // empty | keys[]' "/tmp/build_config/build.json")"
labels="$(jq --raw-output '.labels // empty | keys[]' "/tmp/build_config/build.json")"
raw_image="$(jq --raw-output '.image // empty' "/tmp/build_config/build.json")"
shadow_repository="$(jq --raw-output '.shadow_repository // empty' "/tmp/build_config/build.json")"
if ! bashio::fs.file_exists "/tmp/build_config/build.json"; then
bashio::log.error "Build information not found!"
return 1
fi

build_from="$(jq --raw-output ".build_from.$build_arch // empty" "/tmp/build_config/build.json")"
args="$(jq --raw-output '.args // empty | keys[]' "/tmp/build_config/build.json")"
labels="$(jq --raw-output '.labels // empty | keys[]' "/tmp/build_config/build.json")"
raw_image="$(jq --raw-output '.image // empty' "/tmp/build_config/build.json")"
shadow_repository="$(jq --raw-output '.shadow_repository // empty' "/tmp/build_config/build.json")"

# Set defaults build things
if ! bashio::var.has_value "$build_from"; then
bashio::log.error "$build_arch not supported for this build"
@@ -644,14 +663,17 @@ function build_machine() {
local docker_tags=()

# Read build.json
if bashio::fs.file_exists "/tmp/build_config/build.json"; then
build_from="$(jq --raw-output ".build_from.${build_arch} // empty" "/tmp/build_config/build.json")"
args="$(jq --raw-output '.args // empty | keys[]' "/tmp/build_config/build.json")"
labels="$(jq --raw-output '.labels // empty | keys[]' "/tmp/build_config/build.json")"
raw_image="$(jq --raw-output '.image // empty' "/tmp/build_config/build.json")"
shadow_repository="$(jq --raw-output '.shadow_repository // empty' "/tmp/build_config/build.json")"
if ! bashio::fs.file_exists "/tmp/build_config/build.json"; then
bashio::log.error "Build information not found!"
return 1
fi

build_from="$(jq --raw-output ".build_from.${build_arch} // empty" "/tmp/build_config/build.json")"
args="$(jq --raw-output '.args // empty | keys[]' "/tmp/build_config/build.json")"
labels="$(jq --raw-output '.labels // empty | keys[]' "/tmp/build_config/build.json")"
raw_image="$(jq --raw-output '.image // empty' "/tmp/build_config/build.json")"
shadow_repository="$(jq --raw-output '.shadow_repository // empty' "/tmp/build_config/build.json")"

# Modify build_from
if [[ "${build_from}" =~ :$ ]]; then
build_from="${build_from}${VERSION}"
@@ -737,10 +759,6 @@ function cosign_sign() {

local success=false

if bashio::var.false "${DOCKER_PUSH}" || bashio::var.false "${COSIGN}"; then
return 0
fi

for j in {1..6}; do
if cosign sign --yes "${image}"; then
success=true