diff --git a/.github/workflows/builder.yml b/.github/workflows/builder.yml index ce89d8c2b10..bf5b65e5053 100644 --- a/.github/workflows/builder.yml +++ b/.github/workflows/builder.yml @@ -46,10 +46,10 @@ jobs: with: type: ${{ env.BUILD_TYPE }} - - name: Verify version - uses: home-assistant/actions/helpers/verify-version@master - with: - ignore-dev: true + # - name: Verify version + # uses: home-assistant/actions/helpers/verify-version@master + # with: + # ignore-dev: true - name: Fail if translations files are checked in run: | @@ -206,333 +206,333 @@ jobs: --target /data \ --generic ${{ needs.init.outputs.version }} - build_machine: - name: Build ${{ matrix.machine }} machine core image - if: github.repository_owner == 'home-assistant' - needs: ["init", "build_base"] - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - id-token: write - strategy: - matrix: - machine: - - generic-x86-64 - - intel-nuc - - khadas-vim3 - - odroid-c2 - - odroid-c4 - - odroid-m1 - - odroid-n2 - - odroid-xu - - qemuarm - - qemuarm-64 - - qemux86 - - qemux86-64 - - raspberrypi - - raspberrypi2 - - raspberrypi3 - - raspberrypi3-64 - - raspberrypi4 - - raspberrypi4-64 - - raspberrypi5-64 - - tinker - - yellow - - green - steps: - - name: Checkout the repository - uses: actions/checkout@v4.2.2 + # build_machine: + # name: Build ${{ matrix.machine }} machine core image + # if: github.repository_owner == 'home-assistant' + # needs: ["init", "build_base"] + # runs-on: ubuntu-latest + # permissions: + # contents: read + # packages: write + # id-token: write + # strategy: + # matrix: + # machine: + # - generic-x86-64 + # - intel-nuc + # - khadas-vim3 + # - odroid-c2 + # - odroid-c4 + # - odroid-m1 + # - odroid-n2 + # - odroid-xu + # - qemuarm + # - qemuarm-64 + # - qemux86 + # - qemux86-64 + # - raspberrypi + # - raspberrypi2 + # - raspberrypi3 + # - raspberrypi3-64 + # - raspberrypi4 + # - raspberrypi4-64 + # - raspberrypi5-64 + # - tinker + # - yellow + # - green + # steps: + # - name: Checkout the repository + # uses: actions/checkout@v4.2.2 - - name: Set build additional args - run: | - # Create general tags - if [[ "${{ needs.init.outputs.version }}" =~ d ]]; then - echo "BUILD_ARGS=--additional-tag dev" >> $GITHUB_ENV - elif [[ "${{ needs.init.outputs.version }}" =~ b ]]; then - echo "BUILD_ARGS=--additional-tag beta" >> $GITHUB_ENV - else - echo "BUILD_ARGS=--additional-tag stable" >> $GITHUB_ENV - fi + # - name: Set build additional args + # run: | + # # Create general tags + # if [[ "${{ needs.init.outputs.version }}" =~ d ]]; then + # echo "BUILD_ARGS=--additional-tag dev" >> $GITHUB_ENV + # elif [[ "${{ needs.init.outputs.version }}" =~ b ]]; then + # echo "BUILD_ARGS=--additional-tag beta" >> $GITHUB_ENV + # else + # echo "BUILD_ARGS=--additional-tag stable" >> $GITHUB_ENV + # fi - - name: Login to GitHub Container Registry - uses: docker/login-action@v3.4.0 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} + # - name: Login to GitHub Container Registry + # uses: docker/login-action@v3.4.0 + # with: + # registry: ghcr.io + # username: ${{ github.repository_owner }} + # password: ${{ secrets.GITHUB_TOKEN }} - - name: Build base image - uses: home-assistant/builder@2025.03.0 - with: - args: | - $BUILD_ARGS \ - --target /data/machine \ - --cosign \ - --machine "${{ needs.init.outputs.version }}=${{ matrix.machine }}" + # - name: Build base image + # uses: home-assistant/builder@2025.03.0 + # with: + # args: | + # $BUILD_ARGS \ + # --target /data/machine \ + # --cosign \ + # --machine "${{ needs.init.outputs.version }}=${{ matrix.machine }}" - publish_ha: - name: Publish version files - environment: ${{ needs.init.outputs.channel }} - if: github.repository_owner == 'home-assistant' - needs: ["init", "build_machine"] - runs-on: ubuntu-latest - steps: - - name: Checkout the repository - uses: actions/checkout@v4.2.2 + # publish_ha: + # name: Publish version files + # environment: ${{ needs.init.outputs.channel }} + # if: github.repository_owner == 'home-assistant' + # needs: ["init", "build_machine"] + # runs-on: ubuntu-latest + # steps: + # - name: Checkout the repository + # uses: actions/checkout@v4.2.2 - - name: Initialize git - uses: home-assistant/actions/helpers/git-init@master - with: - name: ${{ secrets.GIT_NAME }} - email: ${{ secrets.GIT_EMAIL }} - token: ${{ secrets.GIT_TOKEN }} + # - name: Initialize git + # uses: home-assistant/actions/helpers/git-init@master + # with: + # name: ${{ secrets.GIT_NAME }} + # email: ${{ secrets.GIT_EMAIL }} + # token: ${{ secrets.GIT_TOKEN }} - - name: Update version file - uses: home-assistant/actions/helpers/version-push@master - with: - key: "homeassistant[]" - key-description: "Home Assistant Core" - version: ${{ needs.init.outputs.version }} - channel: ${{ needs.init.outputs.channel }} + # - name: Update version file + # uses: home-assistant/actions/helpers/version-push@master + # with: + # key: "homeassistant[]" + # key-description: "Home Assistant Core" + # version: ${{ needs.init.outputs.version }} + # channel: ${{ needs.init.outputs.channel }} - - name: Update version file (stable -> beta) - if: needs.init.outputs.channel == 'stable' - uses: home-assistant/actions/helpers/version-push@master - with: - key: "homeassistant[]" - key-description: "Home Assistant Core" - version: ${{ needs.init.outputs.version }} - channel: beta + # - name: Update version file (stable -> beta) + # if: needs.init.outputs.channel == 'stable' + # uses: home-assistant/actions/helpers/version-push@master + # with: + # key: "homeassistant[]" + # key-description: "Home Assistant Core" + # version: ${{ needs.init.outputs.version }} + # channel: beta - publish_container: - name: Publish meta container for ${{ matrix.registry }} - environment: ${{ needs.init.outputs.channel }} - if: github.repository_owner == 'home-assistant' - needs: ["init", "build_base"] - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - id-token: write - strategy: - fail-fast: false - matrix: - registry: ["ghcr.io/home-assistant", "docker.io/homeassistant"] - steps: - - name: Checkout the repository - uses: actions/checkout@v4.2.2 + # publish_container: + # name: Publish meta container for ${{ matrix.registry }} + # environment: ${{ needs.init.outputs.channel }} + # if: github.repository_owner == 'home-assistant' + # needs: ["init", "build_base"] + # runs-on: ubuntu-latest + # permissions: + # contents: read + # packages: write + # id-token: write + # strategy: + # fail-fast: false + # matrix: + # registry: ["ghcr.io/home-assistant", "docker.io/homeassistant"] + # steps: + # - name: Checkout the repository + # uses: actions/checkout@v4.2.2 - - name: Install Cosign - uses: sigstore/cosign-installer@v3.8.1 - with: - cosign-release: "v2.2.3" + # - name: Install Cosign + # uses: sigstore/cosign-installer@v3.8.1 + # with: + # cosign-release: "v2.2.3" - - name: Login to DockerHub - if: matrix.registry == 'docker.io/homeassistant' - uses: docker/login-action@v3.4.0 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} + # - name: Login to DockerHub + # if: matrix.registry == 'docker.io/homeassistant' + # uses: docker/login-action@v3.4.0 + # with: + # username: ${{ secrets.DOCKERHUB_USERNAME }} + # password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Login to GitHub Container Registry - if: matrix.registry == 'ghcr.io/home-assistant' - uses: docker/login-action@v3.4.0 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} + # - name: Login to GitHub Container Registry + # if: matrix.registry == 'ghcr.io/home-assistant' + # uses: docker/login-action@v3.4.0 + # with: + # registry: ghcr.io + # username: ${{ github.repository_owner }} + # password: ${{ secrets.GITHUB_TOKEN }} - - name: Build Meta Image - shell: bash - run: | - export DOCKER_CLI_EXPERIMENTAL=enabled + # - name: Build Meta Image + # shell: bash + # run: | + # export DOCKER_CLI_EXPERIMENTAL=enabled - function create_manifest() { - local tag_l=${1} - local tag_r=${2} - local registry=${{ matrix.registry }} + # function create_manifest() { + # local tag_l=${1} + # local tag_r=${2} + # local registry=${{ matrix.registry }} - docker manifest create "${registry}/home-assistant:${tag_l}" \ - "${registry}/amd64-homeassistant:${tag_r}" \ - "${registry}/i386-homeassistant:${tag_r}" \ - "${registry}/armhf-homeassistant:${tag_r}" \ - "${registry}/armv7-homeassistant:${tag_r}" \ - "${registry}/aarch64-homeassistant:${tag_r}" + # docker manifest create "${registry}/home-assistant:${tag_l}" \ + # "${registry}/amd64-homeassistant:${tag_r}" \ + # "${registry}/i386-homeassistant:${tag_r}" \ + # "${registry}/armhf-homeassistant:${tag_r}" \ + # "${registry}/armv7-homeassistant:${tag_r}" \ + # "${registry}/aarch64-homeassistant:${tag_r}" - docker manifest annotate "${registry}/home-assistant:${tag_l}" \ - "${registry}/amd64-homeassistant:${tag_r}" \ - --os linux --arch amd64 + # docker manifest annotate "${registry}/home-assistant:${tag_l}" \ + # "${registry}/amd64-homeassistant:${tag_r}" \ + # --os linux --arch amd64 - docker manifest annotate "${registry}/home-assistant:${tag_l}" \ - "${registry}/i386-homeassistant:${tag_r}" \ - --os linux --arch 386 + # docker manifest annotate "${registry}/home-assistant:${tag_l}" \ + # "${registry}/i386-homeassistant:${tag_r}" \ + # --os linux --arch 386 - docker manifest annotate "${registry}/home-assistant:${tag_l}" \ - "${registry}/armhf-homeassistant:${tag_r}" \ - --os linux --arch arm --variant=v6 + # docker manifest annotate "${registry}/home-assistant:${tag_l}" \ + # "${registry}/armhf-homeassistant:${tag_r}" \ + # --os linux --arch arm --variant=v6 - docker manifest annotate "${registry}/home-assistant:${tag_l}" \ - "${registry}/armv7-homeassistant:${tag_r}" \ - --os linux --arch arm --variant=v7 + # docker manifest annotate "${registry}/home-assistant:${tag_l}" \ + # "${registry}/armv7-homeassistant:${tag_r}" \ + # --os linux --arch arm --variant=v7 - docker manifest annotate "${registry}/home-assistant:${tag_l}" \ - "${registry}/aarch64-homeassistant:${tag_r}" \ - --os linux --arch arm64 --variant=v8 + # docker manifest annotate "${registry}/home-assistant:${tag_l}" \ + # "${registry}/aarch64-homeassistant:${tag_r}" \ + # --os linux --arch arm64 --variant=v8 - docker manifest push --purge "${registry}/home-assistant:${tag_l}" - cosign sign --yes "${registry}/home-assistant:${tag_l}" - } + # docker manifest push --purge "${registry}/home-assistant:${tag_l}" + # cosign sign --yes "${registry}/home-assistant:${tag_l}" + # } - function validate_image() { - local image=${1} - if ! cosign verify --certificate-oidc-issuer https://token.actions.githubusercontent.com --certificate-identity-regexp https://github.com/home-assistant/core/.* "${image}"; then - echo "Invalid signature!" - exit 1 - fi - } + # function validate_image() { + # local image=${1} + # if ! cosign verify --certificate-oidc-issuer https://token.actions.githubusercontent.com --certificate-identity-regexp https://github.com/home-assistant/core/.* "${image}"; then + # echo "Invalid signature!" + # exit 1 + # fi + # } - function push_dockerhub() { - local image=${1} - local tag=${2} + # function push_dockerhub() { + # local image=${1} + # local tag=${2} - docker tag "ghcr.io/home-assistant/${image}:${tag}" "docker.io/homeassistant/${image}:${tag}" - docker push "docker.io/homeassistant/${image}:${tag}" - cosign sign --yes "docker.io/homeassistant/${image}:${tag}" - } + # docker tag "ghcr.io/home-assistant/${image}:${tag}" "docker.io/homeassistant/${image}:${tag}" + # docker push "docker.io/homeassistant/${image}:${tag}" + # cosign sign --yes "docker.io/homeassistant/${image}:${tag}" + # } - # Pull images from github container registry and verify signature - docker pull "ghcr.io/home-assistant/amd64-homeassistant:${{ needs.init.outputs.version }}" - docker pull "ghcr.io/home-assistant/i386-homeassistant:${{ needs.init.outputs.version }}" - docker pull "ghcr.io/home-assistant/armhf-homeassistant:${{ needs.init.outputs.version }}" - docker pull "ghcr.io/home-assistant/armv7-homeassistant:${{ needs.init.outputs.version }}" - docker pull "ghcr.io/home-assistant/aarch64-homeassistant:${{ needs.init.outputs.version }}" + # # Pull images from github container registry and verify signature + # docker pull "ghcr.io/home-assistant/amd64-homeassistant:${{ needs.init.outputs.version }}" + # docker pull "ghcr.io/home-assistant/i386-homeassistant:${{ needs.init.outputs.version }}" + # docker pull "ghcr.io/home-assistant/armhf-homeassistant:${{ needs.init.outputs.version }}" + # docker pull "ghcr.io/home-assistant/armv7-homeassistant:${{ needs.init.outputs.version }}" + # docker pull "ghcr.io/home-assistant/aarch64-homeassistant:${{ needs.init.outputs.version }}" - validate_image "ghcr.io/home-assistant/amd64-homeassistant:${{ needs.init.outputs.version }}" - validate_image "ghcr.io/home-assistant/i386-homeassistant:${{ needs.init.outputs.version }}" - validate_image "ghcr.io/home-assistant/armhf-homeassistant:${{ needs.init.outputs.version }}" - validate_image "ghcr.io/home-assistant/armv7-homeassistant:${{ needs.init.outputs.version }}" - validate_image "ghcr.io/home-assistant/aarch64-homeassistant:${{ needs.init.outputs.version }}" + # validate_image "ghcr.io/home-assistant/amd64-homeassistant:${{ needs.init.outputs.version }}" + # validate_image "ghcr.io/home-assistant/i386-homeassistant:${{ needs.init.outputs.version }}" + # validate_image "ghcr.io/home-assistant/armhf-homeassistant:${{ needs.init.outputs.version }}" + # validate_image "ghcr.io/home-assistant/armv7-homeassistant:${{ needs.init.outputs.version }}" + # validate_image "ghcr.io/home-assistant/aarch64-homeassistant:${{ needs.init.outputs.version }}" - if [[ "${{ matrix.registry }}" == "docker.io/homeassistant" ]]; then - # Upload images to dockerhub - push_dockerhub "amd64-homeassistant" "${{ needs.init.outputs.version }}" - push_dockerhub "i386-homeassistant" "${{ needs.init.outputs.version }}" - push_dockerhub "armhf-homeassistant" "${{ needs.init.outputs.version }}" - push_dockerhub "armv7-homeassistant" "${{ needs.init.outputs.version }}" - push_dockerhub "aarch64-homeassistant" "${{ needs.init.outputs.version }}" - fi + # if [[ "${{ matrix.registry }}" == "docker.io/homeassistant" ]]; then + # # Upload images to dockerhub + # push_dockerhub "amd64-homeassistant" "${{ needs.init.outputs.version }}" + # push_dockerhub "i386-homeassistant" "${{ needs.init.outputs.version }}" + # push_dockerhub "armhf-homeassistant" "${{ needs.init.outputs.version }}" + # push_dockerhub "armv7-homeassistant" "${{ needs.init.outputs.version }}" + # push_dockerhub "aarch64-homeassistant" "${{ needs.init.outputs.version }}" + # fi - # Create version tag - create_manifest "${{ needs.init.outputs.version }}" "${{ needs.init.outputs.version }}" + # # Create version tag + # create_manifest "${{ needs.init.outputs.version }}" "${{ needs.init.outputs.version }}" - # Create general tags - if [[ "${{ needs.init.outputs.version }}" =~ d ]]; then - create_manifest "dev" "${{ needs.init.outputs.version }}" - elif [[ "${{ needs.init.outputs.version }}" =~ b ]]; then - create_manifest "beta" "${{ needs.init.outputs.version }}" - create_manifest "rc" "${{ needs.init.outputs.version }}" - else - create_manifest "stable" "${{ needs.init.outputs.version }}" - create_manifest "latest" "${{ needs.init.outputs.version }}" - create_manifest "beta" "${{ needs.init.outputs.version }}" - create_manifest "rc" "${{ needs.init.outputs.version }}" + # # Create general tags + # if [[ "${{ needs.init.outputs.version }}" =~ d ]]; then + # create_manifest "dev" "${{ needs.init.outputs.version }}" + # elif [[ "${{ needs.init.outputs.version }}" =~ b ]]; then + # create_manifest "beta" "${{ needs.init.outputs.version }}" + # create_manifest "rc" "${{ needs.init.outputs.version }}" + # else + # create_manifest "stable" "${{ needs.init.outputs.version }}" + # create_manifest "latest" "${{ needs.init.outputs.version }}" + # create_manifest "beta" "${{ needs.init.outputs.version }}" + # create_manifest "rc" "${{ needs.init.outputs.version }}" - # Create series version tag (e.g. 2021.6) - v="${{ needs.init.outputs.version }}" - create_manifest "${v%.*}" "${{ needs.init.outputs.version }}" - fi + # # Create series version tag (e.g. 2021.6) + # v="${{ needs.init.outputs.version }}" + # create_manifest "${v%.*}" "${{ needs.init.outputs.version }}" + # fi - build_python: - name: Build PyPi package - environment: ${{ needs.init.outputs.channel }} - needs: ["init", "build_base"] - runs-on: ubuntu-latest - permissions: - contents: read - id-token: write - if: github.repository_owner == 'home-assistant' && needs.init.outputs.publish == 'true' - steps: - - name: Checkout the repository - uses: actions/checkout@v4.2.2 + # build_python: + # name: Build PyPi package + # environment: ${{ needs.init.outputs.channel }} + # needs: ["init", "build_base"] + # runs-on: ubuntu-latest + # permissions: + # contents: read + # id-token: write + # if: github.repository_owner == 'home-assistant' && needs.init.outputs.publish == 'true' + # steps: + # - name: Checkout the repository + # uses: actions/checkout@v4.2.2 - - name: Set up Python ${{ env.DEFAULT_PYTHON }} - uses: actions/setup-python@v5.5.0 - with: - python-version: ${{ env.DEFAULT_PYTHON }} + # - name: Set up Python ${{ env.DEFAULT_PYTHON }} + # uses: actions/setup-python@v5.5.0 + # with: + # python-version: ${{ env.DEFAULT_PYTHON }} - - name: Download translations - uses: actions/download-artifact@v4.2.1 - with: - name: translations + # - name: Download translations + # uses: actions/download-artifact@v4.2.1 + # with: + # name: translations - - name: Extract translations - run: | - tar xvf translations.tar.gz - rm translations.tar.gz + # - name: Extract translations + # run: | + # tar xvf translations.tar.gz + # rm translations.tar.gz - - name: Build package - shell: bash - run: | - # Remove dist, build, and homeassistant.egg-info - # when build locally for testing! - pip install build - python -m build + # - name: Build package + # shell: bash + # run: | + # # Remove dist, build, and homeassistant.egg-info + # # when build locally for testing! + # pip install build + # python -m build - - name: Upload package to PyPI - uses: pypa/gh-action-pypi-publish@v1.12.4 - with: - skip-existing: true + # - name: Upload package to PyPI + # uses: pypa/gh-action-pypi-publish@v1.12.4 + # with: + # skip-existing: true - hassfest-image: - name: Build and test hassfest image - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - attestations: write - id-token: write - needs: ["init"] - if: github.repository_owner == 'home-assistant' - env: - HASSFEST_IMAGE_NAME: ghcr.io/home-assistant/hassfest - HASSFEST_IMAGE_TAG: ghcr.io/home-assistant/hassfest:${{ needs.init.outputs.version }} - steps: - - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + # hassfest-image: + # name: Build and test hassfest image + # runs-on: ubuntu-latest + # permissions: + # contents: read + # packages: write + # attestations: write + # id-token: write + # needs: ["init"] + # if: github.repository_owner == 'home-assistant' + # env: + # HASSFEST_IMAGE_NAME: ghcr.io/home-assistant/hassfest + # HASSFEST_IMAGE_TAG: ghcr.io/home-assistant/hassfest:${{ needs.init.outputs.version }} + # steps: + # - name: Checkout repository + # uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - name: Login to GitHub Container Registry - uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} + # - name: Login to GitHub Container Registry + # uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0 + # with: + # registry: ghcr.io + # username: ${{ github.repository_owner }} + # password: ${{ secrets.GITHUB_TOKEN }} - - name: Build Docker image - uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0 - with: - context: . # So action will not pull the repository again - file: ./script/hassfest/docker/Dockerfile - load: true - tags: ${{ env.HASSFEST_IMAGE_TAG }} + # - name: Build Docker image + # uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0 + # with: + # context: . # So action will not pull the repository again + # file: ./script/hassfest/docker/Dockerfile + # load: true + # tags: ${{ env.HASSFEST_IMAGE_TAG }} - - name: Run hassfest against core - run: docker run --rm -v ${{ github.workspace }}:/github/workspace ${{ env.HASSFEST_IMAGE_TAG }} --core-path=/github/workspace + # - name: Run hassfest against core + # run: docker run --rm -v ${{ github.workspace }}:/github/workspace ${{ env.HASSFEST_IMAGE_TAG }} --core-path=/github/workspace - - name: Push Docker image - if: needs.init.outputs.channel != 'dev' && needs.init.outputs.publish == 'true' - id: push - uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0 - with: - context: . # So action will not pull the repository again - file: ./script/hassfest/docker/Dockerfile - push: true - tags: ${{ env.HASSFEST_IMAGE_TAG }},${{ env.HASSFEST_IMAGE_NAME }}:latest + # - name: Push Docker image + # if: needs.init.outputs.channel != 'dev' && needs.init.outputs.publish == 'true' + # id: push + # uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0 + # with: + # context: . # So action will not pull the repository again + # file: ./script/hassfest/docker/Dockerfile + # push: true + # tags: ${{ env.HASSFEST_IMAGE_TAG }},${{ env.HASSFEST_IMAGE_NAME }}:latest - - name: Generate artifact attestation - if: needs.init.outputs.channel != 'dev' && needs.init.outputs.publish == 'true' - uses: actions/attest-build-provenance@c074443f1aee8d4aeeae555aebba3282517141b2 # v2.2.3 - with: - subject-name: ${{ env.HASSFEST_IMAGE_NAME }} - subject-digest: ${{ steps.push.outputs.digest }} - push-to-registry: true + # - name: Generate artifact attestation + # if: needs.init.outputs.channel != 'dev' && needs.init.outputs.publish == 'true' + # uses: actions/attest-build-provenance@c074443f1aee8d4aeeae555aebba3282517141b2 # v2.2.3 + # with: + # subject-name: ${{ env.HASSFEST_IMAGE_NAME }} + # subject-digest: ${{ steps.push.outputs.digest }} + # push-to-registry: true