diff --git a/.github/workflows/builder.yml b/.github/workflows/builder.yml index 20bed0fffcc..7b5a145cd09 100644 --- a/.github/workflows/builder.yml +++ b/.github/workflows/builder.yml @@ -56,9 +56,7 @@ jobs: uses: home-assistant/actions/helpers/codenotary@master with: source: file://${{ github.workspace }}/OFFICIAL_IMAGE - user: ${{ secrets.VCN_USER }} - password: ${{ secrets.VCN_PASSWORD }} - organisation: home-assistant.io + token: ${{ secrets.CAS_TOKEN }} build_python: name: Build PyPi package @@ -139,9 +137,9 @@ jobs: $BUILD_ARGS \ --${{ matrix.arch }} \ --target /data \ - --with-codenotary "${{ secrets.VCN_USER }}" "${{ secrets.VCN_PASSWORD }}" "${{ secrets.VCN_ORG }}" \ - --validate-from "${{ secrets.VCN_ORG }}" \ --generic ${{ needs.init.outputs.version }} + env: + CAS_API_KEY: ${{ secrets.CAS_TOKEN }} build_machine: name: Build ${{ matrix.machine }} machine core image @@ -186,14 +184,14 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build base image - uses: home-assistant/builder@2021.09.0 + uses: home-assistant/builder@2021.11.3 with: args: | $BUILD_ARGS \ --target /data/machine \ - --with-codenotary "${{ secrets.VCN_USER }}" "${{ secrets.VCN_PASSWORD }}" "${{ secrets.VCN_ORG }}" \ - --validate-from "${{ secrets.VCN_ORG }}" \ --machine "${{ needs.init.outputs.version }}=${{ matrix.machine }}" + env: + CAS_API_KEY: ${{ secrets.CAS_TOKEN }} publish_ha: name: Publish version files @@ -248,8 +246,8 @@ jobs: username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Install VCN tools - uses: home-assistant/actions/helpers/vcn@master + - name: Install CAS tools + uses: home-assistant/actions/helpers/cas@master - name: Build Meta Image shell: bash @@ -293,8 +291,7 @@ jobs: function validate_image() { local image=${1} - state="$(vcn authenticate --org home-assistant.io --output json docker://${image} | jq '.verification.status // 2')" - if [[ "${state}" != "0" ]]; then + if ! cas authenticate --signerID notary@home-assistant.io; then echo "Invalid signature!" exit 1 fi diff --git a/build.json b/build.json deleted file mode 100644 index 1b9c72e8675..00000000000 --- a/build.json +++ /dev/null @@ -1,22 +0,0 @@ -{ - "image": "homeassistant/{arch}-homeassistant", - "shadow_repository": "ghcr.io/home-assistant", - "build_from": { - "aarch64": "ghcr.io/home-assistant/aarch64-homeassistant-base:2021.09.0", - "armhf": "ghcr.io/home-assistant/armhf-homeassistant-base:2021.09.0", - "armv7": "ghcr.io/home-assistant/armv7-homeassistant-base:2021.09.0", - "amd64": "ghcr.io/home-assistant/amd64-homeassistant-base:2021.09.0", - "i386": "ghcr.io/home-assistant/i386-homeassistant-base:2021.09.0" - }, - "labels": { - "io.hass.type": "core", - "org.opencontainers.image.title": "Home Assistant", - "org.opencontainers.image.description": "Open-source home automation platform running on Python 3", - "org.opencontainers.image.source": "https://github.com/home-assistant/core", - "org.opencontainers.image.authors": "The Home Assistant Authors", - "org.opencontainers.image.url": "https://www.home-assistant.io/", - "org.opencontainers.image.documentation": "https://www.home-assistant.io/docs/", - "org.opencontainers.image.licenses": "Apache License 2.0" - }, - "version_tag": true -} \ No newline at end of file diff --git a/build.yaml b/build.yaml new file mode 100644 index 00000000000..1d0e18c79ea --- /dev/null +++ b/build.yaml @@ -0,0 +1,20 @@ +image: homeassistant/{arch}-homeassistant +shadow_repository: ghcr.io/home-assistant +build_from: + aarch64: ghcr.io/home-assistant/aarch64-homeassistant-base:2021.09.0 + armhf: ghcr.io/home-assistant/armhf-homeassistant-base:2021.09.0 + armv7: ghcr.io/home-assistant/armv7-homeassistant-base:2021.09.0 + amd64: ghcr.io/home-assistant/amd64-homeassistant-base:2021.09.0 + i386: ghcr.io/home-assistant/i386-homeassistant-base:2021.09.0 +codenotary: + signer: notary@home-assistant.io + base_image: notary@home-assistant.io +labels: + io.hass.type: core + org.opencontainers.image.title: Home Assistant + org.opencontainers.image.description: Open-source home automation platform running on Python 3 + org.opencontainers.image.source: https://github.com/home-assistant/core + org.opencontainers.image.authors: The Home Assistant Authors + org.opencontainers.image.url: https://www.home-assistant.io/ + org.opencontainers.image.documentation: https://www.home-assistant.io/docs/ + org.opencontainers.image.licenses: Apache License 2.0 diff --git a/machine/build.json b/machine/build.json deleted file mode 100644 index 3b4d804dc1c..00000000000 --- a/machine/build.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "image": "homeassistant/{machine}-homeassistant", - "shadow_repository": "ghcr.io/home-assistant", - "build_from": { - "aarch64": "ghcr.io/home-assistant/aarch64-homeassistant:", - "armv7": "ghcr.io/home-assistant/armv7-homeassistant:", - "armhf": "ghcr.io/home-assistant/armhf-homeassistant:", - "amd64": "ghcr.io/home-assistant/amd64-homeassistant:", - "i386": "ghcr.io/home-assistant/i386-homeassistant:" - }, - "labels": { - "io.hass.type": "core", - "org.opencontainers.image.source": "https://github.com/home-assistant/core" - }, - "version_tag": true -} diff --git a/machine/build.yaml b/machine/build.yaml new file mode 100644 index 00000000000..340b8079b9f --- /dev/null +++ b/machine/build.yaml @@ -0,0 +1,14 @@ +image: homeassistant/{machine}-homeassistant +shadow_repository: ghcr.io/home-assistant +build_from: + aarch64: "ghcr.io/home-assistant/aarch64-homeassistant:" + armv7: "ghcr.io/home-assistant/armv7-homeassistant:" + armhf: "ghcr.io/home-assistant/armhf-homeassistant:" + amd64: "ghcr.io/home-assistant/amd64-homeassistant:" + i386: "ghcr.io/home-assistant/i386-homeassistant:" +codenotary: + signer: notary@home-assistant.io + base_image: notary@home-assistant.io +labels: + io.hass.type: core + org.opencontainers.image.source: https://github.com/home-assistant/core