Signing image (#1931)

* Signing image * Update .github/workflows/builder.yml Co-authored-by: Franck Nijhof <git@frenck.dev> * Update .github/workflows/builder.yml Co-authored-by: Franck Nijhof <git@frenck.dev> Co-authored-by: Franck Nijhof <git@frenck.dev>
2025-12-18 13:44:20 +01:00 · 2021-03-19 23:08:31 +01:00
parent 46e814496e
commit 4f2e4d9015
1 changed files with 15 additions and 4 deletions
--- a/.github/workflows/builder.yml
+++ b/.github/workflows/builder.yml
@@ -84,13 +84,15 @@ jobs:
        id: check
        run:
           if [[ "${{ steps.info.outputs.architectures }}" =~ ${{ matrix.arch }} ]]; then
-              echo "::set-output name=buld_arch::true";
+              echo "::set-output name=build_arch::true";
            else
              echo "${{ matrix.arch }} is not a valid arch for ${{ matrix.addon }}, skipping build";
           fi
+           version="$(jq -r '.version' "./${{ matrix.addon }}/config.json")"
+           echo "::set-output name=version::${version}";

      - name: Set build arguments
-        if: steps.check.outputs.buld_arch == 'true'
+        if: steps.check.outputs.build_arch == 'true'
        run: |
          if [[ -z "${{ github.head_ref }}" ]] && [[ "${{ github.event_name }}" == "push" ]]; then
              echo "BUILD_ARGS=--docker-hub-check" >> $GITHUB_ENV;
@@ -104,11 +106,20 @@ jobs:
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Build ${{ matrix.addon }} add-on
-        if: steps.check.outputs.buld_arch == 'true'
+        if: steps.check.outputs.build_arch == 'true'
        uses: home-assistant/builder@master
        with:
          args: |
            ${{ env.BUILD_ARGS }} \
            --${{ matrix.arch }} \
            --target /data/${{ matrix.addon }} \
-            --docker-hub homeassistant
+            --docker-hub homeassistant
+
+      - name: Signing image
+        if: env.BUILD_ARGS == '--docker-hub-check' && steps.check.outputs.build_arch == 'true'
+        uses: home-assistant/actions/helpers/codenotary@master
+        with:
+          source: docker://homeassistant/${{ matrix.arch }}-addon-${{ matrix.addon }}:${{ steps.check.outputs.version }}
+          user: ${{ secrets.VCN_USER }}
+          password: ${{ secrets.VCN_PASSWORD }}
+          organisation: ${{ secrets.VCN_ORG }}