From 753d9ca869553f87e3933b0f568dc9431f140942 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 29 Jun 2023 13:50:19 +0200
Subject: [PATCH] Bump home-assistant/builder from 2023.06.0 to 2023.06.1
 (#114)

* Bump home-assistant/builder from 2023.06.0 to 2023.06.1

Bumps [home-assistant/builder](https://github.com/home-assistant/builder) from 2023.06.0 to 2023.06.1.
- [Release notes](https://github.com/home-assistant/builder/releases)
- [Commits](https://github.com/home-assistant/builder/compare/2023.06.0...2023.06.1)

---
updated-dependencies:
- dependency-name: home-assistant/builder
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* use cosign

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Pascal Vizeli <pvizeli@syshack.ch>
---
 .github/workflows/builder.yml | 14 ++++++--------
 build.yaml                    | 16 +++++++++-------
 2 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/.github/workflows/builder.yml b/.github/workflows/builder.yml
index 787e8c8..e080089 100644
--- a/.github/workflows/builder.yml
+++ b/.github/workflows/builder.yml
@@ -45,6 +45,10 @@ jobs:
     name: Build ${{ matrix.arch }} plugin
     needs: init
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      id-token: write
     strategy:
       matrix:
         arch: ${{ fromJson(needs.init.outputs.architectures) }}
@@ -52,13 +56,6 @@ jobs:
     - name: Checkout the repository
       uses: actions/checkout@v3.5.3
    
-    - name: Login to DockerHub
-      if: needs.init.outputs.publish == 'true'
-      uses: docker/login-action@v2.2.0
-      with:
-        username: ${{ secrets.DOCKERHUB_USERNAME }}
-        password: ${{ secrets.DOCKERHUB_TOKEN }}
-
     - name: Login to GitHub Container Registry
       if: needs.init.outputs.publish == 'true'
       uses: docker/login-action@v2.2.0
@@ -72,12 +69,13 @@ jobs:
       run: echo "BUILD_ARGS=--test" >> $GITHUB_ENV
 
     - name: Build plugin
-      uses: home-assistant/builder@2023.06.0
+      uses: home-assistant/builder@2023.06.1
       with:
         args: |
           $BUILD_ARGS \
           --${{ matrix.arch }} \
           --target /data \
+          --cosign \
           --generic ${{ needs.init.outputs.version }}
       env:
         CAS_API_KEY: ${{ secrets.CAS_TOKEN }}
diff --git a/build.yaml b/build.yaml
index 698d845..62b15ba 100644
--- a/build.yaml
+++ b/build.yaml
@@ -1,14 +1,16 @@
-image: homeassistant/{arch}-hassio-cli
-shadow_repository: ghcr.io/home-assistant
+image: ghcr.io/home-assistant/{arch}-hassio-cli
 build_from:
-  aarch64: ghcr.io/home-assistant/aarch64-base:3.16
-  armhf: ghcr.io/home-assistant/armhf-base:3.16
-  armv7: ghcr.io/home-assistant/armv7-base:3.16
-  amd64: ghcr.io/home-assistant/amd64-base:3.16
-  i386: ghcr.io/home-assistant/i386-base:3.16
+  aarch64: ghcr.io/home-assistant/aarch64-base:3.17
+  armhf: ghcr.io/home-assistant/armhf-base:3.17
+  armv7: ghcr.io/home-assistant/armv7-base:3.17
+  amd64: ghcr.io/home-assistant/amd64-base:3.17
+  i386: ghcr.io/home-assistant/i386-base:3.17
 codenotary:
   signer: notary@home-assistant.io
   base_image: notary@home-assistant.io
+cosign:
+  base_identity: https://github.com/home-assistant/docker-base/.*
+  identity: https://github.com/home-assistant/plugin-cli/.*
 args:
   CLI_VERSION: 4.26.0
   RLWRAP_VERSION: 0.45.2