Bump Home Assistant Core to 2023.9.0.dev20230806 #145
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: JH Version | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| files: | |
| description: 'File(s) to run action against' | |
| required: true | |
| pull_request: | |
| branches: ["master-jethub"] | |
| push: | |
| branches: ["master-jethub"] | |
| paths: | |
| - '*.txt' | |
| - '*.json' | |
| - '*.png' | |
| - homeassistant.pub | |
| env: | |
| PYTHON_VERSION: "3.10" | |
| COSIGN_VERSION: "v2.0.2" | |
| SIGNED_FILES: "apparmor.txt apparmor_beta.txt apparmor_dev.txt apparmor_stable.txt beta.json dev.json stable.json" | |
| jobs: | |
| lint: | |
| name: Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout the repository | |
| uses: actions/checkout@v3 | |
| - name: Lint with JQ | |
| uses: jethub-homeassistant/actions/helpers/jq@master-jethub | |
| prepare: | |
| name: Prepare | |
| needs: ["lint"] | |
| runs-on: ubuntu-latest | |
| outputs: | |
| files: ${{ steps.changed_files.outputs.files }} | |
| steps: | |
| - name: Checkout the repository | |
| uses: actions/checkout@v3 | |
| - name: Get changed files for push | |
| if: github.event_name == 'push' | |
| id: changed_files_push | |
| uses: jitterbit/get-changed-files@v1 | |
| - name: Get changed files | |
| id: changed_files | |
| run: | | |
| if [[ ${{ github.event_name }} == "push" ]]; then | |
| echo "files=${{ steps.changed_files_push.outputs.all }}" >> $GITHUB_OUTPUT | |
| else | |
| echo "files=${{ github.event.inputs.files }}" >> $GITHUB_OUTPUT | |
| fi | |
| signing: | |
| name: Sign ${{ matrix.path }} | |
| needs: ["prepare"] | |
| if: github.event_name == 'push' || github.event_name == 'workflow_dispatch' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| packages: write | |
| strategy: | |
| matrix: | |
| path: | |
| - stable.json | |
| - beta.json | |
| - dev.json | |
| - apparmor.txt | |
| - apparmor_stable.txt | |
| - apparmor_beta.txt | |
| - apparmor_dev.txt | |
| steps: | |
| - name: Check | |
| id: check | |
| run: | | |
| if [[ "${{ needs.prepare.outputs.files }}" =~ ${{ matrix.path }} ]]; then | |
| echo "sign=yes" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Checkout the repository | |
| if: steps.check.outputs.sign == 'yes' | |
| uses: actions/checkout@v3 | |
| - name: Install SSH key for storage | |
| uses: shimataro/ssh-key-action@v2 | |
| with: | |
| key: ${{ secrets.SSH_KEY }} | |
| known_hosts: ${{ secrets.SSH_KNOWNHOSTS_UPLOAD }} | |
| if_key_exists: replace | |
| - name: Login to GitHub Container Registry | |
| if: steps.check.outputs.sign == 'yes' | |
| uses: docker/[email protected] | |
| with: | |
| registry: ghcr.io | |
| username: jethub-homeassistant | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - uses: sigstore/cosign-installer@main | |
| if: steps.check.outputs.sign == 'yes' | |
| with: | |
| cosign-release: ${{ env.COSIGN_VERSION }} | |
| - name: Setup Python version ${{ env.PYTHON_VERSION }} | |
| if: steps.check.outputs.sign == 'yes' | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Sign CAS | |
| if: steps.check.outputs.sign == 'yes' | |
| uses: jethub-homeassistant/actions/helpers/codenotary@master-jethub | |
| with: | |
| source: ${{ matrix.path }} | |
| token: ${{ secrets.CAS_TOKEN }} | |
| - name: Upload file | |
| if: steps.check.outputs.sign == 'yes' | |
| run: | | |
| cosign upload blob -f ${{ matrix.path }} ghcr.io/jethub-homeassistant/version/${{ matrix.path }} | |
| - name: Sign Cosign | |
| if: steps.check.outputs.sign == 'yes' | |
| run: | | |
| cosign sign --yes ghcr.io/jethub-homeassistant/version/${{ matrix.path }} | |
| cosign sign-blob --yes ${{ matrix.path }} --bundle ${{ matrix.path }}.sig | |
| #cosign sign --yes --key env://COSIGN_PRIVATE_KEY --output-signature ${{ matrix.path }}.sig ghcr.io/jethub-homeassistant/version/${{ matrix.path }} | |
| env: | |
| COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_KEY }} | |
| - name: Upload signature | |
| if: steps.check.outputs.sign == 'yes' | |
| run: | | |
| #ssh-keyscan update.jethome.ru >"${HOME}/.ssh/known_hosts" | |
| rsync "${{ matrix.path }}.sig" [email protected]:/var/www/haversion.jethome.ru/ | |
| upload: | |
| name: Upload | |
| needs: ["signing", "prepare"] | |
| if: needs.prepare.outputs.files != null && github.event_name == 'push' || github.event_name == 'workflow_dispatch' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout the repository | |
| uses: actions/checkout@v3 | |
| - name: Install SSH key for storage | |
| uses: shimataro/ssh-key-action@v2 | |
| with: | |
| key: ${{ secrets.SSH_KEY }} | |
| known_hosts: ${{ secrets.SSH_KNOWNHOSTS_UPLOAD }} | |
| if_key_exists: replace | |
| - name: Setup Python version ${{ env.PYTHON_VERSION }} | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Check diff | |
| id: checkdiff | |
| run: | | |
| MESSAGE="Upload new versions: " | |
| MESSAGESEND=false | |
| for file in ${{ needs.prepare.outputs.files }}; do | |
| if [[ "$file" =~ \.json ]]; then | |
| JSON2=${file} | |
| JSON=$(mktemp).json | |
| rsync [email protected]:/var/www/haversion.jethome.ru/"$file" ${JSON} | |
| OUTPUT=$(mktemp).json | |
| OUTPUT2=$(mktemp).json | |
| cat ${JSON} | jq "{supervisor,cli,dns,audio,multicast,observer}" | jq .core+="$(jq .homeassistant[\"jethub-d1\"] ${JSON})" | jq .hassos+="$(jq .hassos[\"jethub-d1\"] ${JSON})"> ${OUTPUT} | |
| cat ${JSON2} | jq "{supervisor,cli,dns,audio,multicast,observer}" | jq .core+="$(jq .homeassistant[\"jethub-d1\"] ${JSON2})" | jq .hassos+="$(jq .hassos[\"jethub-d1\"] ${JSON2})"> ${OUTPUT2} | |
| DIFF=$(diff -y --suppress-common-lines ${OUTPUT} ${OUTPUT2} | cut -d '|' -f 2 | xargs | sed 's/,$//g' | sed 's/\"//g') | |
| if [[ -n "${DIFF}" ]]; then | |
| echo "file${file}=${DIFF}" >> $GITHUB_OUTPUT | |
| MESSAGE="${MESSAGE}"$'\n'"${file}:"$'\n'"${DIFF}"$'\n' | |
| MESSAGESEND=true | |
| fi | |
| rm -f ${JSON} ${OUTPUT} ${OUTPUT2} | |
| fi | |
| done | |
| if [[ "$MESSAGESEND" == "true" ]]; then | |
| echo "message<<EOF" >> $GITHUB_OUTPUT | |
| echo "${MESSAGE}" >> $GITHUB_OUTPUT | |
| echo "EOF" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Upload files | |
| run: | | |
| for file in ${{ needs.prepare.outputs.files }}; do | |
| if [[ "$file" =~ \.txt|\.json|\.png ]]; then | |
| #ssh-keyscan update.jethome.ru >"${HOME}/.ssh/known_hosts" | |
| rsync "$file" [email protected]:/var/www/haversion.jethome.ru/ | |
| fi | |
| done | |
| - name: Notify | |
| if: ${{ steps.checkdiff.outputs.message != null }} | |
| uses: appleboy/telegram-action@master | |
| with: | |
| to: ${{ secrets.TELEGRAM_TO }} | |
| token: ${{ secrets.TELEGRAM_TOKEN }} | |
| message: | | |
| ${{ steps.checkdiff.outputs.message }} |