Build updates

[nipar4]

@springfall2008 @gcoan Here are the updated files based on last nights testing, I have also added the Changelog
Please change the addon version to whatever is prefered
There are no major changes except that I have changed the base image but as this works for myself and @gcoan I think we are good to go - I know the addon builds for the arm64 architecture but it would be better if someone could test on arm HAOS

Next updates should be easier as they will just be script and Dockerfile changes which shouldn't break anything

[gcoan]

@nipar4 I've been running this addon all day today and no adverse issues, all seems good to me

[nipar4]

Thanks @gcoan

[gcoan]

@nipar4 I haven't set my predbat secrets up yet in HA, they're still in apps.yaml, but I notice that your addon on startup reports:

Predbat files are installed correctly for version v8.32.14
**** Starting Standalone Predbat ****
2026-02-07 08:54:21.382937: Loading secrets from secrets.yaml

whereas Trefor's reports:

Predbat files are installed correctly for version v8.32.14
**** Starting Standalone Predbat ****
2026-02-07 20:09:36.306364: Loading secrets from /homeassistant/secrets.yaml

makes me think your addon doesn't have access to /homeassistant ?

[nipar4]

That would suggest that - homeassistant_config:rw is required in the mappings, ill add it back in tomorrow

[nipar4]

@gcoan Ive made the change and it made no difference for me so I installed Trefor's original version and for me the log entry is the same 'Loading secrets from secrets.yaml' but like you I dont use secrets
When you get a moment see what log entry you get after the update

[nipar4]

Interestingly in docker the log entry says no secrets.yaml file found suggesting it is finding the file in the addon

[gcoan]

I need to move my secrets from my apps.yaml to the HA secrets file, so I'll do some testing and see if it works OK

thanks

[nipar4]

Just done some more checking:
In docker secrets.yaml is not in the config directory by default so predbat cannot find it

In the addon as part of startup all files including apps.yaml and secrets.yaml are copied to /config hence you get the log entry Loading secrets from secrets.yaml. looke like predbat searches /config first

I noticed there is also a secrets.yaml in the homeassistant directory. If i delete the copy in config the log entry changes to Loading secrets from /homeassistant/secrets.yaml

[nipar4]

So wheren is secrets.yaml supposed to be?

[nipar4]

Maybe i should read the file!
Store this file in one of these locations (checked in priority order):

1. Path specified in PREDBAT_SECRETS_FILE environment variable
2. secrets.yaml in the same directory as your apps.yaml
3. /config/secrets.yaml (standard Home Assistant location)

[gcoan]

Maybe i should read the file! Store this file in one of these locations (checked in priority order):

1. Path specified in PREDBAT_SECRETS_FILE environment variable
2. secrets.yaml in the same directory as your apps.yaml
3. /config/secrets.yaml (standard Home Assistant location)

correct

this gives the ability for a predbat specific secrets file in the addon directory or in the standard home assistant location

as I understand it, /homeassistant is mapped to /config in home assistant

addons used to see the same mapping, but this then meant that any addon could access any other addons files

so a year or more ago HA was changed so that addons have their own directory in /addon_configs/xxx which is mounted to /config in the addon drive mapping, and generally don't have access to the true /config folder unless they have a special permission set. Samba share and SSH have that permission set so can see the full filesystem, other addons are wallgardened

[which doesn't explain how givtcp writes to /config/givtcp or how predbat can read /config/secrets.yaml]

I'll do some tests with predbat and the new addon

[nipar4]

OK, I understand it a bit more now and it makes sense to use the homeassistant config directory rather then predbats, so I've pushed the homeassistant_config to the changes so it remains the same.

I also configured the secrets file in docker and this works as long as its in the predbat /config location which makes sense because docker predbat does not have access to the home assistant filesystem.

What's the possibility of enhancing this so it also reads docker secrets if present?

[gcoan]

I've tested 1.5.43 with both an addon secrets.yaml and storing in /homeassistant/secrets.yaml and both Trefor's and your addon work as I expect, they pickup the secrets from either location fine
[I did get caught out because Trefor includes a template secrets.yaml which your addon installs, but once I spotted that, all makes sense]

What's the possibility of enhancing this so it also reads docker secrets if present?

Should be pretty straight forward I would think as it one subroutine that parses the secrets file. Where is it stored?

[nipar4]

It might be a bit more complicated then that because docker stores each secret in a separate file which is then mounted in the docker container under /run

So you get:

/run/secrets/
├── ha_key # Contains "123"
├── db_password # Contains "mypassword"
└── api_token # Contains "abc123"

[gcoan]

yes that is going to require a bit more work

The secret handling is the load_secrets function in hass.py, which currently looks for a single file (in a series of directories) and loads all the secrets found in a single list item

It could be changed to look in the docker folder, presumably would need to scan the directory for all files, and open each file in turn, then construct the secrets list based on the file contents?

Feels like a bit more of a proper bit of Python development to me ...

[nipar4]

I think the secrets list would be based on the files, each file should be named as the variable ha_key etc.

I'm afraid i can't help with python