Make Core.shutdown idempotent and safe to call concurrently

[agners]

Proposed change

After #6887, Core.shutdown() runs from the SIGTERM signal handler during host shutdown in addition to the existing call sites (host.control.reboot()/shutdown(), backup restore). To avoid spawning a second stop_supervisor() task when a repeat SIGTERM arrives, __main__.py debounced the signal handler by stashing the in-flight task in a single-element list and bailing out on subsequent invocations. That workaround only covers the SIGTERM-vs-SIGTERM race; two API-initiated reboots, or a reboot API call racing with SIGTERM, would still re-enter the shutdown sequence.

This PR moves the idempotency into Core.shutdown() itself, where every caller benefits:

• A second call while a shutdown is in progress awaits the in-flight shutdown via an asyncio.Event rather than re-running the sequence.
• Calls while state is STOPPING/CLOSE return early — Supervisor is already going away, the work is moot.
• Calls while state is in STARTING_STATES (INITIALIZE/STARTUP/SETUP) return early too. There is nothing coherent to gracefully stop before startup completes, and on the SIGTERM-during-startup path the caller cancels startup_task first, so waiting for it to complete would deadlock (the finally in Core.start() cannot reach set_state(RUNNING) once awaits raise CancelledError).
• The sequence is wrapped in try/finally so the completion event is set even when an inner step raises.

With idempotency in Core, the closure-with-list workaround in __main__.py collapses to a plain coresys.create_task(stop_supervisor()): repeat SIGTERMs spawn extra tasks but each just observes the in-flight shutdown and waits.

Inspired by (a subset of) #6631.

Type of change

• Dependency upgrade
• Bugfix (non-breaking change which fixes an issue)
• New feature (which adds functionality to the supervisor)
• Breaking change (fix/feature causing existing functionality to break)
• Code quality improvements to existing code or addition of tests

Additional information

• This PR fixes or closes issue: fixes #
• This PR is related to issue: Coordinate graceful shutdown with Home Assistant OS #6887
• Link to documentation pull request:
• Link to cli pull request:
• Link to client library pull request:

Checklist

• The code change is tested and works locally.
• Local tests pass. Your PR cannot be merged unless tests pass
• There is no commented out code in this PR.
• I have followed the development checklist
• The code has been formatted using Ruff (ruff format supervisor tests)
• Tests have been added to verify that the new code works.

If API endpoints or add-on configuration are added/changed:

• Documentation added/updated for developers.home-assistant.io
• CLI updated (if necessary)
• Client library updated (if necessary)

[mdegat01]

The code is fine, works and definitely helpful.

My comments are just about a seemingly supported use case that confuses me. There is currently no way to return to RUNNING after SHUTDOWN without exiting and restarting the python process in production. Is there a future use case here we're looking to support I'm unaware of? If not we should probably remove the perceived support for that since its a bit confusing.

[mdegat01]

The concept of repeated use doesn't really make sense here. Shutdown eventually leads to a stop in the python process which obviously clears the event. And there's no way to go back to CoreState.RUNNING from those closing states. So I'm not really sure when this would have any effect? At the very least the comment should probably be adjusted since its example isn't a real use case.

[mdegat01]

I mean this is very much a fabricated use case, it can't ever happen in production. CoreState cannot get back to RUNNING from SHUTDOWN. Is there a plan to support some kind of live backup and restore for Supervisor I'm unaware of?

[home-assistant]

Please take a look at the requested changes, and use the Ready for review button when you are done, thanks 👍

Learn more about our pull request process.