Bump the pip-all group across 1 directory with 3 updates #4950

Workflow file for this run

	---

	name: Build

	on:
	push:
	branches:
	- '**'
	pull_request:
	release:
	types: [edited, published]
	schedule:
	- cron: '0 10 * * *' # everyday at 10am
	workflow_dispatch:
	inputs:
	dispatch-tag:
	description: "Tag to apply to pushed images"
	required: true
	default: "dispatch"

	permissions:
	actions: read
	contents: read

	jobs:
	diagnostics:
	name: "Diagnostics"
	uses: felddy/reusable-workflows/.github/workflows/diagnostics.yml@v2

	config:
	name: "Config"
	uses: ./.github/workflows/_config.yml

	metadata:
	name: "Metadata"
	needs: [config]
	uses: felddy/reusable-workflows/.github/workflows/docker-metadata.yml@v2
	with:
	image_name: ${{ needs.config.outputs.image_name }}

	foundry-secrets:
	name: "Foundry secrets"
	runs-on: ubuntu-latest
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # tag=v2.9.1
	with:
	egress-policy: block

	- name: Check foundry.com credentials
	run: \|
	return_code=0
	if [ -z "${{ secrets.FOUNDRY_USERNAME }}" ]; then
	echo "::warning::Set the FOUNDRY_USERNAME secret."
	return_code=1
	fi
	if [ -z "${{ secrets.FOUNDRY_PASSWORD }}" ]; then
	echo "::warning::Set the FOUNDRY_PASSWORD secret."
	return_code=1
	fi
	exit $return_code

	docker-secrets:
	name: "Docker secrets"
	runs-on: ubuntu-latest
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # tag=v2.9.1
	with:
	egress-policy: block

	- name: Check docker.com credentials
	run: \|
	return_code=0
	if [ -z "${{ secrets.DOCKER_USERNAME }}" ]; then
	echo "::warning::Set the DOCKER_USERNAME secret."
	return_code=1
	fi
	if [ -z "${{ secrets.DOCKER_PASSWORD }}" ]; then
	echo "::warning::Set the DOCKER_PASSWORD secret."
	return_code=1
	fi
	exit $return_code

	artifact-key:
	name: "Artifact key"
	runs-on: ubuntu-latest
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # tag=v2.9.1
	with:
	egress-policy: block

	- name: Check artifact key
	run: \|
	if [ -z "${{ secrets.ARTIFACT_KEY }}" ]; then
	echo "::warning::Set the ARTIFACT_KEY secret."
	exit 1
	fi

	lint:
	name: "Lint"
	needs: [config]
	uses: felddy/reusable-workflows/.github/workflows/common-lint.yml@v2

	build-normal-test-image:
	name: "Build normal test image"
	needs:
	- config
	- lint
	- metadata
	uses: felddy/reusable-workflows/.github/workflows/docker-build-image.yml@v2
	with:
	artifact_name: ${{ needs.config.outputs.image_artifact_name_stem }}-${{ needs.config.outputs.test_platform }}
	build_arg_1_name: VERSION
	cache_from_scopes: ${{ needs.config.outputs.test_platform }}
	cache_to_scope: ${{ needs.config.outputs.test_platform }}
	image_archive_name_stem: ${{ needs.config.outputs.test_platform }}
	image_labels: ${{ needs.metadata.outputs.image_labels }}
	platforms: ${{ needs.config.outputs.test_platform }}
	secrets:
	build_arg_1_value: ${{ needs.metadata.outputs.source_version }}

	build-pre-installed-test-image:
	name: "Build pre-installed test image"
	needs:
	- artifact-key
	- config
	- foundry-secrets
	- lint
	- metadata
	uses: felddy/reusable-workflows/.github/workflows/docker-build-image.yml@v2
	with:
	artifact_name: pre-installed-${{ needs.config.outputs.image_artifact_name_stem }}-${{ needs.config.outputs.test_platform }}
	build_arg_1_name: FOUNDRY_PASSWORD
	build_arg_2_name: FOUNDRY_USERNAME
	build_arg_3_name: VERSION
	cache_from_scopes: ${{ needs.config.outputs.test_platform }}-pre-installed
	cache_to_scope: ${{ needs.config.outputs.test_platform }}-pre-installed
	image_archive_name_stem: ${{ needs.config.outputs.test_platform }}
	image_labels: ${{ needs.metadata.outputs.image_labels }}
	platforms: ${{ needs.config.outputs.test_platform }}
	secrets:
	build_arg_1_value: ${{ secrets.FOUNDRY_PASSWORD }}
	build_arg_2_value: ${{ secrets.FOUNDRY_USERNAME }}
	build_arg_3_value: ${{ needs.metadata.outputs.source_version }}
	image_archive_key: ${{ secrets.ARTIFACT_KEY }}

	# Since we need to pass the foundryvtt.com credentials to the tests, we can't
	# use the standard reusable test workflow. Instead, we'll use a modified
	# version of the workflow that accepts the credential secrets and is stored in
	# this repository.

	test-normal-image:
	name: "Test normal image"
	needs:
	- artifact-key
	- build-normal-test-image
	- config
	- foundry-secrets
	uses: ./.github/workflows/docker-pytest-image.yml
	with:
	data_artifact_name: ${{ needs.config.outputs.data_artifact_name }}
	data_artifact_path: ${{ needs.config.outputs.data_artifact_path }}
	image_artifact_name: ${{ needs.build-normal-test-image.outputs.artifact_name }}
	image_archive_name: ${{ needs.build-normal-test-image.outputs.image_archive_name }}
	secrets:
	data_archive_key: ${{ secrets.ARTIFACT_KEY }}
	foundry_password: ${{ secrets.FOUNDRY_PASSWORD }}
	foundry_username: ${{ secrets.FOUNDRY_USERNAME }}

	test-pre-installed-image:
	name: "Test pre-installed image"
	needs:
	- artifact-key
	- build-pre-installed-test-image
	- config
	uses: ./.github/workflows/docker-pytest-image.yml
	with:
	data_artifact_name: pre-installed-${{ needs.config.outputs.data_artifact_name }}
	data_artifact_path: ${{ needs.config.outputs.data_artifact_path }}
	image_artifact_name: ${{ needs.build-pre-installed-test-image.outputs.artifact_name }}
	image_archive_name: ${{ needs.build-pre-installed-test-image.outputs.image_archive_name }}
	secrets:
	data_archive_key: ${{ secrets.ARTIFACT_KEY }}
	image_archive_key: ${{ secrets.ARTIFACT_KEY }}

	build-each-platform:
	name: "Build platform"
	needs:
	- config
	- lint
	- metadata
	- test-normal-image
	- test-pre-installed-image
	if: github.event_name != 'pull_request'
	strategy:
	matrix:
	platform: ${{ fromJson(needs.config.outputs.platforms_json) }}
	exclude:
	- platform: ${{ needs.config.outputs.test_platform }}
	uses: felddy/reusable-workflows/.github/workflows/docker-build-image.yml@v2
	with:
	artifact_name: ${{ needs.config.outputs.image_artifact_name_stem }}-${{ matrix.platform }}
	build_arg_1_name: VERSION
	cache_from_scopes: ${{ matrix.platform }}
	cache_to_scope: ${{ matrix.platform }}
	image_labels: ${{ needs.metadata.outputs.image_labels }}
	image_archive_name_stem: ${{ matrix.platform }}
	platforms: ${{ matrix.platform }}
	secrets:
	build_arg_1_value: ${{ needs.metadata.outputs.source_version }}

	generate-sboms:
	name: "Bill of Materials"
	needs:
	- build-each-platform
	- config
	permissions:
	contents: write
	strategy:
	matrix:
	platform: ${{ fromJson(needs.config.outputs.platforms_json) }}
	uses: felddy/reusable-workflows/.github/workflows/sbom-artifact.yml@v2
	with:
	image_artifact_name: ${{ needs.config.outputs.image_artifact_name_stem }}-${{ matrix.platform }}
	sbom_artifact_name: ${{ needs.config.outputs.sbom_artifact_name_stem }}-${{ matrix.platform }}

	build-multi-arch-image:
	name: "Publish image"
	needs:
	- build-each-platform
	- config
	- docker-secrets
	- metadata
	if: github.event_name != 'pull_request'
	permissions:
	packages: write
	uses: felddy/reusable-workflows/.github/workflows/docker-multi-arch-push.yml@v2
	with:
	artifact_name_pattern: ${{ needs.config.outputs.image_artifact_name_stem }}-*
	image_tags: ${{ needs.metadata.outputs.image_tags }}
	secrets:
	docker_password: ${{ secrets.DOCKER_PASSWORD }}
	docker_username: ${{ secrets.DOCKER_USERNAME }}

	publish-readme:
	name: "Publish docs"
	needs:
	- build-multi-arch-image
	- config
	- docker-secrets
	- metadata
	if: needs.metadata.outputs.latest == 'true'
	uses: felddy/reusable-workflows/.github/workflows/docker-publish-description.yml@v2
	with:
	image_name: ${{ needs.config.outputs.image_name }}
	secrets:
	docker_password: ${{ secrets.DOCKER_PASSWORD }}
	docker_username: ${{ secrets.DOCKER_USERNAME }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the pip-all group across 1 directory with 3 updates #4950

Workflow file

Bump the pip-all group across 1 directory with 3 updates #4950

Jobs

Run details

Workflow file for this run