Merge pull request #1100 from felddy/prerelease/13.332.0

Add support for prerelease `13.332.0`

.github/ISSUE_TEMPLATE/bug.yml

@@ -57,7 +57,7 @@ body:
       description: Paste the output from the command above. This will be automatically formatted, so no need for backticks.
       render: shell
       placeholder: |
-        com.foundryvtt.version = "12.320"
+        com.foundryvtt.version = "13.332"
         org.opencontainers.image.authors = "[email protected]"
         org.opencontainers.image.created = "2022-09-01T23:22:04.337Z"
         org.opencontainers.image.description = "An easy-to-deploy Dockerized Foundry Virtual Tabletop server."
@@ -67,7 +67,7 @@ body:
         org.opencontainers.image.title = "foundryvtt-docker"
         org.opencontainers.image.url = "https://github.com/felddy/foundryvtt-docker"
         org.opencontainers.image.vendor = "Geekpad"
-        org.opencontainers.image.version = "12.320.0"
+        org.opencontainers.image.version = "13.332.0"
     validations:
       required: true
   - type: textarea
@@ -78,7 +78,7 @@ body:
       render: console
       placeholder: |
         foundry_1   | Entrypoint | 2022-02-23 14:14:53 | [debug] Timezone set to: US/Eastern
-        foundry_1   | Entrypoint | 2022-02-23 14:14:53 | [info] Starting felddy/foundryvtt container v12.320.0
+        foundry_1   | Entrypoint | 2022-02-23 14:14:53 | [info] Starting felddy/foundryvtt container v13.332.0
         foundry_1   | Entrypoint | 2022-02-23 14:14:53 | [debug] CONTAINER_VERBOSE set.  Debug logging enabled.
         foundry_1   | Entrypoint | 2022-02-23 14:14:53 | [info] Reading configured secrets from: /run/secrets/config.json
         foundry_1   | Entrypoint | 2022-02-23 14:14:53 | [info] No Foundry Virtual Tabletop installation detected.

.github/ISSUE_TEMPLATE/regression.yml

@@ -72,7 +72,7 @@ body:
       description: Paste the output from the command above. This will be automatically formatted, so no need for backticks.
       render: shell
       placeholder: |
-        com.foundryvtt.version = "12.320"
+        com.foundryvtt.version = "13.332"
         org.opencontainers.image.authors = "[email protected]"
         org.opencontainers.image.created = "2022-09-01T23:22:04.337Z"
         org.opencontainers.image.description = "An easy-to-deploy Dockerized Foundry Virtual Tabletop server."
@@ -82,7 +82,7 @@ body:
         org.opencontainers.image.title = "foundryvtt-docker"
         org.opencontainers.image.url = "https://github.com/felddy/foundryvtt-docker"
         org.opencontainers.image.vendor = "Geekpad"
-        org.opencontainers.image.version = "12.320.0"
+        org.opencontainers.image.version = "13.332.0"
     validations:
       required: true
   - type: textarea
@@ -93,7 +93,7 @@ body:
       render: console
       placeholder: |
         foundry_1   | Entrypoint | 2022-02-23 14:14:53 | [debug] Timezone set to: US/Eastern
-        foundry_1   | Entrypoint | 2022-02-23 14:14:53 | [info] Starting felddy/foundryvtt container v12.320.0
+        foundry_1   | Entrypoint | 2022-02-23 14:14:53 | [info] Starting felddy/foundryvtt container v13.332.0
         foundry_1   | Entrypoint | 2022-02-23 14:14:53 | [debug] CONTAINER_VERBOSE set.  Debug logging enabled.
         foundry_1   | Entrypoint | 2022-02-23 14:14:53 | [info] Reading configured secrets from: /run/secrets/config.json
         foundry_1   | Entrypoint | 2022-02-23 14:14:53 | [info] No Foundry Virtual Tabletop installation detected.

.github/dependabot.yml

@@ -15,6 +15,11 @@ updates:
       - "bot :robot:"
       - "dependencies :game_die:"
       - "docker :whale:"
+    groups:
+      docker-all:
+        applies-to: "version-updates"
+        patterns:
+          - "*"
 
   - package-ecosystem: "github-actions"
     directory: "/"
@@ -24,6 +29,11 @@ updates:
       - "bot :robot:"
       - "dependencies :game_die:"
       - "github-actions :octocat:"
+    groups:
+      github-actions-all:
+        applies-to: "version-updates"
+        patterns:
+          - "*"
 
   - package-ecosystem: "npm"
     directory: "/"
@@ -33,6 +43,11 @@ updates:
       - "bot :robot:"
       - "dependencies :game_die:"
       - "javascript :coffee:"
+    groups:
+      npm-all:
+        applies-to: "version-updates"
+        patterns:
+          - "*"
 
   - package-ecosystem: "pip"
     directory: "/"
@@ -42,3 +57,8 @@ updates:
       - "bot :robot:"
       - "dependencies :game_die:"
       - "python :snake:"
+    groups:
+      pip-all:
+        applies-to: "version-updates"
+        patterns:
+          - "*"

.github/workflows/_config.yml

@@ -7,7 +7,7 @@ on:
     inputs:
       platforms:
         description: "The platforms to build (CSV)"
-        default: linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/ppc64le
+        default: linux/amd64,linux/arm/v7,linux/arm64,linux/ppc64le,linux/s390x
         required: false
         type: string
     outputs:

.github/workflows/build.yml

@@ -43,7 +43,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7  # tag=v2.10.1
         with:
           egress-policy: block
 
@@ -65,7 +65,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7  # tag=v2.10.1
         with:
           egress-policy: block
 
@@ -87,7 +87,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7  # tag=v2.10.1
         with:
           egress-policy: block
 
@@ -132,18 +132,18 @@ jobs:
     uses: felddy/reusable-workflows/.github/workflows/docker-build-image.yml@v2
     with:
       artifact_name: pre-installed-${{ needs.config.outputs.image_artifact_name_stem }}-${{ needs.config.outputs.test_platform }}
-      build_arg_1_name: FOUNDRY_PASSWORD
-      build_arg_2_name: FOUNDRY_USERNAME
-      build_arg_3_name: VERSION
+      build_arg_1_name: VERSION
+      build_secret_1_name: foundry_password
+      build_secret_2_name: foundry_username
       cache_from_scopes: ${{ needs.config.outputs.test_platform }}-pre-installed
       cache_to_scope: ${{ needs.config.outputs.test_platform }}-pre-installed
       image_archive_name_stem: ${{ needs.config.outputs.test_platform }}
       image_labels: ${{ needs.metadata.outputs.image_labels }}
       platforms: ${{ needs.config.outputs.test_platform }}
     secrets:
-      build_arg_1_value: ${{ secrets.FOUNDRY_PASSWORD }}
-      build_arg_2_value: ${{ secrets.FOUNDRY_USERNAME }}
-      build_arg_3_value: ${{ needs.metadata.outputs.source_version }}
+      build_arg_1_value: ${{ needs.metadata.outputs.source_version }}
+      build_secret_1_value: ${{ secrets.FOUNDRY_PASSWORD }}
+      build_secret_2_value: ${{ secrets.FOUNDRY_USERNAME }}
       image_archive_key: ${{ secrets.ARTIFACT_KEY }}
 
 # Since we need to pass the foundryvtt.com credentials to the tests, we can't

.github/workflows/codeql-analysis.yml

@@ -44,25 +44,25 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7  # tag=v2.10.1
         with:
           # TODO: change to 'egress-policy: block' after couple of runs
           egress-policy: audit
 
       - name: Checkout repository
-        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # tag=v4.1.4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # tag=v4.2.2
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@cdcdbb579706841c47f7063dda365e292e5cad7a  # tag=codeql-bundle-v2.13.4
+        uses: github/codeql-action/init@662472033e021d55d94146f66f6058822b0b39fd  # tag=codeql-bundle-v3.27.0
         with:
           languages: ${{ matrix.language }}
 
       # Autobuild attempts to build any compiled languages (C/C++, C#, or
       # Java). If this step fails, then you should remove it and run the build
       # manually (see below).
       - name: Autobuild
-        uses: github/codeql-action/autobuild@cdcdbb579706841c47f7063dda365e292e5cad7a  # tag=codeql-bundle-v2.13.4
+        uses: github/codeql-action/autobuild@662472033e021d55d94146f66f6058822b0b39fd  # tag=codeql-bundle-v3.27.0
 
       # ℹ️ Command-line programs to run using the OS shell. 📚
       # https://git.io/JvXDl
@@ -76,4 +76,4 @@ jobs:
       #     make release
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@cdcdbb579706841c47f7063dda365e292e5cad7a  # tag=codeql-bundle-v2.13.4
+        uses: github/codeql-action/analyze@662472033e021d55d94146f66f6058822b0b39fd  # tag=codeql-bundle-v3.27.0

.github/workflows/dependency-review.yml

@@ -12,10 +12,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7  # tag=v2.10.1
         with:  # TODO: change to 'egress-policy: block' after couple of runs
           egress-policy: audit
       - name: 'Checkout Repository'
-        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # tag=v4.1.4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # tag=v4.2.2
       - name: 'Dependency Review'
-        uses: actions/dependency-review-action@5bbc3ba658137598168acb2ab73b21c432dd411b  # tag=v4.2.5
+        uses: actions/dependency-review-action@4081bf99e2866ebe428fc0477b69eb4fcda7220a  # tag=v4.4.0

.github/workflows/docker-pytest-image.yml

@@ -73,7 +73,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7  # tag=v2.10.1
         with:
           egress-policy: audit
           # allowed-endpoints: >
@@ -108,14 +108,14 @@ jobs:
             echo "do_decryption=false" >> $GITHUB_OUTPUT
           fi
 
-      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # tag=v4.1.4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # tag=v4.2.2
       - id: setup-python
-        uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d  # tag=v5.1.0
+        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b  # tag=v5.3.0
         with:
           python-version: ${{ inputs.python_version }}
 
       - name: Cache testing environments
-        uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9  # tag=v4.0.2
+        uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a  # tag=v4.1.2
         env:
           BASE_CACHE_KEY: "${{ github.job }}-${{ runner.os }}-\
             py${{ steps.setup-python.outputs.python-version }}-"
@@ -133,7 +133,7 @@ jobs:
           pip install --upgrade --requirement requirements-test.txt
 
       - name: Download Docker image artifact
-        uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e  # tag=v4.1.7
+        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16  # tag=v4.1.8
         with:
           name: ${{ inputs.image_artifact_name }}
           path: ${{ env.ARTIFACT_WORK_DIR }}
@@ -183,15 +183,15 @@ jobs:
 
       - name: Upload unencrypted data artifacts
         if: ( success() || failure() ) && steps.check_data_archive_key.outputs.do_encryption == 'false'
-        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808  # tag=v4.3.3
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882  # tag=v4.4.3
         with:
           name: ${{ inputs.data_artifact_name }}
           path: data.tar.gz
           retention-days: ${{ inputs.data_artifact_retention_days }}
 
       - name: Upload encrypted data artifacts
         if: ( success() || failure() ) && steps.check_data_archive_key.outputs.do_encryption == 'true'
-        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808  # tag=v4.3.3
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882  # tag=v4.4.3
         with:
           name: ${{ inputs.data_artifact_name }}
           path: data.tar.7z

.github/workflows/scorecards.yml

@@ -28,12 +28,12 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # tag=v4.1.4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # tag=v4.2.2
         with:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736  # tag=v2.3.1
+        uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46  # tag=v2.4.0
         with:
           results_file: results.sarif
           results_format: sarif
@@ -52,14 +52,14 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808  # tag=v4.3.3
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882  # tag=v4.4.3
         with:
           name: SARIF file
           path: results.sarif
           retention-days: 5
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a  # tag=codeql-bundle-v2.13.4
+        uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd  # tag=codeql-bundle-v3.27.0
         with:
           sarif_file: results.sarif

.github/workflows/stale-issues.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7  # tag=v2.10.1
         with:
           egress-policy: audit  # TODO: change to 'egress-policy: block' after couple of runs
 

.github/workflows/sync-labels.yml

@@ -20,13 +20,13 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7  # tag=v2.10.1
         with:
           egress-policy: audit  # TODO: change to 'egress-policy: block' after couple of runs
-      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # tag=v4.1.4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # tag=v4.2.2
       - name: Sync repository labels
         if: success()
-        uses: crazy-max/ghaction-github-labeler@de749cf181958193cb7debf1a9c5bb28922f3e1b  # tag=v5.0.0
+        uses: crazy-max/ghaction-github-labeler@b54af0c25861143e7c8813d7cbbf46d2c341680c  # tag=v5.1.0
         with:
           # This is a hideous ternary equivalent so we only do a dry run unless
           # this workflow is triggered by the develop branch.