Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for prerelease 13.333 #1125

Merged
merged 33 commits into from
Dec 21, 2024
Merged

Add support for prerelease 13.333 #1125

merged 33 commits into from
Dec 21, 2024

Conversation

felddy
Copy link
Owner

@felddy felddy commented Dec 21, 2024

🗣 Description

This PR adds support for FoundryVTT v13.333 prototype.

There are substantial internal changes that may affect some users.

  • The container now defaults to a non-root user.
  • The internal home directory has changed from /home/foundry to /home/node
  • FOUNDRY_UID and FOUNDRY_GID environment variables have been deprecated.
    The Docker user option should be used to change the uid and gid of the running processes.
  • The container will no longer change the permissions in the data volume to match the uid and gid of the server. Therefore the CONTAINER_PRESERVE_OWNER environment variable is deprecated.
  • The TIMEZONE environment variable has been replaced by the standard TZ environment variable.

💭 Motivation and context

  • Adopting more secure by design best-practices for containers.
  • Supporting FoundryVTT community.

🧪 Testing

  • Tested locally and in CI.

✅ Pre-approval checklist

  • This PR has an informative and human-readable title.
  • Changes are limited to a single goal - eschew scope creep!
  • All future TODOs are captured in issues, which are referenced
    in code comments.
  • All relevant type-of-change labels have been added.
  • I have read the CONTRIBUTING document.
  • These code changes follow cisagov code standards.
  • All relevant repo and/or project documentation has been updated
    to reflect the changes in this PR.
  • Tests have been added and/or modified to cover the changes in this PR.
  • All new and existing tests pass.

dependabot bot and others added 30 commits December 18, 2024 08:46
@dependabot
Bump the github-actions-all group across 1 directory with 5 updates
889f244 
Bumps the github-actions-all group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.10.1` | `2.10.2` |
| [github/codeql-action](https://github.com/github/codeql-action) | `3.27.0` | `3.27.9` |
| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.4.0` | `4.5.0` |
| [actions/cache](https://github.com/actions/cache) | `4.1.2` | `4.2.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.4.3` | `4.5.0` |



Updates `step-security/harden-runner` from 2.10.1 to 2.10.2
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](step-security/harden-runner@91182cc...0080882)

Updates `github/codeql-action` from 3.27.0 to 3.27.9
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@6624720...df409f7)

Updates `actions/dependency-review-action` from 4.4.0 to 4.5.0
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](actions/dependency-review-action@4081bf9...3b139cf)

Updates `actions/cache` from 4.1.2 to 4.2.0
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](actions/cache@6849a64...1bd1e32)

Updates `actions/upload-artifact` from 4.4.3 to 4.5.0
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@b4b15b8...6f51ac0)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-all
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-all
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-all
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-all
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-all
...

Signed-off-by: dependabot[bot] <support@github.com>
@felddy
Merge pull request #1124 from felddy/dependabot/github_actions/github…
33f0136 
…-actions-all-9e4495a647

Bump the github-actions-all group across 1 directory with 5 updates
@dependabot
Bump the pip-all group across 1 directory with 4 updates
5d0c69d 
Bumps the pip-all group with 4 updates in the / directory: [setuptools](https://github.com/pypa/setuptools), [wheel](https://github.com/pypa/wheel), [coverage](https://github.com/nedbat/coveragepy) and [pytest](https://github.com/pytest-dev/pytest).


Updates `setuptools` from 75.3.0 to 75.6.0
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](pypa/setuptools@v75.3.0...v75.6.0)

Updates `wheel` from 0.44.0 to 0.45.1
- [Release notes](https://github.com/pypa/wheel/releases)
- [Changelog](https://github.com/pypa/wheel/blob/main/docs/news.rst)
- [Commits](pypa/wheel@0.44.0...0.45.1)

Updates `coverage` from 7.6.4 to 7.6.9
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](nedbat/coveragepy@7.6.4...7.6.9)

Updates `pytest` from 8.3.3 to 8.3.4
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@8.3.3...8.3.4)

---
updated-dependencies:
- dependency-name: setuptools
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-all
- dependency-name: wheel
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-all
- dependency-name: coverage
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: pip-all
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: pip-all
...

Signed-off-by: dependabot[bot] <support@github.com>
@felddy
Merge pull request #1121 from felddy/dependabot/pip/pip-all-e37e8001db
40ddbda 
Bump the pip-all group across 1 directory with 4 updates
@dependabot
Bump the npm-all group across 1 directory with 2 updates
7d08d59 
Bumps the npm-all group with 2 updates in the / directory: [winston](https://github.com/winstonjs/winston) and [typescript](https://github.com/microsoft/TypeScript).


Updates `winston` from 3.16.0 to 3.17.0
- [Release notes](https://github.com/winstonjs/winston/releases)
- [Changelog](https://github.com/winstonjs/winston/blob/master/CHANGELOG.md)
- [Commits](winstonjs/winston@v3.16.0...v3.17.0)

Updates `typescript` from 5.6.3 to 5.7.2
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](microsoft/TypeScript@v5.6.3...v5.7.2)

---
updated-dependencies:
- dependency-name: winston
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-all
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-all
...

Signed-off-by: dependabot[bot] <support@github.com>
@felddy
Merge pull request #1114 from felddy/dependabot/npm_and_yarn/npm-all-…
ac1f549 
…e9e9c3146f

Bump the npm-all group across 1 directory with 2 updates
@felddy
Merge remote-tracking branch 'origin/develop' into prerelease/13.333.0
8ebbb9b
@felddy
Bump FoundryVTT version to 13.333
3a4ec5b
@felddy
Remove classic-level workaround
a4d0071 
This was fixed in 13.333 and is no longer required.
See: foundryvtt/foundryvtt#11782
@felddy
Ensure writable locations don't require root user
4f9bc88
@felddy
Remove deprecated root shell option from entrypoint script
dc97da2
@felddy
Remove TIMEZONE env var handling
e8dfe99 
The standard way to set the timezone in the container is to set the `TZ` environment variable.
@felddy
Add warning for deprecated environment variables
44e8b02
@felddy
Remove file permission change loop
741771a 
Since we're no longer assuming we are root we can skip making these changes.

For large asset directories this added a lot of startup time.
@felddy
Remove gosu installation from Dockerfile
d6c19e8
@felddy
Remove deprecated environment variables from docs
ba4de6a
@felddy
Remove or replace deprecated environment variables
4bf85cb
@felddy
Set uid:gid for main test container
64856a5
@felddy
Merge in skeleton updates but preserve node-specific changes
4ec9a30
@felddy
Replace setup.py with pyproject.toml for modern Python packaging
611c481
@felddy
Remove debug echos
866503a
@felddy
Remove noop export
35372cf
@felddy
Remove unused shell startup option
885a0be
@felddy
Fix typo in comment for environment variable regex rules
205adfa
@felddy
Remove deprecated docker compose version specification
09c8955 
Also remove noop restart option in example compose file.
@felddy
Remove VERSION build argument from workflows and Dockerfile
f1eda43
@felddy
Use node user and home by default
71e7533 
This will allow the user to run the container as a non-root user by default.

Closes #948
@felddy
Add VSCode settings for cSpell custom words
3ed797f
@felddy
Fix typos in setup-env script
50f0c4d
@felddy
Update issue templates terms and fix typos
83818f0
@felddy felddy self-assigned this Dec 21, 2024
@felddy felddy force-pushed the prerelease/13.333.0 branch from 115fd10 to cbbf751 Compare December 21, 2024 03:36
@felddy felddy merged commit ab64666 into develop-prerelease Dec 21, 2024
41 checks passed
@felddy felddy deleted the prerelease/13.333.0 branch December 21, 2024 04:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@felddy felddy

Labels
docker 🐳 documentation 📝 enhancement ✨ upstream 👀
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@felddy