foundry generate
Read foundry.json, resolve each service's deployment profile via the convention engine, and emit the in-repo CI/CD artifacts. Run with no subcommand to generate all three.
Usage
foundry generate [OPTIONS] # runs pipeline + scripts + tfvars
foundry generate pipeline
foundry generate scripts
foundry generate tfvars
foundry generate callers # multi-repo: thin callers from platform.jsonOptions
| Flag | Description |
|---|---|
--dir, -d | Project root containing foundry.json (default: cwd) |
--clean | Wipe the target directory before generating (fresh install) |
Subcommands
| Subcommand | Generates |
|---|---|
pipeline | .github/workflows/deploy.yml — a GitHub Actions workflow |
scripts | ci/scripts/ — a self-contained Python deploy engine suite (change detection, IaC, ECS, S3-static, database engines) |
tfvars | ci/iac/{env}/{env}.auto.tfvars — one per enabled environment |
callers | Multi-repo: per-service thin-caller workflows from platform.json (printed, or written with --out) |
The generated scripts are self-contained
ci/scripts/ does not depend on the Foundry CLI at runtime — it reads foundry.json directly and embeds the convention engine. This is the monorepo deploy model: the pipeline and scripts live in the same repo as the manifest and run there.
Multi-repo: generate callers
foundry generate callers reads the central platform.json and emits each orchestrated service's thin-caller workflow — the small file a service repo carries that names the service and delegates to the ops repo's reusable deploy.yml. Only static and service strategies get a caller; desktop / game-publisher ship via their own release flows.
| Flag | Description |
|---|---|
--manifest | Central manifest (default: platform.json, else foundry.json) |
--out | Write to <out>/<repo>/.github/workflows/; default prints to stdout |
--env | Target environment (default prod) — selects the per-service branch |
--ref | The ops repo ref the callers pin (default main) |
A repo with one orchestrated service gets deploy.yml; a repo with several gets deploy-<service>.yml. The reusable workflow reference is derived from the manifest (<org>/<ops-repo>/.github/workflows/deploy.yml@<ref> — from github.organization plus the manifest's own repository), so nothing is hard-coded to a single org. The bare foundry generate still runs only the three monorepo generators; callers is invoked explicitly.
Generated vs hand-maintained:generate callersproduces the per-repo thin callers. The ops repo's reusabledeploy.ymland the orchestrator engine are hand-maintained in the ops repo — see Orchestrator & Strategies.
Note on tfvars + renames
After generating tfvars, renaming a service requires an OpenTofu state migration before applying — the command prints the exact tofu state mv command to run.