0
0
mirror of https://github.com/PostHog/posthog.git synced 2024-11-30 19:41:46 +01:00
posthog/.github/workflows/container-images-ci.yml

128 lines
4.7 KiB
YAML
Raw Normal View History

#
# Make sure PostHog and PostHog Cloud container images can be built
# successfully.
#
# - posthog_build: build and push the PostHog container image to the
# GitHub Container Registry
#
# - posthog_cloud_build: build the PostHog Cloud container image using
# as base image the container image from the previous step
#
name: Container Images CI
on:
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
posthog_build:
name: Build PostHog
runs-on: ubuntu-latest
permissions:
id-token: write # allow issuing OIDC tokens for this workflow run
contents: read # allow at least reading the repo contents, add other permissions if necessary
packages: write # allow push to ghcr.io
outputs:
container_image_tags: ${{ steps.meta.outputs.tags }}
container_image_version: ${{ steps.meta.outputs.version }}
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: ghcr.io/posthog/posthog/posthog
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Depot CLI
uses: depot/setup-action@v1
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build container images
id: build
uses: depot/build-push-action@v1
with:
project: x19jffd9zf # posthog
buildx-fallback: true # fallback to using 'docker buildx build' if 'depot build' is unable to acquire a builder connection
cache-from: type=gha # always pull the layers from GHA
cache-to: type=gha,mode=max # always push the layers to GHA
push: true
tags: ${{ steps.meta.outputs.tags }}
platforms: linux/amd64,linux/arm64
posthog_cloud_build:
name: Build PostHog Cloud
runs-on: ubuntu-latest
permissions:
id-token: write # allow issuing OIDC tokens for this workflow run
contents: read # allow at least reading the repo contents, add other permissions if necessary
packages: read # allow pull from ghcr.io
needs: [posthog_build]
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Depot CLI
uses: depot/setup-action@v1
- name: Checkout PostHog Cloud code
run: |
mkdir cloud/
cd cloud/
curl -u posthog-bot:${{ secrets.POSTHOG_BOT_GITHUB_TOKEN }} -L https://github.com/posthog/posthog-cloud/tarball/master | tar --strip-components=1 -xz --
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build container images
id: build
uses: depot/build-push-action@v1
with:
project: 1stsk4xt19 # posthog-cloud
buildx-fallback: true # fallback to using 'docker buildx build' if 'depot build' is unable to acquire a builder connection
cache-from: type=gha # always pull the layers from GHA
cache-to: type=gha,mode=max # always push the layers to GHA
push: false
platforms: linux/amd64,linux/arm64
file: Dockerfile.cloud
context: cloud
# Use the non-cloud image as base image and extend it with
# the posthog-cloud code we've checked out.
build-args: |
BASE_IMAGE=ghcr.io/posthog/posthog/posthog:${{ needs.posthog_build.outputs.container_image_version }}
deploy_preview:
uses: ./.github/workflows/pr-deploy.yml
needs: [posthog_cloud_build]
secrets: inherit
if: ${{ contains(github.event.pull_request.labels.*.name, 'deploy') }}