#
# Make sure PostHog and PostHog Cloud container images can be built
# successfully.
#
# - posthog_build: build and push the PostHog container image to the
#   GitHub Container Registry
#
# - posthog_cloud_build: build the PostHog Cloud container image using
#   as base image the container image from the previous step
#
name: Container Images CI

on:
    pull_request:

concurrency:
    group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
    cancel-in-progress: true

jobs:
    posthog_build:
        name: Build PostHog
        runs-on: ubuntu-latest
        permissions:
            id-token: write # allow issuing OIDC tokens for this workflow run
            contents: read # allow at least reading the repo contents, add other permissions if necessary
            packages: write # allow push to ghcr.io

        outputs:
            container_image_tags: ${{ steps.meta.outputs.tags }}
            container_image_version: ${{ steps.meta.outputs.version }}

        steps:
            - name: Checkout code
              uses: actions/checkout@v3

            - name: Lowercase GITHUB_REPOSITORY
              id: lowercase
              run: |
                  echo "repository=${GITHUB_REPOSITORY,,}" >> "$GITHUB_OUTPUT"

            - name: Docker meta
              id: meta
              uses: docker/metadata-action@v4
              with:
                  images: ghcr.io/${{ steps.lowercase.outputs.repository }}/posthog
                  tags: |
                      type=schedule
                      type=ref,event=branch
                      type=ref,event=tag
                      type=ref,event=pr

            - name: Set up Docker Buildx
              uses: docker/setup-buildx-action@v2

            - name: Set up QEMU
              uses: docker/setup-qemu-action@v2

            - name: Set up Depot CLI
              uses: depot/setup-action@v1

            - name: Login to GitHub Container Registry
              uses: docker/login-action@v2
              with:
                  registry: ghcr.io
                  username: ${{ github.repository_owner }}
                  password: ${{ secrets.GITHUB_TOKEN }}

            - name: Build container images
              id: build
              uses: depot/build-push-action@v1
              with:
                  project: x19jffd9zf # posthog
                  buildx-fallback: false # the fallback is so slow it's better to just fail
                  cache-from: type=gha # always pull the layers from GHA
                  cache-to: type=gha,mode=max # always push the layers to GHA
                  push: true
                  tags: ${{ steps.meta.outputs.tags }}
                  platforms: linux/amd64,linux/arm64

    deploy_preview:
        uses: ./.github/workflows/pr-deploy.yml
        needs: [posthog_build]
        secrets: inherit
        if: ${{ contains(github.event.pull_request.labels.*.name, 'deploy') }}