# # Build and push PostHog and PostHog Cloud container images # # - posthog_build: build and push the PostHog container image to DockerHub # # - posthog_cloud_build: build the PostHog Cloud container image using # as base image the container image from the previous step. The image is # then pushed to AWS ECR. # name: Container Images CD on: push: branches: - master paths-ignore: - 'rust/**' - 'livestream/**' workflow_dispatch: jobs: posthog_build: name: Build and push PostHog if: github.repository == 'PostHog/posthog' runs-on: ubuntu-latest permissions: id-token: write # allow issuing OIDC tokens for this workflow run contents: read # allow at least reading the repo contents, add other permissions if necessary packages: write # allow push to ghcr.io steps: - name: Check out uses: actions/checkout@v4 with: fetch-depth: 2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Set up Depot CLI uses: depot/setup-action@v1 - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v4 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: us-east-1 - name: Login to Amazon ECR id: aws-ecr uses: aws-actions/amazon-ecr-login@v2 - name: Login to DockerHub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USER }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push container image id: build uses: depot/build-push-action@v1 with: buildx-fallback: false # the fallback is so slow it's better to just fail push: true tags: posthog/posthog:${{ github.sha }},posthog/posthog:latest,${{ steps.aws-ecr.outputs.registry }}/posthog-cloud:master platforms: linux/arm64,linux/amd64 build-args: COMMIT_HASH=${{ github.sha }} - name: get deployer token id: deployer uses: getsentry/action-github-app-token@v3 with: app_id: ${{ secrets.DEPLOYER_APP_ID }} private_key: ${{ secrets.DEPLOYER_APP_PRIVATE_KEY }} - name: get PR labels id: labels uses: ./.github/actions/get-pr-labels with: token: ${{ secrets.GITHUB_TOKEN }} - name: Trigger PostHog Cloud deployment from Charts uses: peter-evans/repository-dispatch@v3 with: token: ${{ steps.deployer.outputs.token }} repository: PostHog/charts event-type: commit_state_update client-payload: | { "values": { "image": { "sha": "${{ steps.build.outputs.digest }}" } }, "release": "posthog", "commit": ${{ toJson(github.event.head_commit) }}, "repository": ${{ toJson(github.repository) }}, "labels": ${{ steps.labels.outputs.labels }}, "timestamp": "${{ github.event.head_commit.timestamp }}" } - name: Check for changes in plugins directory id: check_changes_plugins run: | echo "changed=$((git diff --name-only HEAD^ HEAD | grep -q '^plugin-server/' && echo true) || echo false)" >> $GITHUB_OUTPUT - name: Trigger Ingestion Cloud deployment if: steps.check_changes_plugins.outputs.changed == 'true' uses: peter-evans/repository-dispatch@v3 with: token: ${{ steps.deployer.outputs.token }} repository: PostHog/charts event-type: commit_state_update client-payload: | { "values": { "image": { "sha": "${{ steps.build.outputs.digest }}" } }, "release": "ingestion", "commit": ${{ toJson(github.event.head_commit) }}, "repository": ${{ toJson(github.repository) }}, "labels": ${{ toJson(steps.labels.outputs.labels) }}, "timestamp": "${{ github.event.head_commit.timestamp }}" } - name: Check for changes that affect batch exports temporal worker id: check_changes_batch_exports_temporal_worker run: | echo "changed=$((git diff --name-only HEAD^ HEAD | grep -qE '^posthog/temporal/common|^posthog/temporal/batch_exports|^posthog/batch_exports/|^posthog/management/commands/start_temporal_worker.py$|^requirements.txt$' && echo true) || echo false)" >> $GITHUB_OUTPUT - name: Trigger Batch Exports Sync Temporal Worker Cloud deployment if: steps.check_changes_batch_exports_temporal_worker.outputs.changed == 'true' uses: peter-evans/repository-dispatch@v3 with: token: ${{ steps.deployer.outputs.token }} repository: PostHog/charts event-type: commit_state_update client-payload: | { "values": { "image": { "sha": "${{ steps.build.outputs.digest }}" } }, "release": "temporal-worker", "commit": ${{ toJson(github.event.head_commit) }}, "repository": ${{ toJson(github.repository) }}, "labels": ${{ steps.labels.outputs.labels }}, "timestamp": "${{ github.event.head_commit.timestamp }}" } - name: Trigger Batch Exports Temporal Worker Cloud deployment if: steps.check_changes_batch_exports_temporal_worker.outputs.changed == 'true' uses: peter-evans/repository-dispatch@v3 with: token: ${{ steps.deployer.outputs.token }} repository: PostHog/charts event-type: commit_state_update client-payload: | { "values": { "image": { "sha": "${{ steps.build.outputs.digest }}" } }, "release": "temporal-worker-batch-exports", "commit": ${{ toJson(github.event.head_commit) }}, "repository": ${{ toJson(github.repository) }}, "labels": ${{ steps.labels.outputs.labels }}, "timestamp": "${{ github.event.head_commit.timestamp }}" } - name: Check for changes that affect general purpose temporal worker id: check_changes_general_purpose_temporal_worker run: | echo "changed=$((git diff --name-only HEAD^ HEAD | grep -qE '^posthog/temporal/common|^posthog/temporal/proxy_service|^posthog/management/commands/start_temporal_worker.py$|^requirements.txt$' && echo true) || echo false)" >> $GITHUB_OUTPUT - name: Trigger General Purpose Temporal Worker Cloud deployment if: steps.check_changes_general_purpose_temporal_worker.outputs.changed == 'true' uses: peter-evans/repository-dispatch@v3 with: token: ${{ steps.deployer.outputs.token }} repository: PostHog/charts event-type: commit_state_update client-payload: | { "values": { "image": { "sha": "${{ steps.build.outputs.digest }}" } }, "release": "temporal-worker-general-purpose", "commit": ${{ toJson(github.event.head_commit) }}, "repository": ${{ toJson(github.repository) }}, "labels": ${{ steps.labels.outputs.labels }}, "timestamp": "${{ github.event.head_commit.timestamp }}" } - name: Check for changes that affect data warehouse temporal worker id: check_changes_data_warehouse_temporal_worker run: | echo "changed=$((git diff --name-only HEAD^ HEAD | grep -qE '^posthog/temporal/common|^posthog/temporal/data_imports|^posthog/warehouse/|^posthog/management/commands/start_temporal_worker.py$|^requirements.txt$' && echo true) || echo false)" >> $GITHUB_OUTPUT - name: Trigger Data Warehouse Temporal Worker Cloud deployment if: steps.check_changes_data_warehouse_temporal_worker.outputs.changed == 'true' uses: peter-evans/repository-dispatch@v3 with: token: ${{ steps.deployer.outputs.token }} repository: PostHog/charts event-type: commit_state_update client-payload: | { "values": { "image": { "sha": "${{ steps.build.outputs.digest }}" } }, "release": "temporal-worker-data-warehouse", "commit": ${{ toJson(github.event.head_commit) }}, "repository": ${{ toJson(github.repository) }}, "labels": ${{ steps.labels.outputs.labels }}, "timestamp": "${{ github.event.head_commit.timestamp }}" }