# # Make sure PostHog and PostHog Cloud container images can be built # successfully. # # - posthog_build: build and push the PostHog container image to the # GitHub Container Registry # # - posthog_cloud_build: build the PostHog Cloud container image using # as base image the container image from the previous step # name: Container Images CI on: pull_request: concurrency: group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} cancel-in-progress: true jobs: posthog_build: name: Build PostHog runs-on: ubuntu-latest permissions: id-token: write # allow issuing OIDC tokens for this workflow run contents: read # allow at least reading the repo contents, add other permissions if necessary packages: write # allow push to ghcr.io outputs: container_image_tags: ${{ steps.meta.outputs.tags }} container_image_version: ${{ steps.meta.outputs.version }} steps: - name: Checkout code uses: actions/checkout@v3 - name: Lowercase GITHUB_REPOSITORY id: lowercase run: | echo "repository=${GITHUB_REPOSITORY,,}" >> "$GITHUB_OUTPUT" - name: Docker meta id: meta uses: docker/metadata-action@v4 with: images: ghcr.io/${{ steps.lowercase.outputs.repository }}/posthog tags: | type=schedule type=ref,event=branch type=ref,event=tag type=ref,event=pr - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Set up QEMU uses: docker/setup-qemu-action@v2 - name: Set up Depot CLI uses: depot/setup-action@v1 - name: Login to GitHub Container Registry uses: docker/login-action@v2 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build container images id: build uses: depot/build-push-action@v1 with: project: x19jffd9zf # posthog buildx-fallback: false # the fallback is so slow it's better to just fail cache-from: type=gha # always pull the layers from GHA cache-to: type=gha,mode=max # always push the layers to GHA push: true tags: ${{ steps.meta.outputs.tags }} platforms: linux/amd64,linux/arm64 posthog_cloud_build: name: Build PostHog Cloud if: github.repository == 'PostHog/posthog' runs-on: ubuntu-latest permissions: id-token: write # allow issuing OIDC tokens for this workflow run contents: read # allow at least reading the repo contents, add other permissions if necessary packages: read # allow pull from ghcr.io needs: [posthog_build] steps: - name: Checkout code uses: actions/checkout@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Set up QEMU uses: docker/setup-qemu-action@v2 - name: Set up Depot CLI uses: depot/setup-action@v1 - name: Checkout PostHog Cloud code run: | mkdir cloud/ cd cloud/ curl -u posthog-bot:${{ secrets.POSTHOG_BOT_GITHUB_TOKEN }} -L https://github.com/posthog/posthog-cloud/tarball/master | tar --strip-components=1 -xz -- - name: Login to GitHub Container Registry uses: docker/login-action@v2 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Lowercase GITHUB_REPOSITORY id: lowercase run: | echo "repository=${GITHUB_REPOSITORY,,}" >> "$GITHUB_OUTPUT" - name: Build container images id: build uses: depot/build-push-action@v1 with: project: 1stsk4xt19 # posthog-cloud buildx-fallback: false # the fallback is so slow it's better to just fail cache-from: type=gha # always pull the layers from GHA cache-to: type=gha,mode=max # always push the layers to GHA push: false platforms: linux/amd64,linux/arm64 file: Dockerfile.cloud context: cloud # Use the non-cloud image as base image and extend it with # the posthog-cloud code we've checked out. build-args: | BASE_IMAGE=ghcr.io/${{ steps.lowercase.outputs.repository }}/posthog:${{ needs.posthog_build.outputs.container_image_version }} deploy_preview: uses: ./.github/workflows/pr-deploy.yml needs: [posthog_cloud_build] secrets: inherit if: ${{ contains(github.event.pull_request.labels.*.name, 'deploy') }}