name: Build rust container images on: workflow_dispatch: push: paths: - 'rust/**' - '.github/workflows/rust-docker-build.yml' branches: - 'master' jobs: build: name: Build and publish container image strategy: matrix: image: - capture - hook-api - hook-janitor - hook-worker runs-on: depot-ubuntu-22.04-4 permissions: id-token: write # allow issuing OIDC tokens for this workflow run contents: read # allow reading the repo contents packages: write # allow push to ghcr.io defaults: run: working-directory: rust steps: - name: Check Out Repo # Checkout project code # Use sparse checkout to only select files in rust directory # Turning off cone mode ensures that files in the project root are not included during checkout uses: actions/checkout@v3 with: sparse-checkout: 'rust/' sparse-checkout-cone-mode: false - name: Set up Depot CLI uses: depot/setup-action@v1 - name: Login to DockerHub uses: docker/login-action@v2 with: username: posthog password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Login to ghcr.io uses: docker/login-action@v2 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} logout: false - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Docker meta id: meta uses: docker/metadata-action@v4 with: images: ghcr.io/posthog/posthog/${{ matrix.image }} tags: | type=ref,event=pr type=ref,event=branch type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} type=sha - name: Set up Docker Buildx id: buildx uses: docker/setup-buildx-action@v2 - name: Build and push image id: docker_build uses: depot/build-push-action@v1 with: context: ./rust/ file: ./rust/Dockerfile push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} platforms: linux/arm64 cache-from: type=gha cache-to: type=gha,mode=max build-args: BIN=${{ matrix.image }} - name: Container image digest run: echo ${{ steps.docker_build.outputs.digest }}