mirrors/posthog
0
0
Fork 0
mirror of https://github.com/PostHog/posthog.git synced 2024-11-25 11:17:50 +01:00
Code Issues Releases Activity
077b7e58a4
posthog/.github/workflows/pr-deploy.yml
Frank Hamand 077b7e58a4
fix: Use tailscale oauth secret instead of authkey (#15977) 
Use tailscale oauth secret instead of authkey

Authkeys expire every 90 days, use an oauth secret instead which don't
expire
2023-06-09 13:40:34 +01:00

104 lines
4.4 KiB
YAML
Raw Blame History

# This workflow handles deploying a branch to the pull request cluster, for
# testing purposes. It is locked down so that it can only be used by people who
# are a member of the PostHog Github org
name: PR - Preview Deploy
on:
workflow_call:
jobs:
deploy_preview:
name: Deploy Preview
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
deployments: write
steps:
- name: Checkout chart
uses: actions/checkout@v3
with:
repository: posthog/charts-clickhouse
path: charts-clickhouse
- name: Checkout
uses: actions/checkout@v3
with:
path: posthog
- uses: aws-actions/configure-aws-credentials@v1
with:
aws-region: us-east-1
role-to-assume: arn:aws:iam::169684386827:role/github-terraform-infra-role
role-duration-seconds: 3600
- name: connect to tailscale
uses: tailscale/github-action@8b804aa882ac3429b804a2a22f9803a2101a0db9
env:
TS_EXPERIMENT_OAUTH_AUTHKEY: true
with:
version: 1.42.0
authkey: ${{ secrets.TAILSCALE_OAUTH_SECRET }}
args: --advertise-tags tag:github-runner
- name: start deployment
uses: bobheadxi/deployments@v1.4.0
id: deployment
with:
step: start
env: pr-${{ github.head_ref }}
ref: ${{ github.head_ref }}
- name: Install PostHog using the Helm chart
id: helm_install
run: |
aws eks update-kubeconfig --name "posthog-dev"
kubectl config set-cluster arn:aws:eks:us-east-1:169684386827:cluster/posthog-dev --server=https://eks-posthog-dev --tls-server-name 8BD6E1D2FEBDE47C8177E29CAC9E6C61.gr7.us-east-1.eks.amazonaws.com
export COMMIT_SHA=${{ github.sha }}
export PR_NUM=${{ github.event.number }}
export BRANCH_NAME=${{ github.head_ref }}
export RELEASE_NAME=posthog
export NAMESPACE=pr-$PR_NUM-${BRANCH_NAME//\//-}
export NAMESPACE=${NAMESPACE:0:38}
export NAMESPACE=${NAMESPACE%%-}
export HOSTNAME=$NAMESPACE
export TAILNET_NAME=hedgehog-kitefin
export TS_AUTHKEY=${{ secrets.TAILSCALE_SERVICE_AUTHKEY }}
export POSTHOG_WEB_SERVICE_NAME=POSTHOG_WEB
export POSTHOG_WEB_SERVICE_PORT=8000
envsubst < posthog/.github/pr-deploy/tailscale.yaml.tmpl > posthog/.github/pr-deploy/tailscale.yaml
envsubst < posthog/.github/pr-deploy/values.yaml.tmpl > posthog/.github/pr-deploy/values.yaml
helm upgrade --install \
-f posthog/.github/pr-deploy/values.yaml \
--set image.tag=pr-$PR_NUM \
--timeout 30m \
--create-namespace \
--namespace $NAMESPACE \
$RELEASE_NAME charts-clickhouse/charts/posthog \
--wait \
--wait-for-jobs
POD_NAME=$(kubectl -n $NAMESPACE get pod | grep web | cut -d' ' -f1)
kubectl -n $NAMESPACE exec $POD_NAME -- python manage.py shell -c "import sys;from posthog.models import Team; sys.exit(not Team.objects.exists())" \
|| kubectl -n $NAMESPACE exec $POD_NAME -- python manage.py generate_demo_data \
&& kubectl -n $NAMESPACE exec $POD_NAME -- python manage.py shell -c "from posthog.models import Team; t = Team.objects.first(); t.is_demo = False; t.save()"
kubectl -n $NAMESPACE apply -f posthog/.github/pr-deploy/tailscale.yaml
echo "url=$NAMESPACE.hedgehog-kitefin.ts.net" >> $GITHUB_OUTPUT
- name: update deployment status
uses: bobheadxi/deployments@v1
with:
step: finish
status: ${{ job.status }}
env: ${{ steps.deployment.outputs.env }}
ref: ${{ github.head_ref }}
env_url: https://${{ steps.helm_install.outputs.url }}
deployment_id: ${{ steps.deployment.outputs.deployment_id }}
View Git Blame Copy Permalink