Support readiness gates on web/events/recordings deployments #360
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow handles deploying a branch to the pull request cluster, for | |
# testing purposes. It is locked down so that it can only be used by people who | |
# are a member of the PostHog Github org | |
name: PR - Preview Deploy | |
on: | |
pull_request: | |
types: | |
- labeled | |
- synchronize | |
jobs: | |
deploy: | |
name: Deploy Preview | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/github-script@v6 | |
id: permissions | |
with: | |
script: | | |
let member; | |
try { | |
const resp = await github.rest.repos.getCollaboratorPermissionLevel({ | |
username: context.actor, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
}); | |
if (!resp || !resp.data || !resp.data.permission) { | |
member = false; | |
} else { | |
const permission = resp.data.permission; | |
member = permission == "admin" || permission == "write"; | |
} | |
} catch(error) { | |
member = false | |
} | |
return member | |
- name: Checkout | |
uses: actions/checkout@v3 # no way of getting the correct ref from the issue event, hence the below | |
if: ${{ steps.permissions.outputs.result == 'true' && contains(github.event.pull_request.labels.*.name, 'deploy') }} | |
- name: Declare variables that we can share across steps | |
id: vars | |
run: | | |
GIT_SHORT="$(git rev-parse --short HEAD)" | |
PR_NUM=${{ github.event.number }} | |
BRANCH_NAME=${GITHUB_REF#refs/heads/} | |
echo "git_short=${GIT_SHORT}" >> $GITHUB_OUTPUT | |
echo "fqdn_record=${PR_NUM}.pr.posthog.cc" >> $GITHUB_OUTPUT | |
echo "pr_number=${PR_NUM}" >> $GITHUB_OUTPUT | |
echo "branch_name=$BRANCH_NAME" >> $GITHUB_OUTPUT | |
if: ${{ steps.permissions.outputs.result == 'true' && contains(github.event.pull_request.labels.*.name, 'deploy') }} | |
- name: start deployment | |
uses: bobheadxi/deployments@v1 | |
id: deployment | |
with: | |
step: start | |
token: ${{ secrets.GITHUB_TOKEN }} | |
env: ${{ github.head_ref }} | |
ref: ${{ github.head_ref }} | |
if: ${{ steps.permissions.outputs.result == 'true' && contains(github.event.pull_request.labels.*.name, 'deploy') }} | |
- name: Install doctl to access k8s config | |
uses: digitalocean/action-doctl@v2 | |
with: | |
token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} | |
if: ${{ steps.permissions.outputs.result == 'true' && contains(github.event.pull_request.labels.*.name, 'deploy') }} | |
- name: Install PostHog using the Helm chart | |
id: helm_install | |
run: | | |
doctl kubernetes cluster kubeconfig save $PR_CLUSTER_ID | |
helm upgrade --install \ | |
-f ci/values/pr/values.yaml \ | |
--set ingress.hostname=${{ steps.vars.outputs.fqdn_record }} \ | |
--timeout 30m \ | |
--create-namespace \ | |
--namespace pr-${{ steps.vars.outputs.pr_number }} \ | |
posthog ./charts/posthog \ | |
--wait \ | |
--wait-for-jobs | |
if: ${{ steps.permissions.outputs.result == 'true' && contains(github.event.pull_request.labels.*.name, 'deploy') }} | |
env: | |
PR_CLUSTER_ID: ${{ secrets.PR_CLUSTER_ID }} # probably not _SECRET_, but best kept out of the YAML | |
- name: update deployment status | |
uses: bobheadxi/deployments@v1 | |
with: | |
step: finish | |
token: ${{ secrets.GITHUB_TOKEN }} | |
status: ${{ job.status }} | |
env: ${{ steps.deployment.outputs.env }} | |
ref: ${{ github.head_ref }} | |
env_url: https://${{ steps.vars.outputs.fqdn_record }} | |
deployment_id: ${{ steps.deployment.outputs.deployment_id }} | |
if: ${{ steps.permissions.outputs.result == 'true' && contains(github.event.pull_request.labels.*.name, 'deploy') }} |