feat: add sso enforcement for invite signup #17264
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow runs all of our backend django tests. | |
# | |
# If these tests get too slow, look at increasing concurrency and re-timing the tests by manually dispatching | |
# .github/workflows/ci-backend-update-test-timing.yml action | |
name: Hog CI | |
on: | |
push: | |
branches: | |
- master | |
paths-ignore: | |
- rust/** | |
- livestream/** | |
pull_request: | |
paths-ignore: | |
- rust/** | |
- livestream/** | |
jobs: | |
# Job to decide if we should run backend ci | |
# See https://github.com/dorny/paths-filter#conditional-execution for more details | |
changes: | |
runs-on: ubuntu-latest | |
timeout-minutes: 5 | |
name: Determine need to run Hog checks | |
# Set job outputs to values from filter step | |
outputs: | |
hog: ${{ steps.filter.outputs.hog }} | |
steps: | |
# For pull requests it's not necessary to checkout the code, but we | |
# also want this to run on master so we need to checkout | |
- uses: actions/checkout@v3 | |
- uses: dorny/paths-filter@v2 | |
id: filter | |
with: | |
filters: | | |
hog: | |
# Avoid running tests for irrelevant changes | |
- 'hogvm/**/*' | |
- 'posthog/hogql/**/*' | |
- 'bin/hog' | |
- 'bin/hoge' | |
- requirements.txt | |
- requirements-dev.txt | |
- .github/workflows/ci-hog.yml | |
hog-tests: | |
needs: changes | |
timeout-minutes: 30 | |
name: Hog tests | |
runs-on: ubuntu-latest | |
steps: | |
# If this run wasn't initiated by the bot (meaning: snapshot update) and we've determined | |
# there are backend changes, cancel previous runs | |
- uses: n1hility/cancel-previous-runs@v3 | |
if: github.actor != 'posthog-bot' && needs.changes.outputs.hog == 'true' | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
- uses: actions/checkout@v3 | |
if: needs.changes.outputs.hog == 'true' | |
with: | |
fetch-depth: 1 | |
- name: Set up Python | |
if: needs.changes.outputs.hog == 'true' | |
uses: actions/setup-python@v5 | |
with: | |
python-version: 3.11.9 | |
cache: 'pip' | |
cache-dependency-path: '**/requirements*.txt' | |
token: ${{ secrets.POSTHOG_BOT_GITHUB_TOKEN }} | |
# uv is a fast pip alternative: https://github.com/astral-sh/uv/ | |
- run: pip install uv | |
if: needs.changes.outputs.hog == 'true' | |
- name: Install SAML (python3-saml) dependencies | |
if: needs.changes.outputs.hog == 'true' | |
run: | | |
sudo apt-get update | |
sudo apt-get install libxml2-dev libxmlsec1 libxmlsec1-dev libxmlsec1-openssl | |
- name: Install Python dependencies | |
if: needs.changes.outputs.hog == 'true' | |
run: | | |
uv pip install --system -r requirements.txt -r requirements-dev.txt | |
- name: Install pnpm | |
if: needs.changes.outputs.hog == 'true' | |
uses: pnpm/action-setup@v4 | |
- name: Set up Node.js | |
if: needs.changes.outputs.hog == 'true' | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 18.12.1 | |
- name: Check if ANTLR definitions are up to date | |
if: needs.changes.outputs.hog == 'true' | |
run: | | |
cd .. | |
sudo apt-get install default-jre | |
mkdir antlr | |
cd antlr | |
curl -o antlr.jar https://www.antlr.org/download/antlr-$ANTLR_VERSION-complete.jar | |
export PWD=`pwd` | |
echo '#!/bin/bash' > antlr | |
echo "java -jar $PWD/antlr.jar \$*" >> antlr | |
chmod +x antlr | |
export CLASSPATH=".:$PWD/antlr.jar:$CLASSPATH" | |
export PATH="$PWD:$PATH" | |
cd ../posthog | |
antlr | grep "Version" | |
npm run grammar:build && git diff --exit-code | |
env: | |
# Installing a version of ANTLR compatible with what's in Homebrew as of August 2024 (version 4.13.2), | |
# as apt-get is quite out of date. The same version must be set in hogql_parser/pyproject.toml | |
ANTLR_VERSION: '4.13.2' | |
- name: Check if STL bytecode is up to date | |
if: needs.changes.outputs.hog == 'true' | |
run: | | |
python -m hogvm.stl.compile | |
git diff --exit-code | |
- name: Run HogVM Python tests | |
if: needs.changes.outputs.hog == 'true' | |
run: | | |
pytest hogvm | |
- name: Run HogVM TypeScript tests | |
if: needs.changes.outputs.hog == 'true' | |
run: | | |
cd hogvm/typescript | |
pnpm install --frozen-lockfile | |
pnpm run test | |
- name: Run Hog tests | |
if: needs.changes.outputs.hog == 'true' | |
run: | | |
cd hogvm/typescript | |
pnpm run build | |
cd ../ | |
./test.sh && git diff --exit-code |