fix(plugin-server): write out less overrides on behalf of personless … #6944
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# Build and push PostHog and PostHog Cloud container images | |
# | |
# - posthog_build: build and push the PostHog container image to DockerHub | |
# | |
# - posthog_cloud_build: build the PostHog Cloud container image using | |
# as base image the container image from the previous step. The image is | |
# then pushed to AWS ECR. | |
# | |
name: Container Images CD | |
on: | |
push: | |
branches: | |
- master | |
paths-ignore: | |
- 'rust/**' | |
- 'livestream/**' | |
workflow_dispatch: | |
jobs: | |
posthog_build: | |
name: Build and push PostHog | |
if: github.repository == 'PostHog/posthog' | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write # allow issuing OIDC tokens for this workflow run | |
contents: read # allow at least reading the repo contents, add other permissions if necessary | |
packages: write # allow push to ghcr.io | |
steps: | |
- name: Check out | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Depot CLI | |
uses: depot/setup-action@v1 | |
- name: Login to DockerHub | |
uses: docker/login-action@v3 | |
with: | |
username: posthog | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: us-east-1 | |
- name: Login to Amazon ECR | |
id: aws-ecr | |
uses: aws-actions/amazon-ecr-login@v2 | |
- name: Build and push container image | |
id: build | |
uses: depot/build-push-action@v1 | |
with: | |
buildx-fallback: false # the fallback is so slow it's better to just fail | |
push: true | |
tags: posthog/posthog:${{ github.sha }},posthog/posthog:latest,${{ steps.aws-ecr.outputs.registry }}/posthog-cloud:master | |
platforms: linux/arm64,linux/amd64 | |
build-args: COMMIT_HASH=${{ github.sha }} | |
- name: get deployer token | |
id: deployer | |
uses: getsentry/action-github-app-token@v3 | |
with: | |
app_id: ${{ secrets.DEPLOYER_APP_ID }} | |
private_key: ${{ secrets.DEPLOYER_APP_PRIVATE_KEY }} | |
- name: get PR labels | |
id: labels | |
uses: ./.github/actions/get-pr-labels | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Trigger PostHog Cloud deployment from Charts | |
uses: peter-evans/repository-dispatch@v3 | |
with: | |
token: ${{ steps.deployer.outputs.token }} | |
repository: PostHog/charts | |
event-type: commit_state_update | |
client-payload: | | |
{ | |
"values": { | |
"image": { | |
"sha": "${{ steps.build.outputs.digest }}" | |
} | |
}, | |
"release": "posthog", | |
"commit": ${{ toJson(github.event.head_commit) }}, | |
"repository": ${{ toJson(github.repository) }}, | |
"labels": ${{ steps.labels.outputs.labels }} | |
} | |
- name: Check for changes in plugins directory | |
id: check_changes_plugins | |
run: | | |
echo "changed=$((git diff --name-only HEAD^ HEAD | grep -q '^plugin-server/' && echo true) || echo false)" >> $GITHUB_OUTPUT | |
- name: Trigger Ingestion Cloud deployment | |
if: steps.check_changes_plugins.outputs.changed == 'true' | |
uses: peter-evans/repository-dispatch@v3 | |
with: | |
token: ${{ steps.deployer.outputs.token }} | |
repository: PostHog/charts | |
event-type: commit_state_update | |
client-payload: | | |
{ | |
"values": { | |
"image": { | |
"sha": "${{ steps.build.outputs.digest }}" | |
} | |
}, | |
"release": "ingestion", | |
"commit": ${{ toJson(github.event.head_commit) }}, | |
"repository": ${{ toJson(github.repository) }}, | |
"labels": ${{ steps.labels.outputs.labels }} | |
} | |
- name: Check for changes that affect batch exports temporal worker | |
id: check_changes_batch_exports_temporal_worker | |
run: | | |
echo "changed=$((git diff --name-only HEAD^ HEAD | grep -qE '^posthog/temporal/common|^posthog/temporal/batch_exports|^posthog/batch_exports/|^posthog/management/commands/start_temporal_worker.py$' && echo true) || echo false)" >> $GITHUB_OUTPUT | |
- name: Trigger Batch Exports Temporal Worker Cloud deployment | |
if: steps.check_changes_batch_exports_temporal_worker.outputs.changed == 'true' | |
uses: peter-evans/repository-dispatch@v3 | |
with: | |
token: ${{ steps.deployer.outputs.token }} | |
repository: PostHog/charts | |
event-type: commit_state_update | |
client-payload: | | |
{ | |
"values": { | |
"image": { | |
"sha": "${{ steps.build.outputs.digest }}" | |
} | |
}, | |
"release": "temporal-worker", | |
"commit": ${{ toJson(github.event.head_commit) }}, | |
"repository": ${{ toJson(github.repository) }}, | |
"labels": ${{ steps.labels.outputs.labels }} | |
} | |
- name: Check for changes that affect general purpose temporal worker | |
id: check_changes_general_purpose_temporal_worker | |
run: | | |
echo "changed=$((git diff --name-only HEAD^ HEAD | grep -qE '^posthog/temporal/common|^posthog/temporal/proxy_service|^posthog/management/commands/start_temporal_worker.py$' && echo true) || echo false)" >> $GITHUB_OUTPUT | |
- name: Trigger General Purpose Temporal Worker Cloud deployment | |
if: steps.check_changes_general_purpose_temporal_worker.outputs.changed == 'true' | |
uses: peter-evans/repository-dispatch@v3 | |
with: | |
token: ${{ steps.deployer.outputs.token }} | |
repository: PostHog/charts | |
event-type: commit_state_update | |
client-payload: | | |
{ | |
"values": { | |
"image": { | |
"sha": "${{ steps.build.outputs.digest }}" | |
} | |
}, | |
"release": "temporal-worker-general-purpose", | |
"commit": ${{ toJson(github.event.head_commit) }}, | |
"repository": ${{ toJson(github.repository) }}, | |
"labels": ${{ steps.labels.outputs.labels }} | |
} | |
- name: Check for changes that affect data warehouse temporal worker | |
id: check_changes_data_warehouse_temporal_worker | |
run: | | |
echo "changed=$((git diff --name-only HEAD^ HEAD | grep -qE '^posthog/temporal/common|^posthog/temporal/data_imports|^posthog/warehouse/|^posthog/management/commands/start_temporal_worker.py$' && echo true) || echo false)" >> $GITHUB_OUTPUT | |
- name: Trigger Data Warehouse Temporal Worker Cloud deployment | |
if: steps.check_changes_data_warehouse_temporal_worker.outputs.changed == 'true' | |
uses: peter-evans/repository-dispatch@v3 | |
with: | |
token: ${{ steps.deployer.outputs.token }} | |
repository: PostHog/charts | |
event-type: commit_state_update | |
client-payload: | | |
{ | |
"values": { | |
"image": { | |
"sha": "${{ steps.build.outputs.digest }}" | |
} | |
}, | |
"release": "temporal-worker-data-warehouse", | |
"commit": ${{ toJson(github.event.head_commit) }}, | |
"repository": ${{ toJson(github.repository) }}, | |
"labels": ${{ steps.labels.outputs.labels }} | |
} |