mirror/TimeTracker
1
0
Fork 0
mirror of https://github.com/DRYTRIX/TimeTracker.git synced 2026-05-02 18:29:26 -05:00
Code Issues Packages Projects Releases Wiki Activity

ci: restore v3.0.0 workflows; keep PostHog/Sentry injection in release build

Browse Source
This commit is contained in:
Dries Peeters
2025-10-21 07:47:44 +02:00
parent 7a4354d1fb
commit 3b73cb5534
3 changed files with 14 additions and 268 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/build-and-publish.yml
-162
View File
@@ -1,162 +0,0 @@
name: Build and Publish Release
on:
push:
tags:
- 'v*.*.*' # Trigger on version tags like v3.0.0
branches:
- main # Also build on main branch pushes
workflow_dispatch: # Allow manual trigger
inputs:
version:
description: 'Version to build (e.g., 3.0.0)'
required: true
default: '3.0.0'
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
build-and-publish:
runs-on: ubuntu-latest
permissions:
contents: write # Needed for creating GitHub releases
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Extract version
id: version
run: |
if [ "${{ github.event_name }}" == "workflow_dispatch" ]; then
VERSION="${{ github.event.inputs.version }}"
elif [[ "${{ github.ref }}" == refs/tags/* ]]; then
# Tag push: extract version from tag
VERSION="${GITHUB_REF#refs/tags/v}"
else
# Branch push: create development version
BUILD_NUMBER=${{ github.run_number }}
COMMIT_SHA=${GITHUB_SHA::8}
BRANCH=${GITHUB_REF#refs/heads/}
BRANCH_SAFE=$(echo "$BRANCH" | sed 's/[^a-zA-Z0-9._-]/-/g')
VERSION="dev-${BRANCH_SAFE}-${BUILD_NUMBER}-${COMMIT_SHA}"
fi
echo "VERSION=$VERSION" >> $GITHUB_OUTPUT
echo "Building version: $VERSION"
- name: Inject analytics configuration
env:
POSTHOG_API_KEY: ${{ secrets.POSTHOG_API_KEY }}
SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
run: |
echo "Injecting analytics configuration into build..."
# Replace placeholders in analytics_defaults.py
sed -i "s|%%POSTHOG_API_KEY_PLACEHOLDER%%|${POSTHOG_API_KEY}|g" app/config/analytics_defaults.py
sed -i "s|%%SENTRY_DSN_PLACEHOLDER%%|${SENTRY_DSN}|g" app/config/analytics_defaults.py
echo "✅ Analytics configuration injected"
# Verify (without exposing secrets)
if grep -q "%%POSTHOG_API_KEY_PLACEHOLDER%%" app/config/analytics_defaults.py; then
echo "❌ ERROR: PostHog API key placeholder not replaced!"
exit 1
fi
echo "✅ All placeholders replaced successfully"
echo "️ App version will be read from setup.py at runtime"
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels)
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=semver,pattern={{version}},value=v${{ steps.version.outputs.VERSION }},enable=${{ startsWith(github.ref, 'refs/tags/') }}
type=semver,pattern={{major}}.{{minor}},value=v${{ steps.version.outputs.VERSION }},enable=${{ startsWith(github.ref, 'refs/tags/') }}
type=semver,pattern={{major}},value=v${{ steps.version.outputs.VERSION }},enable=${{ startsWith(github.ref, 'refs/tags/') }}
type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
type=raw,value=develop,enable=${{ github.ref == 'refs/heads/develop' }}
type=raw,value=${{ steps.version.outputs.VERSION }}
labels: |
org.opencontainers.image.version=${{ steps.version.outputs.VERSION }}
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
build-args: |
VERSION=${{ steps.version.outputs.VERSION }}
APP_VERSION=${{ steps.version.outputs.VERSION }}
- name: Create Release Notes
run: |
cat > release-notes.md <<EOF
# TimeTracker ${{ steps.version.outputs.VERSION }}
## Build Configuration
This build includes embedded analytics for community insights:
- ✅ PostHog analytics configured
- ✅ Sentry error monitoring configured
- ⚙️ Telemetry is **OPT-IN** (disabled by default)
## Privacy Commitment
- Telemetry is **disabled by default** - you must explicitly enable it
- **No personally identifiable information** is ever collected
- Users can disable telemetry at any time via admin dashboard
- All tracked events are documented in docs/all_tracked_events.md
- Open source - you can audit what is sent
## What We Collect (Only If You Opt In)
- ✅ Anonymous event types (e.g., "timer.started")
- ✅ Internal numeric IDs (no names, emails, or content)
- ✅ Platform and version information
- ❌ NO usernames, emails, project names, or any PII
## Docker Image
```bash
docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}
```
## Your Choice
You decide:
- ✅ Enable telemetry to help improve TimeTracker
- ⬜ Keep telemetry disabled for complete privacy (default)
Change your preference anytime at: Admin → Telemetry Dashboard
EOF
- name: Create GitHub Release
uses: softprops/action-gh-release@v1
if: startsWith(github.ref, 'refs/tags/')
with:
body_path: release-notes.md
draft: false
prerelease: false
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
.github/workflows/build-dev.yml
-105
View File
@@ -1,105 +0,0 @@
name: Build Development Image
on:
push:
branches:
- 'feature/**'
pull_request:
branches:
- main
- develop
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
build-dev:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
pull-requests: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Extract branch name
id: branch
run: |
BRANCH=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}
BRANCH_SAFE=$(echo "$BRANCH" | sed 's/[^a-zA-Z0-9._-]/-/g')
echo "BRANCH=$BRANCH_SAFE" >> $GITHUB_OUTPUT
echo "Building branch: $BRANCH_SAFE"
- name: Keep placeholders for dev builds
run: |
echo "Development build - keeping analytics placeholders"
echo "Users must provide their own keys via environment variables"
# Verify placeholders are still present (not accidentally replaced)
if ! grep -q "%%POSTHOG_API_KEY_PLACEHOLDER%%" app/config/analytics_defaults.py; then
echo "⚠️ WARNING: Placeholders already replaced in source!"
else
echo "✅ Placeholders intact for dev build"
fi
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to Container Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Determine version
id: version
run: |
BUILD_NUMBER=${{ github.run_number }}
COMMIT_SHA=${GITHUB_SHA::8}
BRANCH=${{ steps.branch.outputs.BRANCH }}
VERSION="dev-${BRANCH}-${BUILD_NUMBER}-${COMMIT_SHA}"
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "📦 Building version: $VERSION"
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=sha,prefix=${{ steps.branch.outputs.BRANCH }}-
labels: |
org.opencontainers.image.version=${{ steps.version.outputs.version }}
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: .
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
build-args: |
VERSION=${{ steps.version.outputs.version }}
APP_VERSION=${{ steps.version.outputs.version }}
- name: Comment on PR
if: github.event_name == 'pull_request'
uses: actions/github-script@v7
with:
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: '✅ Development build completed successfully!\n\n**Note:** This is a development build without embedded analytics keys. Provide your own via environment variables if needed.'
})
.github/workflows/cd-release.yml
+14 -1
View File
@@ -119,7 +119,7 @@ jobs:
- name: Run complete test suite
env:
DATABASE_URL: sqlite:///:memory:
DATABASE_URL: postgresql://test_user:test_password@localhost:5432/test_db
FLASK_APP: app.py
FLASK_ENV: testing
PYTHONPATH: ${{ github.workspace }}
@@ -315,6 +315,19 @@ jobs:
type=semver,pattern={{major}},value=${{ needs.determine-version.outputs.version }}
type=raw,value=latest,enable={{is_default_branch}}
type=raw,value=stable,enable=${{ needs.determine-version.outputs.is_prerelease == 'false' }}
- name: Inject analytics configuration
env:
POSTHOG_API_KEY: ${{ secrets.POSTHOG_API_KEY }}
SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
run: |
echo "Injecting analytics configuration into build..."
sed -i "s|%%POSTHOG_API_KEY_PLACEHOLDER%%|${POSTHOG_API_KEY}|g" app/config/analytics_defaults.py
sed -i "s|%%SENTRY_DSN_PLACEHOLDER%%|${SENTRY_DSN}|g" app/config/analytics_defaults.py
if grep -q "%%POSTHOG_API_KEY_PLACEHOLDER%%" app/config/analytics_defaults.py; then
echo "❌ ERROR: PostHog API key placeholder not replaced!"; exit 1;
fi
echo "✅ Analytics configuration injected"
- name: Build and push Docker image
uses: docker/build-push-action@v5