entur · xamebax · Apr 30, 2026 · Apr 28, 2026 · Apr 29, 2026 · Apr 29, 2026
@@ -0,0 +1,98 @@
+name: PostHog Capture
+description: Send a workflow analytics event to PostHog
+
+inputs:
+  api_key:
+    description: "PostHog project API key"
+    required: true
+  gha_repository:
+    description: "GitHub repository where the reusable workflow lives, in the format 'owner/repo' (e.g. 'entur/gha-helm')"
+    required: true
+  workflow_inputs:
+    description: "Workflow inputs as a JSON string (e.g. toJSON(inputs))"
+    required: false
+    default: "{}"
+  workflow_name:
+    description: "Name of the workflow. Used as the event name in PostHog (lint, deploy, etc.)"
+    required: true
+
+runs:
+  using: composite
+  steps:
+    - name: Resolve action version
+      id: workflow_version
+      env:
+        GHA_REPOSITORY: ${{ inputs.gha_repository }}
+      shell: bash
+      run: |
+        set -o pipefail
+
+        # Resolve version by finding this reusable workflow's entry in the caller's run.
+        # (GITHUB_WORKFLOW_REF is the caller's ref, not the reusable workflow's ref)
+        RUN_DATA=$(curl -sf \
+          -H "Authorization: Bearer $GITHUB_TOKEN" \
+          -H "Accept: application/vnd.github+json" \
+          "https://api.github.com/repos/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}" || echo "{}")
+
+        GHA_SHA=$(echo "$RUN_DATA" | jq -r --arg repo "$GHA_REPOSITORY" \
+        '(.referenced_workflows // [])[] | select(.path | startswith($repo)) | .sha' | head -1)
+        GHA_REF=$(echo "$RUN_DATA" | jq -r '(.referenced_workflows // [])[] | select(.path | startswith($GHA_REPOSITORY)) | .ref // ""' | head -1)
+
+        WORKFLOW_VERSION=""
+        if [ -n "$GHA_REF" ]; then
+          WORKFLOW_VERSION="${GHA_REF}"
+        elif [ -n "$GHA_SHA" ]; then
+          WORKFLOW_VERSION="${GHA_SHA:0:7}"
+        fi
+
+        echo "Workflow version: $WORKFLOW_VERSION"
+        echo "workflow_version=${WORKFLOW_VERSION}" >> "$GITHUB_OUTPUT"
+    - name: Build properties
+      id: build_properties
+      shell: bash
+      env:
+        GITHUB_TOKEN:      ${{ github.token }}
+        GHA_REPOSITORY:    ${{ inputs.gha_repository }}
+        WORKFLOW_INPUTS:   ${{ inputs.workflow_inputs }}
+        WORKFLOW_NAME:     ${{ inputs.workflow_name }}
+        WORKFLOW_VERSION:  ${{ steps.workflow_version.outputs.workflow_version }}
+      run: |
+        set -o pipefail
+
+          # Strip inputs whose key names suggest sensitive content
+          SAFE_INPUTS=$(echo "$WORKFLOW_INPUTS" | jq -c '
+            with_entries(
+              select(
+                (.key | test("token|secret|key|password|credential|auth"; "i")) | not
+              )                                                                                                              
+            )
+          ')                                                                                                                 
+
+          properties=$(jq -n \
+            --arg     event    "$GITHUB_EVENT_NAME" \
+            --argjson inputs   "$SAFE_INPUTS" \
+            --arg     name     "$WORKFLOW_NAME" \
+            --arg     repo     "$GHA_REPOSITORY" \
+            --arg     run_id   "$GITHUB_RUN_ID" \
+            --arg     version  "$WORKFLOW_VERSION" \
+            '{
+                event_name:       $event,
+                gha_repository:   $repo,
+                run_id:           $run_id,
+                workflow_name:    $name,
+                workflow_version: $version
+              }
+                + ($inputs | with_entries(.key = ("input_" + .key)))'
+          )                                                                                                                  
+          echo "properties=$(echo "$properties" | jq -c .)" >> "$GITHUB_OUTPUT"
+    - name: Send event to PostHog
+      uses: PostHog/posthog-github-action@58dea254b598fb5d469c0699c98af8288a7f7650  # v1.2.0
+      continue-on-error: true
+      with:
+        capture-job-durations: 'true'
+        capture-run-duration: 'true'
+        event: ${{ inputs.workflow_name }}
+        github-token: ${{ github.token }}
+        posthog-api-host: https://eu.i.posthog.com
+        posthog-token: ${{ inputs.api_key }}
+        properties: ${{ steps.build_properties.outputs.properties }}
@@ -1,2 +1,4 @@
 # Intellij IDEA
-.idea
+.idea
+.vscode/settings.json
+.DS_Store