feat: reusable publish manual (#6)

Author: uoboda-splunk

.github/workflows/reusable-publish-manual.yaml

@@ -0,0 +1,152 @@
+name: publish-untested
+on:
+  workflow_call:
+    secrets:
+      GH_TOKEN_ADMIN:
+        description: Github admin token
+        required: true
+      GITHUB_TOKEN:
+        description: Github token
+        required: true
+
+jobs:
+  validate_branch:
+    name: validate_branch
+    runs-on: ubuntu-latest
+    steps:
+      - name: validate_branch
+        if: github.ref != 'refs/heads/develop' && github.ref != 'refs/heads/main'
+        run: |
+          echo "Skipping publish as branch is neither main nor develop"
+  build:
+    needs:
+      - validate_branch
+    if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/develop'
+    name: build
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          # Very Important semantic-release won't trigger a tagged
+          # build if this is not set false
+          persist-credentials: false
+      - name: Setup python
+        uses: actions/setup-python@v2
+        with:
+          python-version: 3.7
+      - uses: actions/setup-node@v2
+        with:
+          node-version: 14
+      - name: create requirements file for pip
+        run: |
+          if [ -f "poetry.lock" ]
+          then
+            echo " potery.lock found "
+            sudo pip3 install poetry
+            mkdir -p package/lib || true
+            poetry export --without-hashes -o package/lib/requirements.txt
+            poetry export --without-hashes --dev -o requirements_dev.txt
+            cat requirements_dev.txt
+          fi
+      - name: Get pip cache dir
+        id: pip-cache
+        run: |
+          echo "::set-output name=dir::$(pip cache dir)"
+      - name: Run Check there are libraries to scan
+        id: checklibs
+        run: if [ -f requirements_dev.txt ]; then echo "::set-output name=ENABLED::true"; fi
+      - name: pip cache
+        if: ${{ steps.checklibs.outputs.ENABLED == 'true' }}
+        uses: actions/cache@v2
+        with:
+          path: ${{ steps.pip-cache.outputs.dir }}
+          key: ${{ runner.os }}-pip-${{ hashFiles('requirements_dev.txt') }}
+          restore-keys: |
+            ${{ runner.os }}-pip-
+      - name: Install deps
+        if: ${{ steps.checklibs.outputs.ENABLED == 'true' }}
+        run: pip install -r requirements_dev.txt
+      - name: Determine the version to build
+        id: BuildVersion
+        uses: splunk/addonfactory-get-splunk-package-version-action@v1
+        with:
+          SemVer: ${{ github.event.inputs.tag }}
+          PrNumber: ${{ github.event.number }}
+      - name: Build Package
+        id: uccgen
+        uses: splunk/addonfactory-ucc-generator-action@v1
+        with:
+          version: ${{ steps.BuildVersion.outputs.VERSION }}
+      - name: Slim Package
+        id: slim
+        uses: splunk/addonfactory-packaging-toolkit-action@v1
+        with:
+          source: ${{ steps.uccgen.outputs.OUTPUT }}
+      - name: artifact-splunk-unpacked
+        uses: actions/upload-artifact@v2
+        with:
+          name: package-raw
+          path: ${{ steps.uccgen.outputs.OUTPUT }}**
+        if: always()
+      - name: artifact-splunk-base
+        uses: actions/upload-artifact@v2
+        with:
+          name: package-splunkbase
+          path: ${{ steps.slim.outputs.OUTPUT }}
+        if: always()
+      - name: artifact-splunk-parts
+        uses: actions/upload-artifact@v2
+        with:
+          name: package-deployment
+          path: build/package/deployment**
+        if: always()
+
+  publish:
+    needs:
+      - build
+      - validate_branch
+    if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/develop'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          submodules: false
+          persist-credentials: false
+      - name: Release on github
+        if: github.ref == 'refs/heads/main'
+        uses: "marvinpinto/action-automatic-releases@latest"
+        with:
+          repo_token: "${{ secrets.GITHUB_TOKEN }}"
+          prerelease: false
+          automatic_release_tag: v${{ github.event.inputs.tag }}
+      - name: Release on github (pre-release)
+        if: github.ref == 'refs/heads/develop'
+        uses: "marvinpinto/action-automatic-releases@latest"
+        with:
+          repo_token: "${{ secrets.GITHUB_TOKEN }}"
+          prerelease: true
+          automatic_release_tag: v${{ github.event.inputs.tag }}
+      - name: Download package-deployment
+        uses: actions/download-artifact@v2
+        id: download-package-deployment
+        with:
+          name: package-deployment
+          path: download/artifacts/
+      - name: Download package-splunkbase
+        uses: actions/download-artifact@v2
+        id: download-package-splunkbase
+        with:
+          name: package-splunkbase
+          path: download/artifacts/deployment
+      - name: List of assets
+        run: |
+          ls -la ${{ steps.download-package-splunkbase.outputs.download-path }}
+      - name: Upload assets to release
+        uses: svenstaro/upload-release-action@v2
+        with:
+          repo_token: ${{ secrets.GH_TOKEN_ADMIN }}
+          file: ${{ steps.download-package-splunkbase.outputs.download-path }}/*
+          overwrite: true
+          file_glob: true
+          tag: v${{ github.event.inputs.tag }}