From 6dc562c482b318a22227e5aded1a1eed84595229 Mon Sep 17 00:00:00 2001
From: Florian PAUL <florian.paul@amadeus.com>
Date: Tue, 18 Jul 2023 17:37:50 +0200
Subject: [PATCH] ci: publish-pr on external workflow

---
 .github/workflows/main.yml                    | 12 +---
 .github/workflows/publish-pr.yml              | 70 +++++++++++++++++++
 .github/workflows/publish.yml                 | 12 ++--
 .../download-build-output/action.yml          | 24 +++++++
 4 files changed, 103 insertions(+), 15 deletions(-)
 create mode 100644 .github/workflows/publish-pr.yml

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 95fb0f8c1c..a05a0b8a63 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -77,17 +77,7 @@ jobs:
     with:
       version: ${{ needs.version.outputs.nextVersionTag }}
       prerelease: ${{ needs.version.outputs.isPreRelease == 'true' }}
-  publish-packages-pr:
-    uses: ./.github/workflows/publish.yml
-    if: ${{ github.event_name == 'pull_request' }}
-    permissions:
-      packages: write
-      contents: read
-    secrets: inherit
-    needs: [version, build]
-    with:
-      version: ${{ needs.version.outputs.nextVersionTag }}
-      prerelease: ${{ needs.version.outputs.isPreRelease == 'true' }}
+      isPullRequest: false
 
   documentation-main:
     secrets: inherit
diff --git a/.github/workflows/publish-pr.yml b/.github/workflows/publish-pr.yml
new file mode 100644
index 0000000000..606b231a9e
--- /dev/null
+++ b/.github/workflows/publish-pr.yml
@@ -0,0 +1,70 @@
+name: Publish PR
+
+on:
+  workflow_run:
+    workflows: ['Main CI']
+    types:
+      - completed
+
+jobs:
+  version:
+    if: ${{ github.event.workflow_run.event == 'pull_request' }}
+    permissions:
+      actions: read
+    runs-on: ubuntu-latest
+    outputs:
+      nextVersionTag: ${{ steps.newVersion.outputs.nextVersionTag }}
+    steps:
+      - name: get logs from workflow run
+        uses: actions/github-script@v6
+        with:
+          script: |
+            let download = await github.rest.actions.downloadWorkflowRunLogs({
+               owner: context.repo.owner,
+               repo: context.repo.repo,
+               run_id: context.payload.workflow_run.id,
+            });
+            let fs = require('fs');
+            fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/logs.zip`, Buffer.from(download.data));
+      - run: unzip logs.zip
+      - name: extract version from logs
+        id: newVersion
+        run: echo nextVersionTag=$(find *_version.txt | xargs grep -hiPo '(?<=nextVersionTag variable has been set with ).*$') >> "$GITHUB_OUTPUT"
+
+  publish-packages-pr:
+    uses: ./.github/workflows/publish.yml
+    needs: [version]
+    permissions:
+      packages: write
+      contents: read
+    secrets: inherit
+    with:
+      version: ${{ needs.version.outputs.nextVersionTag }}
+      prerelease: true
+      isPullRequest: true
+
+  notify-parent:
+    runs-on: ubuntu-latest
+    needs: [publish-packages-pr]
+    if: success() || failure()
+    permissions:
+      checks: write
+    steps:
+      - name: Update triggering workflow
+        uses: actions/github-script@v6
+        env:
+          PUBLISH_RESULT: ${{ needs.publish-packages-pr.result }}
+        with:
+          script: |
+            const backUrl = `https://github.com/${context.repo.owner}/${context.repo.repo}/actions/runs/${context.runId}/attempts/${context.runAttempt || 1}`;
+            await github.rest.checks.create({
+               head_sha: context.payload.workflow_run.head_commit.id,
+               name: 'publish-packages-pr',
+               conclusion: process.env.PUBLISH_RESULT,
+               status: 'completed',
+               output: {
+                  title: 'publish-packages-pr',
+                  summary: `${process.env.PUBLISH_RESULT} publish [${backUrl}](${backUrl})`
+               },
+               ...context.repo
+            });
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 8897df8c6d..47907aa625 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -12,6 +12,10 @@ on:
         default: false
         required: false
         description: Version of the artifact to publish
+      isPullRequest:
+        type: boolean
+        default: ${{ github.event_name == 'pull_request' }}
+        required: false
     secrets:
       AZURE_VSC_EXT_TOKEN:
         required: false
@@ -37,7 +41,7 @@ jobs:
     runs-on: ubuntu-latest
     env:
       NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
-    environment: ${{github.event_name == 'pull_request' && 'development' || 'production'}}
+    environment: ${{inputs.isPullRequest && 'development' || 'production'}}
     permissions:
       packages: write
       contents: read
@@ -55,7 +59,7 @@ jobs:
           is-prerelease: ${{ inputs.prerelease }}
           version: ${{ inputs.version }}
       - name: Publish
-        run: yarn run publish --tag=${{ github.event_name == 'pull_request' && 'pr' || steps.get-npm-tag.outputs.tag }} ${{ github.event_name == 'pull_request' && '--userconfig=./.npmrc.pr' || ''}} --always-auth=true
+        run: yarn run publish --tag=${{ inputs.isPullRequest && 'pr' || steps.get-npm-tag.outputs.tag }} ${{ inputs.isPullRequest && '--userconfig=./.npmrc.pr' || ''}} --always-auth=true
         env:
           GITHUB_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
@@ -64,7 +68,7 @@ jobs:
           AZURE_EMAIL: ${{ secrets.AZURE_EMAIL }}
 
   publish-cascading:
-    if: github.event_name != 'pull_request'
+    if: '!inputs.isPullRequest'
     runs-on: ubuntu-latest
     env:
       APP_PATH: 'apps/github-cascading-app/dist'
@@ -100,7 +104,7 @@ jobs:
 
   publish-extensions:
     runs-on: ubuntu-latest
-    environment: ${{github.event_name == 'pull_request' && 'development' || 'production'}}
+    environment: ${{inputs.isPullRequest && 'development' || 'production'}}
     permissions:
       packages: write
       contents: read
diff --git a/tools/github-actions/download-build-output/action.yml b/tools/github-actions/download-build-output/action.yml
index 169a4e4084..be417cef95 100644
--- a/tools/github-actions/download-build-output/action.yml
+++ b/tools/github-actions/download-build-output/action.yml
@@ -5,9 +5,33 @@ runs:
   using: 'composite'
   steps:
     - uses: actions/download-artifact@v3
+      if: github.event_name != 'workflow_run'
       with:
         name: dist
         path: '.'
+
+    - name: 'Download artifact'
+      uses: actions/github-script@v6
+      if: github.event_name == 'workflow_run'
+      with:
+        script: |
+          let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({
+             owner: context.repo.owner,
+             repo: context.repo.repo,
+             run_id: context.payload.workflow_run.id,
+          });
+          let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => {
+            return artifact.name == "dist"
+          })[0];
+          let download = await github.rest.actions.downloadArtifact({
+             owner: context.repo.owner,
+             repo: context.repo.repo,
+             artifact_id: matchArtifact.id,
+             archive_format: 'zip',
+          });
+          let fs = require('fs');
+          fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/dist.zip`, Buffer.from(download.data));
+
     - run: unzip -q -n dist.zip
       shell: bash
     - run: rm -f dist.zip