From a4f19b31fbaa393df6e6d28197c22501554bb0d4 Mon Sep 17 00:00:00 2001
From: Fabrizio Gattuso <f.gattuso87@gmail.com>
Date: Thu, 23 Jan 2025 15:46:27 +0000
Subject: [PATCH] Refactor release workflow

---
 .github/workflows/docker_release_link.yaml | 53 ----------------------
 .github/workflows/release.yaml             | 51 ++++++++++++++++-----
 2 files changed, 39 insertions(+), 65 deletions(-)
 delete mode 100644 .github/workflows/docker_release_link.yaml

diff --git a/.github/workflows/docker_release_link.yaml b/.github/workflows/docker_release_link.yaml
deleted file mode 100644
index 12573d463..000000000
--- a/.github/workflows/docker_release_link.yaml
+++ /dev/null
@@ -1,53 +0,0 @@
-name: Update Release with Docker Image Link
-
-on:
-  workflow_dispatch:
-    inputs:
-      release_id:
-        description: 'Release ID'
-        required: true
-      release_body:
-        description: 'Release body'
-        required: true
-      release_tag:
-        description: 'Release tag'
-        required: true
-
-permissions:
-  contents: write
-  actions: read
-
-jobs:
-  update-release:
-    name: Update Release Page
-    permissions: write-all
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Checkout Repository
-        uses: actions/checkout@v11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2
-
-      - name: Get Docker Image Digest
-        id: docker-info
-        run: |
-          DOCKER_REPO="blockstack/sbtc"
-          TAG=${{ github.event.inputs.release_tag }}
-          DIGEST=$(curl -s https://hub.docker.com/v2/repositories/$DOCKER_REPO/tags/signer-$TAG | jq -r '.images[0].digest')
-          echo "link=hub.docker.com/layers/$DOCKER_REPO/signer-$TAG/images/$DIGEST" >> $GITHUB_ENV
-
-      - name: Update Release with Docker Image Link
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea #v7.0.1
-        with:
-          script: |
-            const link = process.env.link;
-            const releaseId = ${github.event.inputs.release_id};
-            const octokit = github.getOctokit(process.env.GITHUB_TOKEN);
-
-            await github.rest.repos.updateRelease({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              release_id: releaseId,
-              body: `${github.event.inputs.release_body}\n\n**Release Docker Image:** [https://${link}](https://${link})`
-            });
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 7e0871fad..cf47a33af 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -1,4 +1,4 @@
-name: Schedule the docker link workflow
+name: Release workflow - Add the docker hub link to the release notes
 
 on:
   release:
@@ -8,26 +8,53 @@ on:
 permissions:
   actions: write
   contents: read
+  issues: write
 
 jobs:
-  trigger-delayed:
-    name: Trigger Delayed Workflow
+  manual-approval:
+    name: Waiting for manual approval
+    runs-on: ubuntu-latest
+
+    steps: 
+      - name: Wait for manual approval
+        uses: trstringer/manual-approval@662b3ddbc7685f897992051e87e1b4b58c07dc03 #v1.9.1
+        with:
+          secret: ${{ github.TOKEN }}
+          approvers: fabergat, aldur, matteojug, djordon
+          minimum-approvals: 1
+          issue-title: "Add Docker Hub link to the ${{ github.event.release.tag_name }} release notes"
+          issue-body: "Please approve or deny the ${{ github.ref_name }}. Wait the Build and Release sBTC Signer ${{ github.event.release.tag_name }} Docker Image workflow finish with a success."
+          exclude-workflow-initiator-as-approver: false
+  
+  update-release:
+    name: Update Release Page
     permissions: write-all
     runs-on: ubuntu-latest
+    needs: manual-approval
 
     steps:
-      - name: Trigger Delayed Workflow
+      - name: Checkout Repository
+        uses: actions/checkout@v11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2
+
+      - name: Get Docker Image Digest
+        id: docker-info
+        run: |
+          DOCKER_REPO="blockstack/sbtc"
+          TAG=${{ github.event.release.tag_name }}
+          DIGEST=$(curl -s https://hub.docker.com/v2/repositories/$DOCKER_REPO/tags/signer-$TAG | jq -r '.images[0].digest')
+          echo "link=hub.docker.com/layers/$DOCKER_REPO/signer-$TAG/images/$DIGEST" >> $GITHUB_ENV
+
+      - name: Update Release with Docker Image Link
         uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea #v7.0.1
         with:
           script: |
-            await github.rest.actions.createWorkflowDispatch({
+            const link = process.env.link;
+
+            await github.rest.repos.updateRelease({
               owner: context.repo.owner,
               repo: context.repo.repo,
-              workflow_id: 'docker_release_link.yaml',
-              ref: context.ref,
-              inputs: {
-                release_id: context.payload.release.id,
-                release_body: context.payload.release.body,
-                release_tag: context.payload.release.tag_name
-              }
+              release_id: context.payload.release.id,
+              body: `${context.payload.release.body}\n\n**Release Docker Image:** [https://${link}](https://${link})`
             });
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
\ No newline at end of file