Update GHA workflow structure to match other repos (`workflow-dispatc…

…h`, NodeJS 12 actions, etc.) (#6)

* Upgrade actions/upload-artifact

According to these changelogs:

https://github.com/actions/upload-artifact/releases/tag/v3.0.0
https://github.com/actions/upload-artifact/releases/tag/v3.1.1

This should address the Github Actions warnings about upgrading
from node12 to node16, and about not using `set-output`.

* Don't make files world-writable

* Upgrade actions/download-artifact

This involves a change of behavior:

https://github.com/actions/download-artifact#compatibility-between-v1-and-v2v3

Namely, artifacts are now downloaded to the current directory by default,
instead of creating a (redundant, in our case) directory with the
artifact name.

* Remove trailing whitespace

* Upgrade from actions/create-release to ncipollo/release-action

The README for actions/create-release mentions that it's currently
unmaintained, and points to some alternatives, including
ncipollo/release-action, which we use in other projects already.

The API is different, so this means changing how the parameters
are specified for the action, but it seems like a fairly
straightforward match.

The bonus is that ncipollo/release-action allows attaching
artifacts directly, which means:

* The three steps with actions/download-artifact have to happen
  earlier;

* The three steps with actions/upload-release-asset (which is also
  an archived, unmaintained action) don't need to happen at all; and

* No other steps refer to the `create_release` step id, so it
  can be removed.

* `pb.yml`: Copy `on:` from `sct_tutorial_data` (`workflow-dispatch`)

It looks like before this commit, we would automatically run the workflow and create the release for _any_ changes whatsoever. Then, we would pick one of those automatically-created releases and rename it to the desired release title. (Perhaps this workflow was first developed before `workflow-dispatch` even existed?)

In other repos, though, we follow a "don't automatically create releases, only create releases when manually run" sort of workflow. And, given that `sct_tutorial_data` follows a similar pattern (generate artifacts, upload them to a release), I figure we can follow its example here.

Plus, by manually specifying the release title, we make sure to avoid any conflicts, eliminating the need for the run ID.

* `pb.yml`: Only trigger release step on `workflow-dispatch`

This mimics `sct_tutorial_data` et al.

* `pb.yml`: Set `draft: true` and remove `prerelease:`

Since we're no longer creating all these intermediate releases, and only creating a release when manually choosing to, I think it makes more sense to just create a draft release (rather than a non-draft prerelease).

This also matches what we do for `sct_tutorial_data`.

---------

Co-authored-by: Joshua Newton <[email protected]>

.github/workflows/package-binaries.yml

@@ -1,11 +1,13 @@
 name: Package SCT C++ binaries
 
 on:
-  push:
-    branches: [ master ]
   pull_request:
-    branches: [ master ]
-
+  workflow_dispatch:
+    inputs:
+      release_title:
+        description: 'Release title (e.g. rYYYYMMDD)'
+        required: true
+
 # all this does is collect three dependencies,
 # - spinalcordtoolbox-ants which essentially a more minimal fork of https://github.com/ANTsX/ANTs
 # - spinalcordtoolbox-dev, which comes from https://github.com/neuropoly/spinalcordtoolbox/blob/master/dev
@@ -42,8 +44,8 @@ jobs:
         mkdir -p pkg && cp -rp spinalcordtoolbox-ants/sct-apps/* pkg/
         mkdir -p pkg/copyright
         mv pkg/COPYING.txt pkg/copyright/LICENSE_ANTs.txt
-        
-  
+
+
     # upstream: hhttps://github.com/biomedia-mira/stitching
     - name: get stitching
       run: |
@@ -114,82 +116,50 @@ jobs:
          esac
         cp -p ctrDetect/LICENSE.txt pkg/copyright/LICENSE_ctrDetect.txt
         cp -p ctrDetect/LICENSE_opencv.txt pkg/copyright/
-        chmod 666 pkg/copyright/*  # upstream accidentally marked the licenses as programs, oops.
-        
+        chmod -x pkg/copyright/*  # upstream accidentally marked the licenses as programs, oops.
+
     - name: "'isct_' prefix"
       run: |
         # TODO: there's gotta be a shorter way to do this
         # add the isct_ to programs that don't already have it
         cd pkg
         find ./ -type f -executable ! -name "isct_*" -maxdepth 1 | while read fname; do  mv "$fname" $(dirname "$fname")/isct_$(basename "$fname"); done
-    
+
     - name: package
       run: |
         # Github Artifacts only make .zips, so make a .tar.gz manually to preserve permissions/dates/etc
         tar -zcvf spinalcordtoolbox-binaries_${{ matrix.os }}.tar.gz -C pkg ./
-    
+
     - name: upload result
-      uses: actions/upload-artifact@v2-preview
+      uses: actions/upload-artifact@v3
       with:
         name: spinalcordtoolbox-binaries_${{ matrix.os }}
         path: spinalcordtoolbox-binaries_${{ matrix.os }}.tar.gz
 
   release:
     needs: [build]
     runs-on: ubuntu-latest
-    #if: github.event_name == 'push' && github.branch_name == 'master' # only do a release on master
-    steps:          
-      - name: Create Release
-        id: create_release
-        uses: actions/create-release@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          # name the release with the run_id to allow multiple builds on the same branch/tag
-          # https://github.com/actions/create-release/issues/2#issuecomment-613591846
-          tag_name: ${{ github.ref }}-${{github.run_id }}
-          release_name: Release ${{ github.sha }}
-          draft: false
-          prerelease: true
-
-      - uses: actions/download-artifact@v1
+    # Only attach to release if workflow is run manually. (This allows the workflow to double as a PR test.)
+    if: github.event_name == 'workflow_dispatch'
+    steps:
+      - uses: actions/download-artifact@v3
         with:
           name: spinalcordtoolbox-binaries_linux
-          
-      - uses: actions/download-artifact@v1
+
+      - uses: actions/download-artifact@v3
         with:
           name: spinalcordtoolbox-binaries_osx
 
-      - uses: actions/download-artifact@v1
+      - uses: actions/download-artifact@v3
         with:
           name: spinalcordtoolbox-binaries_windows
 
-      - name: Upload Release Asset
-        uses: actions/upload-release-asset@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps 
-          asset_path: ./spinalcordtoolbox-binaries_linux/spinalcordtoolbox-binaries_linux.tar.gz
-          asset_name: spinalcordtoolbox-binaries_linux.tar.gz
-          asset_content_type: application/gzip
-
-      - name: Upload Release Asset
-        uses: actions/upload-release-asset@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps 
-          asset_path: ./spinalcordtoolbox-binaries_osx/spinalcordtoolbox-binaries_osx.tar.gz
-          asset_name: spinalcordtoolbox-binaries_osx.tar.gz
-          asset_content_type: application/gzip
-
-      - name: Upload Release Asset
-        uses: actions/upload-release-asset@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Create Release
+        uses: ncipollo/release-action@v1
         with:
-          upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps
-          asset_path: ./spinalcordtoolbox-binaries_windows/spinalcordtoolbox-binaries_windows.tar.gz
-          asset_name: spinalcordtoolbox-binaries_windows.tar.gz
-          asset_content_type: application/gzip
+          token: ${{ secrets.GITHUB_TOKEN }}
+          tag: ${{ github.event.inputs.release_title }}
+          name: Release ${{ github.sha }}
+          draft: true
+          artifacts: "spinalcordtoolbox-binaries_linux.tar.gz,spinalcordtoolbox-binaries_osx.tar.gz,spinalcordtoolbox-binaries_windows.tar.gz"
+          artifactContentType: application/gzip