Run non-deploy portions of release workflow when CI workflow runs (#1529)

* Run non-deploy portions of release workflow when CI workflow runs

* Add step that verifies release artifact counts

* Don't run release for Dependabot

* Skip building Windows image if not a tag

Author: bording

.github/workflows/release.yml

@@ -1,18 +1,28 @@
 name: Release
 on:
   push:
+    branches:
+      - master
+      - release-*
     tags:
       - '[0-9]+.[0-9]+.[0-9]+'
       - '[0-9]+.[0-9]+.[0-9]+-*'
+  pull_request:
   workflow_dispatch:
 env:
   DOTNET_NOLOGO: true
 jobs:
   release:
+    if: ${{ github.actor != 'dependabot[bot]' }}
     runs-on: windows-2022
     outputs:
       version: ${{ steps.save-version.outputs.version }}
     steps:
+      - name: Check for secrets
+        env:
+          SECRETS_AVAILABLE: ${{ secrets.SECRETS_AVAILABLE }}
+        shell: pwsh
+        run: exit $(If ($env:SECRETS_AVAILABLE -eq 'true') { 0 } Else { 1 })
       - name: Checkout
         uses: actions/[email protected]
         with:
@@ -68,7 +78,28 @@ jobs:
             assets/*
             nugets/*
           retention-days: 1
+      - name : Verify release artifact counts
+        shell: pwsh
+        run: |
+          $assetsCount = (Get-ChildItem -Recurse -File assets).Count
+          $nugetsCount =  (Get-ChildItem -Recurse -File nugets).Count
+
+          $expectedAssetsCount = 1
+          $expectedNugetsCount = 1
+
+          if ($assetsCount -ne $expectedAssetsCount)
+          {
+              Write-Host Assets: Expected $expectedAssetsCount but found $assetsCount
+              exit -1
+          }
+
+          if ($nugetsCount -ne $expectedNugetsCount)
+          {
+              Write-Host Nugets: Expected $expectedNugetsCount but found $nugetsCount
+              exit -1
+          }
       - name: Deploy
+        if: ${{ github.event_name == 'push' && github.ref_type == 'tag' }}
         uses: Particular/[email protected]
         with:
           octopus-deploy-api-key: ${{ secrets.OCTOPUS_DEPLOY_API_KEY }}
@@ -86,6 +117,11 @@ jobs:
             dockerfile: dockerfile.nginx
       fail-fast: false
     steps:
+      - name: Check for secrets
+        env:
+          SECRETS_AVAILABLE: ${{ secrets.SECRETS_AVAILABLE }}
+        shell: pwsh
+        run: exit $(If ($env:SECRETS_AVAILABLE -eq 'true') { 0 } Else { 1 })
       - name: Checkout
         uses: actions/[email protected]
       - name: Add NODE_OPTIONS to ENVVARS # Must do this after checkout as checkout uses node v16 which will cause this to fail
@@ -103,13 +139,16 @@ jobs:
           $filename = "src/ServicePulse.Host/app/js/app.constants.js"
           (Get-Content $filename).replace("1.2.0", "${{ needs.release.outputs.version }}") | Set-Content $filename
         shell: pwsh
+      - name: Build Docker image
+        if: ${{ matrix.image-name == 'servicepulse' || (github.event_name == 'push' && github.ref_type == 'tag') }}
+        run: docker build -t particular/${{ matrix.image-name }}:${{ needs.release.outputs.version }} -f ${{ matrix.dockerfile }} .
+        working-directory: src
       - name: Login to Docker Hub
+        if: ${{ github.event_name == 'push' && github.ref_type == 'tag' }}
         uses: docker/[email protected]
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - name: Build Docker image
-        run: docker build -t particular/${{ matrix.image-name }}:${{ needs.release.outputs.version }} -f ${{ matrix.dockerfile }} .
-        working-directory: src
       - name: Push Docker image
+        if: ${{ github.event_name == 'push' && github.ref_type == 'tag' }}
         run: docker push particular/${{ matrix.image-name }}:${{ needs.release.outputs.version }}