Fix/manual release per platform

.github/workflows/manual-release.yml

@@ -6,8 +6,8 @@ env:
 
 on:
   push:
-    tags:
-      - v*
+    branches:
+      - fix/manual_release_per_platform
 permissions:
   contents: read
 
@@ -21,14 +21,6 @@ jobs:
           node-version-file: '.nvmrc'
       - uses: ./.github/actions/verify-version
         id: verify-version
-      - name: Verify tag matches version
-        run: |
-          VERSION=${{ steps.verify-version.outputs.version }}
-          TAG_VERSION=${GITHUB_REF#refs/tags/v}
-          if [ "$VERSION" != "$TAG_VERSION" ]; then
-            echo "Error: Package version ($VERSION) does not match tag version ($TAG_VERSION)"
-            exit 1
-          fi
       - name: Determine Oclif channel
         id: determine-oclif-channel
         run: |
@@ -40,7 +32,7 @@ jobs:
           elif [[ "$VERSION" == *"-next"* ]]; then
             echo "oclif_channel=next" >> $GITHUB_OUTPUT
           else
-            echo "oclif_channel=latest" >> $GITHUB_OUTPUT
+            echo "oclif_channel=stable" >> $GITHUB_OUTPUT
           fi
     outputs:
       version: ${{ steps.verify-version.outputs.version }}
@@ -62,12 +54,21 @@ jobs:
       - run: npm test
       - run: npm run test:e2e
 
-  upload-assets:
-    runs-on: ubuntu-latest
+  build-standalone:
+    name: Build Standalone (${{ matrix.target }})
     needs: [check-version, test]
-    permissions:
-      contents: write
-      id-token: write
+    runs-on: ${{ matrix.os }}
+
+    strategy:
+      matrix:
+        include:
+          - os: ubuntu-latest
+            target: linux-x64
+          - os: macos-latest
+            target: darwin-arm64
+          - os: windows-latest
+            target: win32-x64
+
     steps:
       - uses: actions/checkout@v6
       - uses: actions/setup-node@v6
@@ -79,139 +80,62 @@ jobs:
       - run: npm ci
       - run: npm run build
 
-      # Build platform-specific tarballs
-      - name: Install linux toolchain
+      - name: Pack standalone
+        shell: bash
         run: |
-          sudo apt update
-          sudo apt install nsis p7zip-full p7zip-rar -y
+          npx oclif pack tarballs \
+            --targets=${{ matrix.target }} \
+            --no-xz
 
-      - name: Build all tarballs in parallel
-        run: |
-          npx oclif pack tarballs --targets=linux-x64,win32-x64,darwin-arm64 --no-xz --parallel
+      - uses: actions/upload-artifact@v4
+        with:
+          name: standalone-${{ matrix.target }}
+          path: dist/*.tar.gz
 
-      # Create GitHub Release (draft - will be published manually from GitHub UI or CLI)
-      - name: Create GitHub Release
-        run: |
-          gh release create v${{ needs.check-version.outputs.version }} \
-            --title "Release v${{ needs.check-version.outputs.version }} ${{ needs.check-version.outputs.oclif_channel == 'latest' && 'Latest' || needs.check-version.outputs.oclif_channel }}" \
-            --generate-notes \
-            --draft \
-            --prerelease=${{ needs.check-version.outputs.oclif_channel != 'latest' }} \
-            dist/*.tar.gz
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      # S3 Distribution
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v5
+  upload-and-promote:
+    runs-on: ubuntu-latest
+    needs: [check-version, build-standalone]
+
+    steps:
+      - uses: actions/download-artifact@v4
         with:
-          role-to-assume: ${{ vars.aws_oidc_role_arn }}
-          role-session-name: herodevs_cli_upload
-          aws-region: ${{ vars.AWS_REGION }}
+          path: dist
 
+      - name: Flatten artifacts
+        run: |
+          mkdir final-dist
+          find dist -name "*.tar.gz" -exec mv {} final-dist/ \;
 
-      - name: Upload and promote to S3
+      - name: '[STUB] Create GitHub Release (draft)'
         run: |
-          # Enable oclif debug logging
-          export DEBUG=oclif:*
+          echo "STUB: Would create GH release v${{ needs.check-version.outputs.version }}"
+          ls -lh final-dist/
 
-          # Upload tarballs
-          npx oclif upload tarballs \
-            --targets=linux-x64,win32-x64,darwin-arm64 \
-            --no-xz
+      - name: '[STUB] Upload tarballs to S3'
+        run: |
+          echo "STUB: Would upload tarballs to S3 for targets linux-x64,win32-x64,darwin-arm64"
 
-          # Get shortened SHA (first 7 characters)
-          SHORT_SHA=$(echo ${{ github.sha }} | cut -c1-7)
-          echo "Using shortened SHA: $SHORT_SHA"
+      - name: '[STUB] Promote channel'
+        run: |
+          echo "STUB: Would promote channel=${{ needs.check-version.outputs.oclif_channel }} version=${{ needs.check-version.outputs.version }}"
 
-          # Promote to channel
-          npx oclif promote \
-            --channel=${{ needs.check-version.outputs.oclif_channel }} \
-            --version=${{ needs.check-version.outputs.version }} \
-            --sha=$SHORT_SHA \
-            --indexes \
-            --targets=linux-x64,win32-x64,darwin-arm64 \
-            --ignore-missing
+      - name: '[STUB] Verify channel pointer'
+        run: |
+          echo "STUB: Would verify channel pointer for ${{ needs.check-version.outputs.oclif_channel }}"
 
   npm-publish:
     runs-on: ubuntu-latest
-    needs: [check-version, test, upload-assets]
-    permissions:
-      id-token: write
+    needs: [check-version, test, upload-and-promote]
     steps:
-      - uses: actions/checkout@v6
-      - uses: actions/setup-node@v6
-        with:
-          node-version-file: '.nvmrc'
-          registry-url: 'https://registry.npmjs.org'
-
-      # Clean build for npm publishing
-      - run: npm ci
-      - run: npm run build
-
-      # Dry run NPM publish
-      - name: Dry run NPM publish
-        run: npm publish --tag ${{ needs.check-version.outputs.oclif_channel }} --provenance --access public --dry-run
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.HD_CLI_NPM_TOKEN }}
-
-      # NPM Release
-      - name: Create NPM release
-        run: npm publish --tag ${{ needs.check-version.outputs.oclif_channel }} --provenance --access public
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.HD_CLI_NPM_TOKEN }}
+      - name: '[STUB] NPM publish'
+        run: |
+          echo "STUB: Would publish to npm with tag=${{ needs.check-version.outputs.oclif_channel }}"
 
   publish-images:
     name: Publish Images
     needs: [npm-publish]
     runs-on: ubuntu-latest
-    permissions:
-      packages: write
     steps:
-      - uses: actions/checkout@v6
-
-      - uses: jlumbroso/free-disk-space@main
-        with:
-          tool-cache: true
-          large-packages: true
-          haskell: false
-          docker-images: false
-          swap-storage: false
-
-      - name: Set up Node
-        uses: actions/setup-node@v6.1.0
-        with:
-          node-version-file: '.nvmrc'
-
-      - name: Parse tag
-        run: echo "VERSION=${{ github.ref_name }}" >> $GITHUB_ENV
-
-      - uses: docker/metadata-action@v5
-        id: meta
-        with:
-          images: |
-            name=${{ env.IMAGE_NAME }}
-          tags: |
-            type=sha,format=long
-            type=raw,value=latest
-            type=raw,value=${{ env.VERSION }}
-
-      - uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - uses: docker/setup-buildx-action@v3
-      - uses: docker/build-push-action@v6
-        with:
-          context: . 
-          file: ./ci/image.Dockerfile
-          platforms: linux/amd64,linux/arm64
-          push: true
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
-          build-args: |
-            VERSION=${{ needs.check-version.outputs.version }}
+      - name: '[STUB] Publish Docker images'
+        run: |
+          echo "STUB: Would build and push Docker images to ghcr.io"