OnionShare in Qubes-Whonix 14
@Patrick - please point out the faults in this method below if it is unsafe or not canonical.
Building OnionShare from Source
Whonix recommends against APT pinning because it has previously broken functionality. For example, on one occasion templates thought they were not connected to Whonix Gateway; see Dev/APT Pinning - Kicksecure.
Therefore, this procedure builds OnionShare from source code based on Micah Lee’s instructions; see https://github.com/micahflee/onionshare/blob/master/BUILD.md#gnulinux
To install OnionShare in Whonix 14:
1. Create an anon-onionshare AppVM based on the whonix-ws (14) template.
2. Open a terminal and navigate to the persistent home directory; this avoids polluting the TemplateVM upon which it is based.
cd /home/user
3. Install git which is not available by default in the AppVM.
sudo apt-get install git
4. Clone the OnionShare directory.
git clone GitHub - onionshare/onionshare: Securely and anonymously share files, host websites, and chat with friends using the Tor network
5. Change into the OnionShare directory.
cd onionshare
6. Retrieve Micah Lee’s PGP key using the long key ID.
Note: This key ID is taken from www.micahflee.com
gpg --keyserver pool.sks-keyservers.net --recv-keys 0x927F419D7EC82C2F149C1BD1403C2657CD994F73
7. Examine the available git tags, and verify the latest version and its commit (v1.3 at the time of writing). Good signature messages should appear for each verify command below.
git tag
git verify-tag v1.3
git verify-commit v1.3^{commit}
8. Install OnionShare dependencies.
Warning: Do not proceed unless signatures were good for the two git verification steps.
The user must install the following dependencies.
sudo apt install -y build-essential fakeroot python3-all python3-stdeb dh-python python3-flask python3-stem python3-pyqt5 python-nautilus python3-pytest obfs4proxy
9. Extend the onion-grater whitelist on sys-whonix (14).
Steps 9-10 are sourced from http://kkkkkkkkkk63ava6.onion/wiki/File_Sharing#onionshare
In sys-whonix (14), open Konsole and create the following directory.
sudo mkdir -p /usr/local/etc/onion-grater-merger.d/
Symlink the onion-grater profile to the onion-grater settings folder.
sudo ln -s /usr/share/onion-grater-merger/examples/40_onionshare.yml /usr/local/etc/onion-grater-merger.d/
Restart onion-grater.
sudo service onion-grater restart
10. Modify the anon-onionshare user firewall settings and reload them.
In Konsole, first make sure the folder /rw/config/whonix_firewall.d exists.
sudo mkdir -p /rw/config/whonix_firewall.d
Create the necessary user.conf file.
sudo nano /etc/whonix_firewall.d/50_user.conf
Add ports that are required by OnionShare.
EXTERNAL_OPEN_PORTS+=" $(seq 17600 17659) "
Save and exit.
11. Start the OnionShare GUI in anon-onionshare.
./dev_scripts/onionshare-gui
12. Select the settings button/icon (cog symbol) in the OnionShare GUI.
Under “How should OnionShare connect to Tor?” select “Connect using socket file”, and set the socket file to /var/run/tor/control.
Under “Tor authentication options” select “No authentication, or cookie authentication”.
13. Test the OnionShare settings.
Click the “Test Settings” button. If all steps were completed correctly, Tor will successfully connect.
The GUI should say it supports both ephemeral onion services and stealth onion services.
Check “Create stealth onion services” to make OnionShare operations more secure.
Actual Test
After doing all these steps above, it worked! 
I was able to share a dummy file with one sentence of text in it, that was made available at a random onion address.
The same instructions can be used for non-Qubes-Whonix, except each instance of sys-whonix and anon-onionshare is substituted with Whonix-Gateway and Whonix-Workstation instead.
Conclusion
OnionShare, a piece of cake in Whonix 
AppArmor Consideration
@Troubadour - what about the possibility of implementing this OnionShare AppArmor profile in Whonix?
Improve AppArmor profiles and enforce them. · onionshare/onionshare@6cceac3 · GitHub
Could use some ideas.
