name: Release

on:
  release:
    types: [published]

concurrency:
  group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
  cancel-in-progress: true

permissions:
  contents: read
  # https://docs.npmjs.com/generating-provenance-statements#publishing-packages-with-provenance-via-github-actions
  id-token: write

env:
  CI: true

jobs:
  build:
    runs-on: ubuntu-latest

    strategy:
      matrix:
        node-version: [18]

    steps:
      - uses: actions/checkout@v3

      - name: Use Node.js ${{ matrix.node-version }}
        uses: actions/setup-node@v3
        with:
          node-version: ${{ matrix.node-version }}
          registry-url: 'https://registry.npmjs.org'

      - name: Use cached node_modules
        id: cache
        uses: actions/cache@v3
        with:
          path: '**/node_modules'
          key: ${{ runner.os }}-${{ env.NODE_VERSION }}-modules-${{ hashFiles('**/package-lock.json') }}
          restore-keys: |
            nodeModules-

      - name: Install dependencies
        run: npm ci
        env:
          CI: true

      - name: Test
        run: |
          npm run test || npm run test || npm run test || exit 1
        env:
          CI: true

      - name: Calculate environment variables
        run: |
          echo "TAG_NAME=${{ github.event.tag_name }}" >> $GITHUB_ENV
          echo "RELEASE_CHANNEL=$(npm run release-channel $TAG_NAME --silent)" >> $GITHUB_ENV
          echo "PACKAGE_PATH=$(npm run package-path $TAG_NAME --silent)" >> $GITHUB_ENV

      - name: Publish
        run: npm publish ${{ env.PACKAGE_PATH }} --provenance --tag ${{ env.RELEASE_CHANNEL }}
        env:
          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}