name: Build and release

on:
  push:
    branches:
      - main
  pull_request:
    types:
      - opened
      - synchronize

env:
  environment: test
  release_channel: latest
  DO_NOT_TRACK: "1"
  NODE_VERSION: "23.x"
  NODE_REGISTRY: "https://registry.npmjs.org"
  NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
  DOCKER_REGISTRY: ghcr.io
  IMAGE_NAME: ${{ github.repository }}

permissions:
  contents: read
  packages: read

jobs:
  build:
    name: Build
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-node@v4
        with:
          node-version: "${{ env.NODE_VERSION }}"
          registry-url: "${{ env.NODE_REGISTRY }}"

      - uses: pnpm/action-setup@v4
        name: Install pnpm
        with:
          version: 10.6.0
          run_install: false

      - name: Get pnpm store directory
        shell: bash
        run: |
          echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV

      - uses: actions/cache@v4
        name: Setup pnpm cache
        with:
          path: ${{ env.STORE_PATH }}
          key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
          restore-keys: |
            ${{ runner.os }}-pnpm-store-

      - name: Install dependencies
        run: pnpm install
        env:
          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

      - name: Build
        run: pnpm build

      # - name: Run tests
      #   run: pnpm test

      - uses: actions/upload-artifact@v4
        with:
          name: lib
          retention-days: 5
          path: |
            dist
            README.md

  update-release-draft:
    name: Update release drafter
    if: github.ref == 'refs/heads/main'
    permissions:
      contents: write
      pull-requests: write
    needs: build
    environment: release
    runs-on: ubuntu-latest
    steps:
      - uses: release-drafter/release-drafter@v6
        with:
          config-name: release-drafter-config.yml
          publish: true
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

  release:
    permissions:
      contents: read
      packages: write
      attestations: write
      id-token: write
      pages: write
    name: Release
    if: github.ref == 'refs/heads/main'
    runs-on: ubuntu-latest
    needs: update-release-draft
    environment: release
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - uses: actions/setup-node@v4
        with:
          node-version: "${{ env.NODE_VERSION }}"
          registry-url: "${{ env.NODE_REGISTRY }}"

      - uses: pnpm/action-setup@v4
        name: Install pnpm
        with:
          version: 10.6.0
          run_install: false

      - name: Install dependencies
        run: pnpm install
        env:
          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

      - uses: actions/download-artifact@v4
        with:
          name: lib
          path: ./

      - run: |
          git config user.name "Github Actions Bot"
          git config user.email "<>"
          node ./scripts/set-version.mjs $(git describe --tag --abbrev=0)
          pnpm publish --no-git-checks --access public
        env:
          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}