name: Build & Publish NPM Package

on:
  # Allows you to run this workflow manually from the Actions tab
  workflow_dispatch:
    inputs:
      version:
        description: "Version to publish"
        required: true
        type: string
        # Default to truncated commit hash
        default: "0.0.0"
      tag:
        description: "Tag to publish"
        required: true
        type: string
        default: "latest"
      package:
        description: "Package to publish"
        options:
          - federation
          - client
        type: choice
        required: true

permissions:
  contents: read
  # For provenance generation
  id-token: write

jobs:
  # Build job
  build:
    runs-on: ubuntu-latest
    environment: NPM Deploy
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - uses: oven-sh/setup-bun@v1

      - uses: actions/setup-node@v4
        with:
          node-version: "22"
          registry-url: "https://registry.npmjs.org"

      # Code is not minified and bundled anymore
      #- name: Build
      #  run: bun run build

      - name: Change version in package.json to ${{ github.event.inputs.version }}, defaulting to the truncated commit hash
        run: 'sed -i ''s/"version": ".*"/"version": "${{ github.event.inputs.version }}"/'' package.json ${{ github.event.inputs.package }}/package.json ${{ github.event.inputs.package }}/jsr.jsonc'

      - name: Publish to NPM
        run: cd ${{ github.event.inputs.package }} && npm publish --provenance --tag ${{ github.event.inputs.tag }} --access public
        env:
          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

      - name: Publish to JSR
        run: cd ${{ github.event.inputs.package }} && bun install --frozen-lockfile && bunx jsr publish --allow-slow-types --allow-dirty