name: Publish to NPM Registry

on:
  push:
    branches:
      - main

jobs:
  publish:
    runs-on: self-hosted

    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Install pnpm
        uses: pnpm/action-setup@v4
        with:
          version: 10

      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: "lts/*"
          registry-url: "https://registry.npmjs.org/"

      - name: Install dependencies
        run: pnpm i

      - name: Build package
        run: pnpm run build

      - name: Run audit on signatures
        run: npm audit signatures

      - name: Publish to NPM
        run: npm publish --access public
        env:
          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
          NPM_TOKEN: ${{secrets.NPM_TOKEN}}
          NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
        # run: npx semantic-release