name: Publish to npm

on:
  push:
    branches:
      - main
    paths:
      - "apps/cli/**"
      - "packages/**"
  workflow_dispatch:

jobs:
  publish:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Install pnpm
        uses: pnpm/action-setup@v4
        with:
          version: 10.4.1

      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: 20
          registry-url: "https://registry.npmjs.org"
          cache: "pnpm"

      - name: Install dependencies
        run: pnpm install --frozen-lockfile

      - name: Build
        run: pnpm build

      - name: Check if version changed
        id: version-check
        working-directory: apps/cli
        run: |
          PACKAGE_NAME=$(node -p "require('./package.json').name")
          LOCAL_VERSION=$(node -p "require('./package.json').version")
          PUBLISHED_VERSION=$(npm view "$PACKAGE_NAME" version 2>/dev/null || echo "0.0.0")

          if [ "$LOCAL_VERSION" = "$PUBLISHED_VERSION" ]; then
            echo "skip=true" >> "$GITHUB_OUTPUT"
            echo "Version $LOCAL_VERSION is already published, skipping."
          else
            echo "skip=false" >> "$GITHUB_OUTPUT"
            echo "Publishing $LOCAL_VERSION (current: $PUBLISHED_VERSION)"
          fi

      - name: Publish to npm
        if: steps.version-check.outputs.skip != 'true'
        working-directory: apps/cli
        run: pnpm publish --no-git-checks --access public
        env:
          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
