name: Publish

on:
  release:
    types: [created]

jobs:
  publish-npm:
    name: Publish to npm
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    steps:
      - uses: actions/checkout@v3
      - uses: actions/setup-node@v3
        with:
          node-version: 18
          registry-url: https://registry.npmjs.org/
          cache: npm
      - run: npm install -g npm@latest
      - run: npm i
      - run: npm test
      - run: npm version ${TAG_NAME} --git-tag-version=false
        env:
          TAG_NAME: ${{ github.event.release.tag_name }}
      - run: npm whoami; npm --ignore-scripts publish --provenance --access public
        env:
          NODE_AUTH_TOKEN: ${{secrets.npm_token}}