name: Publish Package to PyPI

on:
  push:
    tags:
      - "v*" # Triggers on tags like v1.2.3

  workflow_dispatch: # Enables manual runs

jobs:
  checks:
    uses: ./.github/workflows/checks.yml

  publish:
    name: Build and publish package to PyPI
    runs-on: ubuntu-latest
    needs: [checks] # Run checks before publishing

    # This ties the job to a protected environment.
    environment:
      name: production # Ensure this environment is configured in your repo settings with required reviewers

    steps:
      - name: Check out code
        uses: actions/checkout@v4

      - name: Install uv
        uses: astral-sh/setup-uv@v3

      - name: "Set up Python"
        uses: actions/setup-python@v5
        with:
          python-version-file: ".python-version"

      - name: Install the project
        run: |
          uv venv .venv
          source .venv/bin/activate
          uv pip install -e ".[dev]"

      - name: Build
        run: uv build

      - name: Upload artifacts
        uses: actions/upload-artifact@v4
        with:
          name: release-dists
          path: dist/

      - name: Publish package to PyPI using uv
        env:
          UV_PUBLISH_TOKEN: ${{ secrets.PYPI_API_TOKEN }}
        run: uv publish