name: release

on:
  push:
    tags:
      - v*

jobs:
  check_branch:
    runs-on: ubuntu-latest
    outputs:
      should_build: ${{ steps.permitted.outputs.result }}

    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Fetch remote branches
        run: |
          git fetch origin --depth=1

      - name: Check if on permitted branch
        id: permitted
        run: |
          result=
          if git branch -a --contains $GITHUB_SHA | grep -q 'remotes/origin/master$'; then
            result=true
          elif git branch -a --contains $GITHUB_SHA | grep -q 'remotes/origin/.*-release$'; then
            result=true
          fi
          echo "result=${result}" >> "$GITHUB_OUTPUT"

  release:
    runs-on: ubuntu-22.04
    needs: check_branch
    permissions:
      contents: write

    if: ${{ github.repository_owner == 'visgl' && needs.check_branch.outputs.should_build }}

    env:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      NPM_ACCESS_TOKEN: ${{ secrets.NPM_ACCESS_TOKEN }}

    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Setup Node.js
        uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
        with:
          node-version-file: '.nvmrc'
          cache: 'yarn'

      - name: Enable Corepack
        run: corepack enable yarn

      - name: Install dependencies
        run: yarn

      - name: Build packages
        run: yarn build
      
      - name: Run tests from transpiled code
        run: npx ocular-test dist

      - name: Login to NPM
        run: npm config set "//registry.npmjs.org/:_authToken=${NPM_ACCESS_TOKEN}"

      - name: Publish to NPM
        run: npx ocular-publish from-git