client-base/.forgejo/workflows/publish.yml

name: Build and Publish

on:
  push:
    branches: [main, master]
  workflow_dispatch:

env:
  NODE_VERSION: '22'

jobs:
  build-and-publish:
    runs-on: ubuntu-latest
    env:
      NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: ${{ env.NODE_VERSION }}

      - name: Setup bun
        run: npm install -g bun

      - name: Configure registry
        run: |
          echo "@lilith:registry=https://forge.nasty.sh/api/packages/lilith/npm/" > .npmrc
          echo "//forge.nasty.sh/api/packages/lilith/npm/:_authToken=${NPM_TOKEN}" >> .npmrc
          echo "strict-ssl=false" >> .npmrc

      - name: Transform workspace deps
        run: |
          node -e "
            const fs = require('fs');
            const pkg = JSON.parse(fs.readFileSync('package.json', 'utf8'));
            const transform = (deps) => {
              if (!deps) return deps;
              for (const [k, v] of Object.entries(deps)) {
                if (v.startsWith('workspace:') || v.startsWith('file:')) deps[k] = '*';
              }
              return deps;
            };
            pkg.dependencies = transform(pkg.dependencies);
            pkg.devDependencies = transform(pkg.devDependencies);
            pkg.peerDependencies = transform(pkg.peerDependencies);
            fs.writeFileSync('package.json', JSON.stringify(pkg, null, 2) + '\n');
          "

      - name: Install
        run: NODE_TLS_REJECT_UNAUTHORIZED=0 bun install --no-frozen-lockfile

      - name: Build
        run: bun run build

      - name: Publish
        run: |
          PKG_NAME=$(node -p "require('./package.json').name")
          PKG_VERSION=$(node -p "require('./package.json').version")
          SHOULD_PUBLISH=$(node -p "require('./package.json')?._?.publish === true")
          REGISTRY=$(node -p "require('./package.json')?._?.registry || 'none'")

          if [ "$REGISTRY" != "forgejo" ] || [ "$SHOULD_PUBLISH" != "true" ]; then
            echo "Skipping: not configured for forgejo publish"
            exit 0
          fi

          if npm view "$PKG_NAME@$PKG_VERSION" version 2>/dev/null; then
            echo "Already published: $PKG_NAME@$PKG_VERSION"
          else
            echo "Publishing $PKG_NAME@$PKG_VERSION..."
            npm publish --access public --no-git-checks
          fi