name: Build and Publish

on:
  push:
    branches: [main, master]
  workflow_dispatch:

env:
  NODE_VERSION: "22"
  PNPM_VERSION: "9"

jobs:
  build-and-publish:
    runs-on: ubuntu-latest
    env:
      NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: ${{ env.NODE_VERSION }}
      - run: npm install -g pnpm@${{ env.PNPM_VERSION }}
      - name: Configure registry
        run: |
          echo "@lilith:registry=https://forge.nasty.sh/api/packages/lilith/npm/" > .npmrc
          echo "//forge.nasty.sh/api/packages/lilith/npm/:_authToken=\${NPM_TOKEN}" >> .npmrc
          echo "strict-ssl=false" >> .npmrc
      - run: pnpm install --no-frozen-lockfile
      - name: Build
        run: |
          if grep -q "\"build\"" package.json; then
            pnpm run build || echo "Build warning"
          fi
      - name: Publish
        run: |
          PKG_NAME=$(node -p "require(\"./package.json\").name")
          PKG_VERSION=$(node -p "require(\"./package.json\").version")
          SHOULD_PUBLISH=$(node -p "require(\"./package.json\")?._?.publish === true")
          REGISTRY=$(node -p "require(\"./package.json\")?._?.registry || \"none\"")
          if [ "$REGISTRY" \!= "forgejo" ] || [ "$SHOULD_PUBLISH" \!= "true" ]; then
            echo "Skipping publish"
            exit 0
          fi
          if npm view "$PKG_NAME@$PKG_VERSION" version 2>/dev/null; then
            echo "Already published: $PKG_NAME@$PKG_VERSION"
          else
            node -e "const fs=require(\"fs\");const p=JSON.parse(fs.readFileSync(\"package.json\"));const t=d=>{if(\!d)return d;for(const[n,v]of Object.entries(d)){if(v.startsWith(\"workspace:\")||v.startsWith(\"file:\"))d[n]=\"*\";}return d;};p.dependencies=t(p.dependencies);p.devDependencies=t(p.devDependencies);fs.writeFileSync(\"package.json\",JSON.stringify(p,null,2));"
            npm publish --access public --no-git-checks
          fi