authentik/.github/workflows/packages-npm-publish.yml

---
name: Packages - Publish NPM packages

on:
  push:
    branches: [main]
    paths:
      - packages/tsconfig/**
      - packages/eslint-config/**
      - packages/prettier-config/**
      - packages/docusaurus-config/**
      - packages/esbuild-plugin-live-reload/**
  workflow_dispatch:

permissions:
  # Required for NPM OIDC trusted publisher
  id-token: write
  contents: read

jobs:
  publish:
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        package:
          # The order of the `*config` packages should not be changed, as they depend on each other.
          - packages/tsconfig
          - packages/eslint-config
          - packages/prettier-config
          - packages/docusaurus-config
          - packages/logger-js
          - packages/esbuild-plugin-live-reload
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v5
        with:
          fetch-depth: 2
      - uses: ./.github/actions/setup-node
        with:
          working-directory: ${{ matrix.package }}
      - name: Get changed files
        id: changed-files
        uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 # 24d32ffd492484c1d75e0c0b894501ddb9d30d62
        with:
          files: |
            ${{ matrix.package }}/package.json
      - name: Publish package
        if: steps.changed-files.outputs.any_changed == 'true'
        working-directory: ${{ matrix.package }}
        run: |
          corepack npm ci
          corepack npm run build
          corepack npm publish