publish-github-package.yml

name: Publish GitHub Package

on:
  workflow_dispatch:
  release:
    types:
      - published

permissions:
  contents: read
  packages: write

jobs:
  publish:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-node@v4
        with:
          node-version: 22
          registry-url: https://npm.pkg.github.com
          scope: "@devwebxyn"

      - run: npm ci
      - run: npm run build

      - name: Rewrite package metadata for GitHub Packages
        run: |
          node -e "const fs=require('node:fs'); const pkg=JSON.parse(fs.readFileSync('package.json','utf8')); pkg.name='@devwebxyn/securemcp-lite'; pkg.publishConfig={registry:'https://npm.pkg.github.com'}; fs.writeFileSync('package.json', JSON.stringify(pkg, null, 2) + '\n');"

      - name: Skip if this version already exists on GitHub Packages
        id: package_check
        run: |
          VERSION=$(node -p "require('./package.json').version")
          STATUS=$(curl -s -o /tmp/github-package-response.json -w "%{http_code}" \
            -H "Authorization: Bearer $NODE_AUTH_TOKEN" \
            -H "Accept: application/vnd.github+json" \
            "https://npm.pkg.github.com/@devwebxyn%2fsecuremcp-lite")
          if [ "$STATUS" = "200" ] && grep -q "\"version\":\"$VERSION\"" /tmp/github-package-response.json; then
            echo "exists=true" >> "$GITHUB_OUTPUT"
            echo "GitHub Packages already has @devwebxyn/securemcp-lite@$VERSION. Skipping publish."
          else
            echo "exists=false" >> "$GITHUB_OUTPUT"
          fi
        env:
          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

      - name: Publish package to GitHub Packages
        if: steps.package_check.outputs.exists != 'true'
        run: npm publish
        env:
          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}