name: Security/Push - Publish

on:
  push:
    branches:
      - main
      - development
    paths:
      - 'packages/security/**'
      - '.github/workflows/package-security-push-publish.yml'
      - 'yarn.lock'
  pull_request:
    branches:
      - main
      - development
    paths:
      - 'packages/security/**'
      - '.github/workflows/package-security-push-publish.yml'
      - 'yarn.lock'

jobs:
  test-and-publish:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
        with:
          submodules: recursive

      - uses: actions/setup-node@v2
        with:
          node-version: 16
          cache: 'yarn'

      - name: Install `packages`
        run: yarn install
        env:
          YARN_CHECKSUM_BEHAVIOR: update

      - name: Build `security`
        run: yarn build:security

      - name: Lint `security`
        run: yarn workspace @ionicprotocol/security lint

      - name: Test `security`
        run: yarn workspace @ionicprotocol/security test

      - uses: JS-DevTools/npm-publish@v1
        if: github.ref == 'refs/heads/main'
        with:
          token: ${{ secrets.NPM_TOKEN }}
          tag: ${{env.GITHUB_REF_NAME == 'main' && 'latest' || 'beta'}}
          access: 'public'
          package: './packages/security/package.json'