.github/workflows/publish.yml

name: Publish Package

on:
  release:
    types: [published]
  workflow_dispatch:

# First we will publish the package to GitHub packages then later to NPM,
# so that it is updated on both, but registers download analytics only on NPM.
jobs:
  publish-gh-packages:
    name: Publish package to GitHub Packages
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write

    steps:
      - uses: actions/checkout@v4

      # Setup .npmrc file to publish to GitHub Packages
      - name: Setup Web environment
        uses: actions/setup-node@v4
        with:
          node-version: '20'
          registry-url: 'https://npm.pkg.github.com'
          cache: 'yarn'

      - name: Install packages
        run: yarn install --frozen-lockfile

      - name: Build the plugin
        run: yarn build

      - name: Publish Package
        run: npm publish
        env:
          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

  publish-npmjs:
    name: Publish package to npmjs
    runs-on: ubuntu-latest
    needs: publish-gh-packages
    permissions:
      id-token: write

    steps:
      - uses: actions/checkout@v4

      # Setup .npmrc file to publish to npm
      - name: Setup Web environment
        uses: actions/setup-node@v4
        with:
          node-version: '20'
          registry-url: 'https://registry.npmjs.org'
          cache: 'yarn'

      - name: Install packages
        run: yarn install --frozen-lockfile

      - name: Build the plugin
        run: yarn build

      - name: Publish Package
        run: npm publish --provenance
        env:
          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}