.github/workflows/ci.yml

name: CI

on:
  pull_request:
  push:
    branches:
      - main

jobs:
  build-test:
    name: Build and test

    runs-on: ${{ matrix.os }}

    strategy:
      fail-fast: false
      matrix:
        os:
          - macos-latest
          - ubuntu-latest
          - windows-latest
        node-version:
          - 18
          - 20
          - 22

    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Use Node ${{ matrix.node-version }}
        uses: actions/setup-node@v3
        with:
          node-version: ${{ matrix.node-version }}

      - uses: actions/cache@v4
        with:
          key: ${{ matrix.os }}-modules-${{ hashFiles('**/package-lock.json') }}
          path: '**/node_modules'
          restore-keys: |
            ${{ matrix.os }}-modules-

      - name: Install
        run: npm install --prefer-offline

      - name: Build
        run: |
          npm run build

      - name: Lint
        run: npm run lint

      - name: Test
        run: npm run test

      #       - name: Generate code coverage
      #         if: success() && github.ref == 'refs/heads/main' && ${{ matrix.os }} == 'ubuntu-latest' && 16 == ${{ matrix.node-version }}
      #         uses: paambaati/codeclimate-action@v5.0.0
      #         env:
      #           CC_TEST_REPORTER_ID: b4ef7769e0f8f04456e8e1168b4beb44561bd5ce9ca216458a164e19c4cf7308
      #         with:
      #           coverageCommand: npm run coverage
      #           debug: true

  release:
    name: Release
    needs: build-test
    if: github.ref == 'refs/heads/main'
    runs-on: ubuntu-latest
    permissions:
      contents: write # to be able to publish a GitHub release
      issues: write # to be able to comment on released issues
      pull-requests: write # to be able to comment on released pull requests
      id-token: write # to enable use of OIDC for npm provenance

    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Use Node
        uses: actions/setup-node@v4
        with:
          node-version-file: .tool-versions

      - name: Install dependencies
        run: npm clean-install

      - name: Verify the integrity of provenance attestations and registry signatures for installed dependencies
        run: npm audit signatures

      - name: Build
        run: |
          npm run build
          rm -rf bin

      - name: Release
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
        run: npm run semantic-release