name: Create Release

on:
  push:
    tags:
      - "*"

jobs:
  build:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          node-version: "lts/*"
          registry-url: "https://registry.npmjs.org/"
        env:
          NODE_AUTH_TOKEN: ${{ secrets.NPM_PUBLISH_TOKEN }}

      - name: Set version number
        id: get_version
        run: |
          version="${{ github.ref_name }}"
          echo "tag=$version" >> $GITHUB_OUTPUT

      - name: Set the version in both packages
        run: |
          npm --no-git-tag-version version ${{ steps.get_version.outputs.tag }} --workspace=packages/safe-chain
          npm --no-git-tag-version version ${{ steps.get_version.outputs.tag }} --workspace=packages/safe-chain-bun

      - name: Install dependencies
        run: npm ci

      - name: Run tests
        run: npm run test

      - name: Copy documentation files to package
        run: |
          cp README.md packages/safe-chain/
          cp LICENSE packages/safe-chain/
          cp -r docs packages/safe-chain/

      - name: Publish safe-chain to npm
        run: |
          echo "Publishing safe-chain version ${{ steps.get_version.outputs.tag }} to NPM"
          npm publish --workspace=packages/safe-chain --access public
        env:
          NPM_AUTH_TOKEN: ${{ secrets.NPM_PUBLISH_TOKEN }}

      - name: Update safe-chain-bun dependency for publishing
        run: |
          # During development, safe-chain-bun uses "file:../safe-chain" to depend on the local package
          # This works great for local development but breaks when published to npm registry
          # We need to replace it with the actual version number so users can install from npm
          # Changes: "@aikidosec/safe-chain": "file:../safe-chain" → "@aikidosec/safe-chain": "1.0.0"
          sed -i 's/"@aikidosec\/safe-chain": "file:..\/safe-chain"/"@aikidosec\/safe-chain": "${{ steps.get_version.outputs.tag }}"/g' packages/safe-chain-bun/package.json

      - name: Publish safe-chain-bun to npm
        run: |
          echo "Publishing safe-chain-bun version ${{ steps.get_version.outputs.tag }} to NPM"
          npm publish --workspace=packages/safe-chain-bun --access public
        env:
          NPM_AUTH_TOKEN: ${{ secrets.NPM_PUBLISH_TOKEN }}

      - name: Pack safe-chain tarball
        run: |
          cd packages/safe-chain
          npm pack

      - name: Pack safe-chain-bun tarball
        run: |
          cd packages/safe-chain-bun
          npm pack

      - name: Upload safe-chain tarball
        uses: actions/upload-artifact@v3
        with:
          name: aikidosec-safe-chain-${{ steps.get_version.outputs.tag }}
          path: packages/safe-chain/aikidosec-safe-chain-*.tgz

      - name: Upload safe-chain-bun tarball
        uses: actions/upload-artifact@v3
        with:
          name: aikidosec-safe-chain-bun-${{ steps.get_version.outputs.tag }}
          path: packages/safe-chain-bun/aikidosec-safe-chain-bun-*.tgz