name: Publish
on:
  push:
    branches:
      - "main"
    paths-ignore:
      - 'README.md'
      - 'LICENSE.md'
      - 'CHANGELOG.md'
      - '.gitignore'
      - 'renovate.json'
      - 'CODEOWNERS'

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - name: Check out repository code
        uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
      - name: Setup Python
        uses: actions/setup-python@v5
        with:
          python-version: "3.11"
      - name: Setup Poetry
        uses: abatilo/actions-poetry@v3
      - name: Install dependencies
        run: poetry install
      - name: Build wheel file
        run: poetry build
      - id: skip_check
        uses: actions/upload-artifact@v4
        with:
          name: whl
          path: dist/

  publish:
    needs: build
    if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
    runs-on: ubuntu-latest
    # Specifying a GitHub environment is optional, but strongly encouraged
    environment:
      name: release
      url: https://pypi.org/p/ipilot
    permissions:
      # IMPORTANT: this permission is mandatory for trusted publishing
      id-token: write
    steps:
      - name: Create dist folder
        run: mkdir -p dist
      - uses: actions/download-artifact@v4
        with:
          name: whl
          path: dist
      - name: Publish to PyPI
        uses: pypa/gh-action-pypi-publish@release/v1