name: npm-push
description: "Publish an NPM package to a registry."
inputs:
  tgz:
    description: "Path to the tarball file to publish."
    required: true
  registry:
    description: "NPM registry URL."
    required: false
    default: ${{ github.server_url }}/api/packages/${{ github.repository_owner }}/npm/
  apiKey:
    description: "NPM authentication token."
    required: true
  nodeVersion:
    description: "Node.js version to use."
    required: false
    default: "20"
  access:
    description: "Package access level: public or restricted."
    required: false
    default: "public"
runs:
  using: "composite"
  steps:
  - name: "Setup Node.js"
    uses: https://github.com/actions/setup-node@v4
    with:
      node-version: ${{ inputs.nodeVersion }}
      registry-url: ${{ inputs.registry }}
  - name: "Publish package"
    env:
      NODE_AUTH_TOKEN: ${{ inputs.apiKey }}
    run: |
      # Ensure path starts with ./ so npm recognizes it as a file path
      TGZ_PATH="${{ inputs.tgz }}"
      if [[ ! "$TGZ_PATH" =~ ^[./~] ]]; then
        TGZ_PATH="./$TGZ_PATH"
      fi

      echo "Publishing $TGZ_PATH to ${{ inputs.registry }}"
      npm publish "$TGZ_PATH" --access ${{ inputs.access }}

      echo "Package published successfully"
    shell: bash