name: Publish SDK (npm) # Publishes @officecli/sdk (sdk/node) on its OWN cadence — decoupled from the # CLI release. The SDK depends on @officecli/officecli via a semver range # (^1.0.0), so a CLI version bump flows to users automatically (fresh installs # resolve the newest CLI; existing installs auto-update the bundled binary) # WITHOUT republishing the SDK. The SDK is republished only when its own source # changes — i.e. when sdk/node/package.json's version is bumped. # # Trigger: a push touching sdk/node/** (or manual dispatch). A guard skips the # publish when that version is already on npm, so only a version bump actually # publishes — pushes that don't change the version are no-ops. # # The same SDK is published under four names (one canonical + mirrors/aliases). # The version is shared (sdk/node/package.json); the name is swapped per leg. # # Auth: npm Trusted Publishing (OIDC), no token. Configure a trusted publisher # for EACH of the four packages on npmjs.com: # org/user: iOfficeAI repo: OfficeCLI workflow: publish-sdk.yml action: npm publish on: push: branches: [main] paths: - 'sdk/node/**' workflow_dispatch: permissions: contents: read jobs: publish: runs-on: ubuntu-latest permissions: id-token: write contents: read strategy: fail-fast: false matrix: package: - '@officecli/sdk' - '@officecli/officecli-sdk' - '@aionui/officecli-sdk' - 'officecli-sdk' steps: - uses: actions/checkout@v5 - uses: actions/setup-node@v6 with: node-version: '24' registry-url: 'https://registry.npmjs.org' - name: Upgrade npm (trusted publishing + provenance need >= 11.5.1) run: npm install -g npm@latest - name: Set package name and check if already published id: ver working-directory: sdk/node run: | npm pkg set name='${{ matrix.package }}' # Only the package name differs per scope; links stay officecli.ai. # Rewrite install/require examples to this package's name. sed -i "s|@officecli/sdk|${{ matrix.package }}|g" README.md VERSION=$(node -p "require('./package.json').version") echo "Publishing candidate: ${{ matrix.package }}@$VERSION" if ! npm view "${{ matrix.package }}" version >/dev/null 2>&1; then # A brand-new package can't be created by trusted publishing (OIDC) — # it has no package to attach the publisher config to, so the PUT 404s. # Skip (green) until the one-time MANUAL first publish creates it. echo "already=true" >> "$GITHUB_OUTPUT" echo "::notice::${{ matrix.package }} does not exist on npm yet — first publish must be manual; skipping." elif npm view "${{ matrix.package }}@$VERSION" version >/dev/null 2>&1; then echo "already=true" >> "$GITHUB_OUTPUT" echo "${{ matrix.package }}@$VERSION is already on npm — nothing to publish (bump the version to release)." else echo "already=false" >> "$GITHUB_OUTPUT" fi - name: Publish to npm if: steps.ver.outputs.already == 'false' working-directory: sdk/node run: npm publish --provenance --access public