ci: add GH workflow for automatic GH releasing and NPM publishing

.github/workflows/packaging.yaml

@@ -0,0 +1,93 @@
+# From: https://github.com/garronej/ts-ci
+
+name: GitHub release and NPM publishing
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  check_if_version_upgraded:
+    name: Check if version upgrade
+    # When someone forks the repo and opens a PR we want to enables the tests to be run (the previous jobs)
+    # but obviously only us should be allowed to release.
+    # In the following check we make sure that we own the branch this CI workflow is running on before continuing.
+    # Without this check, trying to release would fail anyway because only us have the correct secret.NPM_TOKEN but
+    # it's cleaner to stop the execution instead of letting the CI crash.
+    if: |
+      github.event_name == 'push' || 
+      github.event.pull_request.head.repo.owner.login == github.event.pull_request.base.repo.owner.login
+    runs-on: ubuntu-latest
+    outputs:
+      from_version: ${{ steps.step1.outputs.from_version }}
+      to_version: ${{ steps.step1.outputs.to_version }}
+      is_upgraded_version: ${{ steps.step1.outputs.is_upgraded_version }}
+      is_pre_release: ${{steps.step1.outputs.is_pre_release }}
+    steps:
+      - uses: garronej/[email protected]
+        id: step1
+        with:
+          action_name: is_package_json_version_upgraded
+          branch: ${{ github.head_ref || github.ref }}
+
+  create_github_release:
+    runs-on: ubuntu-latest
+    # We create release only if the version in the package.json have been upgraded and this CI is running against the main branch.
+    # We allow branches with a PR open on main to publish pre-release (x.y.z-rc.u) but not actual releases.
+    if: |
+      needs.check_if_version_upgraded.outputs.is_upgraded_version == 'true' &&
+      (
+        github.event_name == 'push' ||
+        needs.check_if_version_upgraded.outputs.is_pre_release == 'true'
+      )
+    needs:
+      - check_if_version_upgraded
+    steps:
+      - uses: softprops/action-gh-release@v1
+        with:
+          name: Release v${{ needs.check_if_version_upgraded.outputs.to_version }}
+          tag_name: v${{ needs.check_if_version_upgraded.outputs.to_version }}
+          target_commitish: ${{ github.head_ref || github.ref }}
+          generate_release_notes: true
+          draft: false
+          prerelease: ${{ needs.check_if_version_upgraded.outputs.is_pre_release == 'true' }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  publish_on_npm:
+    runs-on: ubuntu-latest
+    needs:
+      - create_github_release
+      - check_if_version_upgraded
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          ref: ${{ github.ref }}
+      - uses: actions/setup-node@v3
+        with:
+          registry-url: https://registry.npmjs.org/
+      - uses: bahmutov/npm-install@v1
+      - run: yarn build
+      - name: Publishing on NPM
+        run: |
+          if [ "$(npm show . version)" = "$VERSION" ]; then
+            echo "This version is already published"
+            exit 0
+          fi
+          if [ "$NODE_AUTH_TOKEN" = "" ]; then
+            echo "Can't publish on NPM, You must first create a secret called NPM_TOKEN that contains your NPM auth token. https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets"
+            false
+          fi
+          EXTRA_ARGS=""
+          if [ "$IS_PRE_RELEASE" = "true" ]; then
+              EXTRA_ARGS="--tag next"
+          fi
+          npm publish $EXTRA_ARGS
+        env:
+          NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
+          VERSION: ${{ needs.check_if_version_upgraded.outputs.to_version }}
+          IS_PRE_RELEASE: ${{ needs.check_if_version_upgraded.outputs.is_pre_release }}