chore: Adjust workflows to not use docker build anymore + publish to …

.github/workflows/pull-request.yaml

@@ -1,6 +1,10 @@
 name: pull request ci
 on: [pull_request]
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 jobs:
   ci:
     name: ci
@@ -9,17 +13,20 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
 
-      - run: |
-          docker build . --target=test-components -t zvoove-angular-components:test-comp
-          docker build . --target=test-schematics -t zvoove-angular-components:test-schem
-          docker build . --target=linter -t zvoove-angular-components:lint
-        name: build ci images
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 24
+          cache: npm
+
+      - name: Install dependencies
+        run: npm ci
 
-      - run: docker run --rm zvoove-angular-components:lint
-        name: run linter
+      - name: Lint
+        run: npm run lint
 
-      - run: docker run --rm zvoove-angular-components:test-comp
-        name: test components
+      - name: Test components
+        run: npm run test:components
 
-      - run: docker run --rm zvoove-angular-components:test-schem
-        name: test schematics
+      - name: Test schematics
+        run: npm run test:schematics

.github/workflows/push-master.yaml

@@ -4,38 +4,92 @@ on:
     branches:
       - master
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: false
+
 permissions:
-  id-token: write  # Required for OIDC
+  id-token: write
   contents: read
 
 jobs:
-  deploy:
+  ci:
+    name: ci
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
 
       - uses: actions/setup-node@v4
         with:
           node-version: 24
-          registry-url: 'https://registry.npmjs.org'
+          cache: npm
+
+      - run: npm ci
 
-      - run: |
-          docker build . --target=test-components -t zvoove-angular-components:test-comp
-          docker build . --target=test-schematics -t zvoove-angular-components:test-schem
-          docker build . --target=linter -t zvoove-angular-components:lint
-        name: build ci images
+      - name: Lint
+        run: npm run lint
 
-      - run: docker run --rm zvoove-angular-components:lint
-        name: run linter
+      - name: Test components
+        run: npm run test:components
 
-      - run: docker run --rm zvoove-angular-components:test-comp
-        name: test components
+      - name: Test schematics
+        run: npm run test:schematics
 
-      - run: docker run --rm zvoove-angular-components:test-schem
-        name: test schematics
-      - run: npm ci
+      - name: Build components
+        run: npm run build:components
+
+      - name: Build demo
+        run: npm run build:components-demo -- --base-href /components/
+
+      - name: Upload components artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: components-dist
+          path: dist/components
+
+      - name: Upload demo artifact
+        uses: actions/upload-pages-artifact@v3
+        with:
+          path: dist/zvoove-components-demo/browser
+
+  publish:
+    name: publish to npm
+    needs: ci
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 24
+          registry-url: 'https://registry.npmjs.org'
 
-      - run: npm run build:components
+      - name: Download components artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: components-dist
+          path: dist/components
+
+      - name: Check if version already published
+        id: version-check
+        run: |
+          LOCAL=$(node -p "require('./dist/components/package.json').version")
+          REMOTE=$(npm view @zvoove/components version 2>/dev/null || echo "0.0.0")
+          echo "should_publish=$( [ "$LOCAL" != "$REMOTE" ] && echo true || echo false )" >> "$GITHUB_OUTPUT"
 
       - name: Publish to npm
+        if: steps.version-check.outputs.should_publish == 'true'
         run: npm publish ./dist/components --provenance --access public
+
+  deploy-demo:
+    name: deploy demo to github pages
+    needs: ci
+    runs-on: ubuntu-latest
+    permissions:
+      pages: write
+      id-token: write
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    steps:
+      - name: Deploy to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@v4

CLAUDE.md

@@ -0,0 +1,5 @@
+# CLAUDE.md
+
+## npm Publishing with Trusted Publishers
+
+npm supports trusted publishers (OIDC-based publishing) via GitHub Actions. When a package is configured with trusted publishers on npmjs.com, the `id-token: write` permission + `actions/setup-node` with `registry-url` is sufficient for `npm publish --provenance`. No `NODE_AUTH_TOKEN` secret is needed. Do not flag missing `NODE_AUTH_TOKEN` as a defect when `id-token: write` is present and `--provenance` is used.