image: registry.gitlab.com/openstapps/projectmanagement/node

before_script:
  - npm ci

stages:
  - audit
  - publish
  - deploy

audit:
  stage: audit
  script:
    - npm audit
  allow_failure: true
  except:
    - schedules

scheduled-audit:
  stage: audit
  script:
    - npm audit --audit-level=high
  only:
    - schedules

package:
  tags:
    - secrecy
  stage: publish
  script:
    - echo "//registry.npmjs.org/:_authToken=$NPM_AUTH_TOKEN" > ~/.npmrc
    - npm publish
  only:
    - /^v[0-9]+\.[0-9]+\.[0-9]+$/