Skip to content

Commit

Permalink
feat: Allow source code submission and metadata changes
Browse files Browse the repository at this point in the history
  • Loading branch information
@kewisch
kewisch committed Sep 9, 2024
1 parent 601e5a4 commit c93d686
Show file tree
Hide file tree
Showing 68 changed files with 3,952 additions and 1,586 deletions.
106 changes: 78 additions & 28 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
name: "Build"
on:
push:
Expand All @@ -6,25 +7,21 @@ on:
pull_request:

jobs:
test:
name: "Build and Test"
build:
name: "Build"
runs-on: ubuntu-latest
env:
HAS_AMO_SIGN_KEY: ${{ secrets.AMO_SIGN_KEY != '' && secrets.AMO_SIGN_KEY != null }}
HAS_ATN_SIGN_KEY: ${{ secrets.ATN_SIGN_KEY != '' && secrets.ATN_SIGN_KEY != null }}
outputs:
name: ${{ steps.web-ext-build.outputs.name }}
steps:
- name: "Checkout"
uses: actions/checkout@v4

- name: "npm ci"
run: npm ci

- name: "Run Linters"
run: npm run lint

- name: "Bump version"
run: |
export VERSION="1.$((10#${GITHUB_RUN_ID:0:4})).$((10#${GITHUB_RUN_ID:4}))"
export VERSION="1.$((10#${GITHUB_RUN_ID:0:4})).$((10#${GITHUB_RUN_ID:4})).${GITHUB_RUN_ATTEMPT}"
jq ".version = \"$VERSION\"" test/extension/manifest.json > manifest.json~
mv manifest.json~ test/extension/manifest.json
git diff test/extension
Expand All @@ -49,38 +46,91 @@ jobs:
source: test/extension
channel: unlisted

- name: "Self-test: AMO release"
if: env.HAS_AMO_SIGN_KEY == 'true'
- name: "Upload Unsigned"
uses: actions/upload-artifact@v4
with:
name: unsigned.xpi
path: ${{ steps.web-ext-build.outputs.target }}
if-no-files-found: error

amo:
name: "Self-test: AMO release"
runs-on: ubuntu-latest
needs: build
env:
HAS_SIGN_KEY: ${{ secrets.AMO_SIGN_KEY != '' && secrets.AMO_SIGN_SECRET != '' }}
steps:
- name: "Checkout"
if: env.HAS_SIGN_KEY
uses: actions/checkout@v4

- name: "Get release build"
if: env.HAS_SIGN_KEY
uses: actions/download-artifact@v4
with:
name: unsigned.xpi
path: web-ext-artifacts

- name: "Collect sources"
if: env.HAS_SIGN_KEY
run: git archive --format=zip --output=sources.zip HEAD

- name: "Collect metadata"
if: env.HAS_SIGN_KEY
id: metadata
run: echo "json=$(jq -c . < test/amo_metadata.json)" >> $GITHUB_OUTPUT


- name: "Release"
if: env.HAS_SIGN_KEY
id: web-ext-sign-amo
uses: "./"
with:
cmd: sign
source: ${{ steps.web-ext-build.outputs.target }}
source: web-ext-artifacts/${{ needs.build.outputs.name }}
sourceCode: sources.zip
channel: unlisted
metaDataJson: ${{ steps.metadata.outputs.json }}
approvalNotes: "Please find more information at https://github.com/kewisch/action-web-ext"
releaseNotes: "Triggered by ${{ github.event_name }} for ${{ github.sha }}"
license: MPL-2.0
apiKey: ${{ secrets.AMO_SIGN_KEY }}
apiSecret: ${{ secrets.AMO_SIGN_SECRET }}

- name: "Upload AMO signed"
if: env.HAS_SIGN_KEY
uses: actions/upload-artifact@v4
with:
name: amo-signed.xpi
path: ${{ steps.web-ext-sign-amo.outputs.target }}
if-no-files-found: error

atn:
name: "Self-test: ATN release"
runs-on: ubuntu-latest
needs: build
env:
HAS_SIGN_KEY: ${{ secrets.ATN_SIGN_KEY != '' && secrets.ATN_SIGN_SECRET != '' }}
steps:
- name: "Checkout"
if: env.HAS_SIGN_KEY
uses: actions/checkout@v4

- name: "Get release build"
if: env.HAS_SIGN_KEY
uses: actions/download-artifact@v4
with:
name: unsigned.xpi
path: web-ext-artifacts

- name: "Self-test: ATN release"
if: env.HAS_ATN_SIGN_KEY == 'true'
if: env.HAS_SIGN_KEY
id: web-ext-sign-atn
uses: "./"
with:
cmd: sign
source: ${{ steps.web-ext-build.outputs.target }}
source: web-ext-artifacts/${{ needs.build.outputs.name }}
channel: unlisted
apiUrlPrefix: "https://addons.thunderbird.net/api/v3"
apiUrlPrefix: "https://addons.thunderbird.net/api/v4"
apiKey: ${{ secrets.ATN_SIGN_KEY }}
apiSecret: ${{ secrets.ATN_SIGN_SECRET }}

- name: "Upload Unsigned"
uses: actions/upload-artifact@v4
with:
name: unsigned.xpi
path: ${{ steps.web-ext-build.outputs.target }}

- name: "Upload AMO signed"
if: env.HAS_AMO_SIGN_KEY == 'true'
uses: actions/upload-artifact@v4
with:
name: amo-signed.xpi
path: ${{ steps.web-ext-sign-amo.outputs.target }}
25 changes: 16 additions & 9 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,11 +94,8 @@ sign

Send the add-on for signature to AMO. To reduce the load on AMO servers, please don't use this for
on-commit or nightly builds. If you want to test your add-on you can do so in `about:debugging`.
Using this for betas or releases is great though, especially in combination with
[softprops/action-gh-release](https://github.com/softprops/action-gh-release). Under the hood, the
action uses [mozilla/sign-addon](https://github.com/mozilla/sign-addon). Please note that listed
add-ons will not be signed immediately, this is indicated during the build process but is not
counted as a failure.
Using this for betas or releases is great though. Please note that listed add-ons will not be signed
immediately, this is indicated during the build process but is not counted as a failure.

You can use the following extra options:
* `apiKey`: The API key used for signing
Expand All @@ -111,11 +108,10 @@ Changing `apiUrlPrefix` will allow you to submit to
[addons.thunderbird.net](https://addons.thunderbird.net) or using the staging/dev instance.

```yaml
name: "Release"
name: "Publish"
on:
push:
tags:
- 'v*.*.*'
release:
types: [published]
jobs:
sign:
Expand All @@ -132,13 +128,24 @@ jobs:
cmd: build
source: src
- name: "Collect sources"
run: git archive --format=zip --output=sources.zip ${{ github.ref }}
- name: "Collect metadata"
id: metadata
run: echo "json=$(jq -c . < amo_metadata.json)" >> $GITHUB_OUTPUT
- name: "web-ext sign"
id: web-ext-sign
uses: kewisch/action-web-ext@v1
with:
cmd: sign
source: ${{ steps.web-ext-build.outputs.target }}
sourceCode: sources.zip
channel: unlisted
metaDataJson: ${{ steps.metadata.outputs.json }}
approvalNotes: "Please find more information at https://github.com/kewisch/action-web-ext"
releaseNotes: ${{ github.event.release.body }}
apiKey: ${{ secrets.AMO_SIGN_KEY }}
apiSecret: ${{ secrets.AMO_SIGN_SECRET }}
timeout: 900000
Expand Down
26 changes: 20 additions & 6 deletions action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,17 +17,31 @@ inputs:
required: false
default: "web-ext-artifacts"
verbose:
description: "More debugging fore certain steps"
required: false
default: false
progressBar:
description: "Show the progress bar in command output"
description: "More debugging for certain steps. Enabled automatically if runner debug logging is enabled."
required: false
default: false
ignoreFiles:
description: "JSON array with files to ignore"
required: false
default: "[]"
metaDataJson:
description: "[sign] JSON object with submission metadata. See documentation for the --amo-metadata param to web-ext sign"
required: false
approvalNotes:
description: "[sign] Shortcut to set metaDataJson.version.approval_notes"
required: false
releaseNotes:
description: "[sign] Shortcut to set metaDataJson.version.release_notes"
required: false
license:
description: "[sign] The name of the license. This must be one of the identifiers from https://mozilla.github.io/addons-server/topics/api/licenses.html#license-list or a custom license name"
required: false
licenseFile:
description: "[sign] If a custom license is used, this file is read as the custom license text"
required: false
sourceCode:
description: "[sign] Path to a zip file with the source code to upload"
required: false
channel:
description: "[lint+sign] The target channel"
required: false
Expand All @@ -41,7 +55,7 @@ inputs:
apiUrlPrefix:
description: "[sign] The URL of the signing API, defaults to AMO production"
required: false
default: "https://addons.mozilla.org/api/v4"
default: "https://addons.mozilla.org/api/v5"
timeout:
description: |
[sign] The number of milliseconds to wait before giving up on a response
Expand Down
Loading

0 comments on commit c93d686

Please sign in to comment.