SingleFile icon indicating copy to clipboard operation
SingleFile copied to clipboard
verified publisher icon gildas-lormeau

Add github action to deploy to web stores

Open ColdSauce opened this issue 4 years ago • 5 comments

Hey @gildas-lormeau, we created a Github action to make it easier to publish extensions to the various web stores.

Thought you might find it useful so I added a Github workflow that will run the build step and publish to the web stores you specify, on dispatch. I also added a package-json.lock file so that npm ci could be run to make installing faster.

The only thing you would need to create is a SUBMIT_KEYS GitHub repository secret.

This secret is a JSON, with the schema defined here.

Here's a sample key:

{
  "$schema": "https://raw.githubusercontent.com/plasmo-corp/bpp/main/keys.schema.json",
  "chrome": {
    "zip": "./extension.crx",
    "clientId": "123",
    "clientSecret": "456",
    "refreshToken": "789",
    "extId": "abcd"
  },
  "firefox": {
    "zip": "./extension.xpi",
    "extId": "123",
    "sessionid": "abcd"
  }
}

You can find instructions on how to get those keys in the schema, or if you use vscode, the schema should provide hint/intelisense when hovering over the json properties. If you need any help in setting up the keys, feel free to @ me.

Otherwise, if this doesn't seem necessary, feel free to close the PR!

(I discovered this bug upon creating this PR)

ColdSauce avatar Feb 17 '22 13:02 ColdSauce

Also if you'd like me to create a similar PR for your SingleFileZ repo, or any other browser extension you'd like this on, please LMK!

ColdSauce avatar Feb 17 '22 13:02 ColdSauce

Thank you for the contribution, that looks interesting. How could I handle private keys like the one in the woleet.js file? This key exists on my machine but not on GitHub.

gildas-lormeau avatar Feb 17 '22 13:02 gildas-lormeau

Sounds great!

Is this a key that's necessary for deployment?

ColdSauce avatar Feb 18 '22 22:02 ColdSauce

Yes, the key is needed for deployment. FYI, I'm referring to the string below.

https://github.com/gildas-lormeau/SingleFile/blob/b133b7e28d63571b389d2c2fe3d071b092c47418/src/extension/lib/woleet/woleet.js#L25

BTW, I also need to submit the source code of the extension (singlefile-extension-source.zip) on the Mozilla store, does the the action take this into account?

gildas-lormeau avatar Feb 19 '22 23:02 gildas-lormeau

Ah got it! Okay, I'll build something that can address both requirements.

We're lucky because the new Mozilla Add-On API (v5) allows for uploading the source alongside the minified version. We'll have to upgrade our source to use the new v5 so it might take a few days.

For the key storage, I think we might be able to use something like rollup-plugin-inject-process-env which will inject env vars into the distribution on build time. That way, you can set up a Github secret containing the api key as API_KEY and then you can reference it from the code with process.env.API_KEY

So after this is working, that line of code might look something like this:

const apiKey = process.env.API_KEY || ""

I'll get back to you in a few days after hacking around a bit on this stuff, and hopefully will have addressed both requirements!

ColdSauce avatar Feb 22 '22 12:02 ColdSauce