Adding github action for automated submission + dependabot upkeep

[louisgv]

Hi @kepi ,

Thanks for making eye dropper - it's been fun to use :D I was looking for ways to contribute, and found that since your codebase doesn't have continuous integration, I thought adding that might be helpful.

I created 2 workflows in this PR:

• automerge: automate the dependabot merging to reduce PR noise, using https://github.com/fastify/github-action-merge-dependabot
• submit: automate the zip submission process to the Chrome/Firefox/Edge stores automatically, using bpp . It is set to run manually from the github action tab, but we can tweak it to run as frequent as you wish! The only thing you would need to create is a SUBMIT_KEYS github repository secret.

The SUBMIT_KEYS secret is a json, with the schema defined here.

Here's a sample key for you:

{
  "$schema": "https://raw.githubusercontent.com/plasmo-corp/bpp/v1/keys.schema.json",
  "chrome": {
    "clientId": "123",
    "refreshToken": "789",
    "extId": "abcd"
  }
}

You can find instructions on how to get those keys in the schema, or if you use vscode, the schema should provide hint/intelisense when hovering over the json properties. If you need any help in setting up the keys, feel free to @ me! Otherwise if this doesn't seem necessary, feel free to close the PR :)

[kepi]

Hi @louisgv ,

sorry for late reply, I'm not sure how, but I totally overlooked your PR.

I have to think about automerge, as I don't like anything sensitive happens without my approval :smile: but from current state of repository, it would help to keep things more secure than now.

I really like submit idea, I didn't know about bpp. Currently it isn't big deal, as I'm deploying only to Chrome store, but I like to automate everything, so it would be nice addition. I have to read little more about security aspects.

I'll leave this open as I want it included, at least some parts, but it will take me some time.

Thanks