extension #5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow will do a clean installation of node dependencies, cache/restore them, build the source code and run tests across different versions of node | |
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-nodejs | |
name: extension | |
on: | |
workflow_dispatch: | |
push: | |
tags: | |
- '*' | |
branches: ['main'] | |
paths-ignore: | |
- '.github/**' | |
pull_request: | |
branches: ['main'] | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
node-version: [20.x] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Use Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v4 | |
with: | |
node-version: ${{ matrix.node-version }} | |
cache: 'npm' | |
- run: npm ci --legacy-peer-deps | |
- run: | | |
npm run build --if-present | |
ls -la | |
- name: Set zip name | |
run: | | |
echo "ZIP_NAME=$(echo "MFA_(Multi_Factor_Authentication_Assistant)-chrome-${{ env.version }}.zip")" >> $GITHUB_ENV | |
echo "env.ZIP_NAME: ${{ env.ZIP_NAME }}, version: ${{ env.version }}" | |
- name: Cache build files | |
uses: actions/cache@v4 | |
id: build-cache | |
with: | |
path: | | |
MFA_(Multi_Factor_Authentication_Assistant)-chrome-${{ env.version }}.zip | |
MFA_(Multi_Factor_Authentication_Assistant)-firefox-${{ env.version }}.zip | |
key: cache-build-${{ github.sha }} | |
deploy-edge: | |
needs: build | |
runs-on: ubuntu-latest | |
if: startsWith(github.ref, 'refs/tags/') | |
steps: | |
- name: Set zip name | |
run: | | |
version=$(node -p "require('./package.json').version") | |
echo "ZIP_NAME=$(echo "MFA_(Multi_Factor_Authentication_Assistant)-chrome-${{ env.version }}.zip")" >> $GITHUB_ENV | |
- name: Restore cache build files | |
uses: actions/cache@v4 | |
id: build-cache | |
with: | |
path: ${{ env.ZIP_NAME }} | |
key: cache-build-${{ github.sha }} | |
- name: Publish using Microsoft Partner Center Publish API | |
run: | | |
certificationNotes=$(echo "{ | |
\"notes\": \"Submitted via GitHub Actions. Commit: $GITHUB_SHA on ref: $GITHUB_REF\" | |
}") | |
ls -laR / | |
response=$(curl https://login.microsoftonline.com/5c9eedce-81bc-42f3-8823-48ba6258b391/oauth2/v2.0/token \ | |
-H "Content-Type: application/x-www-form-urlencoded" \ | |
-d "client_id=${{ vars.MPC_CLIENT_ID }}" \ | |
-d "scope=https://api.addons.microsoftedge.microsoft.com/.default" \ | |
-d "client_secret=${{ secrets.MPC_CLIENT_SECRET }}" \ | |
-d "grant_type=client_credentials") | |
token=$(echo $response | jq -r '.access_token') | |
# Uploading a package to update an existing submission | |
echo "Uploading a package to update an existing submission" | |
response=$(curl -s -i -D /tmp/headers -w 'status: %{response_code}\n' -X POST https://api.addons.microsoftedge.microsoft.com/v1/products/${{ vars.MPC_PRODUCT_ID }}/submissions/draft/package \ | |
-H "Authorization: Bearer $token" \ | |
-H 'Content-Type: application/zip' \ | |
-T ${{ env.ZIP_NAME }}) | |
if [ -n "$(echo $response | egrep "status:\s*202")" ]; then | |
operationID=$(cat /tmp/headers | egrep -i "location:\s*" | cut -f2 -d":" | awk '{$1=$1};1' | tr -d '\r') | |
# Checking the status of a package upload | |
echo "Checking the status of a package upload" | |
response=$(curl -s -w 'status: %{response_code}\n' -o /dev/null https://api.addons.microsoftedge.microsoft.com/v1/products/${{ vars.MPC_PRODUCT_ID }}/submissions/draft/package/operations/$operationID \ | |
-H "Authorization: Bearer $token") | |
echo $response | |
retries=0 | |
while [ -z $(echo $response | egrep "status:\s*200")]; do | |
if [ $retries -gt 10 ]; then | |
echo "Exiting (Checking the status of a package upload) after 10 retries!" | |
exit 1 | |
fi | |
sleep 5 | |
response=$(curl -w 'status: %{response_code}\n' -v https://api.addons.microsoftedge.microsoft.com/v1/products/${{ vars.MPC_PRODUCT_ID }}/submissions/draft/package/operations/$operationID \ | |
-H "Authorization: Bearer $token") | |
retries=$(($retries+1)) | |
done | |
# Publishing the submission | |
echo "Publishing the submission" | |
response=$(curl -s -i -D /tmp/headers2 -w 'status: %{response_code}\n' -o /dev/null https://api.addons.microsoftedge.microsoft.com/v1/products/${{ vars.MPC_PRODUCT_ID }}/submissions \ | |
-H "Authorization: Bearer $token" \ | |
-d "$certificationNotes") | |
if [ -n "$(echo $response | egrep "status:\s*202")" ]; then | |
operationID=$(cat /tmp/headers2 | egrep -i "location:\s*" | cut -f2 -d":" | awk '{$1=$1};1' | tr -d '\r') | |
# Checking the publishing status | |
response=$(curl -s -w 'status: %{response_code}\n' -o /dev/null https://api.addons.microsoftedge.microsoft.com/v1/products/${{ vars.MPC_PRODUCT_ID }}/submissions/operations/$operationID \ | |
-H "Authorization: Bearer $token") | |
retries=0 | |
while [ -z $(echo $response | egrep "status:\s*200")]; do | |
if [ $retries -gt 10 ]; then | |
echo "Exiting (Checking the publishing status) after 10 retries!" | |
exit 1 | |
fi | |
sleep 5 | |
response=$(curl -w 'status: %{response_code}\n' -v https://api.addons.microsoftedge.microsoft.com/v1/products/${{ vars.MPC_PRODUCT_ID }}/submissions/operations/$operationID \ | |
-H "Authorization: Bearer $token") | |
retries=$(($retries+1)) | |
done | |
fi | |
else | |
echo "Package upload failed" | |
echo $response | |
exit 1 | |
fi | |
exit 0 | |
shell: bash | |
deploy-chrome: | |
needs: build | |
runs-on: ubuntu-latest | |
if: startsWith(github.ref, 'refs/tags/') | |
steps: | |
- name: Download package | |
uses: actions/download-artifact@v4 | |
with: | |
path: '/tmp' | |
- name: Set zip name | |
run: | | |
version=$(node -p "require('./package.json').version") | |
echo "ZIP_NAME=$(echo "MFA_(Multi_Factor_Authentication_Assistant)-chrome-${{ env.version }}.zip")" >> $GITHUB_ENV | |
- name: Publish to Google Web Store (V2) | |
run: | | |
# Generate a JWT (JSON Web Token) | |
WEBSTORE_API_URL="https://www.googleapis.com/upload/chromewebstore/v1.1/items/${{vars.GOOGLE_APP_ID}}" | |
ACCESS_TOKEN=$(curl "https://accounts.google.com/o/oauth2/token" -d "client_id=${{ vars.GOOGLE_CLIENT_ID }}&client_secret=${{ secrets.GOOGLE_CLIENT_SECRET }}&refresh_token=${{ secrets.GOOGLE_REFRESH_TOKEN }}&grant_type=refresh_token&redirect_uri=urn:ietf:wg:oauth:2.0:oob" | jq -r .access_token) | |
curl -H "Authorization: Bearer ${ACCESS_TOKEN}" -H "x-goog-api-version: 2" -X PUT -T ${{ env.ZIP_NAME }} -v "${WEBSTORE_API_URL}" | |
curl -H "Authorization: Bearer ${ACCESS_TOKEN}" -H "x-goog-api-version: 2" -H "Content-Length: 0" -X POST -v "${WEBSTORE_API_URL}/publish" | |
shell: bash | |
- name: Publish to Google Web Store (V3) | |
run: | | |
# Generate a JWT (JSON Web Token) | |
WEBSTORE_API_URL="https://www.googleapis.com/upload/chromewebstore/v1.1/items/${{vars.GOOGLE_APP_ID}}" | |
ACCESS_TOKEN=$(curl "https://accounts.google.com/o/oauth2/token" -d "client_id=${{ vars.GOOGLE_CLIENT_ID }}&client_secret=${{ secrets.GOOGLE_CLIENT_SECRET }}&refresh_token=${{ secrets.GOOGLE_REFRESH_TOKEN }}&grant_type=refresh_token&redirect_uri=urn:ietf:wg:oauth:2.0:oob" | jq -r .access_token) | |
curl -H "Authorization: Bearer ${ACCESS_TOKEN}" -H "x-goog-api-version: 2" -X PUT -T ${{ env.ZIP_NAME }} -v "${WEBSTORE_API_URL}" | |
curl -H "Authorization: Bearer ${ACCESS_TOKEN}" -H "x-goog-api-version: 2" -H "Content-Length: 0" -X POST -v "${WEBSTORE_API_URL}/publish" | |
shell: bash | |
deploy-github: | |
needs: build | |
runs-on: ubuntu-latest | |
steps: | |
- name: Download package | |
uses: actions/download-artifact@v4 | |
with: | |
path: '/tmp' | |
- name: Set zip name | |
run: | | |
version=$(node -p "require('./package.json').version") | |
echo "ZIP_NAME=$(echo "MFA_(Multi_Factor_Authentication_Assistant)-chrome-${{ env.version }}")" >> $GITHUB_ENV | |
- name: Release | |
uses: softprops/action-gh-release@v2 | |
if: startsWith(github.ref, 'refs/tags/') | |
with: | |
files: '${{ env.ZIP_NAME }}' |