onedeuxtriseigo.nullpo.dev / yomitan
Pop-up dictionary browser extension for language learning. Successor to Yomichan. (PERSONAL FORK)
fork atom
yomitan / .github / workflows / publish-firefox-development.yml
at lambda-fork/main 110 lines 3.8 kB view raw
dependabot[bot] Bump actions/checkout from 4 to 5 (#2231)
e5388c26
1# For the Firefox development addon, people install it manually, 2# and updates are distributed via the JSON file created in this 3# action which is stored in the metadata branch of this repo. 4 5name: publish-firefox-development 6on: 7 workflow_dispatch: 8 inputs: 9 upload_url: 10 description: "The upload_url from the release created by create-prerelease-on-tag.yml" 11 required: true 12permissions: 13 contents: read 14jobs: 15 build: 16 runs-on: ubuntu-latest 17 environment: cd 18 permissions: 19 contents: write 20 outputs: 21 hashes: ${{ steps.hash.outputs.hashes }} 22 steps: 23 - uses: robinraju/release-downloader@daf26c55d821e836577a15f77d86ddc078948b05 # pin@v1.12 24 with: 25 tag: ${{ github.ref_name }} 26 zipBall: true 27 fileName: "*" 28 29 - name: Sign Firefox xpi for offline distribution 30 id: ffSignXpi 31 continue-on-error: true 32 uses: cardinalby/webext-buildtools-firefox-sign-xpi-action@0953ef0b8a488a791f17c14fa5b800b131632d34 33 with: 34 approvalTimeoutMs: 1200000 35 validationTimeoutMs: 3600000 36 extensionId: ${{ secrets.FF_OFFLINE_EXT_ID }} 37 zipFilePath: yomitan-firefox-dev.zip 38 sourcesZipFilePath: yomitan-${{ github.ref_name }}.zip 39 xpiFilePath: yomitan-firefox-dev.xpi 40 jwtIssuer: ${{ secrets.FF_JWT_ISSUER }} 41 jwtSecret: ${{ secrets.FF_JWT_SECRET }} 42 43 - name: Abort on sign error 44 if: | 45 steps.ffSignXpi.outcome == 'failure' && 46 steps.ffSignXpi.outputs.sameVersionAlreadyUploadedError != 'true' 47 run: exit 1 48 49 - name: Generate hashes 50 id: hash 51 run: | 52 echo "hashes=$(sha256sum yomitan-firefox-dev.xpi | base64 -w0)" >> "$GITHUB_OUTPUT" 53 54 - name: Upload offline xpi release asset 55 id: uploadReleaseAsset 56 if: steps.ffSignXpi.outcome == 'success' 57 uses: actions/upload-release-asset@v1 58 env: 59 GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 60 with: 61 upload_url: ${{ inputs.upload_url }} 62 asset_path: yomitan-firefox-dev.xpi 63 asset_name: yomitan-firefox-dev.xpi 64 asset_content_type: application/x-xpinstall 65 66 # update updates.json so that all people who have the dev version installed get the new update 67 68 - uses: actions/checkout@v6 69 with: 70 ref: metadata 71 72 - name: Recreate updates.json 73 run: | 74 cat > updates.json << EOF 75 { 76 "addons": { 77 "{2d13e145-294e-4ead-9bce-b4644b203a00}": { 78 "updates": [ 79 { 80 "version": "${{ github.ref_name }}", 81 "update_link": "${{ steps.uploadReleaseAsset.outputs.browser_download_url }}" 82 } 83 ] 84 } 85 } 86 } 87 EOF 88 89 - name: Commit files 90 continue-on-error: true 91 run: | 92 git config --local user.email "github-actions[bot]@users.noreply.github.com" 93 git config --local user.name "github-actions[bot]" 94 git commit -a -m "${{ github.ref_name }}" 95 96 - name: Push changes 97 uses: ad-m/github-push-action@d91a481090679876dfc4178fef17f286781251df # pin@master 98 with: 99 branch: metadata 100 101 provenance: 102 needs: [build] 103 permissions: 104 actions: read # To read the workflow path. 105 id-token: write # To sign the provenance. 106 contents: write # To add assets to a release. 107 uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.1.0 108 with: 109 base64-subjects: "${{ needs.build.outputs.hashes }}" 110 upload-assets: true