Bump version to v1.2.2 #12
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Publish on AMO | |
on: | |
push: | |
tags: | |
- v*.*.* | |
jobs: | |
build: | |
name: Build web extension | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install Node.js | |
uses: actions/setup-node@v3 | |
with: | |
cache: npm | |
- name: Install dependencies | |
run: npm ci | |
- name: Build web extension source | |
run: npm run build | |
- name: Upload web extension source | |
uses: actions/upload-artifact@v4 | |
with: | |
name: web-ext-source | |
path: ./web-ext-artifacts/*.zip | |
helpers: | |
name: Build install helpers | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
- name: Build install helper | |
working-directory: ./scripts/install/ | |
run: ./build.sh | |
- name: Upload install helper artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: install-helpers | |
path: ./scripts/install/dist/* | |
attest: | |
name: Attest artifact provenance | |
runs-on: ubuntu-latest | |
needs: | |
- build | |
- helpers | |
permissions: | |
contents: read | |
id-token: write | |
attestations: write | |
steps: | |
- name: Download web extension source | |
uses: actions/download-artifact@v4 | |
with: | |
pattern: web-ext-source install-helpers | |
path: ./web-ext-artifacts/ | |
merge-multiple: true | |
- name: Generate artifact attestation | |
uses: actions/attest-build-provenance@v1 | |
with: | |
subject-path: ./web-ext-artifacts/ | |
- name: Generate SBOM | |
uses: anchore/sbom-action@v0 | |
with: | |
path: ./web-ext-artifacts/ | |
- name: Generate SBOM attestation | |
uses: actions/attest-sbom@v1 | |
with: | |
subject-path: ./web-ext-artifacts/ | |
publish: | |
name: Publish web extension | |
runs-on: ubuntu-latest | |
needs: | |
- build | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install Node.js | |
uses: actions/setup-node@v3 | |
with: | |
cache: npm | |
- name: Install dependencies | |
run: npm ci | |
- name: Download web extension source | |
uses: actions/download-artifact@v4 | |
with: | |
name: web-ext-source | |
path: ./web-ext-artifacts/ | |
- name: Decompress web extension source | |
run: unzip ./web-ext-artifacts/*.zip -d ./dist/ | |
- name: Submit web extension | |
run: npx web-ext sign | |
env: | |
WEB_EXT_USE_SUBMISSION_API: true | |
WEB_EXT_CHANNEL: listed | |
WEB_EXT_API_KEY: ${{ vars.WEB_EXT_API_KEY }} | |
WEB_EXT_API_SECRET: ${{ secrets.WEB_EXT_API_SECRET }} | |
WEB_EXT_NO_INPUT: true | |
- name: Upload signed web extension | |
uses: actions/upload-artifact@v4 | |
with: | |
name: web-ext | |
path: ./web-ext-artifacts/*.xpi | |
release: | |
name: Release on GitHub | |
runs-on: ubuntu-latest | |
needs: | |
- attest | |
- publish | |
permissions: | |
contents: write | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Download artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
path: ./web-ext-artifacts/ | |
merge-multiple: true | |
- name: Create GitHub release | |
run: | | |
if gh release view "${{ github.ref_name }}" >/dev/null 2>&1 | |
then | |
echo "Release ${{ github.ref_name }} already exists, skipping..." | |
exit 0 | |
fi | |
gh release create \ | |
"${{ github.ref_name }}" \ | |
--title "${{ github.ref_name }}" \ | |
--verify-tag | |
env: | |
GH_TOKEN: ${{ github.token }} | |
- name: Attach artifacts to release | |
run: | | |
gh release upload \ | |
"${{ github.ref_name }}" \ | |
./web-ext-artifacts/* \ | |
--clobber | |
env: | |
GH_TOKEN: ${{ github.token }} |