workflow: display pluging info for nix #19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Releases | |
| on: | |
| push: | |
| branches: [main] | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20' | |
| - name: Install dependencies | |
| run: npm install | |
| - name: Install web-ext | |
| run: npm install --global web-ext | |
| - name: Extract version from manifest.json | |
| id: get_version | |
| run: | | |
| version=$(jq -r '.version' manifest.json) | |
| echo "version=$version" >> $GITHUB_ENV | |
| - name: Inject environment variables into weather.js | |
| run: | | |
| sed -i 's/const key = "";/const key = "${{ secrets.KEY }}";/' js/weather.js | |
| sed -i 's/const latitude = 0;/const latitude = ${{ secrets.LATITUDE }};/' js/weather.js | |
| sed -i 's/const longitude = 0;/const longitude = ${{ secrets.LONGITUDE }};/' js/weather.js | |
| - name: Build and Sign Extension | |
| id: build | |
| env: | |
| FIREFOX_JWT_ISSUER: ${{ secrets.FIREFOX_JWT_ISSUER }} | |
| FIREFOX_JWT_SECRET: ${{ secrets.FIREFOX_JWT_SECRET }} | |
| run: | | |
| web-ext sign \ | |
| --channel=unlisted \ | |
| --api-key=$FIREFOX_JWT_ISSUER \ | |
| --api-secret=$FIREFOX_JWT_SECRET | tee /dev/tty \ | |
| | grep "^Generated extension ID:" >> $GITHUB_OUTPUT | |
| EXTENSION_ID=$(echo "$SIGN_OUTPUT" | grep -oP 'Generated extension ID: \K.*') | |
| - name: Prep Artifact | |
| run: | | |
| mv web-ext-artifacts*.xpi web-ext-artifacts/startpage-${{ env.version }}.xpi | |
| - name: Generate SHA-256 SRI hash for xpi file | |
| id: generate_sri | |
| run: | | |
| XPI_FILE=$(ls web-ext-artifacts/*.xpi) | |
| SHA256_HASH=$(sha256sum "$XPI_FILE" | awk '{print $1}' | xxd -r -p | base64) | |
| echo "sri_hash=sha256-$SHA256_HASH" >> $GITHUB_ENV | |
| - name: Release | |
| uses: ncipollo/release-action@v1.14.0 | |
| with: | |
| tag: ${{ env.version }} | |
| artifacts: web-ext-artifacts/*.xpi | |
| allowUpdates: true | |
| replacesArtifacts: true | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| body: |- | |
| Generated extension ID: ${{ steps.build.outputs.stdout }} | |
| SHA-256 (SRI) of xpi file: "${{ env.sri_hash }}" |