99 lines
2.9 KiB
Bash
99 lines
2.9 KiB
Bash
#!/usr/bin/env bash
|
|
# sign-xpi.sh — sign Firefox extension via AMO API directly
|
|
# Usage: ./scripts/sign-xpi.sh [version]
|
|
set -euo pipefail
|
|
|
|
cd "$(dirname "$0")/.."
|
|
|
|
# Load .env
|
|
set -a; source .env; set -a
|
|
|
|
SOURCE_DIR="${WEB_EXT_SOURCE_DIR:-extension-firefox}"
|
|
ARTIFACTS_DIR="${WEB_EXT_ARTIFACTS_DIR:-web-ext-artifacts}"
|
|
CHANNEL="${WEB_EXT_CHANNEL:-unlisted}"
|
|
VERSION="${1:-$(node -e "console.log(require('./$SOURCE_DIR/manifest.json').version)")}"
|
|
ADDON_ID="verstak-bridge@verstak.app"
|
|
|
|
echo "=== Signing Firefox extension v$VERSION ==="
|
|
echo "Source: $SOURCE_DIR"
|
|
echo "Channel: $CHANNEL"
|
|
echo ""
|
|
|
|
# Step 1: Create JWT token
|
|
JWT=$(node -e "
|
|
const jwt = require('jsonwebtoken');
|
|
const payload = {
|
|
iss: '$WEB_EXT_API_KEY',
|
|
jti: Math.random().toString(36).slice(2),
|
|
iat: Math.floor(Date.now()/1000),
|
|
exp: Math.floor(Date.now()/1000) + 300
|
|
};
|
|
console.log(jwt.sign(payload, '$WEB_EXT_API_SECRET'));
|
|
")
|
|
|
|
API_BASE="https://addons.mozilla.org/api/v5"
|
|
PROXY="$WEB_EXT_API_PROXY"
|
|
|
|
# Step 2: Check if version already exists
|
|
echo "==> Checking if version $VERSION exists..."
|
|
EXISTING=$(curl -s --proxy "$PROXY" \
|
|
"$API_BASE/addons/$ADDON_ID/versions/$VERSION/" \
|
|
-H "Authorization: JWT $JWT" \
|
|
-o /dev/null -w "%{http_code}")
|
|
|
|
if [[ "$EXISTING" == "200" ]]; then
|
|
echo " Version $VERSION already exists, uploading new file..."
|
|
# Upload to existing version
|
|
UPLOAD_URL="$API_BASE/addons/$ADDON_ID/versions/$VERSION/"
|
|
else
|
|
echo " Creating new version $VERSION..."
|
|
# Create new version
|
|
UPLOAD_URL="$API_BASE/addons/$ADDON_ID/versions/"
|
|
fi
|
|
|
|
# Step 3: Build the XPI (zip)
|
|
echo "==> Building XPI..."
|
|
mkdir -p "$ARTIFACTS_DIR"
|
|
XPI_FILE="$ARTIFACTS_DIR/verstak-bridge-$VERSION.xpi"
|
|
cd "$SOURCE_DIR"
|
|
zip -r "../$XPI_FILE" \
|
|
manifest.json background.js popup/ icons/ \
|
|
-x "*/.DS_Store" "*/Thumbs.db" "*/node_modules/*" "*/.git/*"
|
|
cd ..
|
|
echo " XPI: $XPI_FILE ($(du -h "$XPI_FILE" | cut -f1))"
|
|
|
|
# Step 4: Upload XPI to AMO
|
|
echo "==> Uploading to AMO..."
|
|
if [[ "$EXISTING" == "200" ]]; then
|
|
# Upload file to existing version
|
|
RESPONSE=$(curl -s --proxy "$PROXY" \
|
|
-X POST \
|
|
"$API_BASE/addons/$ADDON_ID/versions/$VERSION/" \
|
|
-H "Authorization: JWT $JWT" \
|
|
-F "upload=@$XPI_FILE" \
|
|
-F "channel=$CHANNEL")
|
|
else
|
|
# Create new version with file
|
|
RESPONSE=$(curl -s --proxy "$PROXY" \
|
|
-X POST \
|
|
"$API_BASE/addons/$ADDON_ID/versions/" \
|
|
-H "Authorization: JWT $JWT" \
|
|
-F "upload=@$XPI_FILE" \
|
|
-F "version=$VERSION" \
|
|
-F "channel=$CHANNEL")
|
|
fi
|
|
|
|
echo " Response: $RESPONSE" | head -5
|
|
|
|
# Step 5: Check status
|
|
echo "==> Checking upload status..."
|
|
VERSION_ID=$(echo "$RESPONSE" | node -e "
|
|
const d = JSON.parse(require('fs').readFileSync('/dev/stdin','utf8'));
|
|
console.log(d.id || d.version || 'unknown');
|
|
" 2>/dev/null || echo "unknown")
|
|
|
|
echo " Version ID: $VERSION_ID"
|
|
echo ""
|
|
echo "=== Done ==="
|
|
echo "Check status at: https://addons.mozilla.org/en-US/developers/addon/$ADDON_ID/versions/"
|