-
-
Notifications
You must be signed in to change notification settings - Fork 6
144 lines (125 loc) · 4.12 KB
/
cd_pipeline.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
name: Release pipeline
on:
release:
types: [ released ]
workflow_dispatch:
inputs:
bypass_audit:
description: Bypass npm audit
type: boolean
default: false
targets:
description: Targets
required: true
default: '["chrome","firefox"]'
type: choice
options:
- '["chrome","firefox"]'
- '["chrome"]'
- '["firefox"]'
firefox:
description: Deploy Firefox
type: boolean
default: true
chrome:
description: Deploy Chrome
type: boolean
default: true
edge:
description: Deploy Edge
type: boolean
default: true
gh-release:
description: Attach to GitHub release
type: boolean
default: true
jobs:
build:
runs-on: ubuntu-latest
container: node:20
strategy:
fail-fast: false
matrix:
target: ${{ fromJSON(github.event.inputs.targets || '["chrome","firefox"]') }}
steps:
- uses: actions/checkout@main
- run: npm install
- run: npm run zip -- -b ${{ matrix.target }}
- name: Drop build artifacts (${{ matrix.target }})
uses: actions/upload-artifact@main
with:
name: ${{ matrix.target }}
path: ./.output/password-generator-*-${{ matrix.target }}.zip
include-hidden-files: true
- name: web-ext lint
if: ${{ matrix.target == 'firefox' }}
uses: freaktechnik/web-ext-lint@main
with:
extension-root: ./.output/firefox-mv3
self-hosted: false
- run: npm audit
if: ${{ github.event_name == 'release' || github.event.inputs.bypass_audit == 'false' }}
publish-github:
needs: build
if: ${{ github.event_name == 'release' || github.event.inputs.gh-release == 'true' }}
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
target: ${{ fromJSON(github.event.inputs.targets || '["chrome","firefox"]') }}
steps:
- uses: actions/download-artifact@main
with:
name: ${{ matrix.target }}
- name: Attach build to release
uses: xresloader/upload-to-github-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
file: password-generator-*-${{ matrix.target }}.zip
draft: false
overwrite: true
update_latest_release: true
publish-chrome:
needs: build
if: ${{ github.event_name == 'release' || (github.event.inputs.chrome == 'true' && contains(github.event.inputs.targets, 'chrome')) }}
runs-on: ubuntu-latest
steps:
- uses: actions/download-artifact@main
with:
name: chrome
- uses: wdzeng/[email protected]
with:
extension-id: jnjobgjobffgmgfnkpkjfjkkfhfikmfl
zip-path: password-generator-*-chrome.zip
client-id: ${{ secrets.CHROME_CLIENT_ID }}
client-secret: ${{ secrets.CHROME_CLIENT_SECRET }}
refresh-token: ${{ secrets.CHROME_REFRESH_TOKEN }}
publish-edge:
needs: build
if: ${{ github.event_name == 'release' || (github.event.inputs.edge == 'true' && contains(github.event.inputs.targets, 'chrome')) }}
runs-on: ubuntu-latest
steps:
- uses: actions/download-artifact@main
with:
name: chrome
- uses: wdzeng/[email protected]
with:
product-id: ${{ secrets.EDGE_PRODUCT_ID }}
zip-path: password-generator-*-chrome.zip
client-id: ${{ secrets.EDGE_CLIENT_ID }}
api-key: ${{ secrets.EDGE_API_KEY }}
publish-firefox:
needs: build
if: ${{ github.event_name == 'release' || (github.event.inputs.firefox == 'true' && contains(github.event.inputs.targets, 'firefox')) }}
runs-on: ubuntu-latest
steps:
- uses: actions/download-artifact@main
with:
name: firefox
- uses: wdzeng/[email protected]
with:
addon-guid: ${{ secrets.FIREFOX_EXT_UUID }}
xpi-path: password-generator-*-firefox.zip
jwt-issuer: ${{ secrets.FIREFOX_API_KEY }}
jwt-secret: ${{ secrets.FIREFOX_CLIENT_SECRET }}