Skip to content

Bump version number #14

Bump version number

Bump version number #14

Workflow file for this run

# SPDX-FileCopyrightText: Copyright 2024 Siemens AG
#
# SPDX-License-Identifier: MPL-2.0
name: release browser extension
on:
push:
tags:
- 'v*.*'
- 'v*.*.*'
# Sets permissions of the GITHUB_TOKEN to checkout the repository
permissions:
contents: write
pull-requests: write
id-token: write
attestations: write
env:
WEB_EXT_VERS: 8.2.0
jobs:
release-extension:
runs-on: ubuntu-latest
steps:
- name: checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: get git committer
run: |
echo "GIT_COMMITTER=$(git show -s --format='%cn <%ce>')" >> $GITHUB_ENV
- name: install dependencies
run: |
sudo apt update && sudo apt install -y make git zip
- run: make package deb
- name: sign Firefox extension by Mozilla
run: |
npx web-ext@${{ env.WEB_EXT_VERS }} sign \
--channel unlisted \
--approval-timeout 900000 \
--api-key ${{ secrets.AMO_API_KEY }} \
--api-secret ${{ secrets.AMO_API_SECRET }} \
--source-dir build/firefox \
--artifacts-dir build
- uses: actions/upload-artifact@v4
with:
name: firefox-signed-xpi
path: |
build/linux_entra_sso-*.xpi
- uses: actions/upload-artifact@v4
with:
name: debian-package
path: |
pkgs/linux-entra-sso_*.deb
- name: attest Firefox extension build
uses: actions/attest-build-provenance@v1
with:
subject-path: |
build/linux_entra_sso-*.xpi
pkgs/linux-entra-sso_*.deb
- name: create release
uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2.0.6
with:
files: |
build/linux_entra_sso-*.xpi
pkgs/linux-entra-sso_*.deb
token: ${{ secrets.GITHUB_TOKEN }}
body: |
Release of version ${{ github.ref_name }}
tag_name: ${{ github.ref_name }}
draft: false
prerelease: true
- name: create update manifest for Firefox
run: |
VERSION=$(echo ${{ github.ref_name }} | cut -c 2-)
DIGEST="sha256:$(sha256sum build/linux_entra_sso-${VERSION}.xpi | cut -d ' ' -f 1)"
LINK="https://github.com/siemens/linux-entra-sso/releases/download/v${VERSION}/linux_entra_sso-${VERSION}.xpi"
jq --arg version "${VERSION}" --arg digest "${DIGEST}" --arg link "${LINK}" \
'."addons"."[email protected]"."updates" += [{"version":$version, "update_link":$link, "update_hash":$digest}]' \
.pages/firefox/updates.json \
> .pages/firefox/updates.json.tmp && mv .pages/firefox/updates.json.tmp .pages/firefox/updates.json
- name: prepare PR for Firefox update manifest
uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0
with:
add-paths: '.pages/firefox/updates.json'
commit-message: "chore: release Firefox update manifest"
branch: ci/release-firefox-update-manifest
base: main
title: "chore: release Firefox update manifest [bot]"
assignees: fmoessbauer
reviewers: jan-kiszka
author: ${{ env.GIT_COMMITTER }}
committer: ${{ env.GIT_COMMITTER }}
signoff: true
body: |
Publish update manifest for Firefox extension, version ${{ github.ref_name }}.
- name: release Chrome extension on CWS
uses: mnao305/chrome-extension-upload@4008e29e13c144d0f6725462cbd49b7c291b4928 # v5.0.0
with:
file-path: build/Linux-Entra-SSO-*chrome.zip
glob: true
extension-id: jlnfnnolkbjieggibinobhkjdfbpcohn
client-id: ${{ secrets.CWS_CLIENT_ID }}
client-secret: ${{ secrets.CWS_CLIENT_SECRET }}
refresh-token: ${{ secrets.CWS_REFRESH_TOKEN }}