Add github action to deploy to web stores

[ColdSauce]

Hey @gildas-lormeau, we created a Github action to make it easier to publish extensions to the various web stores.

Thought you might find it useful so I added a Github workflow that will run the build step and publish to the web stores you specify, on dispatch. I also added a package-json.lock file so that npm ci could be run to make installing faster.

The only thing you would need to create is a SUBMIT_KEYS GitHub repository secret.

This secret is a JSON, with the schema defined here.

Here's a sample key:

{
  "$schema": "https://raw.githubusercontent.com/plasmo-corp/bpp/main/keys.schema.json",
  "chrome": {
    "zip": "./extension.crx",
    "clientId": "123",
    "clientSecret": "456",
    "refreshToken": "789",
    "extId": "abcd"
  },
  "firefox": {
    "zip": "./extension.xpi",
    "extId": "123",
    "sessionid": "abcd"
  }
}

You can find instructions on how to get those keys in the schema, or if you use vscode, the schema should provide hint/intelisense when hovering over the json properties. If you need any help in setting up the keys, feel free to @ me.

Otherwise, if this doesn't seem necessary, feel free to close the PR!

(I discovered this bug upon creating this PR)

[ColdSauce]

Also if you'd like me to create a similar PR for your SingleFileZ repo, or any other browser extension you'd like this on, please LMK!

[gildas-lormeau]

Thank you for the contribution, that looks interesting. How could I handle private keys like the one in the woleet.js file? This key exists on my machine but not on GitHub.

[ColdSauce]

Sounds great!

Is this a key that's necessary for deployment?

[gildas-lormeau]

Yes, the key is needed for deployment. FYI, I'm referring to the string below.

SingleFile/src/extension/lib/woleet/woleet.js

Line 25 in b133b7e

const apiKey = "";

BTW, I also need to submit the source code of the extension (singlefile-extension-source.zip) on the Mozilla store, does the the action take this into account?

[ColdSauce]

Ah got it! Okay, I'll build something that can address both requirements.

We're lucky because the new Mozilla Add-On API (v5) allows for uploading the source alongside the minified version. We'll have to upgrade our source to use the new v5 so it might take a few days.

For the key storage, I think we might be able to use something like rollup-plugin-inject-process-env which will inject env vars into the distribution on build time. That way, you can set up a Github secret containing the api key as API_KEY and then you can reference it from the code with process.env.API_KEY

So after this is working, that line of code might look something like this:

const apiKey = process.env.API_KEY || ""

I'll get back to you in a few days after hacking around a bit on this stuff, and hopefully will have addressed both requirements!