v3.11 release notes #28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release CI | |
| on: | |
| push: | |
| branches: [ release/* ] | |
| jobs: | |
| build: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
| - uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| #TODO: change to 1 and then get all tags seperately to see if that's faster. git fetch origin 'refs/tags/*:refs/tags/*' | |
| - uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| cache: 'npm' | |
| # Create a git tag of the new version to use | |
| # If package.json major and minor versions match last tag, then | |
| # increment last tag. Else use package.json major.minor.0. | |
| - name: Create git tag | |
| run: | | |
| git config user.name github-actions | |
| git config user.email [email protected] | |
| KEE_VERSION_MANIFEST=`sed -nE 's/^.*"version": "([0-9]{1,}\\.[0-9]{1,})\\.[0-9x]{1,}"\\,/\\1/p' package.json | tr -d '\\040\\011\\012\\015'`; KEE_VERSION_TAG=`git describe --abbrev=0 --tags | sed -E 's/^([0-9]{1,}\\.[0-9]{1,})\\.([0-9]{1,})$/\\1 \\2/g'`; echo "${KEE_VERSION_MANIFEST} ${KEE_VERSION_TAG}" | awk '{printf($1==$2?""$2"."$3+1:""$1".0")}' | xargs -I {} git tag -a {} -m "{}" | |
| - name: Update package.json based on the git tag we just created | |
| run: | | |
| NEW_KEE_VERSION=`git describe --abbrev=0 --tags` | |
| echo "NEW_KEE_VERSION=$NEW_KEE_VERSION" >> $GITHUB_ENV | |
| sed -E 's/^(.*"version": ")(.*)("\,.*)/\1'"$NEW_KEE_VERSION"'\3/' package.json > package.json.tmp && mv package.json.tmp package.json | |
| - name: Setup | |
| run: | | |
| npm ci | |
| mkdir dist | |
| # We make sure that this version can build for production and we attach the | |
| # resulting artifacts to the GitHub release but we have to do the beta | |
| # version of Firefox last because we can't force web-ext to sign a specific XPI file | |
| # - it has to run the whole build again from scratch for some reason. | |
| - name: Build and package Chrome beta | |
| run: npm run build-chrome:beta && npm run pack-chrome:beta | |
| - name: Build and package Chrome production | |
| run: npm run build-chrome:prod && npm run pack-chrome:prod | |
| - name: Build and package production | |
| run: npm run build:prod && npm run pack:prod | |
| - name: Build and package beta | |
| run: npm run build:beta && npm run pack:beta | |
| # - name: Temp debug | |
| # run: | | |
| # ls -l dist | |
| # -rw-r--r-- 1 runner docker 3466243 Feb 2 19:22 extension-beta.xpi | |
| # -rw-r--r-- 1 runner docker 3517483 Feb 2 19:22 extension-beta.zip | |
| # -rw-r--r-- 1 runner docker 1544233 Feb 2 19:22 extension.xpi | |
| # -rw-r--r-- 1 runner docker 1559844 Feb 2 19:22 extension.zip | |
| # We have to do this type check after running the build | |
| # because Vite creates various type definitions we need | |
| - name: Compile Typescript | |
| run: npm run tsc | |
| # Disabled until MV3 rewrite | |
| # - name: Test | |
| # run: npm run test | |
| - name: Push git tag | |
| run: git push --tags | |
| - name: Checkout our beta update repo | |
| uses: actions/checkout@v3 | |
| with: | |
| # Repository name with owner. For example, actions/checkout | |
| repository: 'kee-org/browser-addon-updates' | |
| token: ${{ secrets.BETA_UPDATES_TOKEN }} | |
| # Whether to configure the token or SSH key with the local git config | |
| persist-credentials: false | |
| # Relative path under $GITHUB_WORKSPACE to place the repository | |
| path: browser-addon-updates | |
| - name: Sign Firefox Beta | |
| run: | | |
| mkdir dist/signed | |
| echo "Signing debug build..." | |
| npm run sign:xpi:beta | |
| echo "https://github.com/kee-org/browser-addon/releases/download/${NEW_KEE_VERSION}/kee_password_manager-${NEW_KEE_VERSION}beta-an+fx.xpi" > .downloadLinkKeeXPI | |
| echo "kee_password_manager-${NEW_KEE_VERSION}beta-an+fx.xpi" > .signedKeeXPI | |
| cat .downloadLinkKeeXPI | |
| cat .signedKeeXPI | |
| # Rename whatever file Mozilla download for us to match our expected format. | |
| # Will fail if they download more than one xpi file but we probably need to be aware of that change anyway! | |
| mv dist/signed/*.xpi "dist/signed/kee_password_manager-${NEW_KEE_VERSION}beta-an+fx.xpi" | |
| ./node_modules/.bin/faauv --update ./browser-addon-updates/beta/update.json --update-link $(cat .downloadLinkKeeXPI) dist/signed/$(cat .signedKeeXPI) | |
| echo "New update manifest follows" | |
| cd $GITHUB_WORKSPACE/browser-addon-updates | |
| git config user.name github-actions | |
| git config user.email [email protected] | |
| git add . | |
| git commit -m "Automatic release of new beta version" | |
| cd $GITHUB_WORKSPACE | |
| env: | |
| WEB_EXT_API_KEY: ${{ secrets.AMO_API_KEY }} | |
| WEB_EXT_API_SECRET: ${{ secrets.AMO_API_SECRET }} | |
| NEW_KEE_VERSION: ${{ env.NEW_KEE_VERSION }} | |
| - name: Release | |
| uses: softprops/action-gh-release@d4e8205d7e959a9107da6396278b2f1f07af0f9b | |
| with: | |
| name: ${{ env.NEW_KEE_VERSION }} | |
| tag_name: ${{ env.NEW_KEE_VERSION }} | |
| fail_on_unmatched_files: true | |
| prerelease: false | |
| body: "This is an automatically generated beta release. The first beta release for this major.minor version has been thoroughly tested; subsequent releases typically contain only new translations and occasional critical fixes with very limited scope. After beta testing this release may be promoted to a stable release. This message will be replaced if that happens. More information can be found at https://forum.kee.pm/t/versioning-and-releases/550 . To install this beta version into Firefox, make sure you select the signed .xpi file - not all the listed .xpi files are signed and a typical Firefox configuration will reject the unsigned versions. The exact name may vary but will contain the word beta and the file size will be slightly larger than the other .xpi files." | |
| files: | | |
| dist/**/*.xpi | |
| dist/**/*.zip | |
| - name: Publish the new release to Firefox beta users | |
| run: | | |
| cd $GITHUB_WORKSPACE/browser-addon-updates | |
| git push https://github-actions:[email protected]/kee-org/browser-addon-updates.git master | |
| env: | |
| BETA_UPDATES_TOKEN: ${{ secrets.BETA_UPDATES_TOKEN }} | |
| - name: Publish the new release to Chrome beta users | |
| uses: trmcnvn/chrome-addon@91e2d97f66f3ad0453b5ef8396094f0b63018659 | |
| with: | |
| extension: hlicbbodnlbbflfihnjjffnjeaoglici | |
| zip: "dist/extension-beta.zip" | |
| publish-target: trustedTesters | |
| client-id: ${{ secrets.CHROME_CLIENT_ID }} | |
| client-secret: ${{ secrets.CHROME_CLIENT_SECRET }} | |
| refresh-token: ${{ secrets.CHROME_REFRESH_TOKEN }} | |
| #TODO: Edge auto-deployment |