Merge pull request #924 from DarkFlorist/mismatching-tokens #105
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: | |
| push: | |
| tags: | |
| - 'v\d+\.\d+\.\d+' | |
| jobs: | |
| release: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/[email protected] | |
| with: | |
| fetch-depth: 0 | |
| - name: Derive Tag Name And Populate version.ts | |
| id: derive_tag | |
| run: | | |
| VERSION_FILE=app/ts/version.ts | |
| MANIFEST_V2_FILE=app/manifestV2.json | |
| MANIFEST_V3_FILE=app/manifestV3.json | |
| GIT_COMMIT_SHA="${{ github.sha }}" | |
| TAG=$(basename "${{ github.ref }}") | |
| VERSION=${TAG#v} | |
| echo "TAG=$TAG" >> $GITHUB_OUTPUT | |
| echo export const gitCommitSha = \"$GIT_COMMIT_SHA\" > $VERSION_FILE | |
| echo export const version = \"$VERSION\" >> $VERSION_FILE | |
| sed -i -e '/"version"/c\\t"version": "'$VERSION'",' -e '/^\t*\/\//d' $MANIFEST_V2_FILE $MANIFEST_V3_FILE | |
| zip source.zip -r . -x '*.git*' -x source.zip | |
| - name: Build Extension | |
| working-directory: ./ | |
| run: | | |
| docker image build --tag interceptor-extension . | |
| docker container create --name temp interceptor-extension | |
| docker container cp temp:/interceptor-firefox.zip . | |
| docker container cp temp:/interceptor-chrome.zip . | |
| docker container rm temp | |
| - name: Create Release | |
| id: create_release | |
| uses: actions/create-release@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| tag_name: ${{ steps.derive_tag.outputs.TAG }} | |
| release_name: ${{ steps.derive_tag.outputs.TAG }} | |
| draft: false | |
| prerelease: false | |
| - name: Upload Chrome Extension to Release | |
| uses: actions/[email protected] | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| asset_path: ./interceptor-chrome.zip | |
| asset_name: interceptor-chrome-${{ steps.derive_tag.outputs.TAG }}.zip | |
| asset_content_type: application/zip | |
| - name: Upload Firefox Extension to Release | |
| uses: actions/[email protected] | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| asset_path: ./interceptor-firefox.zip | |
| asset_name: interceptor-firefox-${{ steps.derive_tag.outputs.TAG }}.zip | |
| asset_content_type: application/zip | |
| - name: Upload Source to Release | |
| uses: actions/[email protected] | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| asset_path: ./source.zip | |
| asset_name: source-${{ steps.derive_tag.outputs.TAG }}.zip | |
| asset_content_type: application/zip | |
| - name: Save Artifacts for Upload Jobs | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: artifacts | |
| path: | | |
| app/manifestV2.json | |
| app/manifestV3.json | |
| interceptor-firefox.zip | |
| interceptor-chrome.zip | |
| approve1: | |
| runs-on: ubuntu-latest | |
| environment: Approve1 | |
| needs: release | |
| steps: | |
| - name: No Op | |
| id: no_op | |
| run: | | |
| echo Do Nothing | |
| approve2: | |
| runs-on: ubuntu-latest | |
| environment: Approve2 | |
| needs: release | |
| steps: | |
| - name: No Op | |
| id: no_op | |
| run: | | |
| echo Do Nothing | |
| upload: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - approve1 | |
| - approve2 | |
| steps: | |
| - uses: actions/github-script@v4 | |
| with: | |
| script: | | |
| // Get the approvals for this run | |
| const approvals = await github.request('GET /repos/{owner}/{repo}/actions/runs/{run_id}/approvals', { | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| run_id: context.runId | |
| }) | |
| const users = approvals.data.filter(approval => approval.user.type === 'User') | |
| const distinctUsernames = Array.from(new Set(users.map(user => user.user.login))) | |
| // Empty check | |
| if (distinctUsernames.length < 2){ | |
| core.setFailed(`Did not receive the required 2 distinct approvals for this deployment. Approved Users: ${distinctUsernames.join(",")}`); | |
| return; | |
| } | |
| - name: Load Artifacts from Release Job | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: artifacts | |
| - name: Upload Firefox extension to mozilla addon | |
| uses: DarkFlorist/firefox-addon@v1-body-size-increase | |
| with: | |
| uuid: '{3c236fbc-9114-43ed-a224-0cd1834aec4d}' | |
| xpi: ./interceptor-firefox.zip | |
| manifest: ./app/manifestV2.json | |
| api-key: ${{ secrets.MOZILLA_ADDON_USER }} | |
| api-secret: ${{ secrets.MOZILLA_ADDON_SECRET }} |