mozilla
/
price-tracker
зеркало из https://github.com/mozilla/price-tracker.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Fix #119: Sign and upload XPI to S3 on tag.

This commit is contained in:
Michael Kelly 2018-10-02 16:28:01 -07:00
Родитель a428362fc4
Коммит ca4caf8c78
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 972176E09570E68A
6 изменённых файлов: 256 добавлений и 25 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

50
.circleci/config.yml
Просмотреть файл

@ -32,3 +32,53 @@ jobs:
path: web-ext-artifacts
- store_artifacts:
path: gecko.log
- persist_to_workspace:
root: web-ext-artifacts
paths:
- "*.zip"
deploy:
docker:
- image: circleci/python:2.7-node-browsers
steps:
- checkout
- attach_workspace:
at: web-ext-artifacts
- run:
name: Store XPI name in environment variable
command: |
echo 'export XPI_NAME=firefox_shopping-${CIRCLE_TAG:1}' >> $BASH_ENV
- run:
name: Install dependencies
command: |
pipenv install
- run:
name: Sign XPI
command: |
curl -v \
-F "input=@web-ext-artifacts/${XPI_NAME}.zip" \
-o "web-ext-artifacts/${XPI_NAME}-signed.xpi" \
-H "Authorization: ${AUTOGRAPH_EDGE_TOKEN}" \
${AUTOGRAPH_EDGE_URL}
- run:
name: Upload XPI to S3
command: .circleci/deploy_addon.sh
- store_artifacts:
path: web-ext-artifacts
workflows:
version: 2
build-deploy:
jobs:
- build: # runs for every branch/PR + tag
filters:
tags:
only: /.*/
- deploy: # runs only for tags starting with v
requires:
- build
filters:
tags:
only: /^v.*/
branches:
ignore: /.*/

51
.circleci/deploy_addon.sh Executable file
Просмотреть файл

@ -0,0 +1,51 @@
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
# Adapted from clouserw's script for publishing add-ons to Test Pilot from
# Jenkins.
set -e
ADDON_ID="shopping-testpilot@mozilla.org"
ADDON_VERSION=${CIRCLE_TAG}
ADDON_FILE="web-ext-artifacts/firefox_shopping-${ADDON_VERSION}-signed.xpi"
test -f $ADDON_FILE
MAX_AGE=30 # We can up this at some point, but keeping it low while we work out the kinks
# shared headers
HPKP='"public-key-pins": "max-age=5184000; pin-sha256=\"WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18=\"; pin-sha256=\"r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=\"; pin-sha256=\"YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg=\"; pin-sha256=\"sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis=\""'
HSTS='"strict-transport-security": "max-age=31536000; includeSubDomains; preload"'
TYPE='"x-content-type-options": "nosniff"'
# sha256sum won't output *just* the hash, gotta extract it from the first column
HASH="$(sha256sum $ADDON_FILE|cut -d' ' -f1)"
# headers just for latest
LATEST="\"x-target-digest\": \"sha256:$HASH\", \"location\": \"/files/$ADDON_ID/$ADDON_FILE\""
# latest is an empty file with headers
: > latest
pipenv run python -m json.tool << EOF > updates.json
{
"addons": {
"$ADDON_ID": {
"updates": [
{ "version": "$ADDON_VERSION",
"update_link": "https://testpilot.firefox.com/files/$ADDON_ID/latest",
"update_hash": "sha256:$HASH" }
]
}
}
}
EOF
S3PATH="s3://$AWS_S3_BUCKET/$ADDON_ID"
S3CMD="pipenv run aws s3 cp --metadata-directive REPLACE --cache-control max-age=$MAX_AGE --content-type"
$S3CMD text/html --metadata "{$HPKP, $HSTS, $TYPE, $LATEST}" latest $S3PATH/
$S3CMD application/json --metadata "{$HPKP, $HSTS, $TYPE}" updates.json $S3PATH/
$S3CMD application/x-xpinstall --metadata "{$HPKP, $HSTS, $TYPE}" $ADDON_FILE $S3PATH/signed-addon.xpi
# just in case we need to reference an old add-on for some reason we store them in /archive/...
$S3CMD application/x-xpinstall --metadata "{$HPKP, $HSTS, $TYPE}" $ADDON_FILE $S3PATH/archive/signed-addon-${ADDON_VERSION}.xpi

1
Pipfile
Просмотреть файл

@ -10,6 +10,7 @@ click = "*"
marionette-client = "*"
mozdownload = "*"
mozinstall = "*"
awscli = "*"
[requires]
python_version = "2.7"

173
Pipfile.lock сгенерированный
Просмотреть файл

@ -1,7 +1,7 @@
{
"_meta": {
"hash": {
"sha256": "5b6ba8e19281de5fdd31b2ced1fd9ece5591aacea4e432fe021c473d60657f61"
"sha256": "9665b97416a3a6c4200a2b81f63e00e675dd24bf8c5ddfb24dbae4eb37284a4c"
},
"pipfile-spec": 6,
"requires": {
@ -16,6 +16,14 @@
]
},
"default": {
"awscli": {
"hashes": [
"sha256:2315b5c073916811fff6af0f09f8dd8aa0d5bf875320ce92492b078fe398e481",
"sha256:8986135d67445ca5eddbf6ba7bd0aa60ada7b87f1eb5c33e99afd6c1593d1dff"
],
"index": "pypi",
"version": "==1.16.26"
},
"blessings": {
"hashes": [
"sha256:98e5854d805f50a5b58ac2333411b0482516a8210f23f43308baeb58d77c157d",
@ -24,6 +32,13 @@
],
"version": "==1.7"
},
"botocore": {
"hashes": [
"sha256:1a80610b35a85825224e34c48e3d47660c728f63b8ab0c5a0ca49629686e2f41",
"sha256:1f4f69e1403462c2d37967ce4bbdd0affe90e8a91899a340e59ee952552c5b09"
],
"version": "==1.12.16"
},
"browsermob-proxy": {
"hashes": [
"sha256:5f0e72767938d268999f1b56b0e8ff01cecd051bb868637ff550e25495cc840b",
@ -34,10 +49,10 @@
},
"certifi": {
"hashes": [
"sha256:13e698f54293db9f89122b0581843a782ad0934a4fe0172d2a980ba77fc61bb7",
"sha256:9fa520c1bacfb634fa7af20a76bcbd3d5fb390481724c597da32c719a7dca4b0"
"sha256:376690d6f16d32f9d1fe8932551d80b23e9d393a8578c5633a2ed39a64861638",
"sha256:456048c7e371c089d0a77a5212fb37a2c2dce1e24146e3b7e0261736aaeaa22a"
],
"version": "==2018.4.16"
"version": "==2018.8.24"
},
"chardet": {
"hashes": [
@ -48,11 +63,65 @@
},
"click": {
"hashes": [
"sha256:29f99fc6125fbc931b758dc053b3114e55c77a6e4c6c3a2674a2dc986016381d",
"sha256:f15516df478d5a56180fbf80e68f206010e6d160fc39fa508b65e035fd75130b"
"sha256:2335065e6395b9e67ca716de5f7526736bfa6ceead690adf616d925bdc622b13",
"sha256:5b94b49521f6456670fdb30cd82a4eca9412788a93fa6dd6df72c94d5a8ff2d7"
],
"index": "pypi",
"version": "==6.7"
"version": "==7.0"
},
"colorama": {
"hashes": [
"sha256:463f8483208e921368c9f306094eb6f725c6ca42b0f97e313cb5d5512459feda",
"sha256:48eb22f4f8461b1df5734a074b57042430fb06e1d61bd1e11b078c0fe6d7a1f1"
],
"version": "==0.3.9"
},
"docutils": {
"hashes": [
"sha256:02aec4bd92ab067f6ff27a38a38a41173bf01bed8f89157768c1573f53e474a6",
"sha256:51e64ef2ebfb29cae1faa133b3710143496eca21c530f3f71424d77687764274",
"sha256:7a4bd47eaf6596e1295ecb11361139febe29b084a87bf005bf899f9a42edc3c6"
],
"version": "==0.14"
},
"enum34": {
"hashes": [
"sha256:2d81cbbe0e73112bdfe6ef8576f2238f2ba27dd0d55752a776c41d38b7da2850",
"sha256:644837f692e5f550741432dd3f223bbb9852018674981b1664e5dc339387588a",
"sha256:6bd0f6ad48ec2aa117d3d141940d484deccda84d4fcd884f5c3d93c23ecd8c79",
"sha256:8ad8c4783bf61ded74527bffb48ed9b54166685e4230386a9ed9b1279e2df5b1"
],
"markers": "python_version == '2.7' or python_version == '3.3'",
"version": "==1.1.6"
},
"futures": {
"hashes": [
"sha256:9ec02aa7d674acb8618afb127e27fde7fc68994c0437ad759fa094a574adb265",
"sha256:ec0a6cb848cc212002b9828c3e34c675e0c9ff6741dc445cab6fdd4e1085d1f1"
],
"markers": "python_version == '2.6' or python_version == '2.7'",
"version": "==3.2.0"
},
"h2": {
"hashes": [
"sha256:4be613e35caad5680dc48f98f3bf4e7338c7c429e6375a5137be7fbe45219981",
"sha256:b2962f883fa392a23cbfcc4ad03c335bcc661be0cf9627657b589f0df2206e64"
],
"version": "==3.0.1"
},
"hpack": {
"hashes": [
"sha256:0edd79eda27a53ba5be2dfabf3b15780928a0dff6eb0c60a3d6767720e970c89",
"sha256:8eec9c1f4bfae3408a3f30500261f7e6a65912dc138526ea054f9ad98892e9d2"
],
"version": "==3.0.0"
},
"hyperframe": {
"hashes": [
"sha256:87567c9eb1540de1e7f48805adf00e87856409342fdebd0cd20cf5d381c38b69",
"sha256:a25944539db36d6a2e47689e7915dcee562b3f8d10c6cdfa0d53c91ed692fb04"
],
"version": "==5.1.0"
},
"idna": {
"hashes": [
@ -61,6 +130,13 @@
],
"version": "==2.7"
},
"jmespath": {
"hashes": [
"sha256:6a81d4c9aa62caf061cb517b4d9ad1dd300374cd4706997aff9cd6aedd61fc64",
"sha256:f11b4461f425740a1d908e9a3f7365c3d2e569f6ca68a2ff8bc5bcd9676edd63"
],
"version": "==0.9.3"
},
"manifestparser": {
"hashes": [
"sha256:adb0c58b8811711fc2220cb23620b7cd1fb7f61124cc61e2e54c592f90919619"
@ -99,17 +175,17 @@
},
"mozdevice": {
"hashes": [
"sha256:c3c50219127e36c171f84b2427e8fcf3a85457f336559aead9770b2a27fbc4b6"
"sha256:fec783339e5f229f779febf6037d456a1c2183c1f79e32d7ccdd8aa7c76969dc"
],
"version": "==1.0.0"
"version": "==1.1.1"
},
"mozdownload": {
"hashes": [
"sha256:5ca97e858e6fc0a37188ff72d0029e8b372e4b8d41181833281f718fa62c1ea9",
"sha256:efdcbc7e84b4a292c855c2753c659b19d018e3e2669b1f538e09b9c6f9a80f9b"
"sha256:3de5405d117e0900e381395dcb037aa1539a607b1ca104d207aaae4195ca053a",
"sha256:7c1841b03ee5312a8647945f973c8177fb4b79a7ae48e24e6eac94ac7758a7eb"
],
"index": "pypi",
"version": "==1.23"
"version": "==1.24"
},
"mozfile": {
"hashes": [
@ -155,18 +231,18 @@
},
"mozprofile": {
"hashes": [
"sha256:25ffe505b9839ec8d044ddf7d829c21ad8618d1ae0e1e3a7e1278b3c5d1f1bb2",
"sha256:aa7fe7248719a224dd63cdc0498c9971d07cfc62fee7a69f51d593316b6bc1d8"
"sha256:c8199a4dd30dfced4ae35250252828aa8f770d70878d85ea5ab665a5d3fb8631",
"sha256:ddd3a27ea004d56f2020fe4ee70a897b3adc584c33f28089c5d6870828f4ed66"
],
"markers": "python_version >= '2.7' and python_version != '3.0.*' and python_version != '3.1.*' and python_version != '3.2.*' and python_version != '3.3.*'",
"version": "==1.1.0"
"version": "==2.0.0"
},
"mozrunner": {
"hashes": [
"sha256:a4e3d532d1d7eb34b6332e0568612ebac3f56da849894005b3dbe68968e5d292"
"sha256:de57ecb3644928f2eb315c4989227e7bc14fb129b509db58845eb4e6a60058d3"
],
"markers": "python_version >= '2.7' and python_version != '3.0.*' and python_version != '3.1.*' and python_version != '3.2.*' and python_version != '3.3.*'",
"version": "==7.0.1"
"version": "==7.1.0"
},
"mozterm": {
"hashes": [
@ -190,11 +266,50 @@
"markers": "python_version >= '2.7' and python_version != '3.0.*' and python_version != '3.1.*' and python_version != '3.2.*' and python_version != '3.3.*'",
"version": "==1.5"
},
"progressbar": {
"progressbar2": {
"hashes": [
"sha256:b2d38a729785149e65323381d2e6fca0a5e9615a6d8bcf10bfa8adedfc481254"
"sha256:84cb2b81274e9d83a952dc4517f953fbaf1e040b90638e68d54fc18e7dd47030",
"sha256:d209f8c13672724bbb7bbf76e7ffedaa0bcdac32dc8db68a627bbabfd6c75de0"
],
"version": "==2.3"
"version": "==3.38.0"
},
"pyasn1": {
"hashes": [
"sha256:b9d3abc5031e61927c82d4d96c1cec1e55676c1a991623cfed28faea73cdd7ca",
"sha256:f58f2a3d12fd754aa123e9fa74fb7345333000a035f3921dbdaa08597aa53137"
],
"version": "==0.4.4"
},
"python-dateutil": {
"hashes": [
"sha256:1adb80e7a782c12e52ef9a8182bebeb73f1d7e24e374397af06fb4956c8dc5c0",
"sha256:e27001de32f627c22380a688bcc43ce83504a7bc5da472209b4c70f02829f0b8"
],
"markers": "python_version >= '2.7'",
"version": "==2.7.3"
},
"python-utils": {
"hashes": [
"sha256:34aaf26b39b0b86628008f2ae0ac001b30e7986a8d303b61e1357dfcdad4f6d3",
"sha256:e25f840564554eaded56eaa395bca507b0b9e9f0ae5ecb13a8cb785305c56d25"
],
"version": "==2.3.0"
},
"pyyaml": {
"hashes": [
"sha256:3d7da3009c0f3e783b2c873687652d83b1bbfd5c88e9813fb7e5b03c0dd3108b",
"sha256:3ef3092145e9b70e3ddd2c7ad59bdd0252a94dfe3949721633e41344de00a6bf",
"sha256:40c71b8e076d0550b2e6380bada1f1cd1017b882f7e16f09a65be98e017f211a",
"sha256:558dd60b890ba8fd982e05941927a3911dc409a63dcb8b634feaa0cda69330d3",
"sha256:a7c28b45d9f99102fa092bb213aa12e0aaf9a6a1f5e395d36166639c1f96c3a1",
"sha256:aa7dd4a6a427aed7df6fb7f08a580d68d9b118d90310374716ae90b710280af1",
"sha256:bc558586e6045763782014934bfaf39d48b8ae85a2713117d16c39864085c613",
"sha256:d46d7982b62e0729ad0175a9bc7e10a566fc07b224d2c79fafb5e032727eaa04",
"sha256:d5eef459e30b09f5a098b9cea68bebfeb268697f78d647bd255a085371ac7f3f",
"sha256:e01d3203230e1786cd91ccfdc8f8454c8069c91bee3962ad93b87a4b2860f537",
"sha256:e170a9e6fcfd19021dd29845af83bb79236068bf5fd4df3327c1be18182b2531"
],
"version": "==3.13"
},
"redo": {
"hashes": [
@ -218,6 +333,20 @@
"markers": "python_version != '3.2.*' and python_version != '3.3.*' and python_version != '3.0.*' and python_version != '3.1.*' and python_version < '4' and python_version >= '2.6'",
"version": "==1.0.0"
},
"rsa": {
"hashes": [
"sha256:25df4e10c263fb88b5ace923dd84bf9aa7f5019687b5e55382ffcdb8bede9db5",
"sha256:43f682fea81c452c98d09fc316aae12de6d30c4b5c84226642cf8f8fd1c93abd"
],
"version": "==3.4.2"
},
"s3transfer": {
"hashes": [
"sha256:90dc18e028989c609146e241ea153250be451e05ecc0c2832565231dacdf59c1",
"sha256:c7a9ec356982d5e9ab2d4b46391a7d6a950e2b04c472419f5fdec70cc0ada72f"
],
"version": "==0.1.13"
},
"six": {
"hashes": [
"sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9",
@ -242,9 +371,9 @@
},
"wptserve": {
"hashes": [
"sha256:ef6aa5ca7c7cc802129eefab773172fac49281e50b34352a311d06426f237866"
"sha256:9d0c6adc279748abea81ac12b7a2cac97ebbdd87826dc11f6dbd85b781e9442a"
],
"version": "==1.4.0"
"version": "==2.0"
}
},
"develop": {}

2
src/manifest.json
Просмотреть файл

@ -5,7 +5,7 @@
"description": "",
"applications": {
"gecko": {
"id": "commerce@mozilla.org"
"id": "shopping-testpilot@mozilla.org"
}
},
"icons": {

4
webpack.config.js
Просмотреть файл

@ -13,7 +13,7 @@ const CopyWebpackPlugin = require('copy-webpack-plugin');
const GenerateJsonPlugin = require('generate-json-webpack-plugin');
const packageData = require('./package.json');
const manifest = require('./src/manifest.json');
const manifestTemplate = require('./src/manifest.json');
const BUILD_DIR = path.resolve(__dirname, 'build');
@ -74,7 +74,7 @@ module.exports = {
// Process and emit manifest.json, replacing any values that start with $
// with the corresponding key from package.json.
new GenerateJsonPlugin('manifest.json', manifest, (key, value) => {
new GenerateJsonPlugin('manifest.json', manifestTemplate, (key, value) => {
if (typeof value === 'string' && value.startsWith('$')) {
const parts = value.slice(1).split('.');
let object = packageData;