feat: web-ext sign now supports extensions without explicit IDs
#340
Conversation
|
If I sign the add-on a second (or third or whatever) time, how do I specify the add-on id? Do I have to change the manifest, or could I specify an id on the command line as an argument? |
|
Hmm, good point. As it stands now, each time you run the sign command it will create a new add-on which will start to make your DevHub add-on list pretty unbearable. |
|
Good catch @andymckay ✋ fixed |
kumar303
force-pushed
the
sign-without-id
branch
2 times, most recently
from
32df77a to
b0f238a
Compare
| .then(({buildResult, manifestData}) => { | ||
| const manifestId = getManifestId(manifestData); | ||
| if (id && manifestId) { | ||
| log.warn(`Overriding manifest.json ID: ${id}`); |
There was a problem hiding this comment.
@kumar303 How about Overriding manifest.json ID "${id}" with "${manifestId}"?
|
@kumar303 how about the following tweak to the strategy used for signing the updates of an add-on without an extension id in the manifest?
|
|
Per our IRC conversation, I checked what AMO does in the case of a manifest.json and custom declared ID. It chooses the manifest.json ID so I made |
|
BTW, this is testable on https://addons-dev.allizom.org like |
|
@rpl really great idea about remembering the auto-generated ID! I added this feature. What it does is save a file to the artifacts directory. It will re-use the file if it exists but only as a fallback. Let me know how it looks. |
| .then((signingResult) => { | ||
| // All information about the downloaded files would have | ||
| // already been logged by signAddon(). | ||
| log.info(signingResult.success ? 'SUCCESS' : 'FAIL'); | ||
| if (signingResult.success) { | ||
| log.info(`Extension ID: ${signingResult.id}`); |
There was a problem hiding this comment.
@kumar303 at line 74, it seems to me that in some cases the id property can be missing from the signingResult (my guess is that it could happen when the extension id is assigned statically in the manifest.json), and in that case the above line is going to print a "Extension ID: undefined" log, which can be confusing for the the user.
If the above assumptions are true, we can probably tweak it a bit, to ensure that it is going to always print a log which contains the id (even if it is the same statically assigned in the manifest.json)
There was a problem hiding this comment.
Did you install the latest sign-addon from this branch into web-ext? mozilla/sign-addon#114 What you're describing is the behavior before that patch is applied but not after.
|
@kumar303 besides the above comment (and the doubt below), this PR looks great now! My only remaining doubt is potential side-effects of saving the auto-generated ID in the "artifact dir vs the project root": my feeling is that is some cases, the addon developer is going to have its own building steps (e.g. for babel, webpack or browserify etc.) and it is pretty common that one of those building steps could remove the entire artifact dir (e.g. at every full rebuild), and the saved auto-generated ID will be lost (and a new one will be generated on the next Given that the auto-generated ID is not a sensible information (and any user can get the addon id on an existent add-on pretty easily), I will probably prefer if it could be saved as an hidden file in the root of the project, because it ensures that it will not be removed by a build automation script (and by making it an hidden file, It is probably even reasonable to assume that the addon developer wants to add and commit the hidden file in the repository of the add-on sources, so that any of the developer that should be able to re-sign the addon will have access to the currently assigned id (but it can be overriden from the command line, if they need to test it as a separate add-on) |
|
Ah, true, good point. I will make it a hidden file in the source dir. I was a little unsure about this when working on it. I think the artifacts dir is more ephemeral. |
kumar303
force-pushed
the
sign-without-id
branch
2 times, most recently
from
a62dda4 to
a3b56f3
Compare
|
@kumar303 this PR looks great r+ |
kumar303
force-pushed
the
sign-without-id
branch
3 times, most recently
from
c8978c5 to
f911460
Compare
Supports #178
This feature also requires the patch from mozilla/sign-addon#114