问题
I have a signed addon that I use personally but would like to experiment with making it distributable via AMO. I have already uploaded the initial version through the Developer Hub, and I'm now hoping to be able to include an automated release through a CI pipeline.
I've been investigating how to do this for a while now, having found this article and API doc but haven't had much luck. I'm definitely able to connect with my JWT properly, as I get either a 301 (I assume this is because the API described in the article has been changed in the last two years) but then a 400 when I follow the redirects.
Every request returns Missing "upload" key in multipart file data. I believe this is to do with the endpoint being a PUT but expecting a multipart form (all my research points to this being supported by POST only). I've tried several different approaches, both with cURL and with various Python libraries - including PyCurl to try and use the multipart in a POST request and override only the method to PUT - but just don't seem to be getting anywhere.
I haven't been able to find any recent documentation on this, as the older articles imply it's a deprecated API but the newer docs don't seem to have the answers I'm looking for. Issues like this one suggest it's still possible, and I've seen mention of web-ext but I think I'm just missing how to put the pieces together.
My request is:
curl -XPUT https://addons.mozilla.org/api/v3/addons/{myId}/versions/0.2 -F 'upload=../toolbox.api' -H 'Authorization: JWT <myToken>' -v -L
Has anyone tried to do this and have any advice on how to move forward? Or conversely know that it's definitely not possible?
Thanks in advance!
回答1:
You can use the node.js based command web-ext to sign extensions from command line.
Like with the curl approach you obtain the issuer/secret, then use those as given arguments or environment variables:
web-ext sign --api-key=$AMO_JWT_ISSUER --api-secret=$AMO_JWT_SECRET
If you need to use a proxy:
web-ext sign --api-key=... --api-secret=... --api-proxy=https://yourproxy:6000
Please see the linked article for details (and its other features).
来源:https://stackoverflow.com/questions/47700508/is-there-an-api-for-mozilla-for-updating-signed-addons