@hemulit/cws-publish v1.0.5
CWS Publish
This package lets you upload chrome extension (.zip) to Chrome Web Store using continuous integration.
This package exists because chrome web store is not an existing travis-ci deploy target, and the scripts that do exist to manage this process are meant for running from CLI locally.
Table of Contents
1 Usage
npm install --save-dev @hemulit/cws-publishin .travis.yml:
A) if you want to upload your release as a draft - manual publish from developer console is still required:
after_deploy:
- npx cws-upload $client_id $client_secret $refresh_token ZIP_FILE EXTENSION_IDB) if you want immediately publish your release:
after_deploy:
- npx cws-publish $client_id $client_secret $refresh_token ZIP_FILE EXTENSION_IDC) if you want immediately publish your release to TESTERS:
after_deploy:
- npx cws-publish $client_id $client_secret $refresh_token ZIP_FILE EXTENSION_ID --testers2 Inputs
| Required params | Instructions | Type |
|---|---|---|
$client_id | see 2.1 | ENV vars |
$client_secret | see 2.1 | ENV vars |
$refresh_token | see 2.1 | ENV vars |
ZIP_FILE | see 2.2 | String |
EXTENSION_ID | see 2.3 | String |
2.1 Obtaining Google API Credentials
Instructions on how to obtain these values are explained step-by-step in this guide:
https://developer.chrome.com/webstore/using_webstore_api#beforeyoubegin
The general process is:
1. Enable Chrome Web Store API in Google API Console
2. Create OAuth Credentials in Google Console - this will generate $client id and $client_secret
3. Authorize Chrome Web Store API - from here you get the $refresh_token
Once you have $client_id $client_secret and $refresh_token save them as environment variables in you CI project settings.
NEVER share these values with anyone or commit them to your repository!
2.2 Obtaining ZIP_FILE
Generating a zip file is outside the scope of this package. It is assumed that you have already generated a zip file during previous build steps. Please see for example gulp-zip for instructions if necessary.
Once you know the location of the zip file, update your .travis.yml command and replace ZIP_FILE with path to file.
If you file is located in the root directory the value could be for example ./my_extension.zip
2.3 Obtaining EXTENSION_ID
Go to chrome web store developer console and click "More info".
Copy the item id and paste it to your .travis.yml command to replace EXTENSION_ID.
3 Advanced Usage Options
Run the deploy script based on a condition, for example to only run on tagged commits:
after_deploy:
- if [ ! -z "$TRAVIS_TAG" ]; then npx cws-upload $client_id $client_secret $refresh_token ZIP_FILE EXTENSION_ID; fi4 Random Notes
Comments on API authentication
While creating this package, I explored many alternative ways to authenticate. Here is what I found out.
Q1: Can I use an API key to access chrome web store API?
This would be super easy to set up and ideal for CI, but the answer is no. See for example API Keys. When dealing with private user data simple access key will not suffice.
Q2: Can I use service account to access chrome web store API?
This would also be great for CI, but the answer is it depends. You can set up service account. You can get the necessary access tokens, but you can only impersonate a developer user if you are using G suite business account. Since that costs money and I don't have such account I was unable to test this but supposedly it works for G suite users. If your google developer account is a regular gmail account then no you cannot use service account here.
This ultimately leaves us with doing the oauth 2.0 dance to obtain the necessary credentials. It is quite a mess but luckily you only need to do it once. You can use the same credentials for all your extension projects.
References
- Building command line tools with Node.js - super helpful guide on how to write cli node packages
- Chrome Webstore Api Reference