StackPrism v1.3.0 #17

Workflow file for this run

.github/workflows/release-extension.yml at 4ea2872

	name: 构建扩展并发布

	on:
	release:
	types:
	- published
	workflow_dispatch:
	inputs:
	release_tag:
	description: 已存在的 release tag，留空则自动按 manifest.json 版本拼成 v{version}
	required: false
	type: string

	permissions:
	contents: write

	jobs:
	package:
	name: 打包浏览器扩展
	runs-on: ubuntu-latest

	steps:
	- name: 检出仓库
	uses: actions/checkout@v4

	- name: 安装 pnpm
	uses: pnpm/action-setup@v4
	with:
	version: 10

	- name: 安装 Node
	uses: actions/setup-node@v4
	with:
	node-version: 20
	cache: pnpm

	- name: 安装依赖
	run: pnpm install --frozen-lockfile

	- name: 构建扩展
	run: pnpm run build

	- name: 读取版本号并校验
	id: meta
	shell: bash
	env:
	EVENT_TAG: ${{ github.event.release.tag_name }}
	INPUT_TAG: ${{ inputs.release_tag }}
	run: \|
	set -euo pipefail

	version="$(node -p "require('./dist/manifest.json').version")"
	tag="${EVENT_TAG:-${INPUT_TAG:-}}"

	if [ -z "$tag" ]; then
	tag="v${version}"
	fi

	normalized_tag="${tag#v}"
	if [ "$normalized_tag" != "$version" ]; then
	echo "::error::Release tag $tag 与 dist/manifest.json 中的版本号 $version 不一致。"
	exit 1
	fi

	echo "version=$version" >> "$GITHUB_OUTPUT"
	echo "tag=$tag" >> "$GITHUB_OUTPUT"
	echo "zip_name=stackprism-v${version}.zip" >> "$GITHUB_OUTPUT"
	echo "crx_name=stackprism-v${version}.crx" >> "$GITHUB_OUTPUT"

	- name: 打包 zip
	shell: bash
	run: \|
	set -euo pipefail
	mkdir -p release
	(
	cd dist
	zip -r "../release/${{ steps.meta.outputs.zip_name }}" .
	)
	sha256sum "release/${{ steps.meta.outputs.zip_name }}" > "release/${{ steps.meta.outputs.zip_name }}.sha256"

	- name: 签名 crx
	id: crx
	shell: bash
	env:
	EXTENSION_PRIVATE_KEY: ${{ secrets.EXTENSION_PRIVATE_KEY }}
	run: \|
	set -euo pipefail
	if [ -z "${EXTENSION_PRIVATE_KEY:-}" ]; then
	echo "::warning::secrets.EXTENSION_PRIVATE_KEY 未配置，跳过 crx 生成。zip 仍会上传。"
	echo "skipped=true" >> "$GITHUB_OUTPUT"
	exit 0
	fi
	printf '%s' "$EXTENSION_PRIVATE_KEY" > extension.pem
	npx --yes crx3 --keyPath extension.pem --crxPath "release/${{ steps.meta.outputs.crx_name }}" dist
	sha256sum "release/${{ steps.meta.outputs.crx_name }}" > "release/${{ steps.meta.outputs.crx_name }}.sha256"
	rm -f extension.pem
	echo "skipped=false" >> "$GITHUB_OUTPUT"

	- name: 上传产物到 release
	shell: bash
	env:
	GH_TOKEN: ${{ github.token }}
	run: \|
	set -euo pipefail
	assets=(
	"release/${{ steps.meta.outputs.zip_name }}"
	"release/${{ steps.meta.outputs.zip_name }}.sha256"
	)
	if [ -f "release/${{ steps.meta.outputs.crx_name }}" ]; then
	assets+=(
	"release/${{ steps.meta.outputs.crx_name }}"
	"release/${{ steps.meta.outputs.crx_name }}.sha256"
	)
	fi
	gh release upload "${{ steps.meta.outputs.tag }}" "${assets[@]}" --clobber

	- name: 归档产物
	uses: actions/upload-artifact@v4
	with:
	name: stackprism-v${{ steps.meta.outputs.version }}
	path: release/

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

StackPrism v1.3.0 #17

Workflow file

StackPrism v1.3.0 #17

Uh oh!

Workflow file for this run