Publish extension via Github Actions

[mocanew]

Fixes #158, #61

Scheduled Github actions on public repositories are disabled after 60 days of repo inactivity. To keep the Google token scheduled action active, gautamkrishnar/keepalive-workflow will create a commit on master after 50 days of inactivity.

Since the Chrome web store may require multiple retries, workflow_dispatch was used as workflow_call is allowed to have only 4 nested calls (retries in our case).

Here's what repo settings need to be made for these workflows to work (securely):

1. Add Protected tags rule for v* here
2. Add Branch protection rule for master here (make sure Require a pull request before merging is disabled as this will block gautamkrishnar/keepalive-workflow)
   • I strongly recommend enabling Restrict who can push to matching branches for the master branch if it's not already on
3. Create "12hoursDelay" environment
   • make sure to select "Select Wait timer" with 720 minutes of wait time
4. Set the following secrets:

Github

• secrets required:
  • WORKFLOWS_TOKEN: A GitHub access token (personal access tokens) with write access to the repo. The automatically provided token e.g. ${{ secrets.GITHUB_TOKEN }} can not be used as GitHub prevents this token from being able to fire the workflow_dispatch.

Firefox Add-ons

Get Firefox Add-ons keys

• secrets required:
  • FF_EXTENSION_ID - extension's page at Add-on Developer Hub in the "Technical Details" section
  • FF_JWT_ISSUER
  • FF_JWT_SECRET

Chrome Web Store

Get Google API Keys

• secrets required:
  • G_CLIENT_ID
  • G_CLIENT_SECRET
  • G_REFRESH_TOKEN

---

I've done no testing, but the workflows were adapted from the article mentioned in a previous comment, so I expect it to work with minimal troubleshooting.

[OsaSoft]

• [x] Add Protected tags rule
• [x] Add Branch protection rule
• [x] Create "12hoursDelay" environment
• [x] Set secrets