Open imjasonh opened 2 years ago
https://github.com/Klemensas/chrome-extension-upload-action seems to work, but requires passing in a long-lived refresh token and(/or?) client secret. Instead, we could try to use Workload Identity support in https://github.com/google-github-actions/auth to get a configured SA's short-lived access token, then use that to publish using the Publish API: https://developer.chrome.com/docs/webstore/using_webstore_api/
The result would be a bit more upfront setup, but shorter-lived tokens and nothing stored in GitHub secrets.
https://github.com/Klemensas/chrome-extension-upload-action seems to work, but requires passing in a long-lived refresh token and(/or?) client secret. Instead, we could try to use Workload Identity support in https://github.com/google-github-actions/auth to get a configured SA's short-lived access token, then use that to publish using the Publish API: https://developer.chrome.com/docs/webstore/using_webstore_api/
The result would be a bit more upfront setup, but shorter-lived tokens and nothing stored in GitHub secrets.