Open Bug 1261142 Opened 9 years ago Updated 3 years ago

Create a mach command to facilitate signing addons

Categories

(Testing :: General, defect)

Product:
Testing
Component:
General
Type:
defect

Tracking

(Not tracked)

People

(Reporter: ahal, Unassigned)

Details

Here is the current documentation for signing addons: https://wiki.mozilla.org/EngineeringProductivity/HowTo/SignExtensions Developers need to install jpm, manually create .xpi files and jump through other hoops to get their addons signed. A good first step to make this easier for them, would be to create a mach command that handles a lot of this work for them. The mach command should probably avoid using jpm, and stick directly to the AMO signing API. Here is documentation for using this API directly: http://addons-server.readthedocs.org/en/latest/topics/api/signing.html The API uses the JSON Web Token (JWT) protocol for authentication. There is a modules called PyJWT that can help with generating these tokens: https://pypi.python.org/pypi/PyJWT/1.4.0 And we can uses requests to make the actual API calls.
Blocks: 1233200
:ahal is this still planned to be implemented in the near future?
Flags: needinfo?(ahalberstadt)
No, I don't think there are currently any plans to work on this. Unless there are a lot of complaints around this, I don't foresee it climbing very high up our priority list. Maybe it would make a good contributor project.
Flags: needinfo?(ahalberstadt)
okay thanks, I will remove it as a blocker on bug 1233200
No longer blocks: 1233200
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.