Open Bug 1261142 Opened 5 years ago Updated 5 years ago

Create a mach command to facilitate signing addons


(Testing :: General, defect)

Not set


(Not tracked)


(Reporter: ahal, Unassigned)


Here is the current documentation for signing addons:

Developers need to install jpm, manually create .xpi files and jump through other hoops to get their addons signed. A good first step to make this easier for them, would be to create a mach command that handles a lot of this work for them.

The mach command should probably avoid using jpm, and stick directly to the AMO signing API. Here is documentation for using this API directly:

The API uses the JSON Web Token (JWT) protocol for authentication. There is a modules called PyJWT that can help with generating these tokens:

And we can uses requests to make the actual API calls.
Blocks: 1233200
:ahal is this still planned to be implemented in the near future?
Flags: needinfo?(ahalberstadt)
No, I don't think there are currently any plans to work on this. Unless there are a lot of complaints around this, I don't foresee it climbing very high up our priority list. Maybe it would make a good contributor project.
Flags: needinfo?(ahalberstadt)
okay thanks, I will remove it as a blocker on bug 1233200
No longer blocks: 1233200
You need to log in before you can comment on or make changes to this bug.