Here is the current documentation for signing addons: https://wiki.mozilla.org/EngineeringProductivity/HowTo/SignExtensions Developers need to install jpm, manually create .xpi files and jump through other hoops to get their addons signed. A good first step to make this easier for them, would be to create a mach command that handles a lot of this work for them. The mach command should probably avoid using jpm, and stick directly to the AMO signing API. Here is documentation for using this API directly: http://addons-server.readthedocs.org/en/latest/topics/api/signing.html The API uses the JSON Web Token (JWT) protocol for authentication. There is a modules called PyJWT that can help with generating these tokens: https://pypi.python.org/pypi/PyJWT/1.4.0 And we can uses requests to make the actual API calls.
:ahal is this still planned to be implemented in the near future?
No, I don't think there are currently any plans to work on this. Unless there are a lot of complaints around this, I don't foresee it climbing very high up our priority list. Maybe it would make a good contributor project.
You need to log in before you can comment on or make changes to this bug.