Chrome Web Store API access via Service Account

[Susan Goldblatt]

Hey All, 

I have been trying to deploy a chrome extension via github action instead of doing it manually, For security, I'd prefer to use a service account. I have the action working with the google-github-actions/auth library, but when it goes to update the item in the store I get the following error: 

{
  "kind": "chromewebstore#item",
  "uploadState": "FAILURE",
  "itemError": [
    {
      "error_code": "CLIENT_ERROR",
      "error_detail": "Application error (6): Not a valid developer. Please make sure you have accepted the developer agreement: https://chrome.google.com/webstore/developer/terms."
    }
  ]
}

I assume this is because the service account email is not a 'valid developer', but I'm not sure how to make them one or if there is a way to do this. I'd like to keep using the service account instead of having the automated flow using my personal email. I've enabled the library chromewebstore.googleapis.com (and can see that my service account is listed under the permissions of this api in the cloud console). I wonder if there is a role I can assign my service account that might solve this problem! 

Anyone done this automation before? Thanks in advance and happy new year! 

[Simeon Velichkov]

I've never used that myself, but judging by the documentation found here https://developer.chrome.com/docs/webstore/using_webstore_api/ it seems like a service account won't work in this case. This API expects user account instead, and also as noted that have to be the owner of the extension that you are trying to manage. So in order to automate this you will need to get the appropriate credentials manually first, by logging in using your browser, and then store that access and refresh token pair somewhere, and use the access token to manage your extension. Also, note that the refresh token is going to expire so maybe you will need to setup a background service (cronjob) that keeps it fresh.