Signpath signing in Windows build pipeline (#50)

andreasgriffin · Jan 10, 2025 · 5c70ffd · 5c70ffd
1 parent 19d6093
commit 5c70ffd
Show file tree

Hide file tree

Showing 4 changed files with 42 additions and 10 deletions.
diff --git a/.github/workflows/build-appimage.yml b/.github/workflows/build-appimage.yml
@@ -9,8 +9,8 @@ on:
         description: 'Enter the commit hash to build (leave empty to use the default branch or the branch that triggered the workflow)'
         required: false
         type: string
-      buildDMG:
-        description: 'Test Build AppImage'
+      build:
+        description: 'Build AppImage'
         required: false
         type: boolean
 

diff --git a/.github/workflows/build-mac-arm.yml b/.github/workflows/build-mac-arm.yml
@@ -1,13 +1,13 @@
-name: Build MacOsX  dmg Arm64
+name: Build MacOsX Arm64 dmg
 on:
   workflow_dispatch:
     inputs:
       commitHash:
         description: 'Enter the commit hash to build (leave empty to use the default branch or the branch that triggered the workflow)'
         required: false
         type: string
-      buildDMG:
-        description: 'Test Build DMG (Arm64)'
+      build:
+        description: 'Build DMG (Arm64)'
         required: false
         type: boolean
 

diff --git a/.github/workflows/build-windows.yml b/.github/workflows/build-windows.yml
@@ -4,11 +4,15 @@ on:
   workflow_dispatch:
     inputs:
       commitHash:
-        description: 'Enter the commit hash to build (leave empty to use the default branch or the branch that triggered the workflow)'
+        description: 'Enter the commit hash to build (empty = the main branch or the branch that triggered the workflow)'
         required: false
         type: string
-      buildDMG:
-        description: 'Test Build Exe'
+      signing-policy-slug:
+        description: 'signing-policy-slug  ("" for no signing, "test-signing", "release-signing" for valid signing)'
+        required: false
+        default: 'test-signing'  
+      build:
+        description: 'Build Exe'
         required: false
         type: boolean
 
@@ -79,7 +83,31 @@ jobs:
           fi
 
       - name: Upload EXE Files from dist/
+        id: upload-unsigned-artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: dist
+          path: dist/*  # zip everything in the folder
+
+      - id: signpath.io
+        if: ${{ github.event.inputs.signing-policy-slug != '' }}
+        uses: signpath/[email protected]
+        with:
+          api-token: '${{ secrets.SIGNPATH_API_TOKEN }}'
+          organization-id: '0981059c-bbd4-461c-abcf-b99bd074a723'
+          project-slug: 'bitcoin-safe'
+          signing-policy-slug: '${{ github.event.inputs.signing-policy-slug }}'
+          github-artifact-id: '${{ steps.upload-unsigned-artifact.outputs.artifact-id }}'
+          artifact-configuration-slug: 'Win'
+          wait-for-completion: true
+          output-artifact-directory: 'signpath-signed'
+
+
+      - name: Upload Signed EXE Files from signpath-signed/
+        if: ${{ github.event.inputs.signing-policy-slug != '' }}
+        id: upload-signed-artifact
         uses: actions/upload-artifact@v4
         with:
-          name: exes
-          path: dist/*.exe
+          name: signpath-signed
+          path: signpath-signed/*  # zip everything in the folder
+
diff --git a/tests/non_gui/test_wallet_ema_fee_rate.py b/tests/non_gui/test_wallet_ema_fee_rate.py
@@ -99,6 +99,10 @@ def test_ema_fee_rate_weights_recent_heavier(
     test_funded_seed_wallet: Wallet,
     faucet: Faucet,
 ) -> Wallet:
+    """
+    Test that the EMA fee rate for an incoming wallet is weighted more heavily towards recent transactions.
+    """
+
     wallet = test_funded_seed_wallet
 
     def send_tx(fee_rate=100):