Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sign Workflow: Fix interactivity #52

Merged
merged 1 commit into from
Jan 10, 2025
+232 −27
Merged

Sign Workflow: Fix interactivity #52

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
114 changes: 114 additions & 0 deletions .github/workflows/build-windows-release-signing.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,114 @@
name: Build Windows Signed
# this file needs to be manually synchronized with build-windows.yml

on:
push:
branches:
- main
tags:
- '*'

#####################
####### Below must be identical to build-windows.yml
#####################
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
with:
fetch-depth: 0 # Fetch all history for all branches and tags
ref: ${{ github.event.inputs.commitHash || github.sha }}


- name: Set up Python environment
uses: actions/setup-python@v4
with:
python-version: '3.10'

- name: Setup xvfb (Linux)
if: runner.os == 'Linux'
run: |
sudo apt-get update
sudo apt-get install -y xvfb \
libxkbcommon-x11-0 \
libxcb-icccm4 \
libxcb-image0 \
libxcb-keysyms1 \
libxcb-randr0 \
libxcb-render-util0 \
libxcb-xinerama0 \
libxcb-xinput0 \
libxcb-xfixes0 \
libxcb-shape0 \
libglib2.0-0 \
libgl1-mesa-dev \
'^libxcb.*-dev' \
libx11-xcb-dev \
libglu1-mesa-dev \
libxrender-dev \
libxi-dev \
libxkbcommon-dev \
libxkbcommon-x11-dev \
libsecp256k1-0

- name: Install Python dependencies
run: |
python -m pip install --upgrade pip
pip install poetry
poetry install

- name: Run build script
run: poetry run python tools/build.py --targets windows --commit None


- name: Check for portable EXE file
run: |
if [ -z "$(find dist -type f -name '*portable.exe')" ]; then
echo "Portable EXE file is missing"
exit 1
fi

- name: Check for setup EXE file
run: |
if [ -z "$(find dist -type f -name '*setup.exe')" ]; then
echo "Setup EXE file is missing"
exit 1
fi

- name: Upload EXE Files from dist/
id: upload-unsigned-artifact
uses: actions/upload-artifact@v4
with:
name: dist
path: dist/* # zip everything in the folder

#####################
####### End of build-windows.yml
#####################

- name: 'signing with ${{ github.event.inputs.signing-policy-slug }}'
id: signpath-io
if: ${{ github.event.inputs.signing-policy-slug != '' }}
uses: signpath/[email protected]
with:
api-token: '${{ .SIGNPATH_API_TOKEN }}'
organization-id: '0981059c-bbd4-461c-abcf-b99bd074a723'
project-slug: 'bitcoin-safe'
# 'signing-policy-slug ("test-signing", "release-signing" for valid signing)'
signing-policy-slug: 'release-signing'
github-artifact-id: '${{ steps.upload-unsigned-artifact.outputs.artifact-id }}'
artifact-configuration-slug: 'Win'
wait-for-completion: true
output-artifact-directory: 'signpath-signed'


- name: Upload Signed EXE Files from signpath-signed/
if: ${{ github.event.inputs.signing-policy-slug != '' }}
id: upload-signed-artifact
uses: actions/upload-artifact@v4
with:
name: signpath-signed
path: signpath-signed/* # zip everything in the folder

114 changes: 114 additions & 0 deletions .github/workflows/build-windows-test-sign.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,114 @@
name: Build Windows Signed
# this file needs to be manually synchronized with build-windows.yml

on:
push:
branches:
- main
tags:
- '*'

#####################
####### Below must be identical to build-windows.yml
#####################
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
with:
fetch-depth: 0 # Fetch all history for all branches and tags
ref: ${{ github.event.inputs.commitHash || github.sha }}


- name: Set up Python environment
uses: actions/setup-python@v4
with:
python-version: '3.10'

- name: Setup xvfb (Linux)
if: runner.os == 'Linux'
run: |
sudo apt-get update
sudo apt-get install -y xvfb \
libxkbcommon-x11-0 \
libxcb-icccm4 \
libxcb-image0 \
libxcb-keysyms1 \
libxcb-randr0 \
libxcb-render-util0 \
libxcb-xinerama0 \
libxcb-xinput0 \
libxcb-xfixes0 \
libxcb-shape0 \
libglib2.0-0 \
libgl1-mesa-dev \
'^libxcb.*-dev' \
libx11-xcb-dev \
libglu1-mesa-dev \
libxrender-dev \
libxi-dev \
libxkbcommon-dev \
libxkbcommon-x11-dev \
libsecp256k1-0

- name: Install Python dependencies
run: |
python -m pip install --upgrade pip
pip install poetry
poetry install

- name: Run build script
run: poetry run python tools/build.py --targets windows --commit None


- name: Check for portable EXE file
run: |
if [ -z "$(find dist -type f -name '*portable.exe')" ]; then
echo "Portable EXE file is missing"
exit 1
fi

- name: Check for setup EXE file
run: |
if [ -z "$(find dist -type f -name '*setup.exe')" ]; then
echo "Setup EXE file is missing"
exit 1
fi

- name: Upload EXE Files from dist/
id: upload-unsigned-artifact
uses: actions/upload-artifact@v4
with:
name: dist
path: dist/* # zip everything in the folder

#####################
####### End of build-windows.yml
#####################

- name: 'signing with ${{ github.event.inputs.signing-policy-slug }}'
id: signpath-io
if: ${{ github.event.inputs.signing-policy-slug != '' }}
uses: signpath/[email protected]
with:
api-token: '${{ .SIGNPATH_API_TOKEN }}'
organization-id: '0981059c-bbd4-461c-abcf-b99bd074a723'
project-slug: 'bitcoin-safe'
# 'signing-policy-slug ("test-signing", "release-signing" for valid signing)'
signing-policy-slug: 'test-signing'
github-artifact-id: '${{ steps.upload-unsigned-artifact.outputs.artifact-id }}'
artifact-configuration-slug: 'Win'
wait-for-completion: true
output-artifact-directory: 'signpath-signed'


- name: Upload Signed EXE Files from signpath-signed/
if: ${{ github.event.inputs.signing-policy-slug != '' }}
id: upload-signed-artifact
uses: actions/upload-artifact@v4
with:
name: signpath-signed
path: signpath-signed/* # zip everything in the folder

31 changes: 4 additions & 27 deletions .github/workflows/build-windows.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,11 @@ on:
description: 'Enter the commit hash to build (empty = the main branch or the branch that triggered the workflow)'
required: false
type: string
signing-policy-slug:
description: 'signing-policy-slug ("" for no signing, "test-signing", "release-signing" for valid signing)'
required: false
default: 'test-signing'


#####################
####### Ensure changes here are copied to build-windows-signed.yml
#####################
jobs:
build:
runs-on: ubuntu-latest
Expand Down Expand Up @@ -85,26 +85,3 @@ jobs:
name: dist
path: dist/* # zip everything in the folder

- name: 'signing with ${{ github.event.inputs.signing-policy-slug }}'
id: signpath-io
if: ${{ github.event.inputs.signing-policy-slug != '' }}
uses: signpath/[email protected]
with:
api-token: '${{ secrets.SIGNPATH_API_TOKEN }}'
organization-id: '0981059c-bbd4-461c-abcf-b99bd074a723'
project-slug: 'bitcoin-safe'
signing-policy-slug: '${{ github.event.inputs.signing-policy-slug }}'
github-artifact-id: '${{ steps.upload-unsigned-artifact.outputs.artifact-id }}'
artifact-configuration-slug: 'Win'
wait-for-completion: true
output-artifact-directory: 'signpath-signed'


- name: Upload Signed EXE Files from signpath-signed/
if: ${{ github.event.inputs.signing-policy-slug != '' }}
id: upload-signed-artifact
uses: actions/upload-artifact@v4
with:
name: signpath-signed
path: signpath-signed/* # zip everything in the folder

Loading