Tauri desktop start

.github/workflows/desktop-build.yml

@@ -0,0 +1,79 @@
+name: Desktop App CI
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  build-macos:
+    runs-on: macos-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Bun
+        uses: oven-sh/setup-bun@v1
+        with:
+          bun-version: 1.2.2
+
+      - name: Install Rust
+        uses: dtolnay/rust-toolchain@stable
+
+      - name: Install dependencies (macOS)
+        run: |
+          brew install openssl@3
+
+      - name: Install frontend dependencies
+        working-directory: ./frontend
+        run: bun install
+
+      - name: Install Tauri CLI
+        run: cargo install tauri-cli
+
+      - name: Build Tauri App (macOS)
+        working-directory: ./frontend
+        run: cargo tauri build
+        env:
+          TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
+          TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}
+
+  build-linux:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Bun
+        uses: oven-sh/setup-bun@v1
+        with:
+          bun-version: 1.2.2
+
+      - name: Install Rust
+        uses: dtolnay/rust-toolchain@stable
+
+      - name: Install Linux dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y libwebkit2gtk-4.1-dev \
+              build-essential \
+              curl \
+              wget \
+              file \
+              libssl-dev \
+              libgtk-3-dev \
+              libayatana-appindicator3-dev \
+              librsvg2-dev
+
+      - name: Install frontend dependencies
+        working-directory: ./frontend
+        run: bun install
+
+      - name: Install Tauri CLI
+        run: cargo install tauri-cli
+
+      - name: Build Tauri App (Linux)
+        working-directory: ./frontend
+        run: cargo tauri build
+        env:
+          TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
+          TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}

.github/workflows/release.yml

@@ -0,0 +1,130 @@
+name: Release
+on:
+  release:
+    types: [created]
+
+jobs:
+  create-release:
+    runs-on: ubuntu-latest
+    outputs:
+      release_id: ${{ steps.create-release.outputs.result }}
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Bun
+        uses: oven-sh/setup-bun@v1
+        with:
+          bun-version: 1.2.2
+
+      - name: Get version
+        id: get_version
+        run: echo "version=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
+
+  build-tauri:
+    needs: create-release
+    strategy:
+      fail-fast: false
+      matrix:
+        platform: [macos-latest, ubuntu-latest]
+
+    runs-on: ${{ matrix.platform }}
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Bun
+        uses: oven-sh/setup-bun@v1
+        with:
+          bun-version: 1.2.2
+
+      - name: Install Rust
+        uses: dtolnay/rust-toolchain@stable
+
+      - name: Install dependencies (macOS)
+        if: matrix.platform == 'macos-latest'
+        run: |
+          brew install openssl@3
+
+      - name: Install dependencies (Linux)
+        if: matrix.platform == 'ubuntu-latest'
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y libwebkit2gtk-4.1-dev \
+              build-essential \
+              curl \
+              wget \
+              file \
+              libssl-dev \
+              libgtk-3-dev \
+              libayatana-appindicator3-dev \
+              librsvg2-dev
+
+      - name: Install frontend dependencies
+        working-directory: ./frontend
+        run: bun install
+
+      - name: Build Tauri App
+        uses: tauri-apps/tauri-action@v0
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
+          TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}
+        with:
+          projectPath: './frontend'
+          tagName: ${{ github.ref_name }}
+          releaseName: 'Maple v${{ github.ref_name }}'
+          releaseBody: 'See the assets to download this version and install.'
+          releaseDraft: true
+          prerelease: false
+
+  update-latest-json:
+    needs: build-tauri
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Download release artifacts
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          mkdir -p artifacts
+          gh release download ${{ github.ref_name }} -D artifacts
+
+      - name: Generate latest.json
+        id: generate-latest
+        run: |
+          VERSION="${{ github.ref_name }}"
+          RELEASE_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
+          
+          # Get signatures from the artifacts
+          MACOS_ARM_SIG=$(cat artifacts/*.app.tar.gz.sig)
+          MACOS_X64_SIG=$(cat artifacts/*.app.tar.gz.sig)
+          LINUX_X64_SIG=$(cat artifacts/*.AppImage.sig)
+          
+          cat > latest.json << EOF
+          {
+            "version": "${VERSION#v}",
+            "notes": "See the release notes at https://github.com/OpenSecret/maple/releases/tag/${VERSION}",
+            "pub_date": "${RELEASE_DATE}",
+            "platforms": {
+              "darwin-x86_64": {
+                "signature": "${MACOS_X64_SIG}",
+                "url": "https://github.com/OpenSecret/maple/releases/download/${VERSION}/Maple.app.tar.gz"
+              },
+              "darwin-aarch64": {
+                "signature": "${MACOS_ARM_SIG}",
+                "url": "https://github.com/OpenSecret/maple/releases/download/${VERSION}/Maple.app.tar.gz"
+              },
+              "linux-x86_64": {
+                "signature": "${LINUX_X64_SIG}",
+                "url": "https://github.com/OpenSecret/maple/releases/download/${VERSION}/maple.AppImage"
+              }
+            }
+          }
+          EOF
+
+      - name: Upload latest.json
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          gh release upload ${{ github.ref_name }} latest.json --clobber 

README.md

@@ -1,14 +1,95 @@
 # Maple AI Frontend
 
-Uses [bun](https://bun.sh/) for development.
+Uses [bun](https://bun.sh/) for development and [Tauri](https://tauri.app/) for desktop app builds.
 
+## Prerequisites
+
+1. Install [Bun](https://bun.sh/):
+```bash
+curl -fsSL https://bun.sh/install | bash
+```
+
+2. Install Rust and its dependencies:
+```bash
+curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
+```
+
+3. Install system dependencies:
+
+### macOS
+```bash
+xcode-select --install
+```
+
+### Linux (Ubuntu/Debian)
+```bash
+sudo apt update
+sudo apt install libwebkit2gtk-4.1-dev \
+    build-essential \
+    curl \
+    wget \
+    file \
+    libssl-dev \
+    libgtk-3-dev \
+    libayatana-appindicator3-dev \
+    librsvg2-dev
+```
+
+## Development
+
+1. Install dependencies:
 ```bash
 bun install
+```
+
+2. Start the development server:
+```bash
+# For web development only
 bun run dev
+
+# For desktop app development
+bun tauri dev
 ```
 
 Expects a `VITE_OPEN_SECRET_API_URL` environment variable to be set. (See `.env.example`)
 
+## Building
+
+To build the desktop application:
+```bash
+bun tauri build
+```
+
+## Releases
+
+### Setting up Signing Keys
+1. Generate a new signing key:
+```bash
+cargo tauri signer generate
+```
+This will create the tauri public and private key.
+
+
+2. Add the public key to `src-tauri/tauri.conf.json` in the `updater.pubkey` field
+3. Add the private key to GitHub Actions secrets:
+   - Go to repository Settings → Secrets and variables → Actions
+   - Create a new secret named `TAURI_SIGNING_PRIVATE_KEY`
+   - Paste the private key from the tauri command.
+
+### Creating a Release
+1. Update the version in `src-tauri/tauri.conf.json`
+2. Create a new release in GitHub:
+   - Go to Releases → Draft a new release
+   - Create a new tag (e.g., `v0.1.0`)
+   - Set a release title and description
+   - Publish the release
+
+The GitHub Actions workflow will automatically:
+- Build the app for all platforms
+- Sign the builds
+- Upload the artifacts to the release
+- Create and upload `latest.json` for auto-updates
+
 ## Updating PCR0 values
 
 If there's a new version of the enclave pushed to staging or prod, append the new PCR0 value to the `pcr0Values` or `pcr0DevValues` arrays in `frontend/src/app.tsx`.