Add Forgejo CI/CD workflow and sync versions

- Add .forgejo/workflows/release.yml for Forgejo Actions - Update signing pubkey for new key pair - Sync Cargo.toml version to 0.4.0 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-26 07:14:05 -05:00 · 2026-02-26 07:14:05 -05:00 · 640caf2617
commit 640caf2617
parent d735fb4bd6
3 changed files with 256 additions and 2 deletions
--- a/.forgejo/workflows/release.yml
+++ b/.forgejo/workflows/release.yml
@ -0,0 +1,254 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+jobs:
+  build-linux:
+    runs-on: ubuntu
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Node
+        uses: actions/setup-node@v4
+        with:
+          node-version: lts/*
+          cache: npm
+
+      - name: Setup Rust
+        uses: dtolnay/rust-toolchain@stable
+
+      - name: Cache Rust dependencies
+        uses: swatinem/rust-cache@v2
+        with:
+          workspaces: src-tauri
+
+      - name: Install Linux dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y libwebkit2gtk-4.1-dev libappindicator3-dev librsvg2-dev patchelf
+
+      - name: Install frontend dependencies
+        run: npm ci
+
+      - name: Build Tauri
+        env:
+          TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
+          TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}
+        run: npx tauri build
+
+      - name: Upload Linux artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: linux-artifacts
+          path: |
+            src-tauri/target/release/bundle/deb/*.deb
+            src-tauri/target/release/bundle/appimage/*.AppImage
+            src-tauri/target/release/bundle/appimage/*.AppImage.tar.gz
+            src-tauri/target/release/bundle/appimage/*.AppImage.tar.gz.sig
+
+  build-windows:
+    runs-on: windows-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Node
+        uses: actions/setup-node@v4
+        with:
+          node-version: lts/*
+          cache: npm
+
+      - name: Setup Rust
+        uses: dtolnay/rust-toolchain@stable
+
+      - name: Cache Rust dependencies
+        uses: swatinem/rust-cache@v2
+        with:
+          workspaces: src-tauri
+
+      - name: Install frontend dependencies
+        run: npm ci
+
+      - name: Build Tauri
+        env:
+          TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
+          TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}
+        run: npx tauri build
+
+      - name: Upload Windows artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: windows-artifacts
+          path: |
+            src-tauri/target/release/bundle/nsis/*.exe
+            src-tauri/target/release/bundle/nsis/*.nsis.zip
+            src-tauri/target/release/bundle/nsis/*.nsis.zip.sig
+
+  release:
+    needs: [build-linux, build-windows]
+    runs-on: ubuntu
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Download Linux artifacts
+        uses: actions/download-artifact@v4
+        with:
+          name: linux-artifacts
+          path: artifacts/linux
+
+      - name: Download Windows artifacts
+        uses: actions/download-artifact@v4
+        with:
+          name: windows-artifacts
+          path: artifacts/windows
+
+      - name: Extract changelog
+        id: changelog
+        shell: bash
+        run: |
+          TAG="${GITHUB_REF_NAME#v}"
+          NOTES=$(sed -n "/^## \[${TAG}\]/,/^## /{/^## \[${TAG}\]/d;/^## /d;p}" CHANGELOG.md)
+          if [ -z "$NOTES" ]; then
+            NOTES=$(sed -n "/^## ${TAG}/,/^## /{/^## ${TAG}/d;/^## /d;p}" CHANGELOG.md)
+          fi
+          NOTES=$(echo "$NOTES" | sed -e '/./,$!d' -e :a -e '/^\n*$/{$d;N;ba}')
+          {
+            echo "notes<<CHANGELOG_EOF"
+            echo "$NOTES"
+            echo "CHANGELOG_EOF"
+          } >> "$GITHUB_OUTPUT"
+
+      - name: Collect release files
+        id: files
+        shell: bash
+        run: |
+          mkdir -p release-assets
+          # Flatten nested artifact directories into release-assets/
+          find artifacts -type f | while read f; do
+            cp "$f" "release-assets/$(basename "$f")"
+          done
+          ls -la release-assets/
+
+      - name: Generate latest.json
+        shell: bash
+        run: |
+          TAG="${GITHUB_REF_NAME}"
+          VERSION="${TAG}"
+          PUB_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
+          BASE_URL="${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/releases/download/${TAG}"
+
+          # Read signatures
+          WINDOWS_SIG=""
+          LINUX_SIG=""
+          NSIS_ZIP=""
+          APPIMAGE_TAR=""
+
+          for f in release-assets/*.nsis.zip.sig; do
+            [ -f "$f" ] && WINDOWS_SIG=$(cat "$f")
+          done
+          for f in release-assets/*.nsis.zip; do
+            [ -f "$f" ] && NSIS_ZIP=$(basename "$f")
+          done
+          for f in release-assets/*.AppImage.tar.gz.sig; do
+            [ -f "$f" ] && LINUX_SIG=$(cat "$f")
+          done
+          for f in release-assets/*.AppImage.tar.gz; do
+            [ -f "$f" ] && APPIMAGE_TAR=$(basename "$f")
+          done
+
+          # Build latest.json
+          PLATFORMS="{}"
+          if [ -n "$WINDOWS_SIG" ] && [ -n "$NSIS_ZIP" ]; then
+            PLATFORMS=$(echo "$PLATFORMS" | jq \
+              --arg sig "$WINDOWS_SIG" \
+              --arg url "${BASE_URL}/${NSIS_ZIP}" \
+              '. + {"windows-x86_64": {"signature": $sig, "url": $url}}')
+          fi
+          if [ -n "$LINUX_SIG" ] && [ -n "$APPIMAGE_TAR" ]; then
+            PLATFORMS=$(echo "$PLATFORMS" | jq \
+              --arg sig "$LINUX_SIG" \
+              --arg url "${BASE_URL}/${APPIMAGE_TAR}" \
+              '. + {"linux-x86_64": {"signature": $sig, "url": $url}}')
+          fi
+
+          NOTES=$(cat <<'NOTES_EOF'
+          ${{ steps.changelog.outputs.notes }}
+          NOTES_EOF
+          )
+
+          jq -n \
+            --arg version "$VERSION" \
+            --arg notes "$NOTES" \
+            --arg pub_date "$PUB_DATE" \
+            --argjson platforms "$PLATFORMS" \
+            '{version: $version, notes: $notes, pub_date: $pub_date, platforms: $platforms}' \
+            > release-assets/latest.json
+
+          echo "Generated latest.json:"
+          cat release-assets/latest.json
+
+      - name: Create release and upload assets
+        shell: bash
+        env:
+          FORGEJO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          TAG="${GITHUB_REF_NAME}"
+          API_URL="${GITHUB_SERVER_URL}/api/v1"
+          REPO="${GITHUB_REPOSITORY}"
+
+          BODY=$(cat <<'BODY_EOF'
+          ${{ steps.changelog.outputs.notes }}
+
+          ---
+
+          ## Installation
+
+          **Windows** : Téléchargez le fichier `.exe` ci-dessous et lancez l'installation.
+
+          > **Note :** Windows SmartScreen peut afficher un avertissement car l'application n'est pas signée.
+          > Cliquez sur **« Informations complémentaires »** puis **« Exécuter quand même »**.
+
+          > **Important :** Si vous aviez installé une version précédente via le fichier `.msi`, veuillez d'abord la désinstaller (Paramètres Windows > Applications) avant d'installer cette version.
+
+          **Linux** : Téléchargez le fichier `.deb` ou `.AppImage` ci-dessous.
+          BODY_EOF
+          )
+
+          # Create release
+          RELEASE_RESPONSE=$(curl -s -X POST \
+            "${API_URL}/repos/${REPO}/releases" \
+            -H "Authorization: token ${FORGEJO_TOKEN}" \
+            -H "Content-Type: application/json" \
+            -d "$(jq -n \
+              --arg tag "$TAG" \
+              --arg name "Simpl'Résultat ${TAG}" \
+              --arg body "$BODY" \
+              '{tag_name: $tag, name: $name, body: $body, draft: false, prerelease: false}')")
+
+          RELEASE_ID=$(echo "$RELEASE_RESPONSE" | jq -r '.id')
+          echo "Created release ID: $RELEASE_ID"
+
+          if [ "$RELEASE_ID" = "null" ] || [ -z "$RELEASE_ID" ]; then
+            echo "ERROR: Failed to create release"
+            echo "$RELEASE_RESPONSE"
+            exit 1
+          fi
+
+          # Upload all assets
+          for file in release-assets/*; do
+            FILENAME=$(basename "$file")
+            echo "Uploading: $FILENAME"
+            curl -s -X POST \
+              "${API_URL}/repos/${REPO}/releases/${RELEASE_ID}/assets?name=${FILENAME}" \
+              -H "Authorization: token ${FORGEJO_TOKEN}" \
+              -H "Content-Type: application/octet-stream" \
+              --data-binary "@${file}"
+            echo ""
+          done
+
+          echo "Release created: ${GITHUB_SERVER_URL}/${REPO}/releases/tag/${TAG}"
--- a/src-tauri/Cargo.toml
+++ b/src-tauri/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "simpl-result"
-version = "0.3.11"
+version = "0.4.0"
 description = "Personal finance management app"
 authors = ["you"]
 edition = "2021"
--- a/src-tauri/tauri.conf.json
+++ b/src-tauri/tauri.conf.json
@ -35,7 +35,7 @@
  },
  "plugins": {
    "updater": {
-      "pubkey": "dW50cnVzdGVkIGNvbW1lbnQ6IG1pbmlzaWduIHB1YmxpYyBrZXk6IDE2MTAyRTg2N0Q3OTBBNDAKUldSQUNubDloaTRRRm1hSzdmekpzNThHQ0N0MXpYSklIR012eFlYVHhadUpDbndkSTJUWmNMRk4K",
+      "pubkey": "dW50cnVzdGVkIGNvbW1lbnQ6IG1pbmlzaWduIHB1YmxpYyBrZXk6IEY5RkU2RTUzRjE4MTM4REYKUldUZk9JSHhVMjcrK1JVRVFpN1lPS2phdktjY2c2WTFVaURQazF6ZlhKOVoxY0pvcjVrbTVTeTIK",
      "endpoints": [
        "https://github.com/Le-King-Fu/simpl-resultat/releases/latest/download/latest.json"
      ],