feat(client): Tauri updater for the Linux Flatpak #228
Labels
No labels
area:auth
area:ci
area:db
area:infra
area:native
area:pwa
area:service
epic
feature
foundation
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
james/carol#228
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Context
#188 (PR #222) ships the Linux Flatpak via a Tauri 2 shell wrapping the Expo Web bundle. Tauri 2 has a built-in updater plugin (
tauri-plugin-updater) that can fetch and apply signed updates from a manifest URL — currently unwired.Without it, a self-hoster's Carol Flatpak install stays on whatever version they
flatpak install'd. They'd need to manually pull a new.flatpakfrom each Forgejo release. Tauri's updater closes that loop: check the Forgejo release feed on launch, prompt to install on next quit / restart.Out of scope on #188's first cut because the updater needs signing keys + a release-manifest endpoint, and the value's deferrable.
Source
Follow-up flagged in #222.
Scope
tauri-plugin-updatertoapps/client/src-tauri/Cargo.tomland wire it insrc-tauri/src/main.rs(or wherever the Tauri app builder lives).cargo tauri signer generateand store the private key in CI secrets (TAURI_UPDATER_PRIVATE_KEY,TAURI_UPDATER_KEY_PASSWORD). Public key lives intauri.conf.jsonunderplugins.updater.pubkeyand ships with every release.release-flatpak.ymlto sign the built artifact and produce alatest.jsonTauri manifest with the version, signature, and download URL. Attachlatest.jsonalongside the.flatpakon the Forgejo release.docs/ci.mdor a follow-up section to ADR-0014.Acceptance criteria
vX.Y.Zdetects a newer tagvX.Y.Z+1released after install.latest.json) so the API release pipeline still succeeds.docs/ci.mdcovers what to do (cut alatest.jsonfrom a fresh keypair, ship a Forgejo release note pinning users to a one-time manual upgrade).Out of scope
Composes with
Part of
#176