shopify-ai-backup/windows-app

Windows Desktop App

This folder contains the Windows desktop build for the project. The desktop app reuses the existing web UI (apps and builder screens) and wraps it with a native shell that can run OpenCode locally, save output on the user's machine, and sync finished apps to the backend.

Goals

• Reuse the existing web UI with minimal divergence.
• Keep memory footprint low (Tauri + WebView2, no Electron).
• Run OpenCode locally with API keys pulled securely from the backend; users never see the raw key.
• Persist work on the user's device and sync results back to the backend so apps are also available on the website.
• Ship a single Windows .exe via GitHub Actions; do not build locally.

How it works

• UI reuse: npm run prepare-ui copies ../chat/public into ui-dist and injects a lightweight bridge script so existing pages can talk to the Tauri commands.
• Native shell: Tauri hosts the UI from ui-dist and exposes a few commands (save_api_key, persist_app, list_apps, sync_app, run_opencode_task).
• Local storage: Apps are saved under the OS app data directory, isolated per user. API keys are written to an on-disk Tauri store (no read command is exposed back to JS).
• OpenCode execution: run_opencode_task shells out to a local OpenCode binary stored under the app data folder and injects the API key into the process environment. If the binary is missing, the command returns a clear error so the UI can download or prompt the user.
• Syncing: sync_app posts the locally saved app JSON to the backend (configured via the BACKEND_BASE_URL env var in CI or a .env file). After a successful sync, the app is reachable from the website.
• Key handling: Only the backend may return API keys; the UI can request that the native layer saves the key, but there is no command to read it back, preventing direct OpenCode access from the web runtime.

Setup

1. Install prerequisites (Rust stable, Node 18+, WebView2 runtime on Windows).
2. From the repo root: cd "windows app".
3. Install dependencies: npm install (no build here).
4. Pull UI assets: npm run prepare-ui.
5. (Optional) Create .env in this folder with BACKEND_BASE_URL=https://your-backend.example/api.

Development

• npm run dev starts Tauri using the copied UI in ui-dist. The bridge script is auto-injected into HTML files when preparing the UI.
• Commands are exposed via window.windowsAppBridge (see tauri-bridge.js). Existing pages can call these helpers without changing core logic.

CI build (single Windows exe)

• GitHub Actions workflow: .github/workflows/windows-app.yml.
• The action runs on windows-latest, installs Rust and Node, prepares the UI, and runs npm run build to produce the bundled .exe (plus installer artifacts). Artifacts are uploaded for download; no local build is performed here.

Security notes

• No command exposes the stored API key to the web layer.
• OpenCode is only invoked from the Rust side with the key set via environment variables.
• File system allowlist in Tauri is restricted to the app data directory plus the bundled UI folder.
• If additional secrets are needed, source them from the backend and save via save_api_key only.

Next steps

• Wire the existing apps and builder pages to call window.windowsAppBridge where persistence or syncing is needed.
• Add OpenCode binary download/install flow in the UI using run_opencode_task error responses to detect missing binaries.
• Point BACKEND_BASE_URL to the real API endpoint in CI and secrets for production builds.