feat: Add Borg Console and release workflow

Author: Snider

.github/workflows/release.yml

@@ -0,0 +1,105 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+permissions:
+  contents: write
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v6
+        with:
+          go-version-file: 'go.mod'
+
+      - name: Get version
+        id: version
+        run: echo "VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
+
+      - name: Build binaries
+        run: |
+          mkdir -p dist
+
+          # Linux amd64
+          GOOS=linux GOARCH=amd64 go build -ldflags "-s -w" -o dist/borg-linux-amd64 main.go
+
+          # Linux arm64
+          GOOS=linux GOARCH=arm64 go build -ldflags "-s -w" -o dist/borg-linux-arm64 main.go
+
+          # macOS amd64
+          GOOS=darwin GOARCH=amd64 go build -ldflags "-s -w" -o dist/borg-darwin-amd64 main.go
+
+          # macOS arm64
+          GOOS=darwin GOARCH=arm64 go build -ldflags "-s -w" -o dist/borg-darwin-arm64 main.go
+
+          # Windows amd64
+          GOOS=windows GOARCH=amd64 go build -ldflags "-s -w" -o dist/borg-windows-amd64.exe main.go
+
+      - name: Build WASM module
+        run: |
+          GOOS=js GOARCH=wasm go build -o dist/stmf.wasm ./pkg/wasm/stmf/
+          cp "$(go env GOROOT)/misc/wasm/wasm_exec.js" dist/ 2>/dev/null || \
+          cp "$(go env GOROOT)/lib/wasm/wasm_exec.js" dist/
+
+      - name: Build Console STIM
+        run: |
+          # Build borg for current platform first
+          go build -o borg main.go
+
+          # Build the encrypted console demo
+          ./borg console build -p "borg-demo" -o dist/console.stim -s js/borg-stmf
+
+      - name: Create checksums
+        run: |
+          cd dist
+          sha256sum * > checksums.txt
+
+      - name: Create Release
+        uses: softprops/action-gh-release@v1
+        with:
+          name: Borg ${{ steps.version.outputs.VERSION }}
+          body: |
+            ## Borg ${{ steps.version.outputs.VERSION }}
+
+            ### Downloads
+
+            | Platform | Binary |
+            |----------|--------|
+            | Linux x64 | `borg-linux-amd64` |
+            | Linux ARM64 | `borg-linux-arm64` |
+            | macOS x64 | `borg-darwin-amd64` |
+            | macOS ARM64 | `borg-darwin-arm64` |
+            | Windows x64 | `borg-windows-amd64.exe` |
+
+            ### Console Demo
+
+            The `console.stim` is an encrypted PWA demo. Run it with:
+            ```bash
+            borg console serve console.stim --open
+            ```
+            Password: `borg-demo`
+
+            ### WASM Module
+
+            - `stmf.wasm` - Browser encryption module
+            - `wasm_exec.js` - Go WASM runtime
+
+          files: |
+            dist/borg-linux-amd64
+            dist/borg-linux-arm64
+            dist/borg-darwin-amd64
+            dist/borg-darwin-arm64
+            dist/borg-windows-amd64.exe
+            dist/stmf.wasm
+            dist/wasm_exec.js
+            dist/console.stim
+            dist/checksums.txt
+          draft: false
+          prerelease: false

cmd/console.go

@@ -0,0 +1,163 @@
+package cmd
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+
+	"github.com/Snider/Borg/pkg/console"
+	"github.com/Snider/Borg/pkg/tim"
+	"github.com/spf13/cobra"
+)
+
+var consoleCmd = NewConsoleCmd()
+
+// NewConsoleCmd creates the console parent command.
+func NewConsoleCmd() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:   "console",
+		Short: "Manage encrypted PWA console demos",
+		Long: `The Borg Console packages and serves encrypted PWA demos.
+
+Build a console STIM:
+  borg console build -p "password" -o console.stim
+
+Serve with unlock page:
+  borg console serve console.stim --open
+
+Serve pre-unlocked:
+  borg console serve console.stim -p "password" --open`,
+	}
+
+	cmd.AddCommand(NewConsoleBuildCmd())
+	cmd.AddCommand(NewConsoleServeCmd())
+
+	return cmd
+}
+
+// NewConsoleBuildCmd creates the build subcommand.
+func NewConsoleBuildCmd() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:   "build",
+		Short: "Build a console STIM from demo files",
+		Long: `Packages HTML demo files into an encrypted STIM container.
+
+By default, looks for files in js/borg-stmf/ directory.
+Required files: index.html, support-reply.html, stmf.wasm, wasm_exec.js`,
+		RunE: func(cmd *cobra.Command, args []string) error {
+			password, _ := cmd.Flags().GetString("password")
+			output, _ := cmd.Flags().GetString("output")
+			sourceDir, _ := cmd.Flags().GetString("source")
+
+			if password == "" {
+				return fmt.Errorf("password is required")
+			}
+
+			// Create new TIM
+			m, err := tim.New()
+			if err != nil {
+				return fmt.Errorf("creating TIM: %w", err)
+			}
+
+			// Required demo files
+			files := []string{
+				"index.html",
+				"support-reply.html",
+				"stmf.wasm",
+				"wasm_exec.js",
+			}
+
+			// Add each file to the TIM
+			for _, f := range files {
+				path := filepath.Join(sourceDir, f)
+				data, err := os.ReadFile(path)
+				if err != nil {
+					return fmt.Errorf("reading %s: %w", f, err)
+				}
+				m.RootFS.AddData(f, data)
+				fmt.Printf("  + %s (%d bytes)\n", f, len(data))
+			}
+
+			// Encrypt to STIM
+			stim, err := m.ToSigil(password)
+			if err != nil {
+				return fmt.Errorf("encrypting STIM: %w", err)
+			}
+
+			// Write output
+			if err := os.WriteFile(output, stim, 0644); err != nil {
+				return fmt.Errorf("writing output: %w", err)
+			}
+
+			fmt.Printf("\nBuilt: %s (%d bytes)\n", output, len(stim))
+			fmt.Println("Encrypted with ChaCha20-Poly1305")
+
+			return nil
+		},
+	}
+
+	cmd.Flags().StringP("password", "p", "", "Encryption password (required)")
+	cmd.Flags().StringP("output", "o", "console.stim", "Output file")
+	cmd.Flags().StringP("source", "s", "js/borg-stmf", "Source directory")
+	cmd.MarkFlagRequired("password")
+
+	return cmd
+}
+
+// NewConsoleServeCmd creates the serve subcommand.
+func NewConsoleServeCmd() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:   "serve [stim-file]",
+		Short: "Serve an encrypted console STIM",
+		Long: `Starts an HTTP server to serve encrypted STIM content.
+
+Without a password, shows a dark-themed unlock page.
+With a password, decrypts immediately and serves content.
+
+Examples:
+  borg console serve demos.stim --open
+  borg console serve demos.stim -p "password" --port 3000`,
+		Args: cobra.ExactArgs(1),
+		RunE: func(cmd *cobra.Command, args []string) error {
+			stimPath := args[0]
+			password, _ := cmd.Flags().GetString("password")
+			port, _ := cmd.Flags().GetString("port")
+			openBrowser, _ := cmd.Flags().GetBool("open")
+
+			// Create server
+			server, err := console.NewServer(stimPath, password, port)
+			if err != nil {
+				return err
+			}
+
+			// Print status
+			fmt.Printf("Borg Console serving at %s\n", server.URL())
+			if password != "" {
+				fmt.Println("Status: Unlocked (password provided)")
+			} else {
+				fmt.Println("Status: Locked (unlock page active)")
+			}
+			fmt.Println()
+
+			// Open browser if requested
+			if openBrowser {
+				if err := console.OpenBrowser(server.URL()); err != nil {
+					fmt.Printf("Warning: could not open browser: %v\n", err)
+				}
+			}
+
+			// Start serving
+			return server.Start()
+		},
+	}
+
+	cmd.Flags().StringP("password", "p", "", "Decryption password (skip unlock page)")
+	cmd.Flags().String("port", "8080", "Port to serve on")
+	cmd.Flags().Bool("open", false, "Auto-open browser")
+
+	return cmd
+}
+
+func init() {
+	RootCmd.AddCommand(consoleCmd)
+}

console.stim

@@ -0,0 +1,27 @@
+// Package console provides an encrypted PWA demo server with browser integration.
+package console
+
+import (
+	"fmt"
+	"os/exec"
+	"runtime"
+)
+
+// OpenBrowser opens the default browser to the specified URL.
+// Supports macOS, Linux, and Windows.
+func OpenBrowser(url string) error {
+	var cmd *exec.Cmd
+
+	switch runtime.GOOS {
+	case "darwin":
+		cmd = exec.Command("open", url)
+	case "linux":
+		cmd = exec.Command("xdg-open", url)
+	case "windows":
+		cmd = exec.Command("cmd", "/c", "start", url)
+	default:
+		return fmt.Errorf("unsupported platform: %s", runtime.GOOS)
+	}
+
+	return cmd.Start()
+}