jeffemmett
/
canvas-website
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Create task task-058

This commit is contained in:
Jeff Emmett 2025-12-25 18:30:07 -05:00
parent ccb5acc164
commit 7ce7a9aab6
1 changed files with 39 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
backlog/tasks/task-058 - Set-FAL_API_KEY-and-RUNPOD_API_KEY-secrets-in-Cloudflare-Worker.md Normal file
View File

@ -0,0 +1,39 @@
---
id: task-058
title: Set FAL_API_KEY and RUNPOD_API_KEY secrets in Cloudflare Worker
status: To Do
assignee: []
created_date: '2025-12-25 23:30'
labels:
- security
- infrastructure
- canvas-website
dependencies: []
priority: high
---
## Description
<!-- SECTION:DESCRIPTION:BEGIN -->
SECURITY FIX: API keys were exposed in browser bundle. They've been removed from client code and proxy endpoints added to the worker. Need to set the secrets server-side for the proxy to work.
Run these commands:
```bash
cd /home/jeffe/Github/canvas-website
wrangler secret put FAL_API_KEY
# Paste: (REDACTED-FAL-KEY)
wrangler secret put RUNPOD_API_KEY
# Paste: (REDACTED-RUNPOD-KEY)
wrangler deploy
```
<!-- SECTION:DESCRIPTION:END -->
## Acceptance Criteria
<!-- AC:BEGIN -->
- [ ] #1 FAL_API_KEY secret set in Cloudflare Worker
- [ ] #2 RUNPOD_API_KEY secret set in Cloudflare Worker
- [ ] #3 Worker deployed with new secrets
- [ ] #4 Browser console no longer shows 'fal credentials exposed' warning
<!-- AC:END -->