Currently cli releases stored in firebase, and can be accessible with a firebase token. This is secure for the manifest file, but not secure enough for app secrets.
We already have ENSEMBLE_ENCRYPTION_KEY and ENSEMBLE_MANIFEST_KEY tags, which are used to secure the cdn manifest, we should use these keys make the releases secure as well.
As a cli user:
- I should not be allowed to create a release if
ENSEMBLE_ENCRYPTION_KEY and ENSEMBLE_MANIFEST_KEY are not available.
- If these keys are available, then
- encrypt the file with
ENSEMBLE_ENCRYPTION_KEY, and when using the release, cli should decrypt the manifest using ENSEMBLE_ENCRYPTION_KEY
- if possible, block the access to release manifest if
x-manifest-key is not available or is not equal to ENSEMBLE_MANIFEST_KEY
REF (CDN Implementation): https://github.com/EnsembleUI/studio_service/blob/main/studio/src/createAppManifest.ts
Currently cli releases stored in firebase, and can be accessible with a firebase token. This is secure for the manifest file, but not secure enough for app secrets.
We already have
ENSEMBLE_ENCRYPTION_KEYandENSEMBLE_MANIFEST_KEYtags, which are used to secure the cdn manifest, we should use these keys make the releases secure as well.As a cli user:
ENSEMBLE_ENCRYPTION_KEYandENSEMBLE_MANIFEST_KEYare not available.ENSEMBLE_ENCRYPTION_KEY, and when using the release, cli should decrypt the manifest usingENSEMBLE_ENCRYPTION_KEYx-manifest-keyis not available or is not equal toENSEMBLE_MANIFEST_KEYREF (CDN Implementation): https://github.com/EnsembleUI/studio_service/blob/main/studio/src/createAppManifest.ts