npm - @causa/workspace-google - Versions diffs - 0.4.0 → 0.5.0 - Mend

@causa/workspace-google 0.4.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (108) hide show

package/dist/functions/event-topic/broker-delete-trigger-resource-pubsub-subscription.js ADDED Viewed

@@ -0,0 +1,31 @@
+import { EventTopicBrokerDeleteTriggerResource, } from '@causa/workspace-core';
+import { status } from '@grpc/grpc-js';
+import { PubSubService } from '../../services/index.js';
+/**
+ * Implements {@link EventTopicBrokerDeleteTriggerResource} for Pub/Sub subscriptions.
+ * Pub/Sub subscriptions are for example used when creating Cloud Run triggers.
+ */
+export class EventTopicBrokerDeleteTriggerResourceForPubSubSubscription extends EventTopicBrokerDeleteTriggerResource {
+    async _call(context) {
+        context.logger.info(`📫 Deleting Pub/Sub subscription '${this.id}'.`);
+        try {
+            await context
+                .service(PubSubService)
+                .pubSub.subscription(this.id)
+                .delete();
+        }
+        catch (error) {
+            if (error.code === status.NOT_FOUND) {
+                context.logger.warn(`⚠️ Pub/Sub subscription '${this.id}' does not exist. It might have already been deleted.`);
+            }
+            else {
+                throw error;
+            }
+        }
+    }
+    _supports(context) {
+        return (this.id.match(/^projects\/[\w-]+\/subscriptions\/[\w-]+$/) != null &&
+            context.asConfiguration().get('events.broker') ===
+                'google.pubSub');
+    }
+}

package/dist/functions/event-topic/broker-delete-trigger-resource-service-account.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { WorkspaceContext } from '@causa/workspace';
+import { EventTopicBrokerDeleteTriggerResource } from '@causa/workspace-core';
+/**
+ * Implements {@link EventTopicBrokerDeleteTriggerResource} for GCP service accounts.
+ * Service accounts are used by Pub/Sub push subscriptions to authenticate requests when pushing messages (e.g. to Cloud
+ * Run services).
+ */
+export declare class EventTopicBrokerDeleteTriggerResourceForServiceAccount extends EventTopicBrokerDeleteTriggerResource {
+    _call(context: WorkspaceContext): Promise<void>;
+    _supports(context: WorkspaceContext): boolean;
+}

package/dist/functions/event-topic/broker-delete-trigger-resource-service-account.js ADDED Viewed

@@ -0,0 +1,28 @@
+import { EventTopicBrokerDeleteTriggerResource, } from '@causa/workspace-core';
+import { IamService } from '../../services/index.js';
+/**
+ * Implements {@link EventTopicBrokerDeleteTriggerResource} for GCP service accounts.
+ * Service accounts are used by Pub/Sub push subscriptions to authenticate requests when pushing messages (e.g. to Cloud
+ * Run services).
+ */
+export class EventTopicBrokerDeleteTriggerResourceForServiceAccount extends EventTopicBrokerDeleteTriggerResource {
+    async _call(context) {
+        context.logger.info(`🛂 Deleting Pub/Sub backfilling service account '${this.id}'.`);
+        try {
+            await context.service(IamService).deleteServiceAccount(this.id);
+        }
+        catch (error) {
+            if (error.code === 404) {
+                context.logger.warn(`⚠️ Pub/Sub backfilling service account '${this.id}' does not exist. It might have already been deleted.`);
+            }
+            else {
+                throw error;
+            }
+        }
+    }
+    _supports(context) {
+        return (this.id.match(/^projects\/[\w-]+\/serviceAccounts\/[^/]+$/) != null &&
+            context.asConfiguration().get('events.broker') ===
+                'google.pubSub');
+    }
+}

package/dist/functions/event-topic/broker-get-topic-id-pubsub.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+import { WorkspaceContext } from '@causa/workspace';
+import { EventTopicBrokerGetTopicId } from '@causa/workspace-core';
+/**
+ * Implements {@link EventTopicBrokerGetTopicId} for Pub/Sub.
+ * The returned topic ID is a full Pub/Sub topic ID, e.g. `projects/<projectId>/topics/<topicId>`.
+ */
+export declare class EventTopicBrokerGetTopicIdForPubSub extends EventTopicBrokerGetTopicId {
+    _call(context: WorkspaceContext): Promise<string>;
+    _supports(context: WorkspaceContext): boolean;
+}

package/dist/functions/event-topic/broker-get-topic-id-pubsub.js ADDED Viewed

@@ -0,0 +1,16 @@
+import { EventTopicBrokerGetTopicId, } from '@causa/workspace-core';
+/**
+ * Implements {@link EventTopicBrokerGetTopicId} for Pub/Sub.
+ * The returned topic ID is a full Pub/Sub topic ID, e.g. `projects/<projectId>/topics/<topicId>`.
+ */
+export class EventTopicBrokerGetTopicIdForPubSub extends EventTopicBrokerGetTopicId {
+    async _call(context) {
+        const googleConf = context.asConfiguration();
+        const projectId = googleConf.getOrThrow('google.project');
+        return `projects/${projectId}/topics/${this.eventTopic}`;
+    }
+    _supports(context) {
+        return (context.asConfiguration().get('events.broker') ===
+            'google.pubSub');
+    }
+}

package/dist/functions/event-topic/broker-publish-events-google.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import { WorkspaceContext } from '@causa/workspace';
+import { EventTopicBrokerPublishEvents } from '@causa/workspace-core';
+/**
+ * Implements {@link EventTopicBrokerPublishEvents} for a Google / GCP stack.
+ * The supported message broker is Pub/Sub.
+ */
+export declare class EventTopicBrokerPublishEventsForGoogle extends EventTopicBrokerPublishEvents {
+    /**
+     * Tries to create a {@link BackfillEventsSource} from the provided `source` and `filter`.
+     *
+     * @param context The {@link WorkspaceContext}.
+     * @returns The {@link BackfillEventsSource} to use for backfilling.
+     */
+    private createSource;
+    _call(context: WorkspaceContext): Promise<void>;
+    _supports(context: WorkspaceContext): boolean;
+}

package/dist/functions/event-topic/broker-publish-events-google.js ADDED Viewed

@@ -0,0 +1,45 @@
+import { EventTopicBrokerPublishEvents, JsonFilesEventSource, } from '@causa/workspace-core';
+import { BigQueryEventsSource, PubSubBackfillEventPublisher, } from '../../backfilling/index.js';
+/**
+ * Implements {@link EventTopicBrokerPublishEvents} for a Google / GCP stack.
+ * The supported message broker is Pub/Sub.
+ */
+export class EventTopicBrokerPublishEventsForGoogle extends EventTopicBrokerPublishEvents {
+    /**
+     * Tries to create a {@link BackfillEventsSource} from the provided `source` and `filter`.
+     *
+     * @param context The {@link WorkspaceContext}.
+     * @returns The {@link BackfillEventsSource} to use for backfilling.
+     */
+    async createSource(context) {
+        if (!this.source) {
+            const googleConf = context.asConfiguration();
+            const projectId = googleConf.getOrThrow('google.project');
+            const rawEventsDatasetId = googleConf.get('google.pubSub.bigQueryStorage.rawEventsDatasetId');
+            if (!rawEventsDatasetId) {
+                throw new Error('Cannot use the default event source because BigQuery storage is not configured.');
+            }
+            const tableName = this.eventTopic.replace(/[-\.]/g, '_');
+            const tableId = `${projectId}.${rawEventsDatasetId}.${tableName}`;
+            return new BigQueryEventsSource(context, tableId);
+        }
+        const bqSource = await BigQueryEventsSource.fromSourceAndFilter(context, this.source, this.filter);
+        if (bqSource) {
+            return bqSource;
+        }
+        const jsonFilesSource = await JsonFilesEventSource.fromSourceAndFilter(context, this.source, this.filter);
+        if (jsonFilesSource) {
+            return jsonFilesSource;
+        }
+        throw new Error(`The event source '${this.source}' is not supported.`);
+    }
+    async _call(context) {
+        const source = await this.createSource(context);
+        const publisher = new PubSubBackfillEventPublisher(context, this.topicId);
+        await publisher.publishFromSource(source);
+    }
+    _supports(context) {
+        return (context.asConfiguration().get('events.broker') ===
+            'google.pubSub');
+    }
+}

package/dist/functions/event-topic/index.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+export { EventTopicBrokerCreateTopicForPubSub } from './broker-create-topic-pubsub.js';
+export { EventTopicBrokerCreateTriggerForCloudRun } from './broker-create-trigger-cloud-run.js';
+export { EventTopicBrokerDeleteTopicForPubSub } from './broker-delete-topic-pubsub.js';
+export { EventTopicBrokerDeleteTriggerResourceForCloudRunInvokerRole } from './broker-delete-trigger-resource-cloud-run-invoker-role.js';
+export { EventTopicBrokerDeleteTriggerResourceForPubSubSubscription } from './broker-delete-trigger-resource-pubsub-subscription.js';
+export { EventTopicBrokerDeleteTriggerResourceForServiceAccount } from './broker-delete-trigger-resource-service-account.js';
+export { EventTopicBrokerGetTopicIdForPubSub } from './broker-get-topic-id-pubsub.js';
+export { EventTopicBrokerPublishEventsForGoogle } from './broker-publish-events-google.js';

package/dist/functions/event-topic/index.js ADDED Viewed

@@ -0,0 +1,8 @@
+export { EventTopicBrokerCreateTopicForPubSub } from './broker-create-topic-pubsub.js';
+export { EventTopicBrokerCreateTriggerForCloudRun } from './broker-create-trigger-cloud-run.js';
+export { EventTopicBrokerDeleteTopicForPubSub } from './broker-delete-topic-pubsub.js';
+export { EventTopicBrokerDeleteTriggerResourceForCloudRunInvokerRole } from './broker-delete-trigger-resource-cloud-run-invoker-role.js';
+export { EventTopicBrokerDeleteTriggerResourceForPubSubSubscription } from './broker-delete-trigger-resource-pubsub-subscription.js';
+export { EventTopicBrokerDeleteTriggerResourceForServiceAccount } from './broker-delete-trigger-resource-service-account.js';
+export { EventTopicBrokerGetTopicIdForPubSub } from './broker-get-topic-id-pubsub.js';
+export { EventTopicBrokerPublishEventsForGoogle } from './broker-publish-events-google.js';

package/dist/functions/{google-app-check-generate-token.js → google-app-check/generate-token.js} RENAMED Viewed

@@ -12,8 +12,8 @@ import { WorkspaceFunction } from '@causa/workspace';
 import { AllowMissing } from '@causa/workspace/validation';
 import { IsString } from 'class-validator';
 import { getAppCheck } from 'firebase-admin/app-check';
-import { appCheckCommandDefinition } from '../cli/index.js';
-import { FirebaseAppService } from '../services/index.js';
+import { appCheckCommandDefinition } from '../../cli/index.js';
+import { FirebaseAppService } from '../../services/index.js';
 /**
  * The time to live of generated tokens, in seconds.
  */

package/dist/functions/google-app-check/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GoogleAppCheckGenerateToken } from './generate-token.js';

package/dist/functions/google-app-check/index.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GoogleAppCheckGenerateToken } from './generate-token.js';

package/dist/functions/google-firebase-storage/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GoogleFirebaseStorageMergeRules } from './merge-rules.js';

package/dist/functions/google-firebase-storage/index.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GoogleFirebaseStorageMergeRules } from './merge-rules.js';

package/dist/functions/{google-firebase-storage-merge-rules.d.ts → google-firebase-storage/merge-rules.d.ts} RENAMED Viewed

@@ -1,6 +1,6 @@
 import { WorkspaceContext, WorkspaceFunction } from '@causa/workspace';
 import { InfrastructureProcessor } from '@causa/workspace-core';
-import { GoogleConfiguration } from '../configurations/index.js';
+import { GoogleConfiguration } from '../../configurations/index.js';
 /**
  * The return value of {@link GoogleFirebaseStorageMergeRules}.
  */

package/dist/functions/{google-firebase-storage-merge-rules.js → google-firebase-storage/merge-rules.js} RENAMED Viewed

@@ -11,8 +11,8 @@ import { CliCommand } from '@causa/cli';
 import { WorkspaceFunction } from '@causa/workspace';
 import { AllowMissing } from '@causa/workspace/validation';
 import { IsBoolean } from 'class-validator';
-import { firebaseStorageCommandDefinition } from '../cli/index.js';
-import { mergeFirebaseRulesFiles } from '../firebase/index.js';
+import { firebaseStorageCommandDefinition } from '../../cli/index.js';
+import { mergeFirebaseRulesFiles } from '../../firebase/index.js';
 /**
  * The default location where the security rules file for Firebase Storage will be written.
  */

package/dist/functions/google-firestore/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GoogleFirestoreMergeRules } from './merge-rules.js';

package/dist/functions/google-firestore/index.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GoogleFirestoreMergeRules } from './merge-rules.js';

package/dist/functions/{google-firestore-merge-rules.d.ts → google-firestore/merge-rules.d.ts} RENAMED Viewed

@@ -1,6 +1,6 @@
 import { WorkspaceContext, WorkspaceFunction } from '@causa/workspace';
 import { InfrastructureProcessor } from '@causa/workspace-core';
-import { GoogleConfiguration } from '../configurations/index.js';
+import { GoogleConfiguration } from '../../configurations/index.js';
 /**
  * The return value of {@link GoogleFirestoreMergeRules}.
  */

package/dist/functions/{google-firestore-merge-rules.js → google-firestore/merge-rules.js} RENAMED Viewed

@@ -11,8 +11,8 @@ import { CliCommand } from '@causa/cli';
 import { WorkspaceFunction } from '@causa/workspace';
 import { AllowMissing } from '@causa/workspace/validation';
 import { IsBoolean } from 'class-validator';
-import { firestoreCommandDefinition } from '../cli/index.js';
-import { mergeFirebaseRulesFiles } from '../firebase/index.js';
+import { firestoreCommandDefinition } from '../../cli/index.js';
+import { mergeFirebaseRulesFiles } from '../../firebase/index.js';
 /**
  * The default location where the security rules file for Firestore will be written.
  */

package/dist/functions/{google-identity-platform-generate-custom-token.js → google-identity-platform/generate-custom-token.js} RENAMED Viewed

@@ -11,7 +11,7 @@ import { WorkspaceFunction } from '@causa/workspace';
 import { AllowMissing } from '@causa/workspace/validation';
 import { IsObject, IsString } from 'class-validator';
 import { getAuth } from 'firebase-admin/auth';
-import { FirebaseAppService } from '../index.js';
+import { FirebaseAppService } from '../../services/index.js';
 /**
  * Generates a custom token that can be used to sign in to Identity Platform as a given user.
  * Optionally, custom claims can be set in the token.

package/dist/functions/{google-identity-platform-generate-token.js → google-identity-platform/generate-token.js} RENAMED Viewed

@@ -13,9 +13,9 @@ import { AllowMissing } from '@causa/workspace/validation';
 import { Transform } from 'class-transformer';
 import { IsObject, IsString } from 'class-validator';
 import { getAuth, signInWithCustomToken } from 'firebase/auth';
-import { identityPlatformCommandDefinition } from '../cli/index.js';
-import { FirebaseAppService } from '../services/index.js';
-import { GoogleIdentityPlatformGenerateCustomToken } from './google-identity-platform-generate-custom-token.js';
+import { identityPlatformCommandDefinition } from '../../cli/index.js';
+import { FirebaseAppService } from '../../services/index.js';
+import { GoogleIdentityPlatformGenerateCustomToken } from './generate-custom-token.js';
 /**
  * Generates an ID token for an Identity Platform end user.
  * For this function to succeed, the `google.project` should be set, which usually means setting the environment in the

package/dist/functions/google-identity-platform/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { GoogleIdentityPlatformGenerateCustomToken } from './generate-custom-token.js';
2	+ export { GoogleIdentityPlatformGenerateToken } from './generate-token.js';

package/dist/functions/google-identity-platform/index.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { GoogleIdentityPlatformGenerateCustomToken } from './generate-custom-token.js';
2	+ export { GoogleIdentityPlatformGenerateToken } from './generate-token.js';

package/dist/functions/google-pubsub/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GooglePubSubWriteTopics } from './write-topics.js';

package/dist/functions/google-pubsub/index.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GooglePubSubWriteTopics } from './write-topics.js';

package/dist/functions/{google-services-enable.d.ts → google-services/enable.d.ts} RENAMED Viewed

@@ -1,6 +1,6 @@
 import { WorkspaceContext, WorkspaceFunction } from '@causa/workspace';
 import { InfrastructureProcessor } from '@causa/workspace-core';
-import { GoogleConfiguration } from '../configurations/index.js';
+import { GoogleConfiguration } from '../../configurations/index.js';
 /**
  * The return value of {@link GoogleServicesEnable}.
  */

package/dist/functions/{google-services-enable.js → google-services/enable.js} RENAMED Viewed

@@ -12,7 +12,7 @@ import { WorkspaceFunction } from '@causa/workspace';
 import { AllowMissing } from '@causa/workspace/validation';
 import { ServiceUsageClient } from '@google-cloud/service-usage';
 import { IsBoolean } from 'class-validator';
-import { googleCommandDefinition } from '../cli/index.js';
+import { googleCommandDefinition } from '../../cli/index.js';
 /**
  * The maximum number of GCP services that can be enabled at the same time.
  */

package/dist/functions/google-services/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GoogleServicesEnable } from './enable.js';

package/dist/functions/google-services/index.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GoogleServicesEnable } from './enable.js';

package/dist/functions/google-spanner/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { GoogleSpannerListDatabases } from './list-databases.js';
2	+ export { GoogleSpannerWriteDatabases } from './write-databases.js';

package/dist/functions/google-spanner/index.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { GoogleSpannerListDatabases } from './list-databases.js';
2	+ export { GoogleSpannerWriteDatabases } from './write-databases.js';

package/dist/functions/{google-spanner-write-databases.js → google-spanner/write-databases.js} RENAMED Viewed

@@ -13,7 +13,7 @@ import { AllowMissing } from '@causa/workspace/validation';
 import { IsBoolean } from 'class-validator';
 import { mkdir, rm, writeFile } from 'fs/promises';
 import { join } from 'path';
-import { GoogleSpannerListDatabases } from './google-spanner-list-databases.js';
+import { GoogleSpannerListDatabases } from './list-databases.js';
 /**
  * The default directory where Spanner database configurations are written, relative to the workspace root.
  */

package/dist/functions/index.js CHANGED Viewed

@@ -1,26 +1,14 @@
-import { EmulatorStartForFirebaseStorage } from './emulator-start-firebase-storage.js';
-import { EmulatorStartForFirestore } from './emulator-start-firestore.js';
-import { EmulatorStartForIdentityPlatform } from './emulator-start-identity-platform.js';
-import { EmulatorStartForPubSub } from './emulator-start-pubsub.js';
-import { EmulatorStartForSpanner } from './emulator-start-spanner.js';
-import { EmulatorStopForFirebaseStorage } from './emulator-stop-firebase-storage.js';
-import { EmulatorStopForFirestore } from './emulator-stop-firestore.js';
-import { EmulatorStopForIdentityPlatform } from './emulator-stop-identity-platform.js';
-import { EmulatorStopForPubSub } from './emulator-stop-pubsub.js';
-import { EmulatorStopForSpanner } from './emulator-stop-spanner.js';
-import { GoogleAppCheckGenerateToken } from './google-app-check-generate-token.js';
-import { GoogleFirebaseStorageMergeRules } from './google-firebase-storage-merge-rules.js';
-import { GoogleFirestoreMergeRules } from './google-firestore-merge-rules.js';
-import { GoogleIdentityPlatformGenerateCustomToken } from './google-identity-platform-generate-custom-token.js';
-import { GoogleIdentityPlatformGenerateToken } from './google-identity-platform-generate-token.js';
-import { GooglePubSubWriteTopics } from './google-pubsub-write-topics.js';
-import { GoogleServicesEnable } from './google-services-enable.js';
-import { GoogleSpannerListDatabases } from './google-spanner-list-databases.js';
-import { GoogleSpannerWriteDatabases } from './google-spanner-write-databases.js';
-import { ProjectGetArtefactDestinationForCloudFunctions } from './project-get-artefact-destination-cloud-functions.js';
-import { ProjectGetArtefactDestinationForCloudRun } from './project-get-artefact-destination-cloud-run.js';
-import { ProjectPushArtefactForCloudFunctions } from './project-push-artefact-cloud-functions.js';
-import { SecretFetchForGoogleSecretManager } from './secret-fetch-secret-manager.js';
+import { EmulatorStartForFirebaseStorage, EmulatorStartForFirestore, EmulatorStartForIdentityPlatform, EmulatorStartForPubSub, EmulatorStartForSpanner, EmulatorStopForFirebaseStorage, EmulatorStopForFirestore, EmulatorStopForIdentityPlatform, EmulatorStopForPubSub, EmulatorStopForSpanner, } from './emulator/index.js';
+import { EventTopicBrokerCreateTopicForPubSub, EventTopicBrokerCreateTriggerForCloudRun, EventTopicBrokerDeleteTopicForPubSub, EventTopicBrokerDeleteTriggerResourceForCloudRunInvokerRole, EventTopicBrokerDeleteTriggerResourceForPubSubSubscription, EventTopicBrokerDeleteTriggerResourceForServiceAccount, EventTopicBrokerGetTopicIdForPubSub, EventTopicBrokerPublishEventsForGoogle, } from './event-topic/index.js';
+import { GoogleAppCheckGenerateToken } from './google-app-check/index.js';
+import { GoogleFirebaseStorageMergeRules } from './google-firebase-storage/index.js';
+import { GoogleFirestoreMergeRules } from './google-firestore/index.js';
+import { GoogleIdentityPlatformGenerateCustomToken, GoogleIdentityPlatformGenerateToken, } from './google-identity-platform/index.js';
+import { GooglePubSubWriteTopics } from './google-pubsub/index.js';
+import { GoogleServicesEnable } from './google-services/index.js';
+import { GoogleSpannerListDatabases, GoogleSpannerWriteDatabases, } from './google-spanner/index.js';
+import { ProjectGetArtefactDestinationForCloudFunctions, ProjectGetArtefactDestinationForCloudRun, ProjectPushArtefactForCloudFunctions, } from './project/index.js';
+import { SecretFetchForGoogleSecretManager } from './secret/index.js';
 export function registerFunctions(context) {
-    context.registerFunctionImplementations(EmulatorStartForFirebaseStorage, EmulatorStartForFirestore, EmulatorStartForIdentityPlatform, EmulatorStartForPubSub, EmulatorStartForSpanner, EmulatorStopForFirebaseStorage, EmulatorStopForFirestore, EmulatorStopForIdentityPlatform, EmulatorStopForPubSub, EmulatorStopForSpanner, GoogleAppCheckGenerateToken, GoogleFirebaseStorageMergeRules, GoogleFirestoreMergeRules, GoogleIdentityPlatformGenerateCustomToken, GoogleIdentityPlatformGenerateToken, GooglePubSubWriteTopics, GoogleServicesEnable, GoogleSpannerListDatabases, GoogleSpannerWriteDatabases, ProjectGetArtefactDestinationForCloudFunctions, ProjectGetArtefactDestinationForCloudRun, ProjectPushArtefactForCloudFunctions, SecretFetchForGoogleSecretManager);
+    context.registerFunctionImplementations(EmulatorStartForFirebaseStorage, EmulatorStartForFirestore, EmulatorStartForIdentityPlatform, EmulatorStartForPubSub, EmulatorStartForSpanner, EmulatorStopForFirebaseStorage, EmulatorStopForFirestore, EmulatorStopForIdentityPlatform, EmulatorStopForPubSub, EmulatorStopForSpanner, EventTopicBrokerCreateTopicForPubSub, EventTopicBrokerCreateTriggerForCloudRun, EventTopicBrokerDeleteTopicForPubSub, EventTopicBrokerDeleteTriggerResourceForCloudRunInvokerRole, EventTopicBrokerDeleteTriggerResourceForPubSubSubscription, EventTopicBrokerDeleteTriggerResourceForServiceAccount, EventTopicBrokerGetTopicIdForPubSub, EventTopicBrokerPublishEventsForGoogle, GoogleAppCheckGenerateToken, GoogleFirebaseStorageMergeRules, GoogleFirestoreMergeRules, GoogleIdentityPlatformGenerateCustomToken, GoogleIdentityPlatformGenerateToken, GooglePubSubWriteTopics, GoogleServicesEnable, GoogleSpannerListDatabases, GoogleSpannerWriteDatabases, ProjectGetArtefactDestinationForCloudFunctions, ProjectGetArtefactDestinationForCloudRun, ProjectPushArtefactForCloudFunctions, SecretFetchForGoogleSecretManager);
 }

package/dist/functions/project/index.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export { ProjectGetArtefactDestinationForCloudFunctions } from './get-artefact-destination-cloud-functions.js';
+export { ProjectGetArtefactDestinationForCloudRun } from './get-artefact-destination-cloud-run.js';
+export { ProjectPushArtefactForCloudFunctions } from './push-artefact-cloud-functions.js';

package/dist/functions/project/index.js ADDED Viewed

@@ -0,0 +1,3 @@
+export { ProjectGetArtefactDestinationForCloudFunctions } from './get-artefact-destination-cloud-functions.js';
+export { ProjectGetArtefactDestinationForCloudRun } from './get-artefact-destination-cloud-run.js';
+export { ProjectPushArtefactForCloudFunctions } from './push-artefact-cloud-functions.js';

package/dist/functions/{project-push-artefact-cloud-functions.js → project/push-artefact-cloud-functions.js} RENAMED Viewed

@@ -1,6 +1,6 @@
 import { ArtefactAlreadyExistsError, ProjectPushArtefact, } from '@causa/workspace-core';
 import { rm } from 'fs/promises';
-import { CloudStorageService } from '../services/index.js';
+import { CloudStorageService } from '../../services/index.js';
 /**
  * Implements the {@link ProjectPushArtefact} function for Cloud Functions projects.
  * This copies the local archive of the Cloud Functions project to the Google Cloud Storage URI set in

package/dist/functions/{secret-fetch-secret-manager.js → secret/fetch-secret-manager.js} RENAMED Viewed

@@ -1,5 +1,5 @@
 import { InvalidSecretDefinitionError, SecretFetch, } from '@causa/workspace';
-import { GoogleSecretManagerService } from '../services/index.js';
+import { GoogleSecretManagerService } from '../../services/index.js';
 /**
  * The regular expression used to match the (Secret Manager) secret ID/name, and possibly its version and project.
  * [projects/<projectId>/secrets]<secretName>[/versions/<version>]

package/dist/functions/secret/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { SecretFetchForGoogleSecretManager } from './fetch-secret-manager.js';

package/dist/functions/secret/index.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { SecretFetchForGoogleSecretManager } from './fetch-secret-manager.js';

package/dist/services/bigquery.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+import { WorkspaceContext } from '@causa/workspace';
+import { BigQuery } from '@google-cloud/bigquery';
+/**
+ * A service that provides access to BigQuery.
+ */
+export declare class BigQueryService {
+    /**
+     * The BigQuery client configured with the GCP project ID.
+     */
+    readonly bigQuery: BigQuery;
+    /**
+     * The GCP project ID.
+     */
+    readonly projectId: string;
+    constructor(context: WorkspaceContext);
+}

package/dist/services/bigquery.js ADDED Viewed

@@ -0,0 +1,19 @@
+import { BigQuery } from '@google-cloud/bigquery';
+/**
+ * A service that provides access to BigQuery.
+ */
+export class BigQueryService {
+    /**
+     * The BigQuery client configured with the GCP project ID.
+     */
+    bigQuery;
+    /**
+     * The GCP project ID.
+     */
+    projectId;
+    constructor(context) {
+        const googleConf = context.asConfiguration();
+        this.projectId = googleConf.getOrThrow('google.project');
+        this.bigQuery = new BigQuery({ projectId: this.projectId });
+    }
+}

package/dist/services/cloud-run-pubsub-trigger.d.ts ADDED Viewed

@@ -0,0 +1,101 @@
+import { WorkspaceContext } from '@causa/workspace';
+/**
+ * A service that manages (creates) Pub/Sub triggers pointing to Cloud Run services.
+ * This is used for backfilling operations. The reason it is a service is to persist temporary service accounts and IAM
+ * grants, such that they can be reused within the same backfilling operation.
+ */
+export declare class CloudRunPubSubTriggerService {
+    /**
+     * The service managing Cloud Run resources.
+     */
+    private readonly cloudRunService;
+    /**
+     * The service managing Pub/Sub resources.
+     */
+    private readonly pubSubService;
+    /**
+     * The service managing IAM permissions.
+     */
+    private readonly iamService;
+    /**
+     * A set of IAM bindings that have already been created.
+     * This is used to avoid creating the same bindings multiple times within a single backfill operation.
+     * An IAM binding allows the service account used by Pub/Sub for a single backfill operation to invoke a Cloud Run
+     * service. The format of strings in this set is the one used to reference bindings during deletion as well, i.e.
+     * `projects/<projectId>/locations/<location>/services/<name>/invokerBindings/<serviceAccountEmail>`.
+     */
+    private readonly invokerBindingIds;
+    /**
+     * A map of backfill IDs to promises resolving to the service account email used by Pub/Sub to invoke Cloud Run
+     * services for the backfill.
+     */
+    private readonly backfillInvokerServiceAccounts;
+    /**
+     * The logger used by this service.
+     */
+    private readonly logger;
+    /**
+     * The ID of the GCP project in which resources should be created.
+     */
+    readonly projectId: string;
+    constructor(context: WorkspaceContext);
+    /**
+     * Creates a service account that should be used by Pub/Sub to invoke Cloud Run services for a given backfill
+     * operation.
+     *
+     * @param backfillId The ID of the backfilling operation.
+     * @returns The service account email that should be used by Pub/Sub when pushing messages to Cloud Run services,
+     *   along with the corresponding resource ID that should be deleted as part of the backfill cleaning.
+     */
+    private createBackfillInvokerServiceAccount;
+    /**
+     * Gets or creates a service account that should be used by Pub/Sub to invoke Cloud Run services for a given backfill
+     * operation.
+     *
+     * @param backfillId The ID of the backfilling operation.
+     * @returns The service account email that should be used by Pub/Sub when pushing messages to Cloud Run services.
+     *   If `resourceId` is not `null`, it should be added to the list of resources to delete as part of the backfill
+     *   cleaning.
+     */
+    private getBackfillInvokerServiceAccount;
+    /**
+     * Grants the invoker role to a service account for a given Cloud Run service.
+     * This is used to allow Pub/Sub to invoke the Cloud Run service.
+     * If a resource ID string is returned, it should be added to the list of resources to delete as part of the backfill
+     * cleaning.
+     *
+     * @param serviceId The ID of the Cloud Run service.
+     * @param pubSubServiceAccount The service account email for which the invoker role should be granted.
+     * @returns The resource ID of the IAM binding that was created, or `null` if the binding already existed.
+     */
+    private grantPubSubInvokerRole;
+    /**
+     * Creates a Pub/Sub subscription that will push messages to a Cloud Run service.
+     *
+     * @param backfillId The ID of the backfilling operation.
+     * @param topicId The ID of the Pub/Sub topic to subscribe to.
+     * @param serviceId The ID of the Cloud Run service to invoke.
+     * @param path The HTTP endpoint of the Cloud Run service to invoke.
+     * @param serviceAccountEmail The service account email that should be used by Pub/Sub when pushing messages to the
+     *   Cloud Run service.
+     * @returns The ID of the Pub/Sub subscription that was created. It should be added to the list of resources to delete
+     *   as part of the backfill cleaning.
+     */
+    private createSubscription;
+    /**
+     * Creates a Pub/Sub trigger (push subscription) pointing to a Cloud Run service.
+     * This requires several resources, such as:
+     * - A service account that should be used by Pub/Sub to invoke Cloud Run services for the backfill.
+     * - An IAM binding allowing the service account to invoke the Cloud Run service.
+     * - A Pub/Sub subscription that will push messages to the Cloud Run service.
+     * The IDs of these resources are returned, and should be deleted as part of the backfill cleaning.
+     *
+     * @param backfillId The ID of the backfilling operation.
+     * @param topicId The ID of the Pub/Sub topic to subscribe to.
+     * @param serviceId The ID of the Cloud Run service to invoke.
+     * @param path The HTTP endpoint of the Cloud Run service to invoke.
+     * @returns The IDs of the resources that were created. They should be added to the list of resources to delete as
+     *   part of the backfill cleaning.
+     */
+    create(backfillId: string, topicId: string, serviceId: string, path: string): Promise<string[]>;
+}