npm - @causa/workspace-google - Versions diffs - 0.4.0 → 0.6.0 - Mend

@causa/workspace-google 0.4.0 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (112) hide show

package/dist/functions/event-topic/broker-delete-topic-pubsub.js ADDED Viewed

@@ -0,0 +1,26 @@
+import { EventTopicBrokerDeleteTopic, } from '@causa/workspace-core';
+import { status } from '@grpc/grpc-js';
+import { PubSubService } from '../../services/index.js';
+/**
+ * Implements {@link EventTopicBrokerDeleteTopic} for Pub/Sub.
+ * The `id` argument should be a full Pub/Sub topic ID, e.g. `projects/<projectId>/topics/<topicId>`.
+ */
+export class EventTopicBrokerDeleteTopicForPubSub extends EventTopicBrokerDeleteTopic {
+    async _call(context) {
+        context.logger.info(`📫 Deleting Pub/Sub topic '${this.id}'.`);
+        try {
+            await context.service(PubSubService).pubSub.topic(this.id).delete();
+        }
+        catch (error) {
+            if (error.code === status.NOT_FOUND) {
+                context.logger.warn(`⚠️ Pub/Sub topic to delete '${this.id}' does not exist. It might have already been deleted.`);
+                return;
+            }
+            throw error;
+        }
+    }
+    _supports(context) {
+        return (context.asConfiguration().get('events.broker') ===
+            'google.pubSub');
+    }
+}

package/dist/functions/event-topic/broker-delete-trigger-resource-cloud-run-invoker-role.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { WorkspaceContext } from '@causa/workspace';
+import { EventTopicBrokerDeleteTriggerResource } from '@causa/workspace-core';
+/**
+ * Implements {@link EventTopicBrokerDeleteTriggerResource} for Cloud Run invoker roles.
+ * When setting up a Pub/Sub trigger for a Cloud Run service, a new binding is added to the Cloud Run service, allowing
+ * a dedicated service account to invoke the service. This function removes that binding.
+ */
+export declare class EventTopicBrokerDeleteTriggerResourceForCloudRunInvokerRole extends EventTopicBrokerDeleteTriggerResource {
+    _call(context: WorkspaceContext): Promise<void>;
+    _supports(context: WorkspaceContext): boolean;
+}

package/dist/functions/event-topic/broker-delete-trigger-resource-cloud-run-invoker-role.js ADDED Viewed

@@ -0,0 +1,29 @@
+import { EventTopicBrokerDeleteTriggerResource, } from '@causa/workspace-core';
+import { CloudRunService } from '../../services/index.js';
+/**
+ * The regular expression that matches a resource ID representing a Cloud Run invoker role for a given service account.
+ */
+const CLOUD_RUN_INVOKER_ID_REGEX = /^(?<serviceId>projects\/[\w-]+\/locations\/[\w-]+\/services\/[\w-]+)\/invokerBindings\/(?<pubSubServiceAccount>.+)$/;
+/**
+ * Implements {@link EventTopicBrokerDeleteTriggerResource} for Cloud Run invoker roles.
+ * When setting up a Pub/Sub trigger for a Cloud Run service, a new binding is added to the Cloud Run service, allowing
+ * a dedicated service account to invoke the service. This function removes that binding.
+ */
+export class EventTopicBrokerDeleteTriggerResourceForCloudRunInvokerRole extends EventTopicBrokerDeleteTriggerResource {
+    async _call(context) {
+        const match = this.id.match(CLOUD_RUN_INVOKER_ID_REGEX);
+        if (!match?.groups) {
+            throw new Error('Invalid Cloud Run invoker binding resource ID.');
+        }
+        const { serviceId, pubSubServiceAccount } = match.groups;
+        context.logger.info(`🛂 Removing invoker role on Cloud Run service '${serviceId}' for Pub/Sub service account '${pubSubServiceAccount}'.`);
+        await context
+            .service(CloudRunService)
+            .removeInvokerBinding(serviceId, pubSubServiceAccount);
+    }
+    _supports(context) {
+        return (this.id.match(CLOUD_RUN_INVOKER_ID_REGEX) != null &&
+            context.asConfiguration().get('events.broker') ===
+                'google.pubSub');
+    }
+}

package/dist/functions/event-topic/broker-delete-trigger-resource-pubsub-subscription.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+import { WorkspaceContext } from '@causa/workspace';
+import { EventTopicBrokerDeleteTriggerResource } from '@causa/workspace-core';
+/**
+ * Implements {@link EventTopicBrokerDeleteTriggerResource} for Pub/Sub subscriptions.
+ * Pub/Sub subscriptions are for example used when creating Cloud Run triggers.
+ */
+export declare class EventTopicBrokerDeleteTriggerResourceForPubSubSubscription extends EventTopicBrokerDeleteTriggerResource {
+    _call(context: WorkspaceContext): Promise<void>;
+    _supports(context: WorkspaceContext): boolean;
+}

package/dist/functions/event-topic/broker-delete-trigger-resource-pubsub-subscription.js ADDED Viewed

@@ -0,0 +1,31 @@
+import { EventTopicBrokerDeleteTriggerResource, } from '@causa/workspace-core';
+import { status } from '@grpc/grpc-js';
+import { PubSubService } from '../../services/index.js';
+/**
+ * Implements {@link EventTopicBrokerDeleteTriggerResource} for Pub/Sub subscriptions.
+ * Pub/Sub subscriptions are for example used when creating Cloud Run triggers.
+ */
+export class EventTopicBrokerDeleteTriggerResourceForPubSubSubscription extends EventTopicBrokerDeleteTriggerResource {
+    async _call(context) {
+        context.logger.info(`📫 Deleting Pub/Sub subscription '${this.id}'.`);
+        try {
+            await context
+                .service(PubSubService)
+                .pubSub.subscription(this.id)
+                .delete();
+        }
+        catch (error) {
+            if (error.code === status.NOT_FOUND) {
+                context.logger.warn(`⚠️ Pub/Sub subscription '${this.id}' does not exist. It might have already been deleted.`);
+            }
+            else {
+                throw error;
+            }
+        }
+    }
+    _supports(context) {
+        return (this.id.match(/^projects\/[\w-]+\/subscriptions\/[\w-]+$/) != null &&
+            context.asConfiguration().get('events.broker') ===
+                'google.pubSub');
+    }
+}

package/dist/functions/event-topic/broker-delete-trigger-resource-service-account.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { WorkspaceContext } from '@causa/workspace';
+import { EventTopicBrokerDeleteTriggerResource } from '@causa/workspace-core';
+/**
+ * Implements {@link EventTopicBrokerDeleteTriggerResource} for GCP service accounts.
+ * Service accounts are used by Pub/Sub push subscriptions to authenticate requests when pushing messages (e.g. to Cloud
+ * Run services).
+ */
+export declare class EventTopicBrokerDeleteTriggerResourceForServiceAccount extends EventTopicBrokerDeleteTriggerResource {
+    _call(context: WorkspaceContext): Promise<void>;
+    _supports(context: WorkspaceContext): boolean;
+}

package/dist/functions/event-topic/broker-delete-trigger-resource-service-account.js ADDED Viewed

@@ -0,0 +1,28 @@
+import { EventTopicBrokerDeleteTriggerResource, } from '@causa/workspace-core';
+import { IamService } from '../../services/index.js';
+/**
+ * Implements {@link EventTopicBrokerDeleteTriggerResource} for GCP service accounts.
+ * Service accounts are used by Pub/Sub push subscriptions to authenticate requests when pushing messages (e.g. to Cloud
+ * Run services).
+ */
+export class EventTopicBrokerDeleteTriggerResourceForServiceAccount extends EventTopicBrokerDeleteTriggerResource {
+    async _call(context) {
+        context.logger.info(`🛂 Deleting Pub/Sub backfilling service account '${this.id}'.`);
+        try {
+            await context.service(IamService).deleteServiceAccount(this.id);
+        }
+        catch (error) {
+            if (error.code === 404) {
+                context.logger.warn(`⚠️ Pub/Sub backfilling service account '${this.id}' does not exist. It might have already been deleted.`);
+            }
+            else {
+                throw error;
+            }
+        }
+    }
+    _supports(context) {
+        return (this.id.match(/^projects\/[\w-]+\/serviceAccounts\/[^/]+$/) != null &&
+            context.asConfiguration().get('events.broker') ===
+                'google.pubSub');
+    }
+}

package/dist/functions/event-topic/broker-get-topic-id-pubsub.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+import { WorkspaceContext } from '@causa/workspace';
+import { EventTopicBrokerGetTopicId } from '@causa/workspace-core';
+/**
+ * Implements {@link EventTopicBrokerGetTopicId} for Pub/Sub.
+ * The returned topic ID is a full Pub/Sub topic ID, e.g. `projects/<projectId>/topics/<topicId>`.
+ */
+export declare class EventTopicBrokerGetTopicIdForPubSub extends EventTopicBrokerGetTopicId {
+    _call(context: WorkspaceContext): Promise<string>;
+    _supports(context: WorkspaceContext): boolean;
+}

package/dist/functions/event-topic/broker-get-topic-id-pubsub.js ADDED Viewed

@@ -0,0 +1,16 @@
+import { EventTopicBrokerGetTopicId, } from '@causa/workspace-core';
+/**
+ * Implements {@link EventTopicBrokerGetTopicId} for Pub/Sub.
+ * The returned topic ID is a full Pub/Sub topic ID, e.g. `projects/<projectId>/topics/<topicId>`.
+ */
+export class EventTopicBrokerGetTopicIdForPubSub extends EventTopicBrokerGetTopicId {
+    async _call(context) {
+        const googleConf = context.asConfiguration();
+        const projectId = googleConf.getOrThrow('google.project');
+        return `projects/${projectId}/topics/${this.eventTopic}`;
+    }
+    _supports(context) {
+        return (context.asConfiguration().get('events.broker') ===
+            'google.pubSub');
+    }
+}

package/dist/functions/event-topic/broker-publish-events-google.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import { WorkspaceContext } from '@causa/workspace';
+import { EventTopicBrokerPublishEvents } from '@causa/workspace-core';
+/**
+ * Implements {@link EventTopicBrokerPublishEvents} for a Google / GCP stack.
+ * The supported message broker is Pub/Sub.
+ */
+export declare class EventTopicBrokerPublishEventsForGoogle extends EventTopicBrokerPublishEvents {
+    /**
+     * Tries to create a {@link BackfillEventsSource} from the provided `source` and `filter`.
+     *
+     * @param context The {@link WorkspaceContext}.
+     * @returns The {@link BackfillEventsSource} to use for backfilling.
+     */
+    private createSource;
+    _call(context: WorkspaceContext): Promise<void>;
+    _supports(context: WorkspaceContext): boolean;
+}

package/dist/functions/event-topic/broker-publish-events-google.js ADDED Viewed

@@ -0,0 +1,45 @@
+import { EventTopicBrokerPublishEvents, JsonFilesEventSource, } from '@causa/workspace-core';
+import { BigQueryEventsSource, PubSubBackfillEventPublisher, } from '../../backfilling/index.js';
+/**
+ * Implements {@link EventTopicBrokerPublishEvents} for a Google / GCP stack.
+ * The supported message broker is Pub/Sub.
+ */
+export class EventTopicBrokerPublishEventsForGoogle extends EventTopicBrokerPublishEvents {
+    /**
+     * Tries to create a {@link BackfillEventsSource} from the provided `source` and `filter`.
+     *
+     * @param context The {@link WorkspaceContext}.
+     * @returns The {@link BackfillEventsSource} to use for backfilling.
+     */
+    async createSource(context) {
+        if (!this.source) {
+            const googleConf = context.asConfiguration();
+            const projectId = googleConf.getOrThrow('google.project');
+            const rawEventsDatasetId = googleConf.get('google.pubSub.bigQueryStorage.rawEventsDatasetId');
+            if (!rawEventsDatasetId) {
+                throw new Error('Cannot use the default event source because BigQuery storage is not configured.');
+            }
+            const tableName = this.eventTopic.replace(/[-\.]/g, '_');
+            const tableId = `${projectId}.${rawEventsDatasetId}.${tableName}`;
+            return new BigQueryEventsSource(context, tableId);
+        }
+        const bqSource = await BigQueryEventsSource.fromSourceAndFilter(context, this.source, this.filter);
+        if (bqSource) {
+            return bqSource;
+        }
+        const jsonFilesSource = await JsonFilesEventSource.fromSourceAndFilter(context, this.source, this.filter);
+        if (jsonFilesSource) {
+            return jsonFilesSource;
+        }
+        throw new Error(`The event source '${this.source}' is not supported.`);
+    }
+    async _call(context) {
+        const source = await this.createSource(context);
+        const publisher = new PubSubBackfillEventPublisher(context, this.topicId);
+        await publisher.publishFromSource(source);
+    }
+    _supports(context) {
+        return (context.asConfiguration().get('events.broker') ===
+            'google.pubSub');
+    }
+}

package/dist/functions/event-topic/index.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+export { EventTopicBrokerCreateTopicForPubSub } from './broker-create-topic-pubsub.js';
+export { EventTopicBrokerCreateTriggerForCloudRun } from './broker-create-trigger-cloud-run.js';
+export { EventTopicBrokerDeleteTopicForPubSub } from './broker-delete-topic-pubsub.js';
+export { EventTopicBrokerDeleteTriggerResourceForCloudRunInvokerRole } from './broker-delete-trigger-resource-cloud-run-invoker-role.js';
+export { EventTopicBrokerDeleteTriggerResourceForPubSubSubscription } from './broker-delete-trigger-resource-pubsub-subscription.js';
+export { EventTopicBrokerDeleteTriggerResourceForServiceAccount } from './broker-delete-trigger-resource-service-account.js';
+export { EventTopicBrokerGetTopicIdForPubSub } from './broker-get-topic-id-pubsub.js';
+export { EventTopicBrokerPublishEventsForGoogle } from './broker-publish-events-google.js';

package/dist/functions/event-topic/index.js ADDED Viewed

@@ -0,0 +1,8 @@
+export { EventTopicBrokerCreateTopicForPubSub } from './broker-create-topic-pubsub.js';
+export { EventTopicBrokerCreateTriggerForCloudRun } from './broker-create-trigger-cloud-run.js';
+export { EventTopicBrokerDeleteTopicForPubSub } from './broker-delete-topic-pubsub.js';
+export { EventTopicBrokerDeleteTriggerResourceForCloudRunInvokerRole } from './broker-delete-trigger-resource-cloud-run-invoker-role.js';
+export { EventTopicBrokerDeleteTriggerResourceForPubSubSubscription } from './broker-delete-trigger-resource-pubsub-subscription.js';
+export { EventTopicBrokerDeleteTriggerResourceForServiceAccount } from './broker-delete-trigger-resource-service-account.js';
+export { EventTopicBrokerGetTopicIdForPubSub } from './broker-get-topic-id-pubsub.js';
+export { EventTopicBrokerPublishEventsForGoogle } from './broker-publish-events-google.js';

package/dist/functions/{google-app-check-generate-token.js → google-app-check/generate-token.js} RENAMED Viewed

@@ -12,8 +12,8 @@ import { WorkspaceFunction } from '@causa/workspace';
 import { AllowMissing } from '@causa/workspace/validation';
 import { IsString } from 'class-validator';
 import { getAppCheck } from 'firebase-admin/app-check';
-import { appCheckCommandDefinition } from '../cli/index.js';
-import { FirebaseAppService } from '../services/index.js';
+import { appCheckCommandDefinition } from '../../cli/index.js';
+import { FirebaseAppService } from '../../services/index.js';
 /**
  * The time to live of generated tokens, in seconds.
  */
@@ -21,7 +21,7 @@ const TOKEN_TTL = 3600;
 /**
  * Generates a new AppCheck token.
  */
-export let GoogleAppCheckGenerateToken = class GoogleAppCheckGenerateToken extends WorkspaceFunction {
+let GoogleAppCheckGenerateToken = class GoogleAppCheckGenerateToken extends WorkspaceFunction {
     /**
      * The ID of the Firebase app for which the token will be generated.
      * If `undefined`, a Firebase app ID will be found in the configuration or using the API.
@@ -64,3 +64,4 @@ If the Firebase app ID is not specified, it will:
         outputFn: (token) => console.log(token),
     })
 ], GoogleAppCheckGenerateToken);
+export { GoogleAppCheckGenerateToken };

package/dist/functions/google-app-check/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GoogleAppCheckGenerateToken } from './generate-token.js';

package/dist/functions/google-app-check/index.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GoogleAppCheckGenerateToken } from './generate-token.js';

package/dist/functions/google-firebase-storage/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GoogleFirebaseStorageMergeRules } from './merge-rules.js';

package/dist/functions/google-firebase-storage/index.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GoogleFirebaseStorageMergeRules } from './merge-rules.js';

package/dist/functions/{google-firebase-storage-merge-rules.d.ts → google-firebase-storage/merge-rules.d.ts} RENAMED Viewed

@@ -1,6 +1,6 @@
 import { WorkspaceContext, WorkspaceFunction } from '@causa/workspace';
 import { InfrastructureProcessor } from '@causa/workspace-core';
-import { GoogleConfiguration } from '../configurations/index.js';
+import { GoogleConfiguration } from '../../configurations/index.js';
 /**
  * The return value of {@link GoogleFirebaseStorageMergeRules}.
  */

package/dist/functions/{google-firebase-storage-merge-rules.js → google-firebase-storage/merge-rules.js} RENAMED Viewed

@@ -11,8 +11,8 @@ import { CliCommand } from '@causa/cli';
 import { WorkspaceFunction } from '@causa/workspace';
 import { AllowMissing } from '@causa/workspace/validation';
 import { IsBoolean } from 'class-validator';
-import { firebaseStorageCommandDefinition } from '../cli/index.js';
-import { mergeFirebaseRulesFiles } from '../firebase/index.js';
+import { firebaseStorageCommandDefinition } from '../../cli/index.js';
+import { mergeFirebaseRulesFiles } from '../../firebase/index.js';
 /**
  * The default location where the security rules file for Firebase Storage will be written.
  */
@@ -27,7 +27,7 @@ const DEFAULT_FIREBASE_STORAGE_SECURITY_RULE_FILE = 'storage.rules';
  * Returns a configuration with `google.firebaseStorage.securityRuleFile` set, such that the function can be used as a
  * processor.
  */
-export let GoogleFirebaseStorageMergeRules = class GoogleFirebaseStorageMergeRules extends WorkspaceFunction {
+let GoogleFirebaseStorageMergeRules = class GoogleFirebaseStorageMergeRules extends WorkspaceFunction {
     tearDown;
     async _call(context) {
         if (this.tearDown) {
@@ -69,3 +69,4 @@ Input files are looked for in the workspace using the globs defined in google.fi
         outputFn: ({ securityRuleFile }) => console.log(securityRuleFile),
     })
 ], GoogleFirebaseStorageMergeRules);
+export { GoogleFirebaseStorageMergeRules };

package/dist/functions/google-firestore/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GoogleFirestoreMergeRules } from './merge-rules.js';

package/dist/functions/google-firestore/index.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GoogleFirestoreMergeRules } from './merge-rules.js';

package/dist/functions/{google-firestore-merge-rules.d.ts → google-firestore/merge-rules.d.ts} RENAMED Viewed

@@ -1,6 +1,6 @@
 import { WorkspaceContext, WorkspaceFunction } from '@causa/workspace';
 import { InfrastructureProcessor } from '@causa/workspace-core';
-import { GoogleConfiguration } from '../configurations/index.js';
+import { GoogleConfiguration } from '../../configurations/index.js';
 /**
  * The return value of {@link GoogleFirestoreMergeRules}.
  */

package/dist/functions/{google-firestore-merge-rules.js → google-firestore/merge-rules.js} RENAMED Viewed

@@ -11,8 +11,8 @@ import { CliCommand } from '@causa/cli';
 import { WorkspaceFunction } from '@causa/workspace';
 import { AllowMissing } from '@causa/workspace/validation';
 import { IsBoolean } from 'class-validator';
-import { firestoreCommandDefinition } from '../cli/index.js';
-import { mergeFirebaseRulesFiles } from '../firebase/index.js';
+import { firestoreCommandDefinition } from '../../cli/index.js';
+import { mergeFirebaseRulesFiles } from '../../firebase/index.js';
 /**
  * The default location where the security rules file for Firestore will be written.
  */
@@ -27,7 +27,7 @@ const DEFAULT_FIRESTORE_SECURITY_RULE_FILE = 'firestore.rules';
  * Returns a configuration with `google.firestore.securityRuleFile` set, such that the function can be used as a
  * processor.
  */
-export let GoogleFirestoreMergeRules = class GoogleFirestoreMergeRules extends WorkspaceFunction {
+let GoogleFirestoreMergeRules = class GoogleFirestoreMergeRules extends WorkspaceFunction {
     tearDown;
     async _call(context) {
         if (this.tearDown) {
@@ -69,3 +69,4 @@ Input files are looked for in the workspace using the globs defined in google.fi
         outputFn: ({ securityRuleFile }) => console.log(securityRuleFile),
     })
 ], GoogleFirestoreMergeRules);
+export { GoogleFirestoreMergeRules };

package/dist/functions/{google-identity-platform-generate-custom-token.js → google-identity-platform/generate-custom-token.js} RENAMED Viewed

@@ -11,7 +11,7 @@ import { WorkspaceFunction } from '@causa/workspace';
 import { AllowMissing } from '@causa/workspace/validation';
 import { IsObject, IsString } from 'class-validator';
 import { getAuth } from 'firebase-admin/auth';
-import { FirebaseAppService } from '../index.js';
+import { FirebaseAppService } from '../../services/index.js';
 /**
  * Generates a custom token that can be used to sign in to Identity Platform as a given user.
  * Optionally, custom claims can be set in the token.

package/dist/functions/{google-identity-platform-generate-token.js → google-identity-platform/generate-token.js} RENAMED Viewed

@@ -13,15 +13,15 @@ import { AllowMissing } from '@causa/workspace/validation';
 import { Transform } from 'class-transformer';
 import { IsObject, IsString } from 'class-validator';
 import { getAuth, signInWithCustomToken } from 'firebase/auth';
-import { identityPlatformCommandDefinition } from '../cli/index.js';
-import { FirebaseAppService } from '../services/index.js';
-import { GoogleIdentityPlatformGenerateCustomToken } from './google-identity-platform-generate-custom-token.js';
+import { identityPlatformCommandDefinition } from '../../cli/index.js';
+import { FirebaseAppService } from '../../services/index.js';
+import { GoogleIdentityPlatformGenerateCustomToken } from './generate-custom-token.js';
 /**
  * Generates an ID token for an Identity Platform end user.
  * For this function to succeed, the `google.project` should be set, which usually means setting the environment in the
  * context. Also `google.firebase` children can be used to configure (and speed up) how tokens are generated.
  */
-export let GoogleIdentityPlatformGenerateToken = class GoogleIdentityPlatformGenerateToken extends WorkspaceFunction {
+let GoogleIdentityPlatformGenerateToken = class GoogleIdentityPlatformGenerateToken extends WorkspaceFunction {
     /**
      * The ID of the user for which the token will be generated.
      */
@@ -71,3 +71,4 @@ Optional custom claims can be included in the signed token.`,
         outputFn: (token) => console.log(token),
     })
 ], GoogleIdentityPlatformGenerateToken);
+export { GoogleIdentityPlatformGenerateToken };

package/dist/functions/google-identity-platform/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { GoogleIdentityPlatformGenerateCustomToken } from './generate-custom-token.js';
2	+ export { GoogleIdentityPlatformGenerateToken } from './generate-token.js';

package/dist/functions/google-identity-platform/index.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { GoogleIdentityPlatformGenerateCustomToken } from './generate-custom-token.js';
2	+ export { GoogleIdentityPlatformGenerateToken } from './generate-token.js';

package/dist/functions/google-pubsub/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GooglePubSubWriteTopics } from './write-topics.js';

package/dist/functions/google-pubsub/index.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GooglePubSubWriteTopics } from './write-topics.js';

package/dist/functions/{google-services-enable.d.ts → google-services/enable.d.ts} RENAMED Viewed

@@ -1,6 +1,6 @@
 import { WorkspaceContext, WorkspaceFunction } from '@causa/workspace';
 import { InfrastructureProcessor } from '@causa/workspace-core';
-import { GoogleConfiguration } from '../configurations/index.js';
+import { GoogleConfiguration } from '../../configurations/index.js';
 /**
  * The return value of {@link GoogleServicesEnable}.
  */

package/dist/functions/{google-services-enable.js → google-services/enable.js} RENAMED Viewed

@@ -12,7 +12,7 @@ import { WorkspaceFunction } from '@causa/workspace';
 import { AllowMissing } from '@causa/workspace/validation';
 import { ServiceUsageClient } from '@google-cloud/service-usage';
 import { IsBoolean } from 'class-validator';
-import { googleCommandDefinition } from '../cli/index.js';
+import { googleCommandDefinition } from '../../cli/index.js';
 /**
  * The maximum number of GCP services that can be enabled at the same time.
  */
@@ -20,7 +20,7 @@ const MAX_SERVICE_BATCH = 20;
 /**
  * Enables GCP services defined in `google.services` for the GCP project defined in `google.project`.
  */
-export let GoogleServicesEnable = class GoogleServicesEnable extends WorkspaceFunction {
+let GoogleServicesEnable = class GoogleServicesEnable extends WorkspaceFunction {
     tearDown;
     async _call(context) {
         if (this.tearDown) {
@@ -72,3 +72,4 @@ They will be enabled in the 'google.project' GCP project.`,
         outputFn: ({ services }) => console.log(services.join('\n')),
     })
 ], GoogleServicesEnable);
+export { GoogleServicesEnable };

package/dist/functions/google-services/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GoogleServicesEnable } from './enable.js';

package/dist/functions/google-services/index.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { GoogleServicesEnable } from './enable.js';

package/dist/functions/google-spanner/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { GoogleSpannerListDatabases } from './list-databases.js';
2	+ export { GoogleSpannerWriteDatabases } from './write-databases.js';

package/dist/functions/google-spanner/index.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { GoogleSpannerListDatabases } from './list-databases.js';
2	+ export { GoogleSpannerWriteDatabases } from './write-databases.js';

package/dist/functions/{google-spanner-write-databases.js → google-spanner/write-databases.js} RENAMED Viewed

@@ -13,7 +13,7 @@ import { AllowMissing } from '@causa/workspace/validation';
 import { IsBoolean } from 'class-validator';
 import { mkdir, rm, writeFile } from 'fs/promises';
 import { join } from 'path';
-import { GoogleSpannerListDatabases } from './google-spanner-list-databases.js';
+import { GoogleSpannerListDatabases } from './list-databases.js';
 /**
  * The default directory where Spanner database configurations are written, relative to the workspace root.
  */

package/dist/functions/index.js CHANGED Viewed

@@ -1,26 +1,14 @@
-import { EmulatorStartForFirebaseStorage } from './emulator-start-firebase-storage.js';
-import { EmulatorStartForFirestore } from './emulator-start-firestore.js';
-import { EmulatorStartForIdentityPlatform } from './emulator-start-identity-platform.js';
-import { EmulatorStartForPubSub } from './emulator-start-pubsub.js';
-import { EmulatorStartForSpanner } from './emulator-start-spanner.js';
-import { EmulatorStopForFirebaseStorage } from './emulator-stop-firebase-storage.js';
-import { EmulatorStopForFirestore } from './emulator-stop-firestore.js';
-import { EmulatorStopForIdentityPlatform } from './emulator-stop-identity-platform.js';
-import { EmulatorStopForPubSub } from './emulator-stop-pubsub.js';
-import { EmulatorStopForSpanner } from './emulator-stop-spanner.js';
-import { GoogleAppCheckGenerateToken } from './google-app-check-generate-token.js';
-import { GoogleFirebaseStorageMergeRules } from './google-firebase-storage-merge-rules.js';
-import { GoogleFirestoreMergeRules } from './google-firestore-merge-rules.js';
-import { GoogleIdentityPlatformGenerateCustomToken } from './google-identity-platform-generate-custom-token.js';
-import { GoogleIdentityPlatformGenerateToken } from './google-identity-platform-generate-token.js';
-import { GooglePubSubWriteTopics } from './google-pubsub-write-topics.js';
-import { GoogleServicesEnable } from './google-services-enable.js';
-import { GoogleSpannerListDatabases } from './google-spanner-list-databases.js';
-import { GoogleSpannerWriteDatabases } from './google-spanner-write-databases.js';
-import { ProjectGetArtefactDestinationForCloudFunctions } from './project-get-artefact-destination-cloud-functions.js';
-import { ProjectGetArtefactDestinationForCloudRun } from './project-get-artefact-destination-cloud-run.js';
-import { ProjectPushArtefactForCloudFunctions } from './project-push-artefact-cloud-functions.js';
-import { SecretFetchForGoogleSecretManager } from './secret-fetch-secret-manager.js';
+import { EmulatorStartForFirebaseStorage, EmulatorStartForFirestore, EmulatorStartForIdentityPlatform, EmulatorStartForPubSub, EmulatorStartForSpanner, EmulatorStopForFirebaseStorage, EmulatorStopForFirestore, EmulatorStopForIdentityPlatform, EmulatorStopForPubSub, EmulatorStopForSpanner, } from './emulator/index.js';
+import { EventTopicBrokerCreateTopicForPubSub, EventTopicBrokerCreateTriggerForCloudRun, EventTopicBrokerDeleteTopicForPubSub, EventTopicBrokerDeleteTriggerResourceForCloudRunInvokerRole, EventTopicBrokerDeleteTriggerResourceForPubSubSubscription, EventTopicBrokerDeleteTriggerResourceForServiceAccount, EventTopicBrokerGetTopicIdForPubSub, EventTopicBrokerPublishEventsForGoogle, } from './event-topic/index.js';
+import { GoogleAppCheckGenerateToken } from './google-app-check/index.js';
+import { GoogleFirebaseStorageMergeRules } from './google-firebase-storage/index.js';
+import { GoogleFirestoreMergeRules } from './google-firestore/index.js';
+import { GoogleIdentityPlatformGenerateCustomToken, GoogleIdentityPlatformGenerateToken, } from './google-identity-platform/index.js';
+import { GooglePubSubWriteTopics } from './google-pubsub/index.js';
+import { GoogleServicesEnable } from './google-services/index.js';
+import { GoogleSpannerListDatabases, GoogleSpannerWriteDatabases, } from './google-spanner/index.js';
+import { ProjectGetArtefactDestinationForCloudFunctions, ProjectGetArtefactDestinationForCloudRun, ProjectPushArtefactForCloudFunctions, } from './project/index.js';
+import { SecretFetchForGoogleAccessToken, SecretFetchForGoogleSecretManager, } from './secret/index.js';
 export function registerFunctions(context) {
-    context.registerFunctionImplementations(EmulatorStartForFirebaseStorage, EmulatorStartForFirestore, EmulatorStartForIdentityPlatform, EmulatorStartForPubSub, EmulatorStartForSpanner, EmulatorStopForFirebaseStorage, EmulatorStopForFirestore, EmulatorStopForIdentityPlatform, EmulatorStopForPubSub, EmulatorStopForSpanner, GoogleAppCheckGenerateToken, GoogleFirebaseStorageMergeRules, GoogleFirestoreMergeRules, GoogleIdentityPlatformGenerateCustomToken, GoogleIdentityPlatformGenerateToken, GooglePubSubWriteTopics, GoogleServicesEnable, GoogleSpannerListDatabases, GoogleSpannerWriteDatabases, ProjectGetArtefactDestinationForCloudFunctions, ProjectGetArtefactDestinationForCloudRun, ProjectPushArtefactForCloudFunctions, SecretFetchForGoogleSecretManager);
+    context.registerFunctionImplementations(EmulatorStartForFirebaseStorage, EmulatorStartForFirestore, EmulatorStartForIdentityPlatform, EmulatorStartForPubSub, EmulatorStartForSpanner, EmulatorStopForFirebaseStorage, EmulatorStopForFirestore, EmulatorStopForIdentityPlatform, EmulatorStopForPubSub, EmulatorStopForSpanner, EventTopicBrokerCreateTopicForPubSub, EventTopicBrokerCreateTriggerForCloudRun, EventTopicBrokerDeleteTopicForPubSub, EventTopicBrokerDeleteTriggerResourceForCloudRunInvokerRole, EventTopicBrokerDeleteTriggerResourceForPubSubSubscription, EventTopicBrokerDeleteTriggerResourceForServiceAccount, EventTopicBrokerGetTopicIdForPubSub, EventTopicBrokerPublishEventsForGoogle, GoogleAppCheckGenerateToken, GoogleFirebaseStorageMergeRules, GoogleFirestoreMergeRules, GoogleIdentityPlatformGenerateCustomToken, GoogleIdentityPlatformGenerateToken, GooglePubSubWriteTopics, GoogleServicesEnable, GoogleSpannerListDatabases, GoogleSpannerWriteDatabases, ProjectGetArtefactDestinationForCloudFunctions, ProjectGetArtefactDestinationForCloudRun, ProjectPushArtefactForCloudFunctions, SecretFetchForGoogleAccessToken, SecretFetchForGoogleSecretManager);
 }

package/dist/functions/project/index.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export { ProjectGetArtefactDestinationForCloudFunctions } from './get-artefact-destination-cloud-functions.js';
+export { ProjectGetArtefactDestinationForCloudRun } from './get-artefact-destination-cloud-run.js';
+export { ProjectPushArtefactForCloudFunctions } from './push-artefact-cloud-functions.js';

package/dist/functions/project/index.js ADDED Viewed

@@ -0,0 +1,3 @@
+export { ProjectGetArtefactDestinationForCloudFunctions } from './get-artefact-destination-cloud-functions.js';
+export { ProjectGetArtefactDestinationForCloudRun } from './get-artefact-destination-cloud-run.js';
+export { ProjectPushArtefactForCloudFunctions } from './push-artefact-cloud-functions.js';

package/dist/functions/{project-push-artefact-cloud-functions.js → project/push-artefact-cloud-functions.js} RENAMED Viewed

@@ -1,6 +1,6 @@
 import { ArtefactAlreadyExistsError, ProjectPushArtefact, } from '@causa/workspace-core';
 import { rm } from 'fs/promises';
-import { CloudStorageService } from '../services/index.js';
+import { CloudStorageService } from '../../services/index.js';
 /**
  * Implements the {@link ProjectPushArtefact} function for Cloud Functions projects.
  * This copies the local archive of the Cloud Functions project to the Google Cloud Storage URI set in

package/dist/functions/secret/fetch-access-token.d.ts ADDED Viewed

@@ -0,0 +1,18 @@
+import { SecretFetch, WorkspaceContext } from '@causa/workspace';
+/**
+ * An error thrown when the auth client does not return a token.
+ */
+export declare class AuthClientResponseError extends Error {
+    constructor();
+}
+/**
+ * Implements {@link SecretFetch} to retrieve a Google access token.
+ * This backend does not require any configuration, as it does not fetch a specific secret and can only return a single
+ * value. A Google access token can be used to authenticate with other Google services. The returned token is configured
+ * with the current user (or service account)'s credentials, and for the configured GCP project (if any).
+ * The backend ID is `google.accessToken`.
+ */
+export declare class SecretFetchForGoogleAccessToken extends SecretFetch {
+    _call(context: WorkspaceContext): Promise<string>;
+    _supports(): boolean;
+}

package/dist/functions/secret/fetch-access-token.js ADDED Viewed

@@ -0,0 +1,30 @@
+import { SecretFetch } from '@causa/workspace';
+import { GoogleApisService } from '../../services/index.js';
+/**
+ * An error thrown when the auth client does not return a token.
+ */
+export class AuthClientResponseError extends Error {
+    constructor() {
+        super('Failed to retrieve the Google access token from the auth client response.');
+    }
+}
+/**
+ * Implements {@link SecretFetch} to retrieve a Google access token.
+ * This backend does not require any configuration, as it does not fetch a specific secret and can only return a single
+ * value. A Google access token can be used to authenticate with other Google services. The returned token is configured
+ * with the current user (or service account)'s credentials, and for the configured GCP project (if any).
+ * The backend ID is `google.accessToken`.
+ */
+export class SecretFetchForGoogleAccessToken extends SecretFetch {
+    async _call(context) {
+        const authClient = await context.service(GoogleApisService).getAuthClient();
+        const { token } = await authClient.getAccessToken();
+        if (!token) {
+            throw new AuthClientResponseError();
+        }
+        return token;
+    }
+    _supports() {
+        return this.backend === 'google.accessToken';
+    }
+}

package/dist/functions/{secret-fetch-secret-manager.js → secret/fetch-secret-manager.js} RENAMED Viewed

@@ -1,5 +1,5 @@
 import { InvalidSecretDefinitionError, SecretFetch, } from '@causa/workspace';
-import { GoogleSecretManagerService } from '../services/index.js';
+import { GoogleSecretManagerService } from '../../services/index.js';
 /**
  * The regular expression used to match the (Secret Manager) secret ID/name, and possibly its version and project.
  * [projects/<projectId>/secrets]<secretName>[/versions/<version>]