npm - @idevconn/create-icore - Versions diffs - 0.4.1 → 0.5.1 - Mend

@idevconn/create-icore 0.4.1 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (76) hide show

package/templates/apps/microservices/upload/src/app/app.module.ts CHANGED Viewed

@@ -1,36 +1,45 @@
 import { join } from 'node:path';
-import { Module } from '@nestjs/common';
+import { Module, Logger } from '@nestjs/common';
 import { ConfigModule, ConfigService } from '@nestjs/config';
 import { createClient } from '@supabase/supabase-js';
-import * as admin from 'firebase-admin';
 import { v2 as cloudinary } from 'cloudinary';
 import { SupabaseStorageStrategy } from '@icore/storage-supabase';
 import { FirebaseStorageStrategy } from '@icore/storage-firebase';
 import { CloudinaryStorageStrategy, type CloudinaryApiLike } from '@icore/storage-cloudinary';
-import { FakeStorageStrategy } from '@icore/shared';
+import { getFirebaseAdmin, FIREBASE_ADMIN_REQUIRED_ENV } from '@icore/firebase-admin';
+import { FakeStorageStrategy, missingEnv, formatEnvBanner } from '@icore/shared';
 import type { StorageStrategy } from '@icore/shared';
-import { Logger } from '@nestjs/common';
 import { StorageController } from './storage.controller';
+const ENV_PATH = 'apps/microservices/upload/.env';
+const REQUIRED_ENV: Record<string, string[]> = {
+  supabase: ['SUPABASE_URL', 'SUPABASE_SERVICE_ROLE_KEY', 'SUPABASE_STORAGE_BUCKET'],
+  firebase: [...FIREBASE_ADMIN_REQUIRED_ENV, 'FIREBASE_STORAGE_BUCKET'],
+  cloudinary: ['CLOUDINARY_CLOUD_NAME', 'CLOUDINARY_API_KEY', 'CLOUDINARY_API_SECRET'],
+};
 function requireEnv(cfg: ConfigService, key: string): string {
-  const val = cfg.getOrThrow<string>(key);
-  if (!val) throw new Error(`${key} is not set — check apps/microservices/upload/.env`);
-  return val;
+  return cfg.getOrThrow<string>(key);
+}
+function makeSupabaseStorage(cfg: ConfigService): StorageStrategy {
+  const client = createClient(
+    requireEnv(cfg, 'SUPABASE_URL'),
+    requireEnv(cfg, 'SUPABASE_SERVICE_ROLE_KEY'),
+    { auth: { autoRefreshToken: false, persistSession: false } },
+  );
+  return new SupabaseStorageStrategy({
+    client,
+    bucket: requireEnv(cfg, 'SUPABASE_STORAGE_BUCKET'),
+  });
 }
 function makeFirebaseStorage(cfg: ConfigService): StorageStrategy {
   const bucketName = requireEnv(cfg, 'FIREBASE_STORAGE_BUCKET');
-  if (admin.apps.length === 0) {
-    admin.initializeApp({
-      credential: admin.credential.cert({
-        projectId: requireEnv(cfg, 'FB_ADMIN_PROJECT_ID'),
-        clientEmail: requireEnv(cfg, 'FB_ADMIN_CLIENT_EMAIL'),
-        privateKey: requireEnv(cfg, 'FB_ADMIN_PRIVATE_KEY').replace(/\\n/g, '\n'),
-      }),
-    });
-  }
+  const app = getFirebaseAdmin(cfg);
   return new FirebaseStorageStrategy({
-    bucket: admin
+    bucket: app
       .storage()
       .bucket(bucketName) as unknown as import('@icore/storage-firebase').FirebaseStorageBucketLike,
   });
@@ -97,33 +106,32 @@ function makeCloudinaryStorage(cfg: ConfigService): StorageStrategy {
     {
       provide: 'StorageStrategy',
       useFactory: (cfg: ConfigService): StorageStrategy => {
+        const logger = new Logger('StorageStrategy');
+        const provider = cfg.get<string>('STORAGE_PROVIDER')?.trim();
+        const keys = provider ? REQUIRED_ENV[provider] : undefined;
+        const missing = keys ? missingEnv((k) => cfg.get<string>(k), keys) : [];
+        const fallback = (reason?: string): StorageStrategy => {
+          const banner = formatEnvBanner({
+            service: 'upload MS',
+            provider,
+            missing,
+            envPath: ENV_PATH,
+            reason,
+          });
+          if (process.env.NODE_ENV === 'production') throw new Error(banner);
+          logger.warn(banner);
+          return new FakeStorageStrategy();
+        };
+        if (!keys || missing.length > 0) return fallback();
         try {
-          const provider = requireEnv(cfg, 'STORAGE_PROVIDER');
-          switch (provider) {
-            case 'supabase': {
-              const client = createClient(
-                requireEnv(cfg, 'SUPABASE_URL'),
-                requireEnv(cfg, 'SUPABASE_SERVICE_ROLE_KEY'),
-                { auth: { autoRefreshToken: false, persistSession: false } },
-              );
-              return new SupabaseStorageStrategy({
-                client,
-                bucket: requireEnv(cfg, 'SUPABASE_STORAGE_BUCKET'),
-              });
-            }
-            case 'firebase':
-              return makeFirebaseStorage(cfg);
-            case 'cloudinary':
-              return makeCloudinaryStorage(cfg);
-            default:
-              throw new Error(`Unsupported STORAGE_PROVIDER: ${provider}`);
-          }
+          if (provider === 'supabase') return makeSupabaseStorage(cfg);
+          if (provider === 'firebase') return makeFirebaseStorage(cfg);
+          return makeCloudinaryStorage(cfg);
         } catch (err) {
-          new Logger('StorageStrategy').warn(
-            `Not configured: ${err instanceof Error ? err.message : String(err)}. ` +
-              `Requests will fail until apps/microservices/upload/.env is set.`,
-          );
-          return new FakeStorageStrategy();
+          return fallback(err instanceof Error ? err.message : String(err));
         }
       },
       inject: [ConfigService],

package/templates/apps/microservices/upload/src/main.ts CHANGED Viewed

@@ -1,28 +1,11 @@
 import { Logger } from '@nestjs/common';
 import { NestFactory } from '@nestjs/core';
 import { MicroserviceOptions } from '@nestjs/microservices';
-import { buildTransportMS } from '@icore/shared';
+import { bootstrapMicroservice, buildTransportMS } from '@icore/shared';
 import { AppModule } from './app/app.module';
-async function bootstrap() {
-  const app = await NestFactory.createMicroservice<MicroserviceOptions>(
-    AppModule,
-    buildTransportMS('UPLOAD'),
-  );
-  await app.listen();
-}
-bootstrap()
-  .then(() => {
-    const logger = new Logger('Upload-Bootstrap');
-    logger.log(
-      `Upload MS Bootstrap completed: transport=${process.env.UPLOAD_TRANSPORT ?? 'tcp'} host=${process.env.UPLOAD_HOST ?? '127.0.0.1'} port=${process.env.UPLOAD_PORT ?? '4002'}`,
-    );
-  })
-  .catch((err) => {
-    new Logger('Upload-Bootstrap').error(
-      'Upload MS bootstrap failed',
-      err instanceof Error ? err.stack : err,
-    );
-    process.exit(1);
-  });
+void bootstrapMicroservice(
+  'UPLOAD',
+  () => NestFactory.createMicroservice<MicroserviceOptions>(AppModule, buildTransportMS('UPLOAD')),
+  new Logger('Upload-Bootstrap'),
+);

package/templates/apps/templates/client-antd/.env.example ADDED Viewed

@@ -0,0 +1,7 @@
+# ─── Client environment variables ────────────────────────────────────────
+# API gateway base URL.
+#   /api   — default; dev-server proxies it to http://localhost:3001 (see vite.config.mts)
+#   http://localhost:3001/api — set explicitly if you want to bypass the proxy
+#   https://your-domain.com/api — production override when building a standalone SPA
+VITE_API_URL=/api

package/templates/apps/templates/client-antd/vite.config.mts CHANGED Viewed

@@ -6,8 +6,10 @@ import { tanstackRouter } from '@tanstack/router-plugin/vite';
 import { nxViteTsPaths } from '@nx/vite/plugins/nx-tsconfig-paths.plugin';
 import { nxCopyAssetsPlugin } from '@nx/vite/plugins/nx-copy-assets.plugin';
 import {
+  apiInfoPlugin,
   commonDefines,
   commonManualChunks,
+  commonServer,
   commonTestConfig,
   injectAppVersionPlugin,
   noServerModulesPlugin,
@@ -27,10 +29,7 @@ function depVersion(name: string): string {
 export default defineConfig(() => ({
   root: import.meta.dirname,
   cacheDir: '../../../node_modules/.vite/apps/templates/client-antd',
-  server: {
-    port: 4201,
-    host: 'localhost',
-  },
+  server: commonServer(4201),
   preview: {
     port: 4201,
     host: 'localhost',
@@ -49,6 +48,7 @@ export default defineConfig(() => ({
     nxViteTsPaths(),
     nxCopyAssetsPlugin(['*.md']),
     noServerModulesPlugin(),
+    apiInfoPlugin(),
     injectAppVersionPlugin(rootPackageJson),
   ],
   // Uncomment this if you are using workers.

package/templates/apps/templates/client-mui/.env.example ADDED Viewed

@@ -0,0 +1,7 @@
+# ─── Client environment variables ────────────────────────────────────────
+# API gateway base URL.
+#   /api   — default; dev-server proxies it to http://localhost:3001 (see vite.config.mts)
+#   http://localhost:3001/api — set explicitly if you want to bypass the proxy
+#   https://your-domain.com/api — production override when building a standalone SPA
+VITE_API_URL=/api

package/templates/apps/templates/client-mui/vite.config.mts CHANGED Viewed

@@ -6,8 +6,10 @@ import { tanstackRouter } from '@tanstack/router-plugin/vite';
 import { nxViteTsPaths } from '@nx/vite/plugins/nx-tsconfig-paths.plugin';
 import { nxCopyAssetsPlugin } from '@nx/vite/plugins/nx-copy-assets.plugin';
 import {
+  apiInfoPlugin,
   commonDefines,
   commonManualChunks,
+  commonServer,
   commonTestConfig,
   injectAppVersionPlugin,
   noServerModulesPlugin,
@@ -27,10 +29,7 @@ function depVersion(name: string): string {
 export default defineConfig(() => ({
   root: import.meta.dirname,
   cacheDir: '../../../node_modules/.vite/client-mui',
-  server: {
-    port: 4202,
-    host: 'localhost',
-  },
+  server: commonServer(4202),
   preview: {
     port: 4202,
     host: 'localhost',
@@ -49,6 +48,7 @@ export default defineConfig(() => ({
     nxViteTsPaths(),
     nxCopyAssetsPlugin(['*.md']),
     noServerModulesPlugin(),
+    apiInfoPlugin(),
     injectAppVersionPlugin(rootPackageJson),
   ],
   // Uncomment this if you are using workers.

package/templates/apps/templates/client-shadcn/.env.example CHANGED Viewed

@@ -1,2 +1,7 @@
-# API base URL — dev server reverse-proxies /api to the gateway
+# ─── Client environment variables ────────────────────────────────────────
+# API gateway base URL.
+#   /api   — default; dev-server proxies it to http://localhost:3001 (see vite.config.mts)
+#   http://localhost:3001/api — set explicitly if you want to bypass the proxy
+#   https://your-domain.com/api — production override when building a standalone SPA
 VITE_API_URL=/api

package/templates/apps/templates/client-shadcn/vite.config.mts CHANGED Viewed

@@ -7,8 +7,10 @@ import { tanstackRouter } from '@tanstack/router-plugin/vite';
 import { nxViteTsPaths } from '@nx/vite/plugins/nx-tsconfig-paths.plugin';
 import { nxCopyAssetsPlugin } from '@nx/vite/plugins/nx-copy-assets.plugin';
 import {
+  apiInfoPlugin,
   commonDefines,
   commonManualChunks,
+  commonServer,
   commonTestConfig,
   injectAppVersionPlugin,
   noServerModulesPlugin,
@@ -28,10 +30,7 @@ function depVersion(name: string): string {
 export default defineConfig(() => ({
   root: import.meta.dirname,
   cacheDir: '../../../node_modules/.vite/apps/templates/client-shadcn',
-  server: {
-    port: 4200,
-    host: 'localhost',
-  },
+  server: commonServer(4200),
   preview: {
     port: 4200,
     host: 'localhost',
@@ -51,6 +50,7 @@ export default defineConfig(() => ({
     nxViteTsPaths(),
     nxCopyAssetsPlugin(['*.md']),
     noServerModulesPlugin(),
+    apiInfoPlugin(),
     injectAppVersionPlugin(rootPackageJson),
   ],
   // Uncomment this if you are using workers.

package/templates/libs/auth-client/src/index.ts CHANGED Viewed

@@ -1,2 +1,3 @@
+export * from './lib/auth-client.tokens';
 export * from './lib/auth-client.module';
 export * from './lib/auth-client.service';

package/templates/libs/auth-client/src/lib/auth-client.module.ts CHANGED Viewed

@@ -3,7 +3,7 @@ import { ClientsModule } from '@nestjs/microservices';
 import { buildTransport } from '@icore/shared';
 import { AuthClientService } from './auth-client.service';
-export const AUTH_CLIENT = 'AUTH_CLIENT';
+import { AUTH_CLIENT } from './auth-client.tokens';
 @Module({})
 export class AuthClientModule {

package/templates/libs/auth-client/src/lib/auth-client.service.ts CHANGED Viewed

@@ -2,7 +2,7 @@ import { Inject, Injectable } from '@nestjs/common';
 import { ClientProxy } from '@nestjs/microservices';
 import { firstValueFrom } from 'rxjs';
 import type { AuthSession, OAuthProvider, OAuthStartResult, VerifiedToken } from '@icore/shared';
-import { AUTH_CLIENT } from './auth-client.module';
+import { AUTH_CLIENT } from './auth-client.tokens';
 @Injectable()
 export class AuthClientService {

package/templates/libs/auth-client/src/lib/auth-client.tokens.ts ADDED Viewed

@@ -0,0 +1,4 @@
+// Injection token — kept in its own file so module and service can both
+// import it without creating a circular dependency (which breaks DI in
+// webpack-bundled NestJS apps).
+export const AUTH_CLIENT = 'AUTH_CLIENT';

package/templates/libs/firebase-admin/README.md ADDED Viewed

@@ -0,0 +1,11 @@
+# firebase-admin
+This library was generated with [Nx](https://nx.dev).
+## Building
+Run `nx build firebase-admin` to build the library.
+## Running unit tests
+Run `nx test firebase-admin` to execute the unit tests via [Vitest](https://vitest.dev/).

package/templates/libs/firebase-admin/eslint.config.mjs ADDED Viewed

@@ -0,0 +1,24 @@
+import baseConfig from '../../eslint.config.mjs';
+export default [
+  ...baseConfig,
+  {
+    files: ['**/*.json'],
+    rules: {
+      '@nx/dependency-checks': [
+        'error',
+        {
+          ignoredFiles: [
+            '{projectRoot}/eslint.config.{js,cjs,mjs,ts,cts,mts}',
+            '{projectRoot}/vitest.config.{js,ts,mjs,mts}',
+            '{projectRoot}/src/**/*.{spec,test}.{js,ts,jsx,tsx}',
+            '{projectRoot}/src/**/__tests__/**/*.{js,ts,jsx,tsx}',
+          ],
+        },
+      ],
+    },
+    languageOptions: {
+      parser: await import('jsonc-eslint-parser'),
+    },
+  },
+];

package/templates/libs/firebase-admin/package.json ADDED Viewed

@@ -0,0 +1,12 @@
+{
+  "name": "@icore/firebase-admin",
+  "version": "0.0.1",
+  "private": true,
+  "type": "commonjs",
+  "main": "./src/index.js",
+  "types": "./src/index.d.ts",
+  "dependencies": {
+    "firebase-admin": "^13.10.0",
+    "tslib": "^2.3.0"
+  }
+}

package/templates/libs/firebase-admin/project.json ADDED Viewed

@@ -0,0 +1,19 @@
+{
+  "name": "firebase-admin",
+  "$schema": "../../node_modules/nx/schemas/project-schema.json",
+  "sourceRoot": "libs/firebase-admin/src",
+  "projectType": "library",
+  "tags": [],
+  "targets": {
+    "build": {
+      "executor": "@nx/js:tsc",
+      "outputs": ["{options.outputPath}"],
+      "options": {
+        "outputPath": "dist/libs/firebase-admin",
+        "main": "libs/firebase-admin/src/index.ts",
+        "tsConfig": "libs/firebase-admin/tsconfig.lib.json",
+        "assets": ["libs/firebase-admin/*.md"]
+      }
+    }
+  }
+}

package/templates/libs/firebase-admin/src/index.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export * from './lib/firebase-admin';

package/templates/libs/firebase-admin/src/lib/__tests__/firebase-admin.unit.test.ts ADDED Viewed

@@ -0,0 +1,105 @@
+import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
+const { apps, cert, initializeApp, app } = vi.hoisted(() => {
+  const apps: unknown[] = [];
+  return {
+    apps,
+    cert: vi.fn((sa: unknown) => ({ __cert: sa })),
+    initializeApp: vi.fn((opts: unknown) => {
+      const created = { __app: opts };
+      apps.push(created);
+      return created;
+    }),
+    app: vi.fn(() => apps[0]),
+  };
+});
+vi.mock('firebase-admin', () => ({
+  get apps() {
+    return apps;
+  },
+  app,
+  initializeApp,
+  credential: { cert },
+}));
+import { FIREBASE_ADMIN_REQUIRED_ENV, getFirebaseAdmin } from '../firebase-admin';
+type Cfg = {
+  getOrThrow: (k: string) => string;
+  get: (k: string) => string | undefined;
+};
+function makeCfg(extra: Record<string, string> = {}): Cfg {
+  const env: Record<string, string> = {
+    FB_ADMIN_TYPE: 'service_account',
+    FB_ADMIN_PROJECT_ID: 'proj',
+    FB_ADMIN_PRIVATE_KEY_ID: 'kid',
+    FB_ADMIN_PRIVATE_KEY: '-----BEGIN-----\\nABC\\n-----END-----',
+    FB_ADMIN_CLIENT_EMAIL: 'svc@proj.iam.gserviceaccount.com',
+    FB_ADMIN_CLIENT_ID: 'cid',
+    FB_ADMIN_AUTH_URI: 'https://accounts.google.com/o/oauth2/auth',
+    FB_ADMIN_TOKEN_URI: 'https://oauth2.googleapis.com/token',
+    FB_ADMIN_AUTH_PROVIDER_X509_CERT_URL: 'https://www.googleapis.com/oauth2/v1/certs',
+    FB_ADMIN_CLIENT_X509_CERT_URL: 'https://www.googleapis.com/robot/v1/metadata/x509/svc',
+    FB_ADMIN_UNIVERSE_DOMAIN: 'googleapis.com',
+    ...extra,
+  };
+  return {
+    getOrThrow: (k) => {
+      if (!(k in env)) throw new Error(`missing ${k}`);
+      return env[k];
+    },
+    get: (k) => env[k],
+  };
+}
+describe('getFirebaseAdmin', () => {
+  beforeEach(() => {
+    apps.length = 0;
+    cert.mockClear();
+    initializeApp.mockClear();
+    app.mockClear();
+  });
+  afterEach(() => vi.restoreAllMocks());
+  it('requires the full Firebase service-account env contract (all 11 keys)', () => {
+    expect([...FIREBASE_ADMIN_REQUIRED_ENV]).toEqual([
+      'FB_ADMIN_TYPE',
+      'FB_ADMIN_PROJECT_ID',
+      'FB_ADMIN_PRIVATE_KEY_ID',
+      'FB_ADMIN_PRIVATE_KEY',
+      'FB_ADMIN_CLIENT_EMAIL',
+      'FB_ADMIN_CLIENT_ID',
+      'FB_ADMIN_AUTH_URI',
+      'FB_ADMIN_TOKEN_URI',
+      'FB_ADMIN_AUTH_PROVIDER_X509_CERT_URL',
+      'FB_ADMIN_CLIENT_X509_CERT_URL',
+      'FB_ADMIN_UNIVERSE_DOMAIN',
+    ]);
+  });
+  it('passes the complete service account to cert() with escaped newlines fixed', () => {
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    getFirebaseAdmin(makeCfg() as any);
+    expect(initializeApp).toHaveBeenCalledTimes(1);
+    const sa = cert.mock.calls[0][0] as Record<string, string>;
+    expect(sa['project_id']).toBe('proj');
+    expect(sa['client_email']).toBe('svc@proj.iam.gserviceaccount.com');
+    expect(sa['private_key_id']).toBe('kid');
+    expect(sa['universe_domain']).toBe('googleapis.com');
+    // \n escapes in the env value are turned into real newlines
+    expect(sa['private_key']).toContain('\n');
+    expect(sa['private_key']).not.toContain('\\n');
+  });
+  it('initializes the default app only once (guards on admin.apps)', () => {
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    const cfg = makeCfg() as any;
+    getFirebaseAdmin(cfg);
+    getFirebaseAdmin(cfg);
+    expect(initializeApp).toHaveBeenCalledTimes(1);
+    expect(app).toHaveBeenCalledTimes(1); // second call returns the existing app
+  });
+});

package/templates/libs/firebase-admin/src/lib/firebase-admin.ts ADDED Viewed

@@ -0,0 +1,70 @@
+import * as admin from 'firebase-admin';
+/**
+ * Minimal structural view of NestJS's `ConfigService` — just the two readers
+ * this helper needs. Declaring it structurally keeps the lib free of a
+ * `@nestjs/config` dependency while still accepting a real `ConfigService` at
+ * every call site.
+ */
+export interface FirebaseConfigReader {
+  getOrThrow<T = string>(key: string): T;
+  get<T = string>(key: string): T | undefined;
+}
+/**
+ * The full Firebase service-account env contract.
+ *
+ * These are exactly the keys Firebase emits in the service-account JSON you
+ * download from Project Settings → Service accounts. Every microservice that
+ * talks to Firebase (auth, storage, Firestore) requires all of them, so each
+ * MS spreads this into its own REQUIRED_ENV map — keeping the contract in one
+ * place instead of three drifting copies.
+ */
+export const FIREBASE_ADMIN_REQUIRED_ENV = [
+  'FB_ADMIN_TYPE',
+  'FB_ADMIN_PROJECT_ID',
+  'FB_ADMIN_PRIVATE_KEY_ID',
+  'FB_ADMIN_PRIVATE_KEY',
+  'FB_ADMIN_CLIENT_EMAIL',
+  'FB_ADMIN_CLIENT_ID',
+  'FB_ADMIN_AUTH_URI',
+  'FB_ADMIN_TOKEN_URI',
+  'FB_ADMIN_AUTH_PROVIDER_X509_CERT_URL',
+  'FB_ADMIN_CLIENT_X509_CERT_URL',
+  'FB_ADMIN_UNIVERSE_DOMAIN',
+] as const;
+/**
+ * Initialises the default Firebase Admin app exactly once and returns it.
+ *
+ * The Admin SDK throws "default app already exists" if `initializeApp` runs
+ * twice in a process, so this guards on `admin.apps.length` and is safe to call
+ * from every Firebase consumer (auth / storage / notes). Callers then use the
+ * returned app: `getFirebaseAdmin(cfg).auth()`, `.firestore()`, `.storage()`.
+ *
+ * The full service-account object is passed to `cert()` — Firebase only mints
+ * tokens from project_id/client_email/private_key, but feeding the complete
+ * downloaded JSON keeps the code aligned with the documented FB_ADMIN_* env.
+ */
+export function getFirebaseAdmin(cfg: FirebaseConfigReader): admin.app.App {
+  if (admin.apps.length > 0) return admin.app();
+  return admin.initializeApp({
+    credential: admin.credential.cert({
+      type: cfg.getOrThrow<string>('FB_ADMIN_TYPE'),
+      project_id: cfg.getOrThrow<string>('FB_ADMIN_PROJECT_ID'),
+      private_key_id: cfg.getOrThrow<string>('FB_ADMIN_PRIVATE_KEY_ID'),
+      private_key: cfg.getOrThrow<string>('FB_ADMIN_PRIVATE_KEY').replace(/\\n/g, '\n'),
+      client_email: cfg.getOrThrow<string>('FB_ADMIN_CLIENT_EMAIL'),
+      client_id: cfg.getOrThrow<string>('FB_ADMIN_CLIENT_ID'),
+      auth_uri: cfg.getOrThrow<string>('FB_ADMIN_AUTH_URI'),
+      token_uri: cfg.getOrThrow<string>('FB_ADMIN_TOKEN_URI'),
+      auth_provider_x509_cert_url: cfg.getOrThrow<string>('FB_ADMIN_AUTH_PROVIDER_X509_CERT_URL'),
+      client_x509_cert_url: cfg.getOrThrow<string>('FB_ADMIN_CLIENT_X509_CERT_URL'),
+      universe_domain: cfg.getOrThrow<string>('FB_ADMIN_UNIVERSE_DOMAIN'),
+    } as unknown as admin.ServiceAccount),
+    // Optional: the storage MS also passes the bucket name explicitly to
+    // .bucket(); set here too so admin.storage().bucket() (no arg) works.
+    storageBucket: cfg.get<string>('FIREBASE_STORAGE_BUCKET'),
+  });
+}

package/templates/libs/firebase-admin/tsconfig.json ADDED Viewed

@@ -0,0 +1,23 @@
+{
+  "extends": "../../tsconfig.base.json",
+  "compilerOptions": {
+    "module": "commonjs",
+    "forceConsistentCasingInFileNames": true,
+    "strict": true,
+    "importHelpers": true,
+    "noImplicitOverride": true,
+    "noImplicitReturns": true,
+    "noFallthroughCasesInSwitch": true,
+    "noPropertyAccessFromIndexSignature": true
+  },
+  "files": [],
+  "include": [],
+  "references": [
+    {
+      "path": "./tsconfig.lib.json"
+    },
+    {
+      "path": "./tsconfig.spec.json"
+    }
+  ]
+}

package/templates/libs/firebase-admin/tsconfig.lib.json ADDED Viewed

@@ -0,0 +1,23 @@
+{
+  "extends": "./tsconfig.json",
+  "compilerOptions": {
+    "outDir": "../../dist/out-tsc",
+    "declaration": true,
+    "types": ["node"]
+  },
+  "include": ["src/**/*.ts"],
+  "exclude": [
+    "vite.config.ts",
+    "vite.config.mts",
+    "vitest.config.ts",
+    "vitest.config.mts",
+    "src/**/*.test.ts",
+    "src/**/*.spec.ts",
+    "src/**/*.test.tsx",
+    "src/**/*.spec.tsx",
+    "src/**/*.test.js",
+    "src/**/*.spec.js",
+    "src/**/*.test.jsx",
+    "src/**/*.spec.jsx"
+  ]
+}

package/templates/libs/firebase-admin/tsconfig.spec.json ADDED Viewed

@@ -0,0 +1,22 @@
+{
+  "extends": "./tsconfig.json",
+  "compilerOptions": {
+    "outDir": "../../dist/out-tsc",
+    "types": ["vitest/globals", "vitest/importMeta", "vite/client", "node", "vitest"]
+  },
+  "include": [
+    "vite.config.ts",
+    "vite.config.mts",
+    "vitest.config.ts",
+    "vitest.config.mts",
+    "src/**/*.test.ts",
+    "src/**/*.spec.ts",
+    "src/**/*.test.tsx",
+    "src/**/*.spec.tsx",
+    "src/**/*.test.js",
+    "src/**/*.spec.js",
+    "src/**/*.test.jsx",
+    "src/**/*.spec.jsx",
+    "src/**/*.d.ts"
+  ]
+}

package/templates/libs/firebase-admin/vitest.config.mts ADDED Viewed

@@ -0,0 +1,21 @@
+import { defineConfig } from 'vitest/config';
+import { nxViteTsPaths } from '@nx/vite/plugins/nx-tsconfig-paths.plugin';
+import { nxCopyAssetsPlugin } from '@nx/vite/plugins/nx-copy-assets.plugin';
+export default defineConfig(() => ({
+  root: __dirname,
+  cacheDir: '../../node_modules/.vite/libs/firebase-admin',
+  plugins: [nxViteTsPaths(), nxCopyAssetsPlugin(['*.md'])],
+  test: {
+    name: 'firebase-admin',
+    watch: false,
+    globals: true,
+    environment: 'node',
+    include: ['{src,tests}/**/*.{test,spec}.{js,mjs,cjs,ts,mts,cts,jsx,tsx}'],
+    reporters: ['default'],
+    coverage: {
+      reportsDirectory: '../../coverage/libs/firebase-admin',
+      provider: 'v8' as const,
+    },
+  },
+}));

package/templates/libs/jobs-client/src/index.ts CHANGED Viewed

@@ -1,2 +1,3 @@
+export * from './lib/jobs-client.tokens';
 export * from './lib/jobs-client.module';
 export * from './lib/jobs-client.service';