firebase-tools 10.6.0 → 10.7.2

package/lib/deploy/functions/release/planner.js

@@ -7,13 +7,13 @@ const error_1 = require("../../../error");
 const utils = require("../../../utils");
 const backend = require("../backend");
 const v2events = require("../../../functions/events/v2");
-function calculateChangesets(want, have, keyFn, options) {
+function calculateChangesets(want, have, keyFn, deleteAll) {
     const toCreate = utils.groupBy(Object.keys(want)
         .filter((id) => !have[id])
         .map((id) => want[id]), keyFn);
     const toDelete = utils.groupBy(Object.keys(have)
         .filter((id) => !want[id])
-        .filter((id) => options.deleteAll || (0, deploymentTool_1.isFirebaseManaged)(have[id].labels || {}))
+        .filter((id) => deleteAll || (0, deploymentTool_1.isFirebaseManaged)(have[id].labels || {}))
         .map((id) => have[id]), keyFn);
     const toUpdate = utils.groupBy(Object.keys(want)
         .filter((id) => have[id])
@@ -48,20 +48,25 @@ function calculateUpdate(want, have) {
     return update;
 }
 exports.calculateUpdate = calculateUpdate;
-function createDeploymentPlan(want, have, options = {}) {
+function createDeploymentPlan(args) {
+    let { wantBackend, haveBackend, codebase, filters, deleteAll } = args;
     let deployment = {};
-    want = backend.matchingBackend(want, (endpoint) => {
-        return (0, functionsDeployHelper_1.functionMatchesAnyGroup)(endpoint, options.filters || []);
+    wantBackend = backend.matchingBackend(wantBackend, (endpoint) => {
+        return (0, functionsDeployHelper_1.endpointMatchesAnyFilter)(endpoint, filters);
     });
-    have = backend.matchingBackend(have, (endpoint) => {
-        return (0, functionsDeployHelper_1.functionMatchesAnyGroup)(endpoint, options.filters || []);
+    const wantedEndpoint = backend.hasEndpoint(wantBackend);
+    haveBackend = backend.matchingBackend(haveBackend, (endpoint) => {
+        return wantedEndpoint(endpoint) || (0, functionsDeployHelper_1.endpointMatchesAnyFilter)(endpoint, filters);
     });
-    const regions = new Set([...Object.keys(want.endpoints), ...Object.keys(have.endpoints)]);
+    const regions = new Set([
+        ...Object.keys(wantBackend.endpoints),
+        ...Object.keys(haveBackend.endpoints),
+    ]);
     for (const region of regions) {
-        const changesets = calculateChangesets(want.endpoints[region] || {}, have.endpoints[region] || {}, (e) => `${e.region}-${e.availableMemoryMb || "default"}`, options);
+        const changesets = calculateChangesets(wantBackend.endpoints[region] || {}, haveBackend.endpoints[region] || {}, (e) => `${codebase}-${e.region}-${e.availableMemoryMb || "default"}`, deleteAll);
         deployment = Object.assign(Object.assign({}, deployment), changesets);
     }
-    if (upgradedToGCFv2WithoutSettingConcurrency(want, have)) {
+    if (upgradedToGCFv2WithoutSettingConcurrency(wantBackend, haveBackend)) {
         utils.logLabeledBullet("functions", "You are updating one or more functions to Google Cloud Functions v2, " +
             "which introduces support for concurrent execution. New functions " +
             "default to 80 concurrent executions, but existing functions keep the " +
@@ -157,6 +162,9 @@ function checkForIllegalUpdate(want, have) {
         else if (backend.isTaskQueueTriggered(e)) {
             return "a task queue";
         }
+        else if (backend.isBlockingTriggered(e)) {
+            return e.blockingTrigger.eventType;
+        }
         throw Error("Functions release planner is not able to handle an unknown trigger type");
     };
     const wantType = triggerType(want);

package/lib/deploy/functions/release/reporter.js

@@ -4,7 +4,7 @@ exports.triggerTag = exports.printAbortedErrors = exports.printErrors = exports.
 const backend = require("../backend");
 const clc = require("cli-color");
 const logger_1 = require("../../../logger");
-const track = require("../../../track");
+const track_1 = require("../../../track");
 const utils = require("../../../utils");
 const functionsDeployHelper_1 = require("../functionsDeployHelper");
 class DeploymentError extends Error {
@@ -36,23 +36,23 @@ async function logAndTrackDeployStats(summary) {
         totalTime += result.durationMs;
         if (!result.error) {
             totalSuccesses++;
-            reports.push(track.track("function_deploy_success", tag, result.durationMs));
+            reports.push((0, track_1.track)("function_deploy_success", tag, result.durationMs));
         }
         else if (result.error instanceof AbortedDeploymentError) {
             totalAborts++;
-            reports.push(track.track("function_deploy_abort", tag, result.durationMs));
+            reports.push((0, track_1.track)("function_deploy_abort", tag, result.durationMs));
         }
         else {
             totalErrors++;
-            reports.push(track.track("function_deploy_failure", tag, result.durationMs));
+            reports.push((0, track_1.track)("function_deploy_failure", tag, result.durationMs));
         }
     }
     const regionCountTag = regions.size < 5 ? regions.size.toString() : ">=5";
-    reports.push(track.track("functions_region_count", regionCountTag, 1));
+    reports.push((0, track_1.track)("functions_region_count", regionCountTag, 1));
     const gcfv1 = summary.results.find((r) => r.endpoint.platform === "gcfv1");
     const gcfv2 = summary.results.find((r) => r.endpoint.platform === "gcfv2");
     const tag = gcfv1 && gcfv2 ? "v1+v2" : gcfv1 ? "v1" : "v2";
-    reports.push(track.track("functions_codebase_deploy", tag, summary.results.length));
+    reports.push((0, track_1.track)("functions_codebase_deploy", tag, summary.results.length));
     const avgTime = totalTime / (totalSuccesses + totalErrors);
     logger_1.logger.debug(`Total Function Deployment time: ${summary.totalTime}`);
     logger_1.logger.debug(`${totalErrors + totalSuccesses + totalAborts} Functions Deployed`);
@@ -61,15 +61,15 @@ async function logAndTrackDeployStats(summary) {
     logger_1.logger.debug(`Average Function Deployment time: ${avgTime}`);
     if (totalErrors + totalSuccesses > 0) {
         if (totalErrors === 0) {
-            reports.push(track.track("functions_deploy_result", "success", totalSuccesses));
+            reports.push((0, track_1.track)("functions_deploy_result", "success", totalSuccesses));
         }
         else if (totalSuccesses > 0) {
-            reports.push(track.track("functions_deploy_result", "partial_success", totalSuccesses));
-            reports.push(track.track("functions_deploy_result", "partial_failure", totalErrors));
-            reports.push(track.track("functions_deploy_result", "partial_error_ratio", totalErrors / (totalSuccesses + totalErrors)));
+            reports.push((0, track_1.track)("functions_deploy_result", "partial_success", totalSuccesses));
+            reports.push((0, track_1.track)("functions_deploy_result", "partial_failure", totalErrors));
+            reports.push((0, track_1.track)("functions_deploy_result", "partial_error_ratio", totalErrors / (totalSuccesses + totalErrors)));
         }
         else {
-            reports.push(track.track("functions_deploy_result", "failure", totalErrors));
+            reports.push((0, track_1.track)("functions_deploy_result", "failure", totalErrors));
         }
     }
     await utils.allSettled(reports);
@@ -171,6 +171,9 @@ function triggerTag(endpoint) {
         }
         return `${prefix}.https`;
     }
+    if (backend.isBlockingTriggered(endpoint)) {
+        return `${prefix}.blocking`;
+    }
     return endpoint.eventTrigger.eventType;
 }
 exports.triggerTag = triggerTag;

package/lib/deploy/functions/runtimes/discovery/parsing.js

@@ -19,31 +19,37 @@ function assertKeyTypes(prefix, yaml, schema) {
     }
     for (const [keyAsString, value] of Object.entries(yaml)) {
         const key = keyAsString;
-        const fullKey = prefix ? prefix + "." + key : key;
+        const fullKey = prefix ? `${prefix}.${keyAsString}` : keyAsString;
         if (!schema[key] || schema[key] === "omit") {
             throw new error_1.FirebaseError(`Unexpected key ${fullKey}. You may need to install a newer version of the Firebase CLI.`);
         }
-        if (schema[key] === "string") {
+        const schemaType = schema[key];
+        if (typeof schemaType === "function") {
+            if (!schemaType(value)) {
+                throw new error_1.FirebaseError(`${Array.isArray(value) ? "array" : typeof value} ${fullKey} failed validation`);
+            }
+        }
+        else if (schemaType === "string") {
             if (typeof value !== "string") {
                 throw new error_1.FirebaseError(`Expected ${fullKey} to be string; was ${typeof value}`);
             }
         }
-        else if (schema[key] === "number") {
+        else if (schemaType === "number") {
             if (typeof value !== "number") {
                 throw new error_1.FirebaseError(`Expected ${fullKey} to be a number; was ${typeof value}`);
             }
         }
-        else if (schema[key] === "boolean") {
+        else if (schemaType === "boolean") {
             if (typeof value !== "boolean") {
                 throw new error_1.FirebaseError(`Expected ${fullKey} to be a boolean; was ${typeof value}`);
             }
         }
-        else if (schema[key] === "array") {
+        else if (schemaType === "array") {
             if (!Array.isArray(value)) {
                 throw new error_1.FirebaseError(`Expected ${fullKey} to be an array; was ${typeof value}`);
             }
         }
-        else if (schema[key] === "object") {
+        else if (schemaType === "object") {
             if (value === null || typeof value !== "object" || Array.isArray(value)) {
                 throw new error_1.FirebaseError(`Expected ${fullKey} to be an object; was ${typeof value}`);
             }

package/lib/deploy/functions/runtimes/discovery/v1alpha1.js

@@ -5,6 +5,12 @@ const backend = require("../../backend");
 const proto_1 = require("../../../../gcp/proto");
 const parsing_1 = require("./parsing");
 const error_1 = require("../../../../error");
+const CHANNEL_NAME_REGEX = new RegExp("(projects\\/" +
+    "(?<project>(?:\\d+)|(?:[A-Za-z]+[A-Za-z\\d-]*[A-Za-z\\d]?))\\/)?" +
+    "locations\\/" +
+    "(?<location>[A-Za-z\\d\\-_]+)\\/" +
+    "channels\\/" +
+    "(?<channel>[A-Za-z\\d\\-_]+)");
 function backendFromV1Alpha1(yaml, project, region, runtime) {
     const manifest = JSON.parse(JSON.stringify(yaml));
     const bkend = backend.empty();
@@ -42,9 +48,9 @@ function parseEndpoints(manifest, id, project, defaultRegion, runtime) {
     const ep = manifest.endpoints[id];
     (0, parsing_1.assertKeyTypes)(prefix, ep, {
         region: "array",
-        platform: "string",
+        platform: (platform) => backend.AllFunctionsPlatforms.includes(platform),
         entryPoint: "string",
-        availableMemoryMb: "number",
+        availableMemoryMb: (mem) => backend.AllMemoryOptions.includes(mem),
         maxInstances: "number",
         minInstances: "number",
         concurrency: "number",
@@ -52,7 +58,7 @@ function parseEndpoints(manifest, id, project, defaultRegion, runtime) {
         timeoutSeconds: "number",
         vpc: "object",
         labels: "object",
-        ingressSettings: "string",
+        ingressSettings: (setting) => backend.AllIngressSettings.includes(setting),
         environmentVariables: "object",
         secretEnvironmentVariables: "array",
         httpsTrigger: "object",
@@ -60,7 +66,16 @@ function parseEndpoints(manifest, id, project, defaultRegion, runtime) {
         eventTrigger: "object",
         scheduleTrigger: "object",
         taskQueueTrigger: "object",
+        blockingTrigger: "object",
+        cpu: (cpu) => typeof cpu === "number" || cpu === "gcf_gen1",
     });
+    if (ep.vpc) {
+        (0, parsing_1.assertKeyTypes)(prefix + ".vpc", ep.vpc, {
+            connector: "string",
+            egressSettings: (setting) => backend.AllVpcEgressSettings.includes(setting),
+        });
+        (0, parsing_1.requireKeys)(prefix + ".vpc", ep.vpc, "connector");
+    }
     let triggerCount = 0;
     if (ep.httpsTrigger) {
         triggerCount++;
@@ -77,6 +92,9 @@ function parseEndpoints(manifest, id, project, defaultRegion, runtime) {
     if (ep.taskQueueTrigger) {
         triggerCount++;
     }
+    if (ep.blockingTrigger) {
+        triggerCount++;
+    }
     if (!triggerCount) {
         throw new error_1.FirebaseError("Expected trigger in endpoint " + id);
     }
@@ -97,6 +115,7 @@ function parseEndpoints(manifest, id, project, defaultRegion, runtime) {
                 channel: "string",
             });
             triggered = { eventTrigger: ep.eventTrigger };
+            (0, proto_1.renameIfPresent)(triggered.eventTrigger, ep.eventTrigger, "channel", "channel", (c) => resolveChannelName(project, c, defaultRegion));
             for (const [k, v] of Object.entries(triggered.eventTrigger.eventFilters)) {
                 if (k === "topic" && !v.startsWith("projects/")) {
                     triggered.eventTrigger.eventFilters[k] = `projects/${project}/topics/${v}`;
@@ -151,6 +170,14 @@ function parseEndpoints(manifest, id, project, defaultRegion, runtime) {
             }
             triggered = { taskQueueTrigger: ep.taskQueueTrigger };
         }
+        else if (backend.isBlockingTriggered(ep)) {
+            (0, parsing_1.requireKeys)(prefix + ".blockingTrigger", ep.blockingTrigger, "eventType");
+            (0, parsing_1.assertKeyTypes)(prefix + ".blockingTrigger", ep.blockingTrigger, {
+                eventType: "string",
+                options: "object",
+            });
+            triggered = { blockingTrigger: ep.blockingTrigger };
+        }
         else {
             throw new error_1.FirebaseError(`Do not recognize trigger type for endpoint ${id}. Try upgrading ` +
                 "firebase-tools with npm install -g firebase-tools@latest");
@@ -165,3 +192,23 @@ function parseEndpoints(manifest, id, project, defaultRegion, runtime) {
     }
     return allParsed;
 }
+function resolveChannelName(projectId, channel, defaultRegion) {
+    if (!channel.includes("/")) {
+        const location = defaultRegion;
+        const channelId = channel;
+        return "projects/" + projectId + "/locations/" + location + "/channels/" + channelId;
+    }
+    const match = CHANNEL_NAME_REGEX.exec(channel);
+    if (!(match === null || match === void 0 ? void 0 : match.groups)) {
+        throw new error_1.FirebaseError("Invalid channel name format.");
+    }
+    const matchedProjectId = match.groups.project;
+    const location = match.groups.location;
+    const channelId = match.groups.channel;
+    if (matchedProjectId) {
+        return "projects/" + matchedProjectId + "/locations/" + location + "/channels/" + channelId;
+    }
+    else {
+        return "projects/" + projectId + "/locations/" + location + "/channels/" + channelId;
+    }
+}

package/lib/deploy/functions/runtimes/golang/index.js

@@ -105,6 +105,9 @@ class Delegate {
             return p;
         });
     }
+    async discoverBuild(configValues, envs) {
+        return { requiredAPIs: [], endpoints: {}, params: [] };
+    }
     async discoverSpec(configValues, envs) {
         let discovered = await discovery.detectFromYaml(this.sourceDir, this.projectId, this.runtime);
         if (!discovered) {

package/lib/deploy/functions/runtimes/node/index.js

@@ -84,6 +84,10 @@ class Delegate {
     }
     async discoverSpec(config, env) {
         if (previews_1.previews.functionsv2) {
+            if (!semver.valid(this.sdkVersion)) {
+                logger_1.logger.debug(`Could not parse firebase-functions version '${this.sdkVersion}' into semver. Falling back to parseTriggers.`);
+                return parseTriggers.discoverBackend(this.projectId, this.sourceDir, this.runtime, config, env);
+            }
             if (semver.lt(this.sdkVersion, MIN_FUNCTIONS_SDK_VERSION)) {
                 (0, utils_1.logLabeledWarning)("functions", `You are using an old version of firebase-functions SDK (${this.sdkVersion}). ` +
                     `Please update firebase-functions SDK to >=${MIN_FUNCTIONS_SDK_VERSION}`);
@@ -106,5 +110,8 @@ class Delegate {
         }
         return parseTriggers.discoverBackend(this.projectId, this.sourceDir, this.runtime, config, env);
     }
+    async discoverBuild(config, env) {
+        return parseTriggers.discoverBuild(this.projectId, this.sourceDir, this.runtime, config, env);
+    }
 }
 exports.Delegate = Delegate;

package/lib/deploy/functions/runtimes/node/parseRuntimeAndValidateSDK.js

@@ -4,7 +4,7 @@ exports.getRuntimeChoice = exports.DEPRECATED_NODE_VERSION_INFO = exports.UNSUPP
 const path = require("path");
 const clc = require("cli-color");
 const error_1 = require("../../../../error");
-const track = require("../../../../track");
+const track_1 = require("../../../../track");
 const runtimes = require("../../runtimes");
 const cjson = require("cjson");
 const ENGINE_RUNTIMES = {
@@ -46,11 +46,11 @@ function getRuntimeChoice(sourceDir, runtimeFromConfig) {
         ? exports.UNSUPPORTED_NODE_VERSION_FIREBASE_JSON_MSG
         : exports.UNSUPPORTED_NODE_VERSION_PACKAGE_JSON_MSG) + exports.DEPRECATED_NODE_VERSION_INFO;
     if (!runtime || !ENGINE_RUNTIMES_NAMES.includes(runtime)) {
-        void track("functions_runtime_notices", "package_missing_runtime");
+        void (0, track_1.track)("functions_runtime_notices", "package_missing_runtime");
         throw new error_1.FirebaseError(errorMessage, { exit: 1 });
     }
     if (runtimes.isDeprecatedRuntime(runtime) || !runtimes.isValidRuntime(runtime)) {
-        void track("functions_runtime_notices", `${runtime}_deploy_prohibited`);
+        void (0, track_1.track)("functions_runtime_notices", `${runtime}_deploy_prohibited`);
         throw new error_1.FirebaseError(errorMessage, { exit: 1 });
     }
     return runtime;

package/lib/deploy/functions/runtimes/node/parseTriggers.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.addResourcesToBackend = exports.mergeRequiredAPIs = exports.discoverBackend = exports.useStrategy = void 0;
+exports.addResourcesToBackend = exports.addResourcesToBuild = exports.mergeRequiredAPIs = exports.discoverBackend = exports.discoverBuild = exports.useStrategy = void 0;
 const path = require("path");
 const _ = require("lodash");
 const child_process_1 = require("child_process");
@@ -9,7 +9,7 @@ const logger_1 = require("../../../../logger");
 const backend = require("../../backend");
 const api = require("../../../../api");
 const proto = require("../../../../gcp/proto");
-const v2events = require("../../../../functions/events/v2");
+const events = require("../../../../functions/events");
 const TRIGGER_PARSER = path.resolve(__dirname, "./triggerParser.js");
 function removeInspectOptions(options) {
     return options.filter((opt) => !opt.startsWith("--inspect"));
@@ -49,6 +49,19 @@ function useStrategy(context) {
     return Promise.resolve(true);
 }
 exports.useStrategy = useStrategy;
+async function discoverBuild(projectId, sourceDir, runtime, configValues, envs) {
+    const triggerAnnotations = await parseTriggers(projectId, sourceDir, configValues, envs);
+    const want = {
+        requiredAPIs: [],
+        endpoints: {},
+        params: [],
+    };
+    for (const annotation of triggerAnnotations) {
+        addResourcesToBuild(projectId, runtime, annotation, want);
+    }
+    return want;
+}
+exports.discoverBuild = discoverBuild;
 async function discoverBackend(projectId, sourceDir, runtime, configValues, envs) {
     const triggerAnnotations = await parseTriggers(projectId, sourceDir, configValues, envs);
     const want = Object.assign(Object.assign({}, backend.empty()), { environmentVariables: envs });
@@ -62,7 +75,9 @@ function mergeRequiredAPIs(backend) {
     const apiToReasons = {};
     for (const { api, reason } of backend.requiredAPIs) {
         const reasons = apiToReasons[api] || new Set();
-        reasons.add(reason);
+        if (reason) {
+            reasons.add(reason);
+        }
         apiToReasons[api] = reasons;
     }
     const merged = [];
@@ -72,12 +87,109 @@ function mergeRequiredAPIs(backend) {
     backend.requiredAPIs = merged;
 }
 exports.mergeRequiredAPIs = mergeRequiredAPIs;
+function addResourcesToBuild(projectId, runtime, annotation, want) {
+    var _a;
+    Object.freeze(annotation);
+    const regions = annotation.regions || [api.functionsDefaultRegion];
+    let triggered;
+    const triggerCount = +!!annotation.httpsTrigger +
+        +!!annotation.eventTrigger +
+        +!!annotation.taskQueueTrigger +
+        +!!annotation.blockingTrigger;
+    if (triggerCount !== 1) {
+        throw new error_1.FirebaseError("Unexpected annotation generated by the Firebase Functions SDK. This should never happen.");
+    }
+    if (annotation.taskQueueTrigger) {
+        want.requiredAPIs.push({
+            api: "cloudtasks.googleapis.com",
+            reason: "Needed for task queue functions.",
+        });
+        triggered = {
+            taskQueueTrigger: {},
+        };
+        proto.copyIfPresent(triggered.taskQueueTrigger, annotation.taskQueueTrigger, "invoker");
+        proto.copyIfPresent(triggered.taskQueueTrigger, annotation.taskQueueTrigger, "rateLimits");
+        if (annotation.taskQueueTrigger.retryConfig) {
+            triggered.taskQueueTrigger.retryConfig = Object.assign(annotation.taskQueueTrigger.retryConfig, {
+                maxRetryDurationSeconds: proto.secondsFromDuration(annotation.taskQueueTrigger.retryConfig.maxRetryDuration || "0"),
+            });
+        }
+    }
+    else if (annotation.httpsTrigger) {
+        if ((_a = annotation.labels) === null || _a === void 0 ? void 0 : _a["deployment-callable"]) {
+            delete annotation.labels["deployment-callable"];
+            triggered = { callableTrigger: {} };
+        }
+        else {
+            const trigger = {};
+            if (annotation.failurePolicy) {
+                logger_1.logger.warn(`Ignoring retry policy for HTTPS function ${annotation.name}`);
+            }
+            if (annotation.httpsTrigger.invoker) {
+                trigger.invoker = annotation.httpsTrigger.invoker[0];
+            }
+            triggered = { httpsTrigger: trigger };
+        }
+    }
+    else if (annotation.schedule) {
+        want.requiredAPIs.push({
+            api: "cloudscheduler.googleapis.com",
+            reason: "Needed for scheduled functions.",
+        });
+        triggered = {
+            scheduleTrigger: {
+                schedule: annotation.schedule.schedule,
+                timeZone: annotation.schedule.timeZone || "what's the default timezone?",
+                retryConfig: annotation.schedule.retryConfig || {},
+            },
+        };
+    }
+    else if (annotation.blockingTrigger) {
+        if (events.v1.AUTH_BLOCKING_EVENTS.includes(annotation.blockingTrigger.eventType)) {
+            want.requiredAPIs.push({
+                api: "identitytoolkit.googleapis.com",
+                reason: "Needed for auth blocking functions.",
+            });
+        }
+        triggered = {
+            blockingTrigger: {
+                eventType: annotation.blockingTrigger.eventType,
+            },
+        };
+    }
+    else {
+        triggered = {
+            eventTrigger: {
+                eventType: annotation.eventTrigger.eventType,
+                eventFilters: { resource: annotation.eventTrigger.resource },
+                retry: !!annotation.failurePolicy,
+            },
+        };
+    }
+    const endpointId = annotation.name;
+    const endpoint = Object.assign({ platform: annotation.platform || "gcfv1", region: regions, project: projectId, entryPoint: annotation.entryPoint, runtime: runtime, serviceAccount: annotation.serviceAccountEmail || "default" }, triggered);
+    if (annotation.vpcConnector != null) {
+        let maybeId = annotation.vpcConnector;
+        if (maybeId && !maybeId.includes("/")) {
+            maybeId = `projects/${projectId}/locations/$REGION/connectors/${maybeId}`;
+        }
+        endpoint.vpc = { connector: maybeId };
+        proto.renameIfPresent(endpoint.vpc, annotation, "egressSettings", "vpcConnectorEgressSettings");
+    }
+    proto.copyIfPresent(endpoint, annotation, "concurrency", "labels", "ingressSettings", "maxInstances", "minInstances", "availableMemoryMb");
+    proto.renameIfPresent(endpoint, annotation, "timeoutSeconds", "timeout", proto.secondsFromDuration);
+    want.endpoints[endpointId] = endpoint;
+}
+exports.addResourcesToBuild = addResourcesToBuild;
 function addResourcesToBackend(projectId, runtime, annotation, want) {
     var _a;
     Object.freeze(annotation);
     for (const region of annotation.regions || [api.functionsDefaultRegion]) {
         let triggered;
-        const triggerCount = +!!annotation.httpsTrigger + +!!annotation.eventTrigger + +!!annotation.taskQueueTrigger;
+        const triggerCount = +!!annotation.httpsTrigger +
+            +!!annotation.eventTrigger +
+            +!!annotation.taskQueueTrigger +
+            +!!annotation.blockingTrigger;
         if (triggerCount !== 1) {
             throw new error_1.FirebaseError("Unexpected annotation generated by the Firebase Functions SDK. This should never happen.");
         }
@@ -109,6 +221,20 @@ function addResourcesToBackend(projectId, runtime, annotation, want) {
             });
             triggered = { scheduleTrigger: annotation.schedule };
         }
+        else if (annotation.blockingTrigger) {
+            if (events.v1.AUTH_BLOCKING_EVENTS.includes(annotation.blockingTrigger.eventType)) {
+                want.requiredAPIs.push({
+                    api: "identitytoolkit.googleapis.com",
+                    reason: "Needed for auth blocking functions.",
+                });
+            }
+            triggered = {
+                blockingTrigger: {
+                    eventType: annotation.blockingTrigger.eventType,
+                    options: annotation.blockingTrigger.options,
+                },
+            };
+        }
         else {
             triggered = {
                 eventTrigger: {
@@ -118,10 +244,10 @@ function addResourcesToBackend(projectId, runtime, annotation, want) {
                 },
             };
             if (annotation.platform === "gcfv2") {
-                if (annotation.eventTrigger.eventType === v2events.PUBSUB_PUBLISH_EVENT) {
+                if (annotation.eventTrigger.eventType === events.v2.PUBSUB_PUBLISH_EVENT) {
                     triggered.eventTrigger.eventFilters = { topic: annotation.eventTrigger.resource };
                 }
-                if (v2events.STORAGE_EVENTS.find((event) => { var _a; return event === (((_a = annotation.eventTrigger) === null || _a === void 0 ? void 0 : _a.eventType) || ""); })) {
+                if (events.v2.STORAGE_EVENTS.find((event) => { var _a; return event === (((_a = annotation.eventTrigger) === null || _a === void 0 ? void 0 : _a.eventType) || ""); })) {
                     triggered.eventTrigger.eventFilters = { bucket: annotation.eventTrigger.resource };
                 }
             }

package/lib/deploy/functions/runtimes/node/versioning.js

@@ -7,7 +7,7 @@ const semver = require("semver");
 const spawn = require("cross-spawn");
 const utils = require("../../../../utils");
 const logger_1 = require("../../../../logger");
-const track = require("../../../../track");
+const track_1 = require("../../../../track");
 const MIN_SDK_VERSION = "2.0.0";
 exports.FUNCTIONS_SDK_VERSION_TOO_OLD_WARNING = clc.bold.yellow("functions: ") +
     "You must have a " +
@@ -52,7 +52,7 @@ exports.getLatestSDKVersion = getLatestSDKVersion;
 function checkFunctionsSDKVersion(currentVersion) {
     try {
         if (semver.lt(currentVersion, MIN_SDK_VERSION)) {
-            void track("functions_runtime_notices", "functions_sdk_too_old");
+            void (0, track_1.track)("functions_runtime_notices", "functions_sdk_too_old");
             utils.logWarning(exports.FUNCTIONS_SDK_VERSION_TOO_OLD_WARNING);
         }
         const latest = exports.getLatestSDKVersion();

package/lib/deploy/functions/services/auth.js

@@ -0,0 +1,95 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthBlockingService = void 0;
+const backend = require("../backend");
+const identityPlatform = require("../../../gcp/identityPlatform");
+const events = require("../../../functions/events");
+const error_1 = require("../../../error");
+const utils_1 = require("../../../utils");
+const index_1 = require("./index");
+class AuthBlockingService {
+    constructor() {
+        this.name = "authblocking";
+        this.api = "identitytoolkit.googleapis.com";
+        this.triggerQueue = Promise.resolve();
+        this.ensureTriggerRegion = index_1.noop;
+    }
+    validateTrigger(endpoint, wantBackend) {
+        if (!backend.isBlockingTriggered(endpoint)) {
+            return;
+        }
+        const blockingEndpoints = backend
+            .allEndpoints(wantBackend)
+            .filter((ep) => backend.isBlockingTriggered(ep));
+        if (blockingEndpoints.find((ep) => ep.blockingTrigger.eventType === endpoint.blockingTrigger.eventType &&
+            ep.id !== endpoint.id)) {
+            throw new error_1.FirebaseError(`Can only create at most one Auth Blocking Trigger for ${endpoint.blockingTrigger.eventType} events`);
+        }
+    }
+    configChanged(newConfig, config) {
+        var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p;
+        if (((_b = (_a = newConfig.triggers) === null || _a === void 0 ? void 0 : _a.beforeCreate) === null || _b === void 0 ? void 0 : _b.functionUri) !==
+            ((_d = (_c = config.triggers) === null || _c === void 0 ? void 0 : _c.beforeCreate) === null || _d === void 0 ? void 0 : _d.functionUri) ||
+            ((_f = (_e = newConfig.triggers) === null || _e === void 0 ? void 0 : _e.beforeSignIn) === null || _f === void 0 ? void 0 : _f.functionUri) !== ((_h = (_g = config.triggers) === null || _g === void 0 ? void 0 : _g.beforeSignIn) === null || _h === void 0 ? void 0 : _h.functionUri)) {
+            return true;
+        }
+        if (!!((_j = newConfig.forwardInboundCredentials) === null || _j === void 0 ? void 0 : _j.accessToken) !==
+            !!((_k = config.forwardInboundCredentials) === null || _k === void 0 ? void 0 : _k.accessToken) ||
+            !!((_l = newConfig.forwardInboundCredentials) === null || _l === void 0 ? void 0 : _l.idToken) !==
+                !!((_m = config.forwardInboundCredentials) === null || _m === void 0 ? void 0 : _m.idToken) ||
+            !!((_o = newConfig.forwardInboundCredentials) === null || _o === void 0 ? void 0 : _o.refreshToken) !==
+                !!((_p = config.forwardInboundCredentials) === null || _p === void 0 ? void 0 : _p.refreshToken)) {
+            return true;
+        }
+        return false;
+    }
+    async registerTriggerLocked(endpoint) {
+        const newBlockingConfig = await identityPlatform.getBlockingFunctionsConfig(endpoint.project);
+        const oldBlockingConfig = (0, utils_1.cloneDeep)(newBlockingConfig);
+        if (endpoint.blockingTrigger.eventType === events.v1.BEFORE_CREATE_EVENT) {
+            newBlockingConfig.triggers = Object.assign(Object.assign({}, newBlockingConfig.triggers), { beforeCreate: {
+                    functionUri: endpoint.uri,
+                } });
+        }
+        else {
+            newBlockingConfig.triggers = Object.assign(Object.assign({}, newBlockingConfig.triggers), { beforeSignIn: {
+                    functionUri: endpoint.uri,
+                } });
+        }
+        newBlockingConfig.forwardInboundCredentials = Object.assign(Object.assign({}, oldBlockingConfig.forwardInboundCredentials), endpoint.blockingTrigger.options);
+        if (!this.configChanged(newBlockingConfig, oldBlockingConfig)) {
+            return;
+        }
+        await identityPlatform.setBlockingFunctionsConfig(endpoint.project, newBlockingConfig);
+    }
+    registerTrigger(ep) {
+        if (!backend.isBlockingTriggered(ep)) {
+            return Promise.resolve();
+        }
+        this.triggerQueue = this.triggerQueue.then(() => this.registerTriggerLocked(ep));
+        return this.triggerQueue;
+    }
+    async unregisterTriggerLocked(endpoint) {
+        var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k;
+        const blockingConfig = await identityPlatform.getBlockingFunctionsConfig(endpoint.project);
+        if (endpoint.uri !== ((_b = (_a = blockingConfig.triggers) === null || _a === void 0 ? void 0 : _a.beforeCreate) === null || _b === void 0 ? void 0 : _b.functionUri) &&
+            endpoint.uri !== ((_d = (_c = blockingConfig.triggers) === null || _c === void 0 ? void 0 : _c.beforeSignIn) === null || _d === void 0 ? void 0 : _d.functionUri)) {
+            return;
+        }
+        if (endpoint.uri === ((_f = (_e = blockingConfig.triggers) === null || _e === void 0 ? void 0 : _e.beforeCreate) === null || _f === void 0 ? void 0 : _f.functionUri)) {
+            (_g = blockingConfig.triggers) === null || _g === void 0 ? true : delete _g.beforeCreate;
+        }
+        if (endpoint.uri === ((_j = (_h = blockingConfig.triggers) === null || _h === void 0 ? void 0 : _h.beforeSignIn) === null || _j === void 0 ? void 0 : _j.functionUri)) {
+            (_k = blockingConfig.triggers) === null || _k === void 0 ? true : delete _k.beforeSignIn;
+        }
+        await identityPlatform.setBlockingFunctionsConfig(endpoint.project, blockingConfig);
+    }
+    unregisterTrigger(ep) {
+        if (!backend.isBlockingTriggered(ep)) {
+            return Promise.resolve();
+        }
+        this.triggerQueue = this.triggerQueue.then(() => this.unregisterTriggerLocked(ep));
+        return this.triggerQueue;
+    }
+}
+exports.AuthBlockingService = AuthBlockingService;