firebase-tools 11.0.1 → 11.2.1

package/lib/deploy/functions/runtimes/node/parseTriggers.js

@@ -45,7 +45,7 @@ function parseTriggers(projectId, sourceDir, configValues, envs) {
         });
     });
 }
-function useStrategy(context) {
+function useStrategy() {
     return Promise.resolve(true);
 }
 exports.useStrategy = useStrategy;
@@ -139,10 +139,22 @@ function addResourcesToBuild(projectId, runtime, annotation, want) {
         triggered = {
             scheduleTrigger: {
                 schedule: annotation.schedule.schedule,
-                timeZone: annotation.schedule.timeZone || "what's the default timezone?",
-                retryConfig: annotation.schedule.retryConfig || {},
+                timeZone: annotation.schedule.timeZone || "America/Los_Angeles",
+                retryConfig: {},
             },
         };
+        if (annotation.schedule.retryConfig) {
+            if (annotation.schedule.retryConfig.maxBackoffDuration) {
+                triggered.scheduleTrigger.retryConfig.maxBackoffSeconds = proto.secondsFromDuration(annotation.schedule.retryConfig.maxBackoffDuration);
+            }
+            if (annotation.schedule.retryConfig.minBackoffDuration) {
+                triggered.scheduleTrigger.retryConfig.minBackoffSeconds = proto.secondsFromDuration(annotation.schedule.retryConfig.minBackoffDuration);
+            }
+            if (annotation.schedule.retryConfig.maxRetryDuration) {
+                triggered.scheduleTrigger.retryConfig.maxRetrySeconds = proto.secondsFromDuration(annotation.schedule.retryConfig.maxRetryDuration);
+            }
+            proto.copyIfPresent(triggered.scheduleTrigger.retryConfig, annotation.schedule.retryConfig, "maxDoublings", "retryCount");
+        }
     }
     else if (annotation.blockingTrigger) {
         if (events.v1.AUTH_BLOCKING_EVENTS.includes(annotation.blockingTrigger.eventType)) {
@@ -167,7 +179,7 @@ function addResourcesToBuild(projectId, runtime, annotation, want) {
         };
     }
     const endpointId = annotation.name;
-    const endpoint = Object.assign({ platform: annotation.platform || "gcfv1", region: regions, project: projectId, entryPoint: annotation.entryPoint, runtime: runtime, serviceAccount: annotation.serviceAccountEmail || "default" }, triggered);
+    const endpoint = Object.assign({ platform: annotation.platform || "gcfv1", region: regions, project: projectId, entryPoint: annotation.entryPoint, runtime: runtime, serviceAccount: annotation.serviceAccountEmail || null }, triggered);
     if (annotation.vpcConnector != null) {
         let maybeId = annotation.vpcConnector;
         if (maybeId && !maybeId.includes("/")) {

package/lib/deploy/functions/services/database.js

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ensureDatabaseTriggerRegion = void 0;
+const error_1 = require("../../../error");
+function ensureDatabaseTriggerRegion(endpoint) {
+    if (!endpoint.eventTrigger.region) {
+        endpoint.eventTrigger.region = endpoint.region;
+    }
+    if (endpoint.eventTrigger.region !== endpoint.region) {
+        throw new error_1.FirebaseError("A database trigger location must match the function region.");
+    }
+    return Promise.resolve();
+}
+exports.ensureDatabaseTriggerRegion = ensureDatabaseTriggerRegion;

package/lib/deploy/functions/services/index.js

@@ -5,6 +5,7 @@ const backend = require("../backend");
 const auth_1 = require("./auth");
 const storage_1 = require("./storage");
 const firebaseAlerts_1 = require("./firebaseAlerts");
+const database_1 = require("./database");
 const noop = () => Promise.resolve();
 exports.noop = noop;
 const noopProjectBindings = () => Promise.resolve([]);
@@ -45,6 +46,15 @@ const firebaseAlertsService = {
     unregisterTrigger: exports.noop,
 };
 const authBlockingService = new auth_1.AuthBlockingService();
+const databaseService = {
+    name: "database",
+    api: "firebasedatabase.googleapis.com",
+    requiredProjectBindings: exports.noopProjectBindings,
+    ensureTriggerRegion: database_1.ensureDatabaseTriggerRegion,
+    validateTrigger: exports.noop,
+    registerTrigger: exports.noop,
+    unregisterTrigger: exports.noop,
+};
 const EVENT_SERVICE_MAPPING = {
     "google.cloud.pubsub.topic.v1.messagePublished": pubSubService,
     "google.cloud.storage.object.v1.finalized": storageService,
@@ -54,6 +64,10 @@ const EVENT_SERVICE_MAPPING = {
     "google.firebase.firebasealerts.alerts.v1.published": firebaseAlertsService,
     "providers/cloud.auth/eventTypes/user.beforeCreate": authBlockingService,
     "providers/cloud.auth/eventTypes/user.beforeSignIn": authBlockingService,
+    "google.firebase.database.ref.v1.written": databaseService,
+    "google.firebase.database.ref.v1.created": databaseService,
+    "google.firebase.database.ref.v1.updated": databaseService,
+    "google.firebase.database.ref.v1.deleted": databaseService,
 };
 function serviceForEndpoint(endpoint) {
     if (backend.isEventTriggered(endpoint)) {

package/lib/deploy/index.js

@@ -9,7 +9,7 @@ const projectUtils_1 = require("../projectUtils");
 const utils_1 = require("../utils");
 const error_1 = require("../error");
 const track_1 = require("../track");
-const lifecycleHooks = require("./lifecycleHooks");
+const lifecycleHooks_1 = require("./lifecycleHooks");
 const previews_1 = require("../previews");
 const HostingTarget = require("./hosting");
 const DatabaseTarget = require("./database");
@@ -54,11 +54,11 @@ const deploy = async function (targetNames, options, customContext = {}) {
         if (!target) {
             return Promise.reject(new error_1.FirebaseError((0, cli_color_1.bold)(targetName) + " is not a valid deploy target", { exit: 1 }));
         }
-        predeploys.push(lifecycleHooks(targetName, "predeploy"));
+        predeploys.push((0, lifecycleHooks_1.lifecycleHooks)(targetName, "predeploy"));
         prepares.push(target.prepare);
         deploys.push(target.deploy);
         releases.push(target.release);
-        postdeploys.push(lifecycleHooks(targetName, "postdeploy"));
+        postdeploys.push((0, lifecycleHooks_1.lifecycleHooks)(targetName, "postdeploy"));
     }
     logger_1.logger.info();
     logger_1.logger.info((0, cli_color_1.bold)((0, cli_color_1.white)("===") + " Deploying to '" + projectId + "'..."));

package/lib/deploy/lifecycleHooks.js

@@ -1,11 +1,12 @@
 "use strict";
-const _ = require("lodash");
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.lifecycleHooks = void 0;
 const utils = require("../utils");
 const clc = require("cli-color");
 const childProcess = require("child_process");
-const { FirebaseError } = require("../error");
+const error_1 = require("../error");
 const needProjectId = require("../projectUtils").needProjectId;
-const { logger } = require("../logger");
+const logger_1 = require("../logger");
 const path = require("path");
 function runCommand(command, childOptions) {
     const escapedCommand = command.replace(/\"/g, '\\"');
@@ -16,16 +17,16 @@ function runCommand(command, childOptions) {
         '" "' +
         escapedCommand +
         '"';
-    return new Promise(function (resolve, reject) {
-        logger.info("Running command: " + command);
+    return new Promise((resolve, reject) => {
+        logger_1.logger.info("Running command: " + command);
         if (translatedCommand === "") {
-            resolve();
+            return resolve();
         }
         const child = childProcess.spawn(translatedCommand, [], childOptions);
-        child.on("error", function (err) {
+        child.on("error", (err) => {
             reject(err);
         });
-        child.on("exit", function (code, signal) {
+        child.on("exit", (code, signal) => {
             if (signal) {
                 reject(new Error("Command terminated with signal " + signal));
             }
@@ -52,7 +53,7 @@ function getChildEnvironment(target, overallOptions, config) {
         default:
             resourceDir = overallOptions.config.path(overallOptions.config.projectDir);
     }
-    return _.assign({}, process.env, {
+    return Object.assign({}, process.env, {
         GCLOUD_PROJECT: projectId,
         PROJECT_DIR: projectDir,
         RESOURCE_DIR: resourceDir,
@@ -72,21 +73,19 @@ function runTargetCommands(target, hook, overallOptions, config) {
         shell: true,
         stdio: [0, 1, 2],
     };
-    const runAllCommands = _.reduce(commands, function (soFar, command) {
-        return soFar.then(function () {
-            return runCommand(command, childOptions);
-        });
+    const runAllCommands = commands.reduce((soFar, command) => {
+        return soFar.then(() => runCommand(command, childOptions));
     }, Promise.resolve());
     let logIdentifier = target;
     if (config.target) {
         logIdentifier += `[${config.target}]`;
     }
     return runAllCommands
-        .then(function () {
+        .then(() => {
         utils.logSuccess(clc.green.bold(logIdentifier + ":") + " Finished running " + clc.bold(hook) + " script.");
     })
-        .catch(function (err) {
-        throw new FirebaseError(logIdentifier + " " + hook + " error: " + err.message);
+        .catch((err) => {
+        throw new error_1.FirebaseError(logIdentifier + " " + hook + " error: " + err.message);
     });
 }
 function getReleventConfigs(target, options) {
@@ -94,33 +93,34 @@ function getReleventConfigs(target, options) {
     if (!targetConfigs) {
         return [];
     }
-    if (!_.isArray(targetConfigs)) {
+    if (!Array.isArray(targetConfigs)) {
         targetConfigs = [targetConfigs];
     }
     if (!options.only) {
         return targetConfigs;
     }
-    var onlyTargets = options.only.split(",");
-    if (_.includes(onlyTargets, target)) {
+    let onlyTargets = options.only.split(",");
+    if (onlyTargets.includes(target)) {
         return targetConfigs;
     }
     onlyTargets = onlyTargets
-        .filter(function (individualOnly) {
+        .filter((individualOnly) => {
         return individualOnly.indexOf(`${target}:`) === 0;
     })
-        .map(function (individualOnly) {
+        .map((individualOnly) => {
         return individualOnly.replace(`${target}:`, "");
     });
-    return targetConfigs.filter(function (config) {
-        return !config.target || _.includes(onlyTargets, config.target);
+    return targetConfigs.filter((config) => {
+        return !config.target || onlyTargets.includes(config.target);
     });
 }
-module.exports = function (target, hook) {
+function lifecycleHooks(target, hook) {
     return function (context, options) {
-        return _.reduce(getReleventConfigs(target, options), function (previousCommands, individualConfig) {
-            return previousCommands.then(function () {
+        return getReleventConfigs(target, options).reduce((previousCommands, individualConfig) => {
+            return previousCommands.then(() => {
                 return runTargetCommands(target, hook, options, individualConfig);
             });
         }, Promise.resolve());
     };
-};
+}
+exports.lifecycleHooks = lifecycleHooks;

package/lib/deploy/remoteconfig/prepare.js

@@ -1,7 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 const projectUtils_1 = require("../../projectUtils");
-const loadCJSON = require("../../loadCJSON");
+const loadCJSON_1 = require("../../loadCJSON");
 const functions_1 = require("./functions");
 const functions_2 = require("./functions");
 async function default_1(context, options) {
@@ -13,7 +13,7 @@ async function default_1(context, options) {
     if (!filePath) {
         return;
     }
-    const template = loadCJSON(filePath);
+    const template = (0, loadCJSON_1.loadCJSON)(filePath);
     const projectNumber = await (0, projectUtils_1.needProjectNumber)(options);
     template.etag = await (0, functions_1.getEtag)(projectNumber);
     (0, functions_2.validateInputRemoteConfigTemplate)(template);

package/lib/deploy/storage/prepare.js

@@ -13,7 +13,7 @@ async function default_1(context, options) {
     _.set(context, "storage.rulesDeploy", rulesDeploy);
     if (_.isPlainObject(rulesConfig)) {
         const defaultBucket = await gcp.storage.getDefaultBucket(options.project);
-        rulesConfig = [_.assign(rulesConfig, { bucket: defaultBucket })];
+        rulesConfig = [Object.assign(rulesConfig, { bucket: defaultBucket })];
         _.set(context, "storage.rules", rulesConfig);
     }
     rulesConfig.forEach((ruleConfig) => {

package/lib/emulator/auth/apiSpec.js

@@ -4799,8 +4799,8 @@ exports.default = {
             GoogleCloudIdentitytoolkitV1SetAccountInfoResponse: {
                 description: "Response message for SetAccountInfo",
                 properties: {
-                    displayName: { type: "string" },
-                    email: { type: "string" },
+                    displayName: { description: "The account's display name.", type: "string" },
+                    email: { description: "The account's email address.", type: "string" },
                     emailVerified: {
                         description: "Whether the account's email has been verified.",
                         type: "boolean",
@@ -4820,8 +4820,14 @@ exports.default = {
                         description: "The new email that has been set on the user's account attributes.",
                         type: "string",
                     },
-                    passwordHash: { type: "string" },
-                    photoUrl: { type: "string" },
+                    passwordHash: {
+                        description: "Deprecated. No actual password hash is currently returned.",
+                        type: "string",
+                    },
+                    photoUrl: {
+                        description: "The user's photo URL for the account's profile photo.",
+                        type: "string",
+                    },
                     providerUserInfo: {
                         description: "The linked Identity Providers on the account.",
                         items: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitV1ProviderUserInfo" },
@@ -5705,28 +5711,6 @@ exports.default = {
                 },
                 type: "object",
             },
-            GoogleCloudIdentitytoolkitAdminV2AllowByDefault: {
-                description: "Defines a policy of allowing every region by default and adding disallowed regions to a disallow list.",
-                properties: {
-                    disallowedRegions: {
-                        description: "Two letter unicode region codes to disallow as defined by https://cldr.unicode.org/ The full list of these region codes is here: https://github.com/unicode-cldr/cldr-localenames-full/blob/master/main/en/territories.json",
-                        items: { type: "string" },
-                        type: "array",
-                    },
-                },
-                type: "object",
-            },
-            GoogleCloudIdentitytoolkitAdminV2AllowlistOnly: {
-                description: "Defines a policy of only allowing regions by explicitly adding them to an allowlist.",
-                properties: {
-                    allowedRegions: {
-                        description: "Two letter unicode region codes to allow as defined by https://cldr.unicode.org/ The full list of these region codes is here: https://github.com/unicode-cldr/cldr-localenames-full/blob/master/main/en/territories.json",
-                        items: { type: "string" },
-                        type: "array",
-                    },
-                },
-                type: "object",
-            },
             GoogleCloudIdentitytoolkitAdminV2Anonymous: {
                 description: "Configuration options related to authenticating an anonymous user.",
                 properties: {
@@ -6337,18 +6321,6 @@ exports.default = {
                 },
                 type: "object",
             },
-            GoogleCloudIdentitytoolkitAdminV2SmsRegionConfig: {
-                description: "Configures the regions where users are allowed to send verification SMS for the project or tenant. This is based on the calling code of the destination phone number.",
-                properties: {
-                    allowByDefault: {
-                        $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2AllowByDefault",
-                    },
-                    allowlistOnly: {
-                        $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2AllowlistOnly",
-                    },
-                },
-                type: "object",
-            },
             GoogleCloudIdentitytoolkitAdminV2SmsTemplate: {
                 description: "The template to use when sending an SMS.",
                 properties: {
@@ -6458,9 +6430,6 @@ exports.default = {
                         readOnly: true,
                         type: "string",
                     },
-                    smsRegionConfig: {
-                        $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2SmsRegionConfig",
-                    },
                     testPhoneNumbers: {
                         additionalProperties: { type: "string" },
                         description: "A map of pairs that can be used for MFA. The phone number should be in E.164 format (https://www.itu.int/rec/T-REC-E.164/) and a maximum of 10 pairs can be added (error will be thrown once exceeded).",
@@ -6708,7 +6677,7 @@ exports.default = {
                 type: "object",
             },
             GoogleIamV1AuditConfig: {
-                description: 'Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.',
+                description: 'Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.',
                 properties: {
                     auditLogConfigs: {
                         description: "The configuration for logging of each type of permission.",
@@ -6743,7 +6712,7 @@ exports.default = {
                 properties: {
                     condition: { $ref: "#/components/schemas/GoogleTypeExpr" },
                     members: {
-                        description: "Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+                        description: "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
                         items: { type: "string" },
                         type: "array",
                     },
@@ -6812,7 +6781,7 @@ exports.default = {
                 description: "Request message for `TestIamPermissions` method.",
                 properties: {
                     permissions: {
-                        description: "The set of permissions to check for the `resource`. Permissions with wildcards (such as '*' or 'storage.*') are not allowed. For more information see [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).",
+                        description: "The set of permissions to check for the `resource`. Permissions with wildcards (such as `*` or `storage.*`) are not allowed. For more information see [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).",
                         items: { type: "string" },
                         type: "array",
                     },
@@ -6831,7 +6800,7 @@ exports.default = {
                 type: "object",
             },
             GoogleProtobufEmpty: {
-                description: "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for `Empty` is empty JSON object `{}`.",
+                description: "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }",
                 properties: {},
                 type: "object",
             },
@@ -6905,7 +6874,6 @@ exports.default = {
                 description: "Emulator-specific configuration.",
                 properties: {
                     signIn: { properties: { allowDuplicateEmails: { type: "boolean" } }, type: "object" },
-                    usageMode: { enum: ["USAGE_MODE_UNSPECIFIED", "DEFAULT", "PASSTHROUGH"], type: "string" },
                 },
             },
             EmulatorV1ProjectsOobCodes: {

package/lib/emulator/auth/index.js

@@ -26,7 +26,7 @@ class AuthEmulator {
         return this.destroyServer ? this.destroyServer() : Promise.resolve();
     }
     getInfo() {
-        const host = this.args.host || constants_1.Constants.getDefaultHost(types_1.Emulators.AUTH);
+        const host = this.args.host || constants_1.Constants.getDefaultHost();
         const port = this.args.port || constants_1.Constants.getDefaultPort(types_1.Emulators.AUTH);
         return {
             name: this.getName(),