firebase-tools 11.3.0 → 11.4.2

package/README.md

@@ -174,11 +174,11 @@ Use `firebase:deploy --only remoteconfig` to update and publish a project's Fire
 
 The Firebase CLI can use one of four authentication methods listed in descending priority:
 
-- **User Token** - provide an explicit long-lived Firebase user token generated from `firebase login:ci`. Note that these tokens are extremely sensitive long-lived credentials and are not the right option for most cases. Consider using service account authorization instead. The token can be set in one of two ways:
+- **User Token** - **DEPRECATED: this authentication method will be removed in a future major version of `firebase-tools`; use a service account to authenticate instead** - provide an explicit long-lived Firebase user token generated from `firebase login:ci`. Note that these tokens are extremely sensitive long-lived credentials and are not the right option for most cases. Consider using service account authorization instead. The token can be set in one of two ways:
   - Set the `--token` flag on any command, for example `firebase --token="<token>" projects:list`.
   - Set the `FIREBASE_TOKEN` environment variable.
 - **Local Login** - run `firebase login` to log in to the CLI directly as yourself. The CLI will cache an authorized user credential on your machine.
-- **Service Account** - set the `GOOGLE_APPLICATION_CREDENTIALS` environment variable to point to the path of a JSON service account key file.
+- **Service Account** - set the `GOOGLE_APPLICATION_CREDENTIALS` environment variable to point to the path of a JSON service account key file. For more details, see Google Cloud's [Getting started with authentication](https://cloud.google.com/docs/authentication/getting-started) guide.
 - **Application Default Credentials** - if you use the `gcloud` CLI and log in with `gcloud auth application-default login`, the Firebase CLI will use them if none of the above credentials are present.
 
 ### Multiple Accounts
@@ -224,21 +224,14 @@ or `HTTP_PROXY` value in your environment to the URL of your proxy (e.g.
 The Firebase CLI requires a browser to complete authentication, but is fully
 compatible with CI and other headless environments.
 
-1. On a machine with a browser, install the Firebase CLI.
-2. Run `firebase login:ci` to log in and print out a new [refresh token](https://developers.google.com/identity/protocols/OAuth2)
-   (the current CLI session will not be affected).
-3. Store the output token in a secure but accessible way in your CI system.
+Complete the following steps to run Firebase commands in a CI environment. Find detailed instructions for each step in Google Cloud's [Getting started with authentication](https://cloud.google.com/docs/authentication/getting-started) guide.
 
-There are two ways to use this token when running Firebase commands:
+1. Create a service account and grant it the appropriate level of access to your project.
+1. Create a service account key (JSON file) for that service account.
+1. Store the key file in a secure, accessible way in your CI system.
+1. Set `GOOGLE_APPLICATION_CREDENTIALS=/path/to/key.json` in your CI system when running Firebase commands.
 
-1. Store the token as the environment variable `FIREBASE_TOKEN` and it will
-   automatically be utilized.
-2. Run all commands with the `--token <token>` flag in your CI system.
-
-The order of precedence for token loading is flag, environment variable, active project.
-
-On any machine with the Firebase CLI, running `firebase logout --token <token>`
-will immediately revoke access for the specified token.
+To disable access for the service account, [find the service account](https://console.cloud.google.com/projectselector/iam-admin/serviceaccounts) for your project in the Google Cloud Console, and then either remove the key, or disable or delete the service account.
 
 ## Using as a Module
 

package/lib/apiv2.js

@@ -15,6 +15,7 @@ const responseToError_1 = require("./responseToError");
 const FormData = require("form-data");
 const pkg = require("../package.json");
 const CLI_VERSION = pkg.version;
+const GOOG_QUOTA_USER = "x-goog-quota-user";
 let accessToken = "";
 let refreshToken = "";
 function setRefreshToken(token = "") {
@@ -309,6 +310,10 @@ class Client {
         }
         const logURL = this.requestURL(options);
         logger_1.logger.debug(`>>> [apiv2][query] ${options.method} ${logURL} ${queryParamsLog}`);
+        const headers = options.headers;
+        if (headers && headers.has(GOOG_QUOTA_USER)) {
+            logger_1.logger.debug(`>>> [apiv2][(partial)header] ${options.method} ${logURL} x-goog-quota-user=${headers.get(GOOG_QUOTA_USER) || ""}`);
+        }
         if (options.body !== undefined) {
             let logBody = "[omitted]";
             if (!((_b = options.skipLog) === null || _b === void 0 ? void 0 : _b.body)) {

package/lib/checkValidTargetFilters.js

@@ -19,6 +19,7 @@ function targetsHaveFilters(...targets) {
 function targetsHaveNoFilters(...targets) {
     return targets.some((t) => !t.includes(":"));
 }
+const FILTERABLE_TARGETS = new Set(["hosting", "functions", "firestore", "storage", "database"]);
 async function checkValidTargetFilters(options) {
     const only = !options.only ? [] : options.only.split(",");
     return new Promise((resolve, reject) => {
@@ -28,10 +29,10 @@ async function checkValidTargetFilters(options) {
         if (options.except) {
             return reject(new error_1.FirebaseError("Cannot specify both --only and --except"));
         }
-        const nonFilteredTypes = deploy_1.VALID_DEPLOY_TARGETS.filter((t) => !["hosting", "functions", "firestore"].includes(t));
+        const nonFilteredTypes = deploy_1.VALID_DEPLOY_TARGETS.filter((t) => !FILTERABLE_TARGETS.has(t));
         const targetsForNonFilteredTypes = targetsForTypes(only, ...nonFilteredTypes);
         if (targetsForNonFilteredTypes.length && targetsHaveFilters(...targetsForNonFilteredTypes)) {
-            return reject(new error_1.FirebaseError("Filters specified with colons (e.g. --only functions:func1,functions:func2) are only supported for functions, hosting, and firestore"));
+            return reject(new error_1.FirebaseError("Filters specified with colons (e.g. --only functions:func1,functions:func2) are only supported for functions, hosting, storage, and firestore"));
         }
         const targetsForFunctions = targetsForTypes(only, "functions");
         if (targetsForFunctions.length &&

package/lib/command.js

@@ -64,6 +64,7 @@ class Command {
         });
         if (this.helpText) {
             cmd.on("--help", () => {
+                console.log();
                 console.log(this.helpText);
             });
         }

package/lib/commands/hosting-clone.js

@@ -12,6 +12,11 @@ const { marked } = require("marked");
 const logger_1 = require("../logger");
 exports.command = new command_1.Command("hosting:clone <source> <targetChannel>")
     .description("clone a version from one site to another")
+    .help(`<source> and <targetChannel> accept the following format: <siteId>:<channelId>
+
+For example, to copy the content for a site \`my-site\` from a preview channel \`staging\` to a \`live\` channel, the command would look be:
+
+  firebase hosting:clone my-site:foo my-site:live`)
     .before(requireAuth_1.requireAuth)
     .action(async (source = "", targetChannel = "") => {
     var _a, _b, _c, _d;

package/lib/commands/login-ci.js

@@ -14,6 +14,8 @@ exports.command = new command_1.Command("login:ci")
     if (options.nonInteractive) {
         throw new error_1.FirebaseError("Cannot run login:ci in non-interactive mode.");
     }
+    utils.logWarning("Authenticating with a `login:ci` token is deprecated and will be removed in a future major version of `firebase-tools`. " +
+        "Instead, use a service account key with `GOOGLE_APPLICATION_CREDENTIALS`: https://cloud.google.com/docs/authentication/getting-started");
     const userCredentials = await auth.loginGoogle(options.localhost);
     logger_1.logger.info();
     utils.logSuccess("Success! Use this token to login on a CI server:\n\n" +

package/lib/database/rulesConfig.js

@@ -19,6 +19,23 @@ function getRulesConfig(projectId, options) {
     if (dbConfig === undefined) {
         return [];
     }
+    const rc = options.rc;
+    let allDatabases = !options.only;
+    const onlyDatabases = new Set();
+    if (options.only) {
+        const split = options.only.split(",");
+        if (split.includes("database")) {
+            allDatabases = true;
+        }
+        else {
+            for (const value of split) {
+                if (value.startsWith("database:")) {
+                    const target = value.split(":")[1];
+                    onlyDatabases.add(target);
+                }
+            }
+        }
+    }
     if (!Array.isArray(dbConfig)) {
         if (dbConfig && dbConfig.rules) {
             utils.assertIsStringOrUndefined(options.instance);
@@ -31,22 +48,32 @@ function getRulesConfig(projectId, options) {
         }
     }
     const results = [];
-    const rc = options.rc;
     for (const c of dbConfig) {
-        if (c.target) {
-            rc.requireTarget(projectId, "database", c.target);
-            const instances = rc.target(projectId, "database", c.target);
-            for (const i of instances) {
-                results.push({ instance: i, rules: c.rules });
+        const { instance, target } = c;
+        if (target) {
+            if (allDatabases || onlyDatabases.has(target)) {
+                rc.requireTarget(projectId, "database", target);
+                const instances = rc.target(projectId, "database", target);
+                for (const i of instances) {
+                    results.push({ instance: i, rules: c.rules });
+                }
+                onlyDatabases.delete(target);
             }
         }
-        else if (c.instance) {
-            results.push(c);
+        else if (instance) {
+            if (allDatabases) {
+                results.push(c);
+            }
         }
         else {
             throw new error_1.FirebaseError('Must supply either "target" or "instance" in database config');
         }
     }
+    if (!allDatabases && onlyDatabases.size !== 0) {
+        throw new error_1.FirebaseError(`Could not find configurations in firebase.json for the following database targets: ${[
+            ...onlyDatabases,
+        ].join(", ")}`);
+    }
     return results;
 }
 exports.getRulesConfig = getRulesConfig;

package/lib/deploy/functions/backend.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.compareFunctions = exports.missingEndpoint = exports.hasEndpoint = exports.regionalEndpoints = exports.matchingBackend = exports.findEndpoint = exports.someEndpoint = exports.allEndpoints = exports.checkAvailability = exports.existingBackend = exports.scheduleIdForFunction = exports.functionName = exports.isEmptyBackend = exports.merge = exports.of = exports.empty = exports.isBlockingTriggered = exports.isTaskQueueTriggered = exports.isScheduleTriggered = exports.isEventTriggered = exports.isCallableTriggered = exports.isHttpsTriggered = exports.AllFunctionsPlatforms = exports.secretVersionName = exports.SCHEDULED_FUNCTION_LABEL = exports.MIN_CPU_FOR_CONCURRENCY = exports.DEFAULT_MEMORY = exports.DEFAULT_CONCURRENCY = exports.memoryToGen2Cpu = exports.memoryToGen1Cpu = exports.memoryOptionDisplayName = exports.AllMemoryOptions = exports.AllIngressSettings = exports.AllVpcEgressSettings = exports.endpointTriggerType = void 0;
+exports.compareFunctions = exports.missingEndpoint = exports.hasEndpoint = exports.regionalEndpoints = exports.matchingBackend = exports.findEndpoint = exports.someEndpoint = exports.allEndpoints = exports.checkAvailability = exports.existingBackend = exports.scheduleIdForFunction = exports.functionName = exports.isEmptyBackend = exports.merge = exports.of = exports.empty = exports.isBlockingTriggered = exports.isTaskQueueTriggered = exports.isScheduleTriggered = exports.isEventTriggered = exports.isCallableTriggered = exports.isHttpsTriggered = exports.AllFunctionsPlatforms = exports.secretVersionName = exports.SCHEDULED_FUNCTION_LABEL = exports.MIN_CPU_FOR_CONCURRENCY = exports.DEFAULT_MEMORY = exports.DEFAULT_CONCURRENCY = exports.memoryToGen2Cpu = exports.memoryToGen1Cpu = exports.memoryOptionDisplayName = exports.isValidMemoryOption = exports.AllIngressSettings = exports.AllVpcEgressSettings = exports.endpointTriggerType = void 0;
 const gcf = require("../../gcp/cloudfunctions");
 const gcfV2 = require("../../gcp/cloudfunctionsv2");
 const run = require("../../gcp/run");
@@ -37,9 +37,11 @@ exports.AllIngressSettings = [
     "ALLOW_INTERNAL_ONLY",
     "ALLOW_INTERNAL_AND_GCLB",
 ];
-exports.AllMemoryOptions = [
-    128, 256, 512, 1024, 2048, 4096, 8192, 16384, 32768,
-];
+const allMemoryOptions = [128, 256, 512, 1024, 2048, 4096, 8192, 16384, 32768];
+function isValidMemoryOption(mem) {
+    return allMemoryOptions.includes(mem);
+}
+exports.isValidMemoryOption = isValidMemoryOption;
 function memoryOptionDisplayName(option) {
     return {
         128: "128MB",

package/lib/deploy/functions/build.js

@@ -8,6 +8,7 @@ const params = require("./params");
 const previews_1 = require("../../previews");
 const error_1 = require("../../error");
 const functional_1 = require("../../functional");
+const logger_1 = require("../../logger");
 function empty() {
     return {
         requiredAPIs: [],
@@ -22,9 +23,6 @@ function of(endpoints) {
     return build;
 }
 exports.of = of;
-function isMemoryOption(value) {
-    return value == null || [128, 256, 512, 1024, 2048, 4096, 8192].includes(value);
-}
 async function resolveBackend(build, userEnvOpt, userEnvs) {
     const projectId = userEnvOpt.projectId;
     let paramValues = {};
@@ -34,7 +32,49 @@ async function resolveBackend(build, userEnvOpt, userEnvs) {
     return toBackend(build, paramValues);
 }
 exports.resolveBackend = resolveBackend;
+class Resolver {
+    constructor(paramValues) {
+        this.paramValues = paramValues;
+        this.resolveInt = (i) => {
+            if (i === null) {
+                return i;
+            }
+            return params.resolveInt(i, this.paramValues);
+        };
+        this.resolveBoolean = (i) => {
+            if (i === null) {
+                return i;
+            }
+            return params.resolveBoolean(i, this.paramValues);
+        };
+        this.resolveString = (i) => {
+            if (i === null) {
+                return i;
+            }
+            return params.resolveString(i, this.paramValues);
+        };
+    }
+    resolveStrings(dest, src, ...keys) {
+        for (const key of keys) {
+            const orig = src[key];
+            if (typeof orig === "undefined") {
+                continue;
+            }
+            dest[key] = orig === null ? null : params.resolveString(orig, this.paramValues);
+        }
+    }
+    resolveInts(dest, src, ...keys) {
+        for (const key of keys) {
+            const orig = src[key];
+            if (typeof orig === "undefined") {
+                continue;
+            }
+            dest[key] = orig === null ? null : params.resolveInt(orig, this.paramValues);
+        }
+    }
+}
 function toBackend(build, paramValues) {
+    const r = new Resolver(paramValues);
     const bkEndpoints = [];
     for (const endpointId of Object.keys(build.endpoints)) {
         const bdEndpoint = build.endpoints[endpointId];
@@ -43,39 +83,37 @@ function toBackend(build, paramValues) {
             regions = [api.functionsDefaultRegion];
         }
         for (const region of regions) {
-            const trigger = discoverTrigger(bdEndpoint, paramValues);
+            const trigger = discoverTrigger(bdEndpoint, region, r);
             if (typeof bdEndpoint.platform === "undefined") {
                 throw new error_1.FirebaseError("platform can't be undefined");
             }
-            if (!isMemoryOption(bdEndpoint.availableMemoryMb)) {
+            if (bdEndpoint.availableMemoryMb != null &&
+                !backend.isValidMemoryOption(bdEndpoint.availableMemoryMb)) {
                 throw new error_1.FirebaseError("available memory must be a supported value, if present");
             }
-            let timeout;
-            if (bdEndpoint.timeoutSeconds) {
-                timeout = params.resolveInt(bdEndpoint.timeoutSeconds, paramValues);
-            }
-            else {
-                timeout = 60;
-            }
-            const bkEndpoint = Object.assign({ id: endpointId, project: bdEndpoint.project, region: region, entryPoint: bdEndpoint.entryPoint, platform: bdEndpoint.platform, runtime: bdEndpoint.runtime, timeoutSeconds: timeout }, trigger);
-            proto.renameIfPresent(bkEndpoint, bdEndpoint, "maxInstances", "maxInstances", (from) => {
-                return params.resolveInt(from, paramValues);
+            const bkEndpoint = Object.assign({ id: endpointId, project: bdEndpoint.project, region: region, entryPoint: bdEndpoint.entryPoint, platform: bdEndpoint.platform, runtime: bdEndpoint.runtime }, trigger);
+            proto.copyIfPresent(bkEndpoint, bdEndpoint, "environmentVariables", "labels", "secretEnvironmentVariables", "serviceAccount");
+            proto.convertIfPresent(bkEndpoint, bdEndpoint, "ingressSettings", (from) => {
+                if (from !== null && !backend.AllIngressSettings.includes(from)) {
+                    throw new error_1.FirebaseError(`Cannot set ingress settings to invalid value ${from}`);
+                }
+                return from;
             });
-            proto.renameIfPresent(bkEndpoint, bdEndpoint, "minInstances", "minInstances", (from) => {
-                return params.resolveInt(from, paramValues);
+            proto.convertIfPresent(bkEndpoint, bdEndpoint, "availableMemoryMb", (from) => {
+                const mem = r.resolveInt(from);
+                if (mem !== null && !backend.isValidMemoryOption(mem)) {
+                    logger_1.logger.debug("Warning; setting memory to unexpected value", mem);
+                }
+                return mem;
             });
-            proto.renameIfPresent(bkEndpoint, bdEndpoint, "concurrency", "concurrency", (from) => {
-                return params.resolveInt(from, paramValues);
-            });
-            proto.copyIfPresent(bkEndpoint, bdEndpoint, "ingressSettings", "availableMemoryMb", "environmentVariables", "labels");
-            proto.copyIfPresent(bkEndpoint, bdEndpoint, "secretEnvironmentVariables");
+            r.resolveInts(bkEndpoint, bdEndpoint, "timeoutSeconds", "maxInstances", "minInstances", "concurrency");
+            proto.convertIfPresent(bkEndpoint, bdEndpoint, "cpu", (0, functional_1.nullsafeVisitor)((cpu) => (cpu === "gcf_gen1" ? cpu : r.resolveInt(cpu))));
             if (bdEndpoint.vpc) {
                 bkEndpoint.vpc = { connector: params.resolveString(bdEndpoint.vpc.connector, paramValues) };
                 proto.copyIfPresent(bkEndpoint.vpc, bdEndpoint.vpc, "egressSettings");
             }
-            proto.renameIfPresent(bkEndpoint, bdEndpoint, "serviceAccountEmail", "serviceAccount");
-            if ("serviceAccountEmail" in bkEndpoint && !bdEndpoint.serviceAccount) {
-                delete bkEndpoint.serviceAccountEmail;
+            else if (bdEndpoint.vpc === null) {
+                bkEndpoint.vpc = null;
             }
             bkEndpoints.push(bkEndpoint);
         }
@@ -85,101 +123,75 @@ function toBackend(build, paramValues) {
     return bkend;
 }
 exports.toBackend = toBackend;
-function discoverTrigger(endpoint, paramValues) {
-    const resolveInt = (from) => params.resolveInt(from, paramValues);
-    const resolveString = (from) => params.resolveString(from, paramValues);
-    const resolveBoolean = (from) => params.resolveBoolean(from, paramValues);
-    let trigger;
+function discoverTrigger(endpoint, region, r) {
     if ("httpsTrigger" in endpoint) {
-        const bkHttps = {};
-        if (endpoint.httpsTrigger.invoker) {
-            bkHttps.invoker = endpoint.httpsTrigger.invoker;
+        const httpsTrigger = {};
+        if (endpoint.httpsTrigger.invoker === null) {
+            httpsTrigger.invoker = null;
+        }
+        else if (typeof endpoint.httpsTrigger.invoker !== "undefined") {
+            httpsTrigger.invoker = endpoint.httpsTrigger.invoker.map(r.resolveString);
         }
-        trigger = { httpsTrigger: bkHttps };
+        return { httpsTrigger };
     }
     else if ("callableTrigger" in endpoint) {
-        trigger = { callableTrigger: {} };
+        return { callableTrigger: {} };
     }
     else if ("blockingTrigger" in endpoint) {
-        trigger = { blockingTrigger: endpoint.blockingTrigger };
+        return { blockingTrigger: endpoint.blockingTrigger };
     }
     else if ("eventTrigger" in endpoint) {
-        const bkEventFilters = {};
-        for (const [key, value] of Object.entries(endpoint.eventTrigger.eventFilters)) {
-            bkEventFilters[key] = params.resolveString(value, paramValues);
-        }
-        const bkEvent = {
+        const eventTrigger = {
             eventType: endpoint.eventTrigger.eventType,
-            eventFilters: bkEventFilters,
-            retry: resolveBoolean(endpoint.eventTrigger.retry || false),
+            retry: r.resolveBoolean(endpoint.eventTrigger.retry) || false,
         };
-        if (endpoint.eventTrigger.eventFilterPathPatterns) {
-            const bkEventFiltersPathPatterns = {};
-            for (const [key, value] of Object.entries(endpoint.eventTrigger.eventFilterPathPatterns)) {
-                bkEventFiltersPathPatterns[key] = params.resolveString(value, paramValues);
-            }
-            bkEvent.eventFilterPathPatterns = bkEventFiltersPathPatterns;
-        }
-        if (endpoint.eventTrigger.serviceAccount) {
-            bkEvent.serviceAccountEmail = endpoint.eventTrigger.serviceAccount;
+        if (endpoint.eventTrigger.eventFilters) {
+            eventTrigger.eventFilters = (0, functional_1.mapObject)(endpoint.eventTrigger.eventFilters, r.resolveString);
         }
-        if (endpoint.eventTrigger.region) {
-            bkEvent.region = resolveString(endpoint.eventTrigger.region);
-        }
-        if (endpoint.eventTrigger.channel) {
-            bkEvent.channel = endpoint.eventTrigger.channel;
+        if (endpoint.eventTrigger.eventFilterPathPatterns) {
+            eventTrigger.eventFilterPathPatterns = (0, functional_1.mapObject)(endpoint.eventTrigger.eventFilterPathPatterns, r.resolveString);
         }
-        trigger = { eventTrigger: bkEvent };
+        r.resolveStrings(eventTrigger, endpoint.eventTrigger, "serviceAccount", "region", "channel");
+        return { eventTrigger };
     }
     else if ("scheduleTrigger" in endpoint) {
         const bkSchedule = {
-            schedule: resolveString(endpoint.scheduleTrigger.schedule),
-            timeZone: resolveString(endpoint.scheduleTrigger.timeZone),
+            schedule: r.resolveString(endpoint.scheduleTrigger.schedule),
+            timeZone: r.resolveString(endpoint.scheduleTrigger.timeZone),
         };
-        const bkRetry = {};
-        if (endpoint.scheduleTrigger.retryConfig.maxBackoffSeconds) {
-            bkRetry.maxBackoffDuration = proto.durationFromSeconds(resolveInt(endpoint.scheduleTrigger.retryConfig.maxBackoffSeconds));
+        if (endpoint.scheduleTrigger.retryConfig) {
+            const bkRetry = {};
+            r.resolveInts(bkRetry, endpoint.scheduleTrigger.retryConfig, "maxBackoffSeconds", "minBackoffSeconds", "maxRetrySeconds", "retryCount", "maxDoublings");
+            bkSchedule.retryConfig = bkRetry;
         }
-        if (endpoint.scheduleTrigger.retryConfig.minBackoffSeconds) {
-            bkRetry.minBackoffDuration = proto.durationFromSeconds(resolveInt(endpoint.scheduleTrigger.retryConfig.minBackoffSeconds));
+        else if (endpoint.scheduleTrigger.retryConfig === null) {
+            bkSchedule.retryConfig = null;
         }
-        if (endpoint.scheduleTrigger.retryConfig.maxRetrySeconds) {
-            bkRetry.maxRetryDuration = proto.durationFromSeconds(resolveInt(endpoint.scheduleTrigger.retryConfig.maxRetrySeconds));
-        }
-        proto.copyIfPresent(bkRetry, endpoint.scheduleTrigger.retryConfig, "retryCount", "maxDoublings");
-        bkSchedule.retryConfig = bkRetry;
-        trigger = { scheduleTrigger: bkSchedule };
+        return { scheduleTrigger: bkSchedule };
     }
     else if ("taskQueueTrigger" in endpoint) {
-        const bkTaskQueue = {};
+        const taskQueueTrigger = {};
         if (endpoint.taskQueueTrigger.rateLimits) {
-            const bkRateLimits = {};
-            proto.renameIfPresent(bkRateLimits, endpoint.taskQueueTrigger.rateLimits, "maxConcurrentDispatches", "maxConcurrentDispatches", resolveInt);
-            proto.renameIfPresent(bkRateLimits, endpoint.taskQueueTrigger.rateLimits, "maxDispatchesPerSecond", "maxDispatchesPerSecond", resolveInt);
-            bkTaskQueue.rateLimits = bkRateLimits;
+            taskQueueTrigger.rateLimits = {};
+            r.resolveInts(taskQueueTrigger.rateLimits, endpoint.taskQueueTrigger.rateLimits, "maxConcurrentDispatches", "maxDispatchesPerSecond");
+        }
+        else if (endpoint.taskQueueTrigger.rateLimits === null) {
+            taskQueueTrigger.rateLimits = null;
         }
         if (endpoint.taskQueueTrigger.retryConfig) {
-            const bkRetryConfig = {};
-            proto.renameIfPresent(bkRetryConfig, endpoint.taskQueueTrigger.retryConfig, "maxAttempts", "maxAttempts", resolveInt);
-            proto.renameIfPresent(bkRetryConfig, endpoint.taskQueueTrigger.retryConfig, "maxBackoffSeconds", "maxBackoffSeconds", (from) => {
-                return proto.durationFromSeconds(resolveInt(from));
-            });
-            proto.renameIfPresent(bkRetryConfig, endpoint.taskQueueTrigger.retryConfig, "minBackoffSeconds", "minBackoffSeconds", (from) => {
-                return proto.durationFromSeconds(resolveInt(from));
-            });
-            proto.renameIfPresent(bkRetryConfig, endpoint.taskQueueTrigger.retryConfig, "maxRetrySeconds", "maxRetryDurationSeconds", (from) => {
-                return proto.durationFromSeconds(resolveInt(from));
-            });
-            proto.renameIfPresent(bkRetryConfig, endpoint.taskQueueTrigger.retryConfig, "maxDoublings", "maxDoublings", resolveInt);
-            bkTaskQueue.retryConfig = bkRetryConfig;
+            taskQueueTrigger.retryConfig = {};
+            r.resolveInts(taskQueueTrigger.retryConfig, endpoint.taskQueueTrigger.retryConfig, "maxAttempts", "maxBackoffSeconds", "minBackoffSeconds", "maxRetrySeconds", "maxDoublings");
+        }
+        else if (endpoint.taskQueueTrigger.retryConfig === null) {
+            taskQueueTrigger.retryConfig = null;
         }
         if (endpoint.taskQueueTrigger.invoker) {
-            bkTaskQueue.invoker = endpoint.taskQueueTrigger.invoker.map((sa) => resolveString(sa));
+            taskQueueTrigger.invoker = endpoint.taskQueueTrigger.invoker.map(r.resolveString);
         }
-        trigger = { taskQueueTrigger: bkTaskQueue };
-    }
-    else {
-        (0, functional_1.assertExhaustive)(endpoint);
+        else if (endpoint.taskQueueTrigger.invoker === null) {
+            taskQueueTrigger.invoker = null;
+        }
+        return { taskQueueTrigger };
     }
-    return trigger;
+    (0, functional_1.assertExhaustive)(endpoint);
 }

package/lib/deploy/functions/ensure.js

@@ -67,7 +67,7 @@ exports.cloudBuildEnabled = cloudBuildEnabled;
 async function secretsToServiceAccounts(b) {
     const secretsToSa = {};
     for (const e of backend.allEndpoints(b)) {
-        const sa = e.serviceAccountEmail || (await module.exports.defaultServiceAccount(e));
+        const sa = e.serviceAccount || (await module.exports.defaultServiceAccount(e));
         for (const s of e.secretEnvironmentVariables || []) {
             const serviceAccounts = secretsToSa[s.secret] || new Set();
             serviceAccounts.add(sa);

package/lib/deploy/functions/params.js

@@ -104,7 +104,10 @@ function canSatisfyParam(param, value) {
 }
 async function resolveParams(params, projectId, userEnvs) {
     const paramValues = {};
-    for (const param of params.filter((param) => userEnvs.hasOwnProperty(param.param))) {
+    const [provided, outstanding] = (0, functional_1.partition)(params, (param) => {
+        return {}.hasOwnProperty.call(userEnvs, param.param);
+    });
+    for (const param of provided) {
         if (!canSatisfyParam(param, userEnvs[param.param])) {
             throw new error_1.FirebaseError("Parameter " +
                 param.param +
@@ -114,7 +117,7 @@ async function resolveParams(params, projectId, userEnvs) {
         }
         paramValues[param.param] = userEnvs[param.param];
     }
-    for (const param of params.filter((param) => !userEnvs.hasOwnProperty(param.param))) {
+    for (const param of outstanding) {
         let paramDefault = param.default;
         if (paramDefault && isCEL(paramDefault)) {
             paramDefault = resolveDefaultCEL(param.type, paramDefault, paramValues);

package/lib/deploy/functions/prepare.js

@@ -172,13 +172,13 @@ function inferDetailsFromExisting(want, have, usedDotenv) {
         if (!usedDotenv) {
             wantE.environmentVariables = Object.assign(Object.assign({}, haveE.environmentVariables), wantE.environmentVariables);
         }
-        if (!wantE.availableMemoryMb && haveE.availableMemoryMb) {
+        if (typeof wantE.availableMemoryMb === "undefined" && haveE.availableMemoryMb) {
             wantE.availableMemoryMb = haveE.availableMemoryMb;
         }
-        if (!wantE.concurrency && haveE.concurrency) {
+        if (typeof wantE.concurrency === "undefined" && haveE.concurrency) {
             wantE.concurrency = haveE.concurrency;
         }
-        if (!wantE.cpu && haveE.cpu) {
+        if (typeof wantE.cpu === "undefined" && haveE.cpu) {
             wantE.cpu = haveE.cpu;
         }
         wantE.securityLevel = haveE.securityLevel ? haveE.securityLevel : "SECURE_ALWAYS";

package/lib/deploy/functions/pricing.js

@@ -1,6 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.monthlyMinInstanceCost = exports.canCalculateMinInstanceCost = exports.V2_FREE_TIER = exports.V1_FREE_TIER = exports.V2_RATES = exports.V1_RATES = void 0;
+const backend = require("./backend");
 const V1_REGION_TO_TIER = {
     "us-central1": 1,
     "us-east1": 1,
@@ -110,7 +111,7 @@ function canCalculateMinInstanceCost(endpoint) {
         return true;
     }
     if (endpoint.platform === "gcfv1") {
-        if (!MB_TO_GHZ[endpoint.availableMemoryMb || 256]) {
+        if (!MB_TO_GHZ[endpoint.availableMemoryMb || backend.DEFAULT_MEMORY]) {
             return false;
         }
         if (!V1_REGION_TO_TIER[endpoint.region]) {
@@ -134,7 +135,7 @@ function monthlyMinInstanceCost(endpoints) {
         if (!endpoint.minInstances) {
             continue;
         }
-        const ramMb = endpoint.availableMemoryMb || 256;
+        const ramMb = endpoint.availableMemoryMb || backend.DEFAULT_MEMORY;
         const ramGb = ramMb / 1024;
         if (endpoint.platform === "gcfv1") {
             const cpu = MB_TO_GHZ[ramMb];

package/lib/deploy/functions/prompts.js

@@ -122,7 +122,7 @@ async function promptForMinInstances(options, want, have) {
         .sort(backend.compareFunctions)
         .map((fn) => {
         return (`\t${(0, functionsDeployHelper_1.getFunctionLabel)(fn)}: ${fn.minInstances} instances, ` +
-            backend.memoryOptionDisplayName(fn.availableMemoryMb || 256) +
+            backend.memoryOptionDisplayName(fn.availableMemoryMb || backend.DEFAULT_MEMORY) +
             " of memory each");
     })
         .join("\n");

package/lib/deploy/functions/release/fabricator.js

@@ -301,10 +301,10 @@ class Fabricator {
         endpoint.uri = (_b = resultFunction === null || resultFunction === void 0 ? void 0 : resultFunction.httpsTrigger) === null || _b === void 0 ? void 0 : _b.url;
         let invoker;
         if (backend.isHttpsTriggered(endpoint)) {
-            invoker = endpoint.httpsTrigger.invoker;
+            invoker = endpoint.httpsTrigger.invoker === null ? ["public"] : endpoint.httpsTrigger.invoker;
         }
         else if (backend.isTaskQueueTriggered(endpoint)) {
-            invoker = endpoint.taskQueueTrigger.invoker;
+            invoker = endpoint.taskQueueTrigger.invoker === null ? [] : endpoint.taskQueueTrigger.invoker;
         }
         else if (backend.isBlockingTriggered(endpoint) &&
             v1_1.AUTH_BLOCKING_EVENTS.includes(endpoint.blockingTrigger.eventType)) {
@@ -337,10 +337,10 @@ class Fabricator {
         const serviceName = resultFunction.serviceConfig.service;
         let invoker;
         if (backend.isHttpsTriggered(endpoint)) {
-            invoker = endpoint.httpsTrigger.invoker;
+            invoker = endpoint.httpsTrigger.invoker === null ? ["public"] : endpoint.httpsTrigger.invoker;
         }
         else if (backend.isTaskQueueTriggered(endpoint)) {
-            invoker = endpoint.taskQueueTrigger.invoker;
+            invoker = endpoint.taskQueueTrigger.invoker === null ? [] : endpoint.taskQueueTrigger.invoker;
         }
         else if (backend.isBlockingTriggered(endpoint) &&
             v1_1.AUTH_BLOCKING_EVENTS.includes(endpoint.blockingTrigger.eventType)) {
@@ -477,12 +477,13 @@ class Fabricator {
             .catch(rethrowAs(endpoint, "register blocking trigger"));
     }
     async deleteScheduleV1(endpoint) {
-        const job = scheduler.jobFromEndpoint(endpoint, this.appEngineLocation);
+        const jobName = scheduler.jobNameForEndpoint(endpoint, this.appEngineLocation);
         await this.executor
-            .run(() => scheduler.deleteJob(job.name))
+            .run(() => scheduler.deleteJob(jobName))
             .catch(rethrowAs(endpoint, "delete schedule"));
+        const topicName = scheduler.topicNameForEndpoint(endpoint);
         await this.executor
-            .run(() => pubsub.deleteTopic(job.pubsubTarget.topicName))
+            .run(() => pubsub.deleteTopic(topicName))
             .catch(rethrowAs(endpoint, "delete topic"));
     }
     deleteScheduleV2(endpoint) {

package/lib/deploy/functions/release/index.js

@@ -67,6 +67,10 @@ async function release(context, options, payload) {
     const allErrors = summary.results.filter((r) => r.error).map((r) => r.error);
     if (allErrors.length) {
         const opts = allErrors.length === 1 ? { original: allErrors[0] } : { children: allErrors };
+        logger_1.logger.debug("Functions deploy failed.");
+        for (const error of allErrors) {
+            logger_1.logger.debug(JSON.stringify(error, null, 2));
+        }
         throw new error_1.FirebaseError("There was an error deploying functions", Object.assign(Object.assign({}, opts), { exit: 2 }));
     }
 }