-
Notifications
You must be signed in to change notification settings - Fork 902
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adds new alerting event provider (#4258)
* adding notes * fixing api of firealerts service object * cleaning up and adding tests * naming * changelog entry * we now pass in projectId and projectNumber from prepare to requireProjectBindings * updating error message * addressing pr comments * removing unused import
- Loading branch information
1 parent
37ee4b4
commit e9ce087
Showing
11 changed files
with
213 additions
and
28 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,3 @@ | ||
- Fixes bug where functions' memory configurations weren't preserved in batched function deploys (#4253). | ||
- `ext:export` now uses stable ordering for params in .env files (#4256). | ||
- Adds alerting event provider (#4258). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
import * as backend from "../backend"; | ||
import * as iam from "../../../gcp/iam"; | ||
import { getProjectNumber } from "../../../getProjectNumber"; | ||
import { FirebaseError } from "../../../error"; | ||
|
||
export const SERVICE_ACCOUNT_TOKEN_CREATOR_ROLE = "roles/iam.serviceAccountTokenCreator"; | ||
|
||
/** | ||
* Finds the required project level IAM bindings for the Pub/Sub service agent | ||
* If the user enabled Pub/Sub on or before April 8, 2021, then we must enable the token creator role | ||
* @param projectId project identifier | ||
* @param existingPolicy the project level IAM policy | ||
*/ | ||
export function obtainFirebaseAlertsBindings( | ||
projectNumber: string, | ||
existingPolicy: iam.Policy | ||
): Promise<Array<iam.Binding>> { | ||
const pubsubServiceAgent = `serviceAccount:service-${projectNumber}@gcp-sa-pubsub.iam.gserviceaccount.com`; | ||
let pubsubBinding = existingPolicy.bindings.find( | ||
(b) => b.role === SERVICE_ACCOUNT_TOKEN_CREATOR_ROLE | ||
); | ||
if (!pubsubBinding) { | ||
pubsubBinding = { | ||
role: SERVICE_ACCOUNT_TOKEN_CREATOR_ROLE, | ||
members: [], | ||
}; | ||
} | ||
if (!pubsubBinding.members.find((m) => m === pubsubServiceAgent)) { | ||
pubsubBinding.members.push(pubsubServiceAgent); | ||
} | ||
return Promise.resolve([pubsubBinding]); | ||
} | ||
|
||
/** | ||
* Sets a Firebase Alerts event trigger's region to 'global' since the service is global | ||
* @param endpoint the storage endpoint | ||
* @param eventTrigger the endpoints event trigger | ||
*/ | ||
export function ensureFirebaseAlertsTriggerRegion( | ||
endpoint: backend.Endpoint & backend.EventTriggered | ||
): Promise<void> { | ||
if (!endpoint.eventTrigger.region) { | ||
endpoint.eventTrigger.region = "global"; | ||
} | ||
if (endpoint.eventTrigger.region !== "global") { | ||
throw new FirebaseError("A firebase alerts trigger must specify 'global' trigger location"); | ||
} | ||
return Promise.resolve(); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.