Firebase
- Google Cloud Resource Manager - to restore deleted projects
- GitHub nodejs-firestore
- https://github.com/shankben/firebase-migrator - Firebase to Amplify converter
- build debug functions in vscode - and web hosting
firebase cli
# set default project gcloud projects list gcloud config set project <prj> firebase projects:list firebase use <prj> npm install -g firebase-tools firebase login:list firebase logout firebase login --no-localhost # on embedded firebase projects:list firebase use <prj> firebase init # pick hosting and functions. No to overwrites firebase deploy # from ci example firebase deploy \ -m "Pipe $CI_PIPELINE_ID Build $CI_BUILD_ID" \ --only hosting:<YOUR TARGET NAME> \ --non-interactive \ --token $FIREBASE_TOKEN firebase deploy -P pname --only hosting firebase deploy -P pname --only functions firebase deploy -P pname --only firestore:indexes
Auth
- User import/export
firebase auth:export saved.json --format=FILE_FORMAT firebase auth:import saved.json \ --hash-algo=SCRYPT \ --hash-key=KEY \ --salt-separator=SALT_SEPARATOR \ --rounds=ROUNDS \ --mem-cost=MEM_COST \ --parallelization=PARALLELIZATION \ --block-size=BLOCK_SIZE \ --dk-len=DK_LEN \ --hash-input-order=HASH_INPUT_ORDER
- User import/export
Functions
firebase deploy -P <project> --only functions- Need to upgrade to 2nd Gen
You'll also need to update your functions code. Any functions that use
functions.configwill now need to useprocess.envinstead, as shown in Upgrade to 2nd gen.
1st gen config
firebase -P di-stage functions:config:get firebase functions:config:set \ someservice.key="THE API KEY" \ someservice.id="THE CLIENT ID"
- Need to upgrade to 2nd Gen
Excercise the API
Emulator
Backup firestore
- Manually
gcloud firestore export gs://xx-backups-prod/gcloud projects add-iam-policy-binding xx-firebase-pro-fb666 \ --member serviceAccount:x-firebase-pro-x@appspot.gserviceaccount.com \ --role roles/datastore.importExportAdmin gsutil iam ch \ serviceAccount:xx-firebase-pro-x@appspot.gserviceaccount.com:admin \ gs://xx-backups-prod/firestore-backups # set sa role to read a bucket gsutil iam ch \ serviceAccount:di-dev-x@appspot.gserviceaccount.com:roles\ /storage.objectViewer gs://prm-dev-export-firebase # then restore gcloud firestore import \ gs://x-export-firebase/xx17T16:01:x/xx-03-17T16:01:xx.overall_export_metadata # troubleshooting. list bindings to SA gsutil iam get gs://prm-dev-export-firebase
Using Terraform
- Terraform GCP Example
- Follow setup here for base project
- Attach billing
Follow errors from terraform like…
│ Error: failed pre-requisites: missing permission on "billingAccounts/xx-C347DA": billing.resourceAssociations.create │ │ with google_project.default, │ on main.tf line 6, in resource "google_project" "default": │ 6: resource "google_project" "default" { # need to add this permission to base account
Find Role with a permission
- project → IAM → Roles
- Put permission string in filter like
billing.resourceAssociations.create
- Click on resulting roles to check permission set and get id
roles/billing.user
- Add policy binding
export G_ORG=10xx69 export G_PRJ=baseproject-39x gcloud projects get-iam-policy baseproject-39x --format=json > ./policy.json gcloud projects set-iam-policy baseproject-39x ./policy.json # or gcloud projects add-iam-policy-binding baseproject-39x \ --member='serviceAccount:terraformaccess@baseproject-392x.iam.gserviceaccount.com' \ --role='projects/baseproject-39x/roles/billing.user' # had to use org for billing gcloud organizations get-iam-policy 1066x69 --format=json > ./policy-org.json gcloud organizations set-iam-policy 1066x69 ./policy-org.json { "members": [ "serviceAccount:serviceaccountbase@baseproject-39x.iam.gserviceaccount.com" ], "role": "roles/billing.user" } gcloud resource-manager folders list --organization $G_ORG xx organizations/106x69 78x683
- another get started page
- Terraform GCP Example