How to use Cloud run from different project/domain? - firebase

I have Cloud run function deployed on one different project than a webapp hosted on firebase.
In firebase documentation it provides a way to call Cloud Run containers, but I can only specify serviceId and that service is not running in the same project as firebase container, so if I try to deploy it any way I get error 400.
Error: HTTP Error: 400, Cloud Run service `service-name` does not exist in region `europe-north1` in this project.
I did not see a way to specify a project id in the rewrites config.
Is there a way to call for firebase projects to call Cloud run containers from a different project?
P.S. I am aware that I can call it over "regular" HTTPS however I would like to reduce the traffic and maybe even some billing.

Related

Which is the most optimal base url for functions fetch calls?

Background: Some days ago, Firebase Hosting added support for NextJS.
I have Firebase Functions and Firebase Hosting inside the same project.
I'm implementing an SSR with NextJS in Firebase Hosting, and now I need to run some fetch calls inside getServerSideProps. Those fetch calls will hit my own Firebase Functions, and I wonder if there is a better base-URL for making "local fetch" while getting that data. Some base-URL to tell Firebase Hosting: "Hey, this is a call to a resource that is inside Google".
My goal is to reduce the response time, while reducing the "tracert" stack.
In other words, I need a "local URL" to point locally in the Google-Firebase-Functions-Servers.

Firebase functions emulator requesting external network resource: computeMetadata

I have the firebase emulator running in a docker container locally for testing. The emulator includes everything I'm using for my app (firestore, auth, functions, storage) so that I can develop and test independently of the production environment.
However, I'm getting these warnings which are making me nervous:
functions: Beginning execution of "myFunction"
⚠ External network resource requested!
- URL: "http://---.---.---.---/computeMetadata/v1/instance"
- Be careful, this may be a production service.
I don't know what that URL is? Does it mean I've misconfigured something somewhere?
I'm also getting these warnings:
⚠ emulators: You are not currently authenticated so some features may not work correctly. Please run firebase login to authenticate the CLI.
⚠ functions: You are not signed in to the Firebase CLI. If you have authorized this machine using gcloud application-default credentials those may be discovered and used to access production services.
⚠ functions: Unable to fetch project Admin SDK configuration, Admin SDK behavior in Cloud Functions emulator may be incorrect.
But I don't think I want to authenticate, right? I don't want to touch anything to do with the live project on production while testing locally. Can I safely ignore these, or is there a good reason to authenticate?
The warnings are indicative that there had some issues while initialization during the setup for emulators .
Make sure that the emulator is installed by the following command: firebase setup:emulators:firestore, for this you can refer Documentation.
Deploy your function in the firebase in order to get recognized. you can refer to the Documentation using firebase deploy --only functions
Also to be sure please check your Firebase json and see if the local host is configured and not the production host,just to be sure.
For further reference you can follow up the stackoverflow thread Docker authentication issueand Firestore emulatorwhere a similar issue has been raised by other users which might be helpful.

Can I deploy a Firebase https callable (.onCall) using Terraform?

So AFAIK, all triggered cloud functions can essentially be deployed using google deploy command which in turn allows me to deploy through terraform through similar parametrization. That being said, I can't seem to deploy a https callable function with:
event_trigger {
event_type = "https.onCall"
resource = ""
}
My assumption is that it's because https callables are explicitly a firebase only "system".
Has anyone gone through this kind of situation before?
Firebase's callable functions are just HTTPS functions that follow a special protocol. The function-side wrapper around that is provided by the firebase-functions SDK and deployed only by the Firebase CLI. If you can't use the Firebase CLI, you're going to have a hard time coming up with an equivalent way to deploy that code. It might be easier to just code your own protocol on both the client and function and deploy with the tools that are compatible with your deployment process.

How Can I Obtain GCP service account credentials on Google Cloud Run?

This page explains both:
Obtaining and providing service account credentials manually for developing local, deploying on-premises, or deploying to another public cloud.
Obtaining credentials on Compute Engine, Kubernetes Engine, App Engine flexible environment, and Cloud Functions
But there is no mention of obtaining credentials on Cloud Run. I'd appreciate it if you give instructions for obtaining credentials and setting firebase-admin initializeApp and firebase initializeApp for authentication on Cloud Run.
The documentation suggests that you can use the default service account just like other Google Cloud products as described here. The Firebase Admin SDK should use that account when initialized with no parameters.
There are also steps described if you want to use a non-default service account, which you can simply configure in the console or provide with gcloud.
If you must provide a file that's readable at runtime, you will have to deploy an image with that file added to the image. There is no short set of steps to add that file - you will have to make your docker build include it in a readable location, and your code will know where to look for it in order to load it.

How to access environment-specific Firebase Function endpoints from Firebase Hosted application?

I have three Firebase projects representing Development, Staging and Production environments hosted on Firebase hosting. Each environment utilizes its own deployed Firebase functions like so:
Dev function endpoint: https://us-central1-my-app-dev.cloudfunctions.net/someFunction
Staging function endpoint: https://us-central1-my-app-staging.cloudfunctions.net/someFunction
Production function endpoint: https://us-central1-my-app.cloudfunctions.net/someFunction
I can't figure out how the static, Firebase-hosted client React application should invoke these functions because the URI endpoints of each changes depending on which environment the code is executing from.
Ideally I could set environment-specific configuration for each Firebase Hosting environment; unfortunately the only way to do this in Firebase Hosting is from within Firebase Functions themselves.
How can I retrieve the environment-specific endpoint for each Firebase Function?
You have a couple options here.
First, you could just configure your React app any way you like. It's necessarily not a bad thing for each system component (backend, frontend) to have its own configuration.
Second, since you're using Firebase Hosting to serve your static content, you can also use it to serve your functions API endpoints. This means that both your static content and API endpoints are all served through the same hostname, which means you no longer have to specify the host when making a request. All the requests can be relative to that host. You can achieve this via Hosting rewrite rules.

Resources