Firebase Cloud Functions run on top of GCP, so, do they support using a vpc connector?
What I'm trying to achieve is to limit a forward-proxy server to only accept requests from the internal network, but since Cloud Functions doesn't support static IPs, the only way would be via vpc connector.
This seems now to be handled in latest firebase-tools v8.9.0 version.
Must be used in conjunction with firebase-functions v3.11.0 or higher
https://github.com/firebase/firebase-tools/releases/tag/v8.9.0
functions
.runWith({
vpcConnector: 'test-connector',
vpcConnectorEgressSettings: 'PRIVATE_RANGES_ONLY'
})
.auth.user()
.onCreate((user) => user);
Cloud Functions for Firebase doesn't actually run "on top of" GCP. Firebase just adds tools and SDKs that make Cloud Functions easier to use for some developers. The core Cloud Functions product is exactly the same, no matter if you're building and deploying with Firebase tools or gcloud.
You should still be able to configure a VPC connector for functions deployed with the Firebase CLI. You will just not able able to configure it on the command line like you can with gcloud. Instead, you will have to configure the connector in the Cloud console after deploying the function, exactly as described in the documentation you linked to.
Since Firebase is just a wrapper for Google Cloud Functions, just bypass the Firebase CLI and use the one with more parameters. (Google Cloud CLI)
i.e.
$ gcloud functions deploy <function_name> --trigger-http --runtime nodejs10 --vpc-connector projects/<your_project_name>/locations/<your-vpc-region>/connectors/<vpc_name> --service-account <your-role-name>
Source:
https://cloud.google.com/functions/docs/networking/connecting-vpc
Related
I have the firebase emulator running in a docker container locally for testing. The emulator includes everything I'm using for my app (firestore, auth, functions, storage) so that I can develop and test independently of the production environment.
However, I'm getting these warnings which are making me nervous:
functions: Beginning execution of "myFunction"
⚠ External network resource requested!
- URL: "http://---.---.---.---/computeMetadata/v1/instance"
- Be careful, this may be a production service.
I don't know what that URL is? Does it mean I've misconfigured something somewhere?
I'm also getting these warnings:
⚠ emulators: You are not currently authenticated so some features may not work correctly. Please run firebase login to authenticate the CLI.
⚠ functions: You are not signed in to the Firebase CLI. If you have authorized this machine using gcloud application-default credentials those may be discovered and used to access production services.
⚠ functions: Unable to fetch project Admin SDK configuration, Admin SDK behavior in Cloud Functions emulator may be incorrect.
But I don't think I want to authenticate, right? I don't want to touch anything to do with the live project on production while testing locally. Can I safely ignore these, or is there a good reason to authenticate?
The warnings are indicative that there had some issues while initialization during the setup for emulators .
Make sure that the emulator is installed by the following command: firebase setup:emulators:firestore, for this you can refer Documentation.
Deploy your function in the firebase in order to get recognized. you can refer to the Documentation using firebase deploy --only functions
Also to be sure please check your Firebase json and see if the local host is configured and not the production host,just to be sure.
For further reference you can follow up the stackoverflow thread Docker authentication issueand Firestore emulatorwhere a similar issue has been raised by other users which might be helpful.
So AFAIK, all triggered cloud functions can essentially be deployed using google deploy command which in turn allows me to deploy through terraform through similar parametrization. That being said, I can't seem to deploy a https callable function with:
event_trigger {
event_type = "https.onCall"
resource = ""
}
My assumption is that it's because https callables are explicitly a firebase only "system".
Has anyone gone through this kind of situation before?
Firebase's callable functions are just HTTPS functions that follow a special protocol. The function-side wrapper around that is provided by the firebase-functions SDK and deployed only by the Firebase CLI. If you can't use the Firebase CLI, you're going to have a hard time coming up with an equivalent way to deploy that code. It might be easier to just code your own protocol on both the client and function and deploy with the tools that are compatible with your deployment process.
When i use firebase deploy --only functions to deploy cloud functions for firebase, i discover, that this functions are deployed with the authentication flag allUsers.
How can i deploy firebase cloud function with private by default as mentioned here ?
There is no way to set this access control level of Cloud Functions through the Firebase CLI. It currently indeed always sets the access to allow all users. It sounds like a reasonable request to allow control of this though, so I'd file a feature request and possibly a PR on the repo.
For now: if you want to set this access level, you will have to do so in the Cloud console as explained in the Google Cloud documentation on controlling access on a function.
Trying to write integrations tests for HTTPS function (implemented as an express app) that use Firestore as DB
Since its an integration test, I don't want to mock the Firestore DB in this case, however, since they perform network calls, they take time to execute
Is there a Firestore local emulator to use in this scenario? There is an option to config Firestore in offline mode, maybe that's the way? Didn't find any documentation in Firebase on this use case
AskFirebase
You have to setup a Firestore emulator locally (assuming you already have firebase-cli installed):
$ firebase setup:emulators:firestore
Then run the emulator:
$ firebase serve --only firestore
With the emulator running, you can run your test suites.
In order to write tests you can use the #firebase/testing package. For more information, check the official documentation here.
There is also an official quickstart repository on GitHub, which shows how to test Firestore locally, both using JavaScript and Typescript. You can find it here.
When emulating firebase functions locally is there a way to change the function timeout from the default 60s?
--idlePruneInterval has been added as an option to the google cloud emulator CLI: https://github.com/GoogleCloudPlatform/cloud-functions-emulator/issues/66
This option doesn't appear to work is not officially supported in either the firebase serve mode:
firebase serve --only functions --idlePruneInterval=5000
or the experimental shell emulation:
firebase experimental:functions:shell --idlePruneInterval=5000
Is there another way around this problem? Perhaps editing a config file?
The Cloud Functions emulator from Firebase is separate from the one provided by the Google Cloud Platform org. The command line parameters from one won't necessarily work on the other.