dienianindya
/
tower_mobile
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
No Description
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
tower_mobile/node_modules/firebase-tools/lib/extensions/diagnose.js

diagnose.js 2.6KB
Permalink History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556 
  1. "use strict";

  2. Object.defineProperty(exports, "__esModule", { value: true });

  3. exports.diagnose = void 0;

  4. const extensionsHelper_1 = require("./extensionsHelper");

  5. const getProjectNumber_1 = require("../getProjectNumber");

  6. const utils = require("../utils");

  7. const resourceManager = require("../gcp/resourceManager");

  8. const extensionsApi_1 = require("./extensionsApi");

  9. const prompt_1 = require("../prompt");

  10. const logger_1 = require("../logger");

  11. const error_1 = require("../error");

  12. const SERVICE_AGENT_ROLE = "roles/firebasemods.serviceAgent";

  13. async function diagnose(projectId) {

  14.     const projectNumber = await (0, getProjectNumber_1.getProjectNumber)({ projectId });

  15.     const firexSaProjectId = utils.envOverride("FIREBASE_EXTENSIONS_SA_PROJECT_ID", "gcp-sa-firebasemods");

  16.     const saEmail = `service-${projectNumber}@${firexSaProjectId}.iam.gserviceaccount.com`;

  17.     utils.logLabeledBullet(extensionsHelper_1.logPrefix, "Checking project IAM policy...");

  18.     await (0, extensionsApi_1.listInstances)(projectId);

  19.     let policy;

  20.     try {

  21.         policy = await resourceManager.getIamPolicy(projectId);

  22.         logger_1.logger.debug(policy);

  23.     }

  24.     catch (e) {

  25.         if (e instanceof error_1.FirebaseError && e.status === 403) {

  26.             throw new error_1.FirebaseError("Unable to get project IAM policy, permission denied (403). Please " +

  27.                 "make sure you have sufficient project privileges or if this is a brand new project " +

  28.                 "try again in a few minutes.");

  29.         }

  30.         throw e;

  31.     }

  32.     if (policy.bindings.find((b) => b.role === SERVICE_AGENT_ROLE && b.members.includes("serviceAccount:" + saEmail))) {

  33.         utils.logLabeledSuccess(extensionsHelper_1.logPrefix, "Project IAM policy OK");

  34.         return true;

  35.     }

  36.     else {

  37.         utils.logWarning("Firebase Extensions Service Agent is missing a required IAM role " +

  38.             "`Firebase Extensions API Service Agent`.");

  39.         const fix = await (0, prompt_1.promptOnce)({

  40.             type: "confirm",

  41.             message: "Would you like to fix the issue by updating IAM policy to include Firebase " +

  42.                 "Extensions Service Agent with role `Firebase Extensions API Service Agent`",

  43.         });

  44.         if (fix) {

  45.             policy.bindings.push({

  46.                 role: SERVICE_AGENT_ROLE,

  47.                 members: ["serviceAccount:" + saEmail],

  48.             });

  49.             await resourceManager.setIamPolicy(projectId, policy, "bindings");

  50.             utils.logSuccess("Project IAM policy updated successfully");

  51.             return true;

  52.         }

  53.         return false;

  54.     }

  55. }

  56. exports.diagnose = diagnose;