Reputation: 135
Deploy Firebase Functions, Rules and Indexes to multiple GCP Projects
We are attempting to deploy Firebase Functions, Rules, and Indexes to multiple projects for tenant isolation of data. We are attempting to use Google Cloud Source Repository, but Cloud Build in each project does not have the ability to connect to the Central Project Source Repository - and we have added the required Source Repo IAM rules on our Cloud Build service account.
What is a good solution for deploying our Firebase Functions, Rules, and Indexes from a central repository?
Upvotes: 1
Views: 108
Answers (1)
Reputation: 75910
You can't access to event from a source repository in another project mode. Thereby, you can't set up a trigger on the source repository that don't belong to your project
So, you can imagine this workaround to achieve what you want
Source Project
- Create a PubSub topic (
push-eventfor example) - Configure the trigger that you want which run a Cloud Build
- In this Cloud Build, format a JSON message with all the push data that you want (commit SHA, type of event, repo name,...) and publish this message to
push-eventtopic
Tenant Projects
- Create a cloud function that trigger Cloud Build (focus on that bellow)
- Create a push subscription on the pubsub
push-eventtopic located in the source projet (be sure that the current account that run the terraform has the roles topicViewer and topicSubscriber on thepush-eventtopic (or on the source project))
Note: the first thing that you have to do in the Cloud Build execution is to clone the source repository because you won't have the data automatically downloaded (get the correct source according with the branch, tag or pull event.)
Cloud Functions
I don't know your dev language, but the principle is to perform an API call to the Cloud Build API to launch the build. This API call require the content of the cloudbuild.json. So, in the cloud function,
- You can also clone the source repo (grant the reader permission) in the
/tmpdirectory and then read thecloudbuild.jsonfile to run in your Cloud Build. But it could be difficult in case of branch, tag, or pull context. - You can publish, in addition of other data in the PubSub message published in the source project, the content of the cloudbuild.json file to run by the Cloud Functions in the tenant project.
Upvotes: 1
Related Questions
- Deploy a Cloud Function to different Firebase projects
- How to link Firebase and GCP projects together?
- How to add my project to multiple GCP resource locations?
- Deploy Firebase Functions with different dependencies
- Firebase Cloud function using multiple projects
- Can I use a single Firebase project for multiple Google cloud projects?
- Firebase configuration for multiple projects/environments
- Database Triggered Cloud Functions across multiple Firebase projects
- Have several Firebase Cloud Functions repos on one computer (different Firebase projects)
- Deploy individual Cloud Function for Firebase