How to use the GOOGLE_APPLICATION_CREDENTIALS in an Azure Pipeline to publish on firebase?
I've a git repository on our Azure Devop. I publish the application on firebase everytime it is published on master.
Here is my current YML:
trigger:
- master
pool: vmImage: ubuntu-latest
steps:
- task: NodeTool@0 inputs:
versionSpec: '14.x' displayName: 'Install Node.js'
- task: CmdLine@2 inputs:
script: 'npm install -g firebase-tools'
workingDirectory: '$(Agent.ToolsDirectory)' displayName: 'install firebase tools'
- script: |
npm install
npm run build displayName: 'npm install and build'
- script: |
cd functions
npm install displayName: 'install functions dependencies'
- task: CmdLine@2 inputs:
script: 'firebase deploy --token "$(FIREBASE_TOKEN)" -m "$(Build.BuildNumber)"' displayName: 'firebase publish -m "$(Build.BuildNumber)"'
I recently noticed the following warning in my jobs:
! Authenticating with a
login:citoken is deprecated and will be removed in a future major version offirebase-tools. Instead, use a service account key withGOOGLE_APPLICATION_CREDENTIALS: https://cloud.google.com/docs/authentication/getting-started
The article is not quite clear, it talks more about how to access stuff within code, not directly with firebase deploy. After some search I was able to find multiple example with a JSON file.
But in my case, with a git repository and a pipeline, I'm not sure how to proceed:
- I don't want to store in the git repository a file with the credentials, it has to be some kind of secret stored in azure devop.
- Azure Devop doesn't allow me to store file, only string
So, if I've generated this json, how can I use it? Or is there another method?
Here is what you need to do.
You go to your Firebase console, open the project you want, and then do the following steps
- Click on the engine icon on the sidebar
- Click "Project settings" link.
- Click the "Service accounts" tab.
- Click the "Generate new private key" button to download a JSON file containing the service account credentials.
p.s.: Here is a image showing where each step is located. Sorry for the image in Portuguese 😅, I'm from Brazil.
Then you will create a variable named GOOGLE_APPLICATION_CREDENTIALS in your Azure DevOps pipeline with the content of the json file you just downloaded. Just like the images bellow.
And the last step is to include the deploy step in your pipeline. It will look like these:
- script: |
echo $GOOGLE_APPLICATION_CREDENTIALS > $HOME/gcloud.json
export GOOGLE_APPLICATION_CREDENTIALS=$HOME/gcloud.json
firebase deploy --only hosting
displayName: 'Deploy to Firebase Hosting'
Assuming that your project is correctly set up with the .firebaserc and firebase.json files, everything should work just fine.
p.s.: Remember to mark the Keep this value secret checkbox in your Azure DevOps variable after everything is set up, to leaving public your admin privates keys from the json file.
- iOS - New Firebase Crashlytics (4.0.0-beta.5) - dSYM upload fails
- Default GCP IAM roles from Firebase
- Get timeStamp from firebase without changing its timeZone
- com.google.firebase.database.DatabaseException : Expected a Map while deserializing, but got a class java.lang.Long
- Swift pods cannot yet be integrated as static libraries FirebaseCoreInternal-library
- Modifier 'override' is not applicable to 'local function'
- Do I need to release my app on Play Store to use Firebase Phone Auth without reCAPTCHA opening in Chrome?
- Specs satisfying the `Firebase/Functions` dependency were found, but they required a higher minimum deployment target
- firebase cloud functions http error code 403
- Argument of type 'EnvironmentProviders' is not assignable to parameter of type 'ImportProvidersSource'.ts(2345) in Angular Firebase project
- How do I get a Flutter project running on MacOS to successfully use Firestore?
- How do I change the url of the database for Firebase Cloud Function onCreate call on a reference?
- How do I specify Firebase Rules to allow an Admin user, in the same organization, be able to read documents belonging to other users
- java.lang.IllegalAccessError: superclass access check failed: class org.jetbrains.kotlin.kapt3.base.javac.KaptJavaCompiler?
- Firestore write fails in iOS native despite valid Flutter login
- I am getting Xcode abseil undefined symbol error
- Firebase Functions: Could not create or update Cloud Run service, Container Healthcheck failed
- GeoFire on iOS with Firebase 5
- Cross domain state cookie issue with proxied Firebase Functions
- My firebase function update document takes MINUTES to execute the first time
- App check on flutter web - debug token not working
- How to import a library in Python for Firebase functions?
- Firebase database rules don't apply to collection
- Clarification on FCM Batch Import Limit for Subscribing App Instances
- cloud_firestore/permission-denied] The caller does not have permission to execute the specified operation
- Firebase update multi-factor phone number
- Issue after Flutter Firebase upgrade? ARC Semantic Issue (Xcode): No known class method for selector 'appleCredentialWithIDToken:rawNonce:fullName:'
- Fetch data from FireBase remoteConfig into a SSR NextJs Component
- `firebase deploy` throws an error "TypeError Cannot read properties of null (reading 'length')"
- Angular - Prod Build not generating unique hashes