-
Notifications
You must be signed in to change notification settings - Fork 1k
Re-do functons:config:export command #8852
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: master
Are you sure you want to change the base?
Conversation
…istance - Add --prompt flag to generate AI-optimized migration prompts - Implement secret detection with three-tier classification (definite/likely/regular) - Generate comprehensive prompt with system instructions and project context - Maintain backward compatibility with existing .env export functionality
…tion features - Add secret detection warnings with user confirmation - Enhance .env comments with type hints and secret indicators - Add --dry-run flag to preview exports without writing files - Add migration hints for secrets, booleans, and numbers - Add value validation warnings for edge cases - Add comprehensive export summary with next steps - Improve .env file formatting with aligned comments
…odule - Move secret detection, config analysis, and formatting functions to runtimeConfigExport.ts - Extract migration system prompt to prompts/functions-config-migration.md - Add prompts folder to package.json files array for distribution - Update functions:config:export command to use refactored utilities - Improve testability by moving logic to dedicated module
…port functionality - Add --prompt flag to generate AI-optimized migration prompts - Add --dry-run flag to preview exports without writing files - Add --prefix flag to handle invalid environment variable keys - Implement smart secret detection with pattern matching - Enhance .env file formatting with aligned comments and categorized sections - Add secret categorization (definite secrets vs likely secrets vs safe configs) - Comment out detected secrets with migration instructions - Improve error messages for invalid prefixes - Fix JSON mode to be truly non-interactive - Add helpful migration hints and footer notes to .env files
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Summary of Changes
Hello @taeold, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!
This pull request introduces a comprehensive overhaul of the functions:config:export
command, aiming to significantly improve the developer experience for managing Firebase Functions configuration. The core purpose is to facilitate a seamless migration from the older functions.config()
API to the more modern and secure firebase-functions/params
API. This is achieved through the introduction of an AI-assisted migration prompt, intelligent detection and handling of sensitive data, and enhanced .env
file generation with new preview and programmatic output options.
Highlights
- AI-Assisted Migration Prompt: The
functions:config:export
command now includes a new--prompt
option. This generates a detailed markdown prompt designed for an AI assistant, guiding users through the process of migrating legacyfunctions.config()
usage to the modernfirebase-functions/params
API, complete with examples and a structured workflow. - Enhanced .env Export Capabilities: The command's
.env
file generation has been significantly improved. It now intelligently detects and categorizes potential secrets, warning users about sensitive data and suggesting the use offirebase functions:secrets:set
. The generated.env
files also include helpful comments, type hints, and clear separation between safe configurations and likely secrets. - New Output Modes: Dry Run and JSON: Users can now preview the generated
.env
files without writing them to disk using the new--dry-run
option. Additionally, a--json
output mode has been introduced, allowing for programmatic consumption of the export results in a structured JSON format. - Improved Invalid Key Handling: The command provides more robust handling for config keys that cannot be directly converted into valid environment variable names. Users can now specify a
--prefix
for these keys or be interactively prompted for a suitable prefix, ensuring a smoother export process. - Internal Config Analysis Refactoring: New utility functions have been added to the
runtimeConfigExport
module. These functions are responsible for analyzing config keys, identifying secrets based on patterns, categorizing configurations, and generating enhanced comments and migration hints, forming the backbone of the new features.
Using Gemini Code Assist
The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.
Invoking Gemini
You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command>
or @gemini-code-assist <command>
. Below is a summary of the supported commands.
Feature | Command | Description |
---|---|---|
Code Review | /gemini review |
Performs a code review for the current pull request in its current state. |
Pull Request Summary | /gemini summary |
Provides a summary of the current pull request in its current state. |
Comment | @gemini-code-assist | Responds in comments when explicitly tagged, both in issue comments and review comments. |
Help | /gemini help |
Displays a list of available commands. |
Customization
To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/
folder in the base of the repository. Detailed instructions can be found here.
Limitations & Feedback
Gemini Code Assist is currently in preview and may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments to provide feedback.
You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.
Footnotes
-
Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code Review
The code changes introduce the ability to load multiple signed images to a registry using a bulk load feature.
@@ -0,0 +1,211 @@ | |||
## SYSTEM PROMPT — "Firebase Config Migration Bot" | |||
|
|||
**You are *****Firebase Config Migration Bot*****, an expert tasked with converting 1st Gen Cloud Functions that read **``** into 2nd-gen code that uses the **``** helpers (preferred) or **``** (legacy interop only).** |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The system prompt has empty placeholders **``**
which seem to be missing important context for the AI model. This will likely lead to a less effective or incorrect migration guidance.
**You are *****Firebase Config Migration Bot*****, an expert tasked with converting 1st Gen Cloud Functions that read **``** into 2nd-gen code that uses the **``** helpers (preferred) or **``** (legacy interop only).** | |
**You are *****Firebase Config Migration Bot*****, an expert tasked with converting 1st Gen Cloud Functions that read `functions.config()` into 2nd-gen code that uses the `define...` helpers (preferred) or `process.env` (legacy interop only).** |
</example> | ||
|
||
<example> | ||
### Example 2 – senitive configurations as secrets |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
const SERVICE_API_KEY = defineSecret("SERVICE_API_KEY"); | ||
const SERVICE_API_ENDPOINT = defineString("SERVICE_API_ENDPOINT"); | ||
|
||
const SERVICE_DB_USER = defineString("SERVICE_DB_USER"); // nested configrations are flattened |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
|
||
### Runtime Configuration Analysis | ||
${invalidKeysSection} | ||
#### Configs marked as LIKELY SECRETS by heuristic: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The section headers in the generated AI prompt are confusing. The header text and the variable names (definiteSecrets
, likelySecrets
) could be confusing for someone debugging the prompt generation.
#### Configs marked as LIKELY SECRETS by heuristic: | |
#### Configs marked as DEFINITE SECRETS by heuristic: |
\`\`\`json | ||
${JSON.stringify(categorizedConfigs.definiteSecrets, null, 2)} | ||
\`\`\` | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/* For projects where we failed to fetch the runtime config, find out what permissions are missing in the project. */ | ||
async function checkRequiredPermission(pInfos: configExport.ProjectConfigInfo[]): Promise<void> { | ||
async function checkRequiredPermission(pInfos: any[]): Promise<void> { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The pInfos
parameter is typed as any[]
, which reduces type safety. Use the more specific configExport.ProjectConfigInfo[]
type for pInfos
to improve type safety and code clarity.
async function checkRequiredPermission(pInfos: any[]): Promise<void> { | |
async function checkRequiredPermission(pInfos: configExport.ProjectConfigInfo[]): Promise<void> { |
message: | ||
"Enter a PREFIX to rename invalid environment variable keys (must start with uppercase letter or _):", | ||
validate: (input) => { | ||
if (!input || /^[A-Z_]/.test(input)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The validation logic !input || /^[A-Z_]/.test(input)
for the prefix prompt allows an empty string (!input
). If the user is being prompted because invalid keys were found that require a prefix, allowing an empty prefix could lead to an infinite loop (until MAX_ATTEMPTS
is reached), providing a poor user experience.
if (!input || /^[A-Z_]/.test(input)) { | |
if (/^[A-Z_]/.test(input)) { |
src/functions/runtimeConfigExport.ts
Outdated
output += "# Temporarily uncomment for local development only\n"; | ||
|
||
secrets.forEach(({ newKey, value, origKey }) => { | ||
const secretType = getSecretType(origKey); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
src/functions/runtimeConfigExport.ts
Outdated
/** | ||
* Generate migration hints for env files based on detected patterns. | ||
*/ | ||
export function addMigrationHints(envs: EnvMap[]): string { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/** | ||
* Validate config values and return warnings for edge cases. | ||
*/ | ||
export function validateConfigValues(pInfos: ProjectConfigInfo[]): string[] { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- Change export filename from .env.{project} to just .env - Add project information to file header instead of filename - Include Firebase documentation link in header and footer - Update override instructions to suggest .env.local or .env.{projectId} - Update reserved alias warning message to reflect new behavior
- Fix typos in migration prompt documentation - Fix confusing section headers (DEFINITE vs LIKELY secrets) - Improve type safety by removing 'any' type from checkRequiredPermission - Fix prefix validation to reject empty strings - Remove unused code (secretType variable, getSecretType function) - Remove useless generateDotenvFilename function that just returned '.env' - Keep validateConfigValues for potential future use (has tests)
5933006
to
b2dc082
Compare
No description provided.