Re-do functons:config:export command #8852
Conversation
…istance - Add --prompt flag to generate AI-optimized migration prompts - Implement secret detection with three-tier classification (definite/likely/regular) - Generate comprehensive prompt with system instructions and project context - Maintain backward compatibility with existing .env export functionality
…tion features - Add secret detection warnings with user confirmation - Enhance .env comments with type hints and secret indicators - Add --dry-run flag to preview exports without writing files - Add migration hints for secrets, booleans, and numbers - Add value validation warnings for edge cases - Add comprehensive export summary with next steps - Improve .env file formatting with aligned comments
…odule - Move secret detection, config analysis, and formatting functions to runtimeConfigExport.ts - Extract migration system prompt to prompts/functions-config-migration.md - Add prompts folder to package.json files array for distribution - Update functions:config:export command to use refactored utilities - Improve testability by moving logic to dedicated module
…port functionality - Add --prompt flag to generate AI-optimized migration prompts - Add --dry-run flag to preview exports without writing files - Add --prefix flag to handle invalid environment variable keys - Implement smart secret detection with pattern matching - Enhance .env file formatting with aligned comments and categorized sections - Add secret categorization (definite secrets vs likely secrets vs safe configs) - Comment out detected secrets with migration instructions - Improve error messages for invalid prefixes - Fix JSON mode to be truly non-interactive - Add helpful migration hints and footer notes to .env files
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Summary of Changes
Hello @taeold, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!
This pull request introduces a comprehensive overhaul of the functions:config:export command, aiming to significantly improve the developer experience for managing Firebase Functions configuration. The core purpose is to facilitate a seamless migration from the older functions.config() API to the more modern and secure firebase-functions/params API. This is achieved through the introduction of an AI-assisted migration prompt, intelligent detection and handling of sensitive data, and enhanced .env file generation with new preview and programmatic output options.
Highlights
- AI-Assisted Migration Prompt: The
functions:config:exportcommand now includes a new--promptoption. This generates a detailed markdown prompt designed for an AI assistant, guiding users through the process of migrating legacyfunctions.config()usage to the modernfirebase-functions/paramsAPI, complete with examples and a structured workflow. - Enhanced .env Export Capabilities: The command's
.envfile generation has been significantly improved. It now intelligently detects and categorizes potential secrets, warning users about sensitive data and suggesting the use offirebase functions:secrets:set. The generated.envfiles also include helpful comments, type hints, and clear separation between safe configurations and likely secrets. - New Output Modes: Dry Run and JSON: Users can now preview the generated
.envfiles without writing them to disk using the new--dry-runoption. Additionally, a--jsonoutput mode has been introduced, allowing for programmatic consumption of the export results in a structured JSON format. - Improved Invalid Key Handling: The command provides more robust handling for config keys that cannot be directly converted into valid environment variable names. Users can now specify a
--prefixfor these keys or be interactively prompted for a suitable prefix, ensuring a smoother export process. - Internal Config Analysis Refactoring: New utility functions have been added to the
runtimeConfigExportmodule. These functions are responsible for analyzing config keys, identifying secrets based on patterns, categorizing configurations, and generating enhanced comments and migration hints, forming the backbone of the new features.
Using Gemini Code Assist
The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.
Invoking Gemini
You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.
| Feature | Command | Description |
|---|---|---|
| Code Review | /gemini review |
Performs a code review for the current pull request in its current state. |
| Pull Request Summary | /gemini summary |
Provides a summary of the current pull request in its current state. |
| Comment | @gemini-code-assist | Responds in comments when explicitly tagged, both in issue comments and review comments. |
| Help | /gemini help |
Displays a list of available commands. |
Customization
To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.
Limitations & Feedback
Gemini Code Assist is currently in preview and may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments to provide feedback.
You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.
Footnotes
-
Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩
| @@ -0,0 +1,211 @@ | |||
| ## SYSTEM PROMPT — "Firebase Config Migration Bot" | |||
|
|
|||
| **You are *****Firebase Config Migration Bot*****, an expert tasked with converting 1st Gen Cloud Functions that read **``** into 2nd-gen code that uses the **``** helpers (preferred) or **``** (legacy interop only).** | |||
There was a problem hiding this comment.
The system prompt has empty placeholders **``** which seem to be missing important context for the AI model. This will likely lead to a less effective or incorrect migration guidance.
| **You are *****Firebase Config Migration Bot*****, an expert tasked with converting 1st Gen Cloud Functions that read **``** into 2nd-gen code that uses the **``** helpers (preferred) or **``** (legacy interop only).** | |
| **You are *****Firebase Config Migration Bot*****, an expert tasked with converting 1st Gen Cloud Functions that read `functions.config()` into 2nd-gen code that uses the `define...` helpers (preferred) or `process.env` (legacy interop only).** |
| </example> | ||
|
|
||
| <example> | ||
| ### Example 2 – senitive configurations as secrets |
There was a problem hiding this comment.
There is a typo in the word "senitive". It should be "sensitive".
| ### Example 2 – senitive configurations as secrets | |
| ### Example 2 – sensitive configurations as secrets |
| const SERVICE_API_KEY = defineSecret("SERVICE_API_KEY"); | ||
| const SERVICE_API_ENDPOINT = defineString("SERVICE_API_ENDPOINT"); | ||
|
|
||
| const SERVICE_DB_USER = defineString("SERVICE_DB_USER"); // nested configrations are flattened |
There was a problem hiding this comment.
There is a typo in the word "configrations". It should be "configurations".
| const SERVICE_DB_USER = defineString("SERVICE_DB_USER"); // nested configrations are flattened | |
| const SERVICE_DB_USER = defineString("SERVICE_DB_USER"); // nested configurations are flattened |
|
|
||
| ### Runtime Configuration Analysis | ||
| ${invalidKeysSection} | ||
| #### Configs marked as LIKELY SECRETS by heuristic: |
There was a problem hiding this comment.
The section headers in the generated AI prompt are confusing. The header text and the variable names (definiteSecrets, likelySecrets) could be confusing for someone debugging the prompt generation.
| #### Configs marked as LIKELY SECRETS by heuristic: | |
| #### Configs marked as DEFINITE SECRETS by heuristic: |
| \`\`\`json | ||
| ${JSON.stringify(categorizedConfigs.definiteSecrets, null, 2)} | ||
| \`\`\` | ||
|
|
There was a problem hiding this comment.
The section headers in the generated AI prompt are confusing. The header text and the variable names (definiteSecrets, likelySecrets) could be confusing for someone debugging the prompt generation.
| #### Configs marked as LIKELY SECRETS by heuristic: |
| /* For projects where we failed to fetch the runtime config, find out what permissions are missing in the project. */ | ||
| async function checkRequiredPermission(pInfos: configExport.ProjectConfigInfo[]): Promise<void> { | ||
| async function checkRequiredPermission(pInfos: any[]): Promise<void> { |
There was a problem hiding this comment.
The pInfos parameter is typed as any[], which reduces type safety. Use the more specific configExport.ProjectConfigInfo[] type for pInfos to improve type safety and code clarity.
| async function checkRequiredPermission(pInfos: any[]): Promise<void> { | |
| async function checkRequiredPermission(pInfos: configExport.ProjectConfigInfo[]): Promise<void> { |
| message: | ||
| "Enter a PREFIX to rename invalid environment variable keys (must start with uppercase letter or _):", | ||
| validate: (input) => { | ||
| if (!input || /^[A-Z_]/.test(input)) { |
There was a problem hiding this comment.
The validation logic !input || /^[A-Z_]/.test(input) for the prefix prompt allows an empty string (!input). If the user is being prompted because invalid keys were found that require a prefix, allowing an empty prefix could lead to an infinite loop (until MAX_ATTEMPTS is reached), providing a poor user experience.
| if (!input || /^[A-Z_]/.test(input)) { | |
| if (/^[A-Z_]/.test(input)) { |
src/functions/runtimeConfigExport.ts
Outdated
| output += "# Temporarily uncomment for local development only\n"; | ||
|
|
||
| secrets.forEach(({ newKey, value, origKey }) => { | ||
| const secretType = getSecretType(origKey); |
There was a problem hiding this comment.
The secretType variable is initialized but its value is never used. This is dead code and can be confusing for future maintainers.
src/functions/runtimeConfigExport.ts
Outdated
| /** | ||
| * Generate migration hints for env files based on detected patterns. | ||
| */ | ||
| export function addMigrationHints(envs: EnvMap[]): string { |
There was a problem hiding this comment.
The exported function addMigrationHints is not used anywhere in the codebase. This appears to be dead code.
| /** | ||
| * Validate config values and return warnings for edge cases. | ||
| */ | ||
| export function validateConfigValues(pInfos: ProjectConfigInfo[]): string[] { |
There was a problem hiding this comment.
The exported function validateConfigValues is not used anywhere in the codebase. This appears to be dead code.
- Change export filename from .env.{project} to just .env
- Add project information to file header instead of filename
- Include Firebase documentation link in header and footer
- Update override instructions to suggest .env.local or .env.{projectId}
- Update reserved alias warning message to reflect new behavior
- Fix typos in migration prompt documentation - Fix confusing section headers (DEFINITE vs LIKELY secrets) - Improve type safety by removing 'any' type from checkRequiredPermission - Fix prefix validation to reject empty strings - Remove unused code (secretType variable, getSecretType function) - Remove useless generateDotenvFilename function that just returned '.env' - Keep validateConfigValues for potential future use (has tests)
taeold
force-pushed
the
dl-config-export-prompt
branch
from
5933006 to
b2dc082
Compare
No description provided.