GoogleCloudPlatform · rainshen49 · Feb 11, 2025 · Feb 11, 2025 · Feb 11, 2025 · Feb 11, 2025
diff --git a/mmv1/products/firebaseapphosting/Backend.yaml b/mmv1/products/firebaseapphosting/Backend.yaml
@@ -0,0 +1,203 @@
+# Copyright 2025 Google Inc.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+name: Backend
+description: A Backend is the primary resource of App Hosting.
+base_url: projects/{{project}}/locations/{{location}}/backends
+update_mask: true
+self_link: projects/{{project}}/locations/{{location}}/backends/{{backend_id}}
+create_url: projects/{{project}}/locations/{{location}}/backends?backendId={{backend_id}}
+# Always forces deletion because the child resource default `Domain` is always present.
+delete_url: projects/{{project}}/locations/{{location}}/backends/{{backend_id}}?force=true
+update_verb: PATCH
+id_format: projects/{{project}}/locations/{{location}}/backends/{{backend_id}}
+import_format:
+  - "projects/{{project}}/locations/{{location}}/backends/{{backend_id}}"
+  - "{{project}}/{{location}}/{{backend_id}}"
+  - "{{location}}/{{backend_id}}"
+examples:
+  - name: firebase_app_hosting_backend_minimal
+    primary_resource_id: example
+    vars:
+      backend_id: "mini"
+    test_env_vars:
+      project_id: "PROJECT_NAME"
+  - name: firebase_app_hosting_backend_full
+    primary_resource_id: example
+    vars:
+      backend_id: "full"
+    test_env_vars:
+      project_id: "PROJECT_NAME"
+  - name: firebase_app_hosting_backend_github
+    primary_resource_id: example
+    vars:
+      backend_id: "my-backend-gh"
+    test_env_vars:
+      project_id: "PROJECT_NAME"
+    exclude_test: true  # Can't establish a Github connection in automated tests.
+autogen_async: true
+async:
+  operation:
+    timeouts:
+      insert_minutes: 20
+      update_minutes: 20
+      delete_minutes: 20
+    base_url: "{{op_id}}"
+  actions:
+    - create
+    - delete
+    - update
+  type: OpAsync
+  result:
+    resource_inside_response: true
+  include_project: false
+autogen_status: QmFja2VuZA==
+parameters:
+  - name: location
+    type: String
+    description: The canonical IDs of a Google Cloud location such as "us-east1".
+    immutable: true
+    url_param_only: true
+    required: true
+  - name: backendId
+    type: String
+    description: |-
+      Id of the backend. Also used as the service ID for Cloud Run, and as part
+      of the default domain name.
+    immutable: true
+    url_param_only: true
+    required: true
+properties:
+  - name: servingLocality
+    type: Enum
+    description: |-
+      Immutable. Specifies how App Hosting will serve the content for this backend. It will
+      either be contained to a single region (REGIONAL_STRICT) or allowed to use
+      App Hosting's global-replicated serving infrastructure (GLOBAL_ACCESS).
+    enum_values:
+      - "REGIONAL_STRICT"
+      - "GLOBAL_ACCESS"
+    immutable: true
+    required: true
+  - name: appId
+    type: String
+    description: |-
+      The [ID of a Web
+      App](https://firebase.google.com/docs/reference/firebase-management/rest/v1beta1/projects.webApps#WebApp.FIELDS.app_id)
+      associated with the backend.
+    required: true
+  - name: serviceAccount
+    type: String
+    description: |-
+      The name of the service account used for Cloud Build and Cloud Run.
+      Should have the role roles/firebaseapphosting.computeRunner
+      or equivalent permissions.
+    required: true
+  - name: annotations
+    type: KeyValueAnnotations
+    description: |-
+      Unstructured key value map that may be set by external tools to
+      store and arbitrary metadata. They are not queryable and should be
+      preserved when modifying objects.
+  - name: displayName
+    type: String
+    description: Human-readable name. 63 character limit.
+  - name: environment
+    type: String
+    description: |-
+      The environment name of the backend, used to load environment variables
+      from environment specific configuration.
+  - name: labels
+    type: KeyValueLabels
+    description: |-
+      Unstructured key value map that can be used to organize and categorize
+      objects.
+  - name: etag
+    type: Fingerprint
+    description: |-
+      Server-computed checksum based on other values; may be sent
+      on update or delete to ensure operation is done on expected resource.
+    output: true
+  - name: name
+    type: String
+    description: |-
+      Identifier. The resource name of the backend.
+
+      Format:
+
+      `projects/{project}/locations/{locationId}/backends/{backendId}`.
+    output: true
+  - name: createTime
+    type: Time
+    description: Time at which the backend was created.
+    output: true
+  - name: deleteTime
+    type: Time
+    description: Time at which the backend was deleted.
+    output: true
+  - name: updateTime
+    type: Time
+    description: Time at which the backend was last updated.
+    output: true
+  - name: uid
+    type: String
+    description: System-assigned, unique identifier.
+    output: true
+  - name: uri
+    type: String
+    description: The primary URI to communicate with the backend.
+    output: true
+  - name: codebase
+    type: NestedObject
+    description: |-
+      The connection to an external source repository to watch for event-driven
+      updates to the backend.
+    properties:
+      - name: repository
+        type: String
+        description: |-
+          The resource name for the Developer Connect
+          [`gitRepositoryLink`](https://cloud.google.com/developer-connect/docs/api/reference/rest/v1/projects.locations.connections.gitRepositoryLinks)
+          connected to this backend, in the format:
+
+          projects/{project}/locations/{location}/connections/{connection}/gitRepositoryLinks/{repositoryLink}
+        required: true
+      - name: rootDirectory
+        type: String
+        description: |-
+          If `repository` is provided, the directory relative to the root of the
+          repository to use as the root for the deployed web app.
+  - name: managedResources
+    type: Array
+    description: A list of the resources managed by this backend.
+    output: true
+    item_type:
+      type: NestedObject
+      properties:
+        - name: runService
+          type: NestedObject
+          output: true
+          description: |-
+            A managed Cloud Run
+            [`service`](https://cloud.google.com/run/docs/reference/rest/v2/projects.locations.services#resource:-service).
+          properties:
+            - name: service
+              type: String
+              output: true
+              description: |-
+                The name of the Cloud Run
+                [`service`](https://cloud.google.com/run/docs/reference/rest/v2/projects.locations.services#resource:-service),
+                in the format:
+
+                projects/{project}/locations/{location}/services/{serviceId}
diff --git a/mmv1/products/firebaseapphosting/product.yaml b/mmv1/products/firebaseapphosting/product.yaml
@@ -0,0 +1,23 @@
+# Copyright 2024 Google Inc.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+name: FirebaseAppHosting
+display_name: Firebase App Hosting
+scopes:
+  - https://www.googleapis.com/auth/cloud-platform
+versions:
+  - base_url: https://firebaseapphosting.googleapis.com/v1beta/
+    name: beta
+  - base_url: https://firebaseapphosting.googleapis.com/v1main/
+    name: ga
diff --git a/mmv1/templates/terraform/examples/firebase_app_hosting_backend_full.tf.tmpl b/mmv1/templates/terraform/examples/firebase_app_hosting_backend_full.tf.tmpl
@@ -0,0 +1,66 @@
+### Include these blocks only once per project if you are starting from scratch ###
+resource "google_service_account" "service_account" {
+  project = "{{index $.TestEnvVars "project_id"}}"
+
+  # Must be firebase-app-hosting-compute
+  account_id                   = "firebase-app-hosting-compute"
+  display_name                 = "Firebase App Hosting compute service account"
+
+  # Do not throw if already exists
+  create_ignore_already_exists = true
+}
+
+resource "google_project_iam_member" "app_hosting_sa_developerconnect" {
+  project = "{{index $.TestEnvVars "project_id"}}"
+
+  # For reading connected Github repos
+  role   = "roles/developerconnect.readTokenAccessor"
+  member = google_service_account.service_account.member
+}
+
+resource "google_project_iam_member" "app_hosting_sa_adminsdk" {
+  project = "{{index $.TestEnvVars "project_id"}}"
+
+  # For Firebase Admin SDK
+  role   = "roles/firebase.sdkAdminServiceAgent"
+  member = google_service_account.service_account.member
+}
+
+resource "google_project_iam_member" "app_hosting_sa_runner" {
+  project = "{{index $.TestEnvVars "project_id"}}"
+
+  # For App Hosting
+  role   = "roles/firebaseapphosting.computeRunner"
+  member = google_service_account.service_account.member
+}
+
+resource "google_project_service" "fah" {
+  project = "{{index $.TestEnvVars "project_id"}}"
+  service = "firebaseapphosting.googleapis.com"
+
+  disable_on_destroy = false
+}
+###
+
+resource "google_firebase_app_hosting_backend" "example" {
+  project          = "{{index $.TestEnvVars "project_id"}}"
+
+  # Choose the region closest to your users
+  location         = "us-central1"
+  backend_id       = "{{index $.Vars "backend_id"}}"
+  app_id           = "1:0000000000:web:674cde32020e16fbce9dbd"
+  display_name     = "My Backend"
+  serving_locality = "GLOBAL_ACCESS"
+  service_account  = google_service_account.service_account.email
+  environment      = "prod"
+
+  annotations = {
+    "key" = "value"
+  }
+
+  labels = {
+    "key" = "value"
+  }
+
+  depends_on = [google_project_service.fah]
+}
diff --git a/mmv1/templates/terraform/examples/firebase_app_hosting_backend_github.tf.tmpl b/mmv1/templates/terraform/examples/firebase_app_hosting_backend_github.tf.tmpl
@@ -0,0 +1,64 @@
+resource "google_developer_connect_connection" "my-connection" {
+  project  = "{{index $.TestEnvVars "project_id"}}"
+  location = "us-central1"
+  connection_id = "tf-test-connection-new"
+  github_config {
+    github_app = "FIREBASE"
+  }
+  depends_on = [google_project_iam_member.devconnect-secret]
+}
+
+resource "google_developer_connect_git_repository_link" "my-repository" {
+  project  = "{{index $.TestEnvVars "project_id"}}"
+  location = "us-central1"
+
+  git_repository_link_id = "my-repo"
+  parent_connection = google_developer_connect_connection.my-connection.connection_id
+  clone_uri = "https://github.com/myuser/myrepo.git"
+}
+
+output "next_steps" {
+  description = "Follow the action_uri if present to continue setup"
+  value = google_developer_connect_connection.my-connection.installation_state
+}
+
+# Setup permissions. Only needed once per project
+resource "google_project_service_identity" "devconnect-p4sa" {
+  provider = google-beta
+
+  provider = google-beta
+  project  = "{{index $.TestEnvVars "project_id"}}"
+  service  = "developerconnect.googleapis.com"
+}
+
+resource "google_project_iam_member" "devconnect-secret" {
+  project  = "{{index $.TestEnvVars "project_id"}}"
+  role     = "roles/secretmanager.admin"
+  member   = google_project_service_identity.devconnect-p4sa.member
+}
+
+resource "google_firebase_app_hosting_backend" "example" {
+  project          = "{{index $.TestEnvVars "project_id"}}"
+
+  # Choose the region closest to your users
+  location         = "us-central1"
+  backend_id       = "{{index $.Vars "backend_id"}}"
+  app_id           = "1:0000000000:web:674cde32020e16fbce9dbd"
+  display_name     = "My Backend"
+  serving_locality = "GLOBAL_ACCESS"
+  service_account  = "firebase-app-hosting-compute@{{index $.TestEnvVars "project_id"}}.iam.gserviceaccount.com"
+  environment      = "prod"
+
+  annotations = {
+    "key" = "value"
+  }
+
+  labels = {
+    "key" = "value"
+  }
+
+  codebase {
+    repository = google_developer_connect_git_repository_link.my-repository.name
+    root_directory = "/"
+  }
+}