From 04eda449136c8104e10af7029bdaf526c5c2fbfe Mon Sep 17 00:00:00 2001 From: Jonathan Edey Date: Mon, 13 Nov 2023 12:33:00 -0500 Subject: [PATCH] Update integration test project setup instructions. --- CONTRIBUTING.md | 82 ++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 75 insertions(+), 7 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index a3b65e101..477c3cf4d 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -141,13 +141,81 @@ required to ensure that exported user records contain the password hashes of the Also obtain the web API key of the project from the "Settings > General" page, and save it as `integration_apikey.txt` at the root of the codebase. -Some of the integration tests require an -[Identity Platform](https://cloud.google.com/identity-platform/) project with multi-tenancy -[enabled](https://cloud.google.com/identity-platform/docs/multi-tenancy-quickstart#enabling_multi-tenancy). -An existing Firebase project can be upgraded to an Identity Platform project without losing any -functionality via the -[Identity Platform Marketplace Page](https://console.cloud.google.com/customer-identity). Note that -charges may be incurred for active users beyond the Identity Platform free tier. + +If you do not already have one suitable for running the tests against, you can create a new +project in the +[Firebase Console](https://console.firebase.google.com) following the setup guide below. +Otherwise you can obtain the following credentials from your current project: + + +1. Service account certificate: This can be downloaded as a JSON file from the +**'Settings > Service Accounts'** tab of the Firebase console when you click the +**'Generate new private key'** button. Copy the file into the repo so it's available at +`integration_cert.json`. + + +2. Web API key: This is displayed in the **'Settings > General'** tab of the Firebase console +after enabling Authentication as described in the steps below. Copy it and save to a new text +file at `integration_apikey.txt`. + + +Set up your Firebase project as follows: + + +1. Enable Authentication: + 1. Go to the Firebase Console, and select **'Authentication'** from the **'Build'** menu. + 2. Click on **'Get Started'**. + 3. Select **'Sign-in method > Add new provider > Email/Password'** then enable both the + **'Email/Password'** and **'Email link (passwordless sign-in)'** options. + + +2. Enable Firestore: + 1. Go to the Firebase Console, and select **'Firestore Database'** from the **'Build'** menu. + 2. Click on the **'Create database'** button. You can choose to set up Firestore either in + the production mode or in the test mode. + + +3. Enable Realtime Database: + 1. Go to the Firebase Console, and select **'Realtime Database'** from the **'Build'** menu. + 2. Click on the **'Create database'** button. You can choose to set up the Realtime database + either in the locked mode or in the test mode. + 3. In the **'Data'** tab click on the kebab menu (3 dots) and select **'Create Database'**. + 4. Enter your Project ID (Found in the **'General'** tab in **'Account Settings'**) as the + **'Realtime Database reference'**. Again, you can choose to set up the Realtime database + either in the locked mode or in the test mode. + + +4. Enable Storage: + 1. Go to the Firebase Console, and select **'Storage'** from the **'Build'** menu. + 2. Click on the **'Get started'** button. You can choose to set up the Realtime database + either in the production mode or in the test mode. + + +5. Enable the IAM API: + 1. Go to the[Google Cloud Platform Console](https://console.cloud.google.com) + and make sureyour Firebase project is selected. + 2. Select **'APIs & Services'** from the main menu, and click the + **'ENABLE APIS AND SERVICES'** button. + 3. Search for and enable **'Identity and Access Management (IAM) API'** by Google Enterprise API. + + +6. Enable Tenant Management: + 1. Go to + [Google Developers Console | Identity Platform](https://console.cloud.google.com/customer-identity/) + and if it is not already enabled, click **'Enable'**. + 2. Then follow + [this guide](https://cloud.google.com/identity-platform/docs/multi-tenancy-quickstart#enabling_multi-tenancy) + to enable multi-tenancy. + + +7. Ensure your service account has the **'Firebase Authentication Admin'** role. This is required +to ensure that exported user records contain the password hashes of the user accounts: + 1. Go to [Google Cloud Platform Console / IAM & admin](https://console.cloud.google.com/iam-admin). + 2. Find your service account in the list. If not added click the **'pencil'** icon to edit its + permissions. + 3. Click **'ADD ANOTHER ROLE'** and choose **'Firebase Authentication Admin'**. + 4. Click **'SAVE'**. + Now run the following command to invoke the integration test suite: