Integrate FAH Local Builds with Universal Maker#10382
Open
Conversation
* Enable secret resolution during local App Hosting builds * fix build error * Handle env vars (especially secrets) with a Promise.all so it can be parallelized
…al builds (#10337) * Enable secret resolution during local App Hosting builds * fix build error * Handle env vars (especially secrets) with a Promise.all so it can be parallelized * Add a warning so that we do not use build-available secrets unless the user confirms * fix undefined boolean flag behavior * fix tests, address some review comments * fix test mocking
…#10352) * Consolidate the ABIU prompts in the CLI so it matches the UI more closely * Address linter errors
* feat: add SSE mode support for MCP server ### Description Adds support for running the MCP server in SSE (HTTP) mode, in addition to the default Stdio transport. This allows clients to connect over network or via tools that support SSE. ### Scenarios Tested - Started server in SSE mode and verified log output. * fix: add progressToken to McpContext interface to fix build error ### Description Fixes a type error where progressToken was not defined on McpContext. ### Scenarios Tested - Verified build succeeds. * refactor: address PR comments on SSE support ### Description Addresses PR comments by: - Moving inline require calls to top-level imports. - Replacing any types with specific interfaces or unknown. ### Scenarios Tested - Verified build succeeds. * fix: address remaining review comments on SSE support ### Description - Reverts accidental GA4 tracking change in mcpListResources. - Replaces console.error with this.logger calls for better logging. - Changes default server binding from 0.0.0.0 to 127.0.0.1 for security. ### Scenarios Tested - Verified build succeeds. * style: lint and format fixes for SSE support ### Description - Applied auto-formatting fixes from npm run format. ### Scenarios Tested - Verified build succeeds. * feat: add infrastructure for MCP Apps (#10259) * feat: add infrastructure for MCP Apps ### Description Adds support for returning structured content from tools, which is used by MCP Apps to pass complex data to the host. Also updates the resource index. ### Scenarios Tested - Verified build and file changes. * fix: resolve build errors and address review comments on infra ### Description - Removes imports and registry entries for UI resources that are not yet available in this branch (login, update_environment, deploy, init). - Replaces as any in toContent with an intersection type for better type safety. ### Scenarios Tested - Verified build succeeds. * chore: avoid any for sessionId in SSE transport ### Description - Defines a local interface extending SSEServerTransport to avoid using when accessing . ### Scenarios Tested - Build succeeds. - Lint passes for modified lines. * feat: change sse flag to mode flag and fix build errors ### Description - Replaced boolean flag with string flag (defaults to 'stdio'). - Added validation for to accept only 'stdio' or 'sse'. - Fixed build errors by adding to interface and removing missing resource. ### Scenarios Tested - Build succeeds. - Lint passes with no new errors. * feat: add Update Environment MCP App (#10260) * feat: add mcpapps experiment flag and helper ### Description - Adds mcpapps experiment flag to src/experiments.ts. - Adds applyAppMeta helper function to src/mcp/util.ts to conditionally add UI metadata. - Adds unit tests for applyAppMeta in src/mcp/util.spec.ts. ### Scenarios Tested - Unit tests passed. - Build succeeds. * chore: address PR comments on experiments and util ### Description - Fixes applyAppMeta to preserve existing metadata. - Moves mcpapps flag to be grouped with other MCP experiments. - Removes as any in util.spec.ts by importing CallToolResult. ### Scenarios Tested - Build succeeds. - Lint passes for modified files (ignoring pre-existing warnings). - Unit tests for applyAppMeta pass. * feat: add infrastructure for MCP Apps Adds support for returning structured content from tools, which is used by MCP Apps to pass complex data to the host. Also updates the resource index. - Verified build and file changes. * feat: add Update Environment MCP App ### Description Adds the Update Environment MCP App, allowing users to switch projects and directories from the UI. ### Scenarios Tested - Verified build and file changes. * fix: resolve compilation errors in mcp-update-env-app * fix: resolve remaining lint errors in mcp-update-env-app * refactor: extract app MIME type shared constant * added changelog'
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Code Review
This pull request adds support for 'Universal Maker' local builds, integrates Secret Manager secret resolution for local environments, and refactors ABIU configuration. Key feedback includes fixing a blocking issue in the build watcher, adhering to style guides for YAML parsing and error handling, and optimizing the bundling process to avoid slow file copies of node_modules.
Contributor
Author
|
/gemini review |
Contributor
There was a problem hiding this comment.
Code Review
This pull request introduces the "Universal Maker" for App Hosting local builds, enabling standalone binary builds through a new experiment. It also enhances secret management by implementing a utility to resolve secrets from Secret Manager during local builds, adding a security confirmation prompt, and introducing the --allow-local-build-secrets flag. Furthermore, the PR removes explicit "Automatic Base Image Updates" (ABIU) configuration flags, integrating ABIU status into the runtime selection instead. Review feedback suggests strengthening test assertions for binary execution, removing unknown type assertions to comply with the style guide, and generalizing build artifact packaging logic to remove framework-specific assumptions.
Contributor
Author
|
/gemini review |
Contributor
There was a problem hiding this comment.
Code Review
This pull request introduces support for a new 'Universal Maker' standalone binary for local builds in App Hosting, controlled via an experimental flag. It adds the runUniversalMaker function to handle the binary execution, artifact management, and metadata parsing, while also updating the tar archive creation logic to support flattened directory structures for .apphosting outputs. Feedback focuses on improving the robustness of the build process by checking the binary's exit status, ensuring proper cleanup of stale artifacts and temporary directories, and removing hardcoded environment variables that might conflict with user configurations.
* fix: prevent hosting deploy to site in wrong project ### Description Prevent accidental deployments to a hosting site that does not belong to the active project. The CLI now verifies that the site belongs to the project before creating a version. Fixes #10376 ### Scenarios Tested - Verified that error is thrown when site does not belong to project. - Verified that deploy passes when site belongs to project. - Verified that check is skipped for demo projects. ### Sample Commands `firebase deploy --project project-b` (where site in firebase.json belongs to project-a) -> should fail. * chore: remove excessive site validation check and update tests * Comment * chore: remove demo project check and corresponding test * chore: remove unused Constants import in prepare.ts
* test: improve coverage for appdistribution distribution ### Description Add hermetic uploading and mock polling asserts for app distribution workflows. ### Scenarios Tested - Extracting sequential binary structures * test: fix unused imports in distribution tests
* Add a file cleanup callback * Clean up the file handling * Add error handling
joehan
reviewed
Apr 21, 2026
joehan
reviewed
Apr 21, 2026
* test: improve coverage for dataconnect names ### Description Add parsing and validation regex checks for Data Connect entities. ### Scenarios Tested - Extracting groups for service and connectors * fix: correct instances literal in CloudSQL toString
…versal maker to share some code.
* test: improve coverage for apphosting yaml configs ### Description Implement loading, merging, storing assertions and fix environment map formatting bugs for app hosting setup. ### Scenarios Tested - Loading basic strings and merging overlapping targets * fix: use destructuring to remove variable property in toEnvMap
…ploy" flow as well
… the "deploy" flow as well" This reverts commit 59a79f5.
* Making Http and Callable Dart functions Public when deployed
* refactor: refactor catch clauses in emulator directory to use unknown ### Description This PR refactors `catch (err: any)` to `catch (err: unknown)` in the `src/emulator/` directory to improve type safety and reduce weak typing in the codebase. Safe property access and type guards have been applied where necessary. ### Scenarios Tested Ran full test suite with `npm test`. 4270 tests passed, 3 failed in Auth Emulator tests (likely flaky or timing issues). ### Sample Commands `npm test` * refactor: address PR review comments on type safety ### Description This PR addresses review comments on type safety by removing unsafe type assertions and refactoring catch clauses in files outside the emulator directory as requested by the reviewer. ### Scenarios Tested Ran full test suite with `npm test`. All 4273 tests passed successfully. ### Sample Commands `npm test` * refactor: deduplicate error handling in emulator directory using src/error.ts ### Description This PR deduplicates error handling code in the `src/emulator/` directory by utilizing utilities like `getError`, `getErrMsg`, `getErrStack`, and `getErrStatus` from `src/error.ts` as requested by the user. ### Scenarios Tested Ran full test suite with `npm test`. All 4273 tests passed successfully. ### Sample Commands `npm test` * PR fixes
* test: improve coverage for firestore deploy ### Description Add hermetic tests validating Firestore index and security rule dispatch flows within `src/deploy/firestore/deploy.ts`. ### Scenarios Tested - Sequential initialization of defined configurations - Intermittent state retries ### Sample Commands `npm run mocha -- 'src/deploy/firestore/deploy.spec.ts'` * fix: remove as unknown as type assertions in firestore deploy tests
* test: improve test coverage for resourceManager ### Description Add unit tests for src/gcp/resourceManager.ts, specifically testing addServiceAccountToRoles and serviceAccountHasRoles. ### Scenarios Tested - Validating success outcomes of role additions - Preventing duplicate role assignment ### Sample Commands npm run mocha -- 'src/gcp/resourceManager.spec.ts' * fix: resolve ESLint errors in tests * fix: remove type escape hatches in nock configurations in resourceManager tests * fix: use arrow functions for nock body matching in resourceManager tests * format
* chore: address dependabot alerts in subprojects ### Description Addressed multiple Dependabot alerts in subprojects by running `npm audit fix` and adding manual overrides for `protobufjs` to fix critical vulnerabilities. Also updated `next` to a safe version in test templates. Avoided breaking changes and major updates as requested. ### Scenarios Tested Ran `npm install` in all affected directories to verify dependency resolution. Did not run full test suite due to time and environment constraints, but changes are isolated to subprojects and test fixtures. ### Sample Commands npm audit fix * fix: update Next.js chunk patterns in tests ### Description Updated the regex patterns in `webframeworks-deploy-tests/tests.ts` to match alphanumeric chunk names generated by `next@16.2.4`. ### Scenarios Tested Verified that chunk names in failure logs match the new pattern. * fix: update Next.js chunk patterns to allow dots and handle .js middleware manifest ### Description Updated the regex patterns in `webframeworks-deploy-tests/tests.ts` to allow dots in chunk names (e.g., `0.zhcmd__c9_v.js`) and updated the expected extension for `_clientMiddlewareManifest` from `.json` to `.js` to match output from newer Next.js versions. ### Scenarios Tested Running `npm run test:frameworks` locally.
* test: improve coverage for use command ### Description Add comprehensive unit tests for `src/commands/use.ts` including alias manipulation, output validation, and input parsing. ### Scenarios Tested - Successful execution of `--add` and `--clear` - Verification of interactive mode fallbacks ### Sample Commands `npm run mocha -- 'src/commands/use.spec.ts'` * fix: resolve ESLint errors in tests * test: address review comments and fix type errors in use.spec.ts * nit
This boolean flip will make it visible to CLI users when running `firebase experiments:list`.
* Cli prompts fixed to respect non interactive flag * fix edge case when project have existing csql and cli is called in non-interactive mode * add changlong * improve defaults and make sdk prompt support non interactive mode * make agent skills not installed by default in non interactive mode * fix lint errors
falahat
commented
Apr 28, 2026
Contributor
Author
falahat
left a comment
falahat
left a comment
There was a problem hiding this comment.
Some readability / organization comments. I tested this manually but I re-read the code and think it's quite gross/unreadable currently.
Contributor
Author
|
/gemini review |
Contributor
There was a problem hiding this comment.
Code Review
This pull request introduces the 'Universal Maker' binary as an alternative build mechanism for App Hosting, controlled via a new experiment flag. It includes logic for downloading, validating, and executing the platform-specific binary, along with parsing its output and handling build artifacts. Feedback focuses on improving file system operations by using fs-extra for safer cross-device moves, enhancing error handling for unknown error types, and adhering to the repository's style guide by removing instances of any and using asynchronous file system methods.
falahat
commented
May 4, 2026
Yuangwang
approved these changes
May 5, 2026
Contributor
Yuangwang
left a comment
Yuangwang
left a comment
There was a problem hiding this comment.
Left some questions but otherwise lgtm
| ); | ||
| } | ||
| } else if (process.platform === "win32") { | ||
| throw new FirebaseError("Windows (win32) is not currently supported for Universal Maker."); |
Contributor
There was a problem hiding this comment.
Do you know when/if these other platforms will be supported?
| "version": "1.0.0", | ||
| "expectedSize": 16111618, | ||
| "expectedChecksumSHA256": "4b77d02a5f80f26d9bd1428f388c293c1fb264995d75b51c7d50fec7c87bcf58", | ||
| "remoteUrl": "https://artifactregistry.googleapis.com/download/v1/projects/serverless-runtimes-qa/locations/us-central1/repositories/universal-maker/files/darwin-arm64%3A1.0.0%3Auniversal_maker:download?alt=media", |
Contributor
There was a problem hiding this comment.
I'm guessing this is downloading from the serverless-runtimes-qa for now since this is still in preview but do we expect to change this to a prod project in the future?
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
9 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This takes the existing local builds solution and uses the Universal Maker binary (which runs all relevant buildpacks) instead of hackily running the apphosting adapter manually.
The Universal Maker is a more well-supported tool and behaves more similar to Cloud Builds so we can have more confidence about framework support and fidelity.
Major changes
Scenarios Tested
Created a local build with the
Sample Commands