@genkit-ai/google-cloud

Version:

Genkit AI framework plugin for Google Cloud Platform including Firestore trace/state store and deployment helpers for Cloud Functions for Firebase.

github.com/firebase/genkit

firebase/genkit

1 lines • 4.36 kB

Source Map (JSON)

View Raw

{"version":3,"sources":["../src/auth.ts"],"sourcesContent":["/**\n * Copyright 2024 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport { logger } from 'genkit/logging';\nimport { GoogleAuth, auth, type CredentialBody } from 'google-auth-library';\nimport type { GcpPrincipal, GcpTelemetryConfig } from './types.js';\n\n/**\n * Allows Google Cloud credentials to be to passed in \"raw\" as an environment\n * variable. This is helpful in environments where the developer has limited\n * ability to configure their compute environment, but does have the ablilty to\n * set environment variables.\n *\n * This is different from the GOOGLE_APPLICATION_CREDENTIALS used by ADC, which\n * represents a path to a credential file on disk. In *most* cases, even for\n * 3rd party cloud providers, developers *should* attempt to use ADC, which\n * searches for credential files in standard locations, before using this\n * method.\n *\n * See also: https://github.com/googleapis/google-auth-library-nodejs?tab=readme-ov-file#loading-credentials-from-environment-variables\n */\nexport async function credentialsFromEnvironment(): Promise<\n Partial<GcpTelemetryConfig>\n> {\n let authClient: GoogleAuth;\n const options: Partial<GcpTelemetryConfig> = {};\n\n if (process.env.GCLOUD_SERVICE_ACCOUNT_CREDS) {\n logger.debug('Retrieving credentials from GCLOUD_SERVICE_ACCOUNT_CREDS');\n const serviceAccountCreds = JSON.parse(\n process.env.GCLOUD_SERVICE_ACCOUNT_CREDS\n );\n const authOptions = { credentials: serviceAccountCreds };\n authClient = new GoogleAuth(authOptions);\n options.credentials = await authClient.getCredentials();\n } else {\n authClient = new GoogleAuth();\n }\n try {\n const projectId = await authClient.getProjectId();\n if (projectId && projectId.length > 0) {\n options.projectId = projectId;\n }\n } catch (error) {\n logger.warn(error);\n }\n return options;\n}\n\n/**\n * Resolve the currently configured principal, either from the Genkit specific\n * GCLOUD_SERVICE_ACCOUNT_CREDS environment variable, or from ADC.\n *\n * Since the Google Cloud Telemetry Exporter will discover credentials on its\n * own, we don't immediately have access to the current principal. This method\n * can be handy to get access to the current credential for logging debugging\n * information or other purposes.\n **/\nexport async function resolveCurrentPrincipal(): Promise<GcpPrincipal> {\n const envCredentials = await credentialsFromEnvironment();\n let adcCredentials = {} as CredentialBody;\n try {\n adcCredentials = await auth.getCredentials();\n } catch (e) {\n logger.debug('Could not retrieve client_email from ADC.');\n }\n\n // TODO(michaeldoyle): How to look up if the user provided credentials in the\n // plugin config (i.e. GcpTelemetryOptions)\n const serviceAccountEmail =\n envCredentials.credentials?.client_email ?? adcCredentials.client_email;\n\n return {\n projectId: envCredentials.projectId,\n serviceAccountEmail,\n };\n}\n"],"mappings":"AAeA,SAAS,cAAc;AACvB,SAAS,YAAY,YAAiC;AAiBtD,eAAsB,6BAEpB;AACA,MAAI;AACJ,QAAM,UAAuC,CAAC;AAE9C,MAAI,QAAQ,IAAI,8BAA8B;AAC5C,WAAO,MAAM,0DAA0D;AACvE,UAAM,sBAAsB,KAAK;AAAA,MAC/B,QAAQ,IAAI;AAAA,IACd;AACA,UAAM,cAAc,EAAE,aAAa,oBAAoB;AACvD,iBAAa,IAAI,WAAW,WAAW;AACvC,YAAQ,cAAc,MAAM,WAAW,eAAe;AAAA,EACxD,OAAO;AACL,iBAAa,IAAI,WAAW;AAAA,EAC9B;AACA,MAAI;AACF,UAAM,YAAY,MAAM,WAAW,aAAa;AAChD,QAAI,aAAa,UAAU,SAAS,GAAG;AACrC,cAAQ,YAAY;AAAA,IACtB;AAAA,EACF,SAAS,OAAO;AACd,WAAO,KAAK,KAAK;AAAA,EACnB;AACA,SAAO;AACT;AAWA,eAAsB,0BAAiD;AACrE,QAAM,iBAAiB,MAAM,2BAA2B;AACxD,MAAI,iBAAiB,CAAC;AACtB,MAAI;AACF,qBAAiB,MAAM,KAAK,eAAe;AAAA,EAC7C,SAAS,GAAG;AACV,WAAO,MAAM,2CAA2C;AAAA,EAC1D;AAIA,QAAM,sBACJ,eAAe,aAAa,gBAAgB,eAAe;AAE7D,SAAO;AAAA,IACL,WAAW,eAAe;AAAA,IAC1B;AAAA,EACF;AACF;","names":[]}