Skip to content

chore: Update integration test project setup instructions. #877

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 8 commits into from
Dec 19, 2023
Merged

chore: Update integration test project setup instructions. #877

Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
7e75129
Update integration test project setup instructions.
jonathanedey Nov 13, 2023
e7e6467
fix: remove duplicate
jonathanedey Nov 13, 2023
dbecd2d
fix: addresses some of the code review notes
jonathanedey Nov 14, 2023
94d4720
fix: addresses remaining code review notes and some typos
jonathanedey Nov 14, 2023
e40accb
Add note on 2nd rtdb reference.
jonathanedey Nov 15, 2023
e62e6ef
fix: nits
jonathanedey Nov 15, 2023
ab755c2
fix: pencil
jonathanedey Nov 30, 2023
ed4029c
Added service account management note.
jonathanedey Dec 18, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
105 changes: 84 additions & 21 deletions CONTRIBUTING.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -127,27 +127,90 @@ mvn test
Integration tests are also written using Junit4. They coexist with the unit tests in the `src/test`
subdirectory. Integration tests follow the naming convention `*IT.java` (e.g. `DataTestIT.java`),
which enables the Maven Surefire and Failsafe plugins to differentiate between the two types of
tests. Integration tests are executed against a real life Firebase project, and therefore
requires an Internet connection.

Create a new project in the [Firebase console](https://console.firebase.google.com/) if you do
not already have one. Use a separate, dedicated project for integration tests since the test suite
makes a large number of writes to the Firebase realtime database. Download the service account
private key from the "Settings > Service Accounts" page of the project, and save it as
`integration_cert.json` at the root of the codebase. Grant your service account the `Firebase
Authentication Admin` role at
[Google Cloud Platform Console / IAM & admin](https://console.cloud.google.com/iam-admin). This is
required to ensure that exported user records contain the password hashes of the user accounts.
Also obtain the web API key of the project from the "Settings > General" page, and save it as
`integration_apikey.txt` at the root of the codebase.

Some of the integration tests require an
[Identity Platform](https://cloud.google.com/identity-platform/) project with multi-tenancy
[enabled](https://cloud.google.com/identity-platform/docs/multi-tenancy-quickstart#enabling_multi-tenancy).
An existing Firebase project can be upgraded to an Identity Platform project without losing any
functionality via the
[Identity Platform Marketplace Page](https://console.cloud.google.com/customer-identity). Note that
charges may be incurred for active users beyond the Identity Platform free tier.
tests.

Integration tests are executed against a real life Firebase project. If you do not already
have one suitable for running the tests against, you can create a new project in the
[Firebase Console](https://console.firebase.google.com) following the setup guide below.
If you already have a Firebase project, you'll need to obtain credentials to communicate and
authorize access to your Firebase project:

1. Service account certificate: This allows access to your Firebase project through a service account
which is required for all integration tests. This can be downloaded as a JSON file from the
**Settings > Service Accounts** tab of the Firebase console when you click the
**Generate new private key** button. Copy the file into the repo so it's available at
`integration_cert.json`.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's add a line on properly managing service accounts here as we will discourage this practice in the future.
(Service accounts should be carefully managed, Don't submit service account keys to source code repositories)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sounds good, added a note under that step. Let me know if that works!

> **Note:** Service accounts should be carefully managed and their keys should never be stored in publicly accessible source code or repositories.


2. Web API key: This allows for Auth sign-in needed for some Authentication and Tenant Management
integration tests. This is displayed in the **Settings > General** tab of the Firebase console
after enabling Authentication as described in the steps below. Copy it and save to a new text
file at `integration_apikey.txt`.


Set up your Firebase project as follows:


1. Enable Authentication:
1. Go to the Firebase Console, and select **Authentication** from the **Build** menu.
2. Click on **Get Started**.
3. Select **Sign-in method > Add new provider > Email/Password** then enable both the
**Email/Password** and **Email link (passwordless sign-in)** options.


2. Enable Firestore:
1. Go to the Firebase Console, and select **Firestore Database** from the **Build** menu.
2. Click on the **Create database** button. You can choose to set up Firestore either in
the production mode or in the test mode.


3. Enable Realtime Database:
1. Go to the Firebase Console, and select **Realtime Database** from the **Build** menu.
2. Click on the **Create Database** button. You can choose to set up the Realtime Database
either in the locked mode or in the test mode.

> **Note:** Integration tests are not run against the default Realtime Database reference and are
instead run against a database created at `https://{PROJECT_ID}.firebaseio.com`.
This second Realtime Database reference is created in the following steps.

3. In the **Data** tab click on the kebab menu (3 dots) and select **Create Database**.
4. Enter your Project ID (Found in the **General** tab in **Account Settings**) as the
**Realtime Database reference**. Again, you can choose to set up the Realtime Database
either in the locked mode or in the test mode.


4. Enable Storage:
1. Go to the Firebase Console, and select **Storage** from the **Build** menu.
2. Click on the **Get started** button. You can choose to set up Cloud Storage
either in the production mode or in the test mode.


5. Enable the IAM API:
1. Go to the [Google Cloud console](https://console.cloud.google.com)
and make sure your Firebase project is selected.
2. Select **APIs & Services** from the main menu, and click the
**ENABLE APIS AND SERVICES** button.
3. Search for and enable **Identity and Access Management (IAM) API** by Google Enterprise API.


6. Enable Tenant Management:
1. Go to
[Google Cloud console | Identity Platform](https://console.cloud.google.com/customer-identity/)
and if it is not already enabled, click **Enable**.
2. Then
[enable multi-tenancy](https://cloud.google.com/identity-platform/docs/multi-tenancy-quickstart#enabling_multi-tenancy)
for your project.


7. Ensure your service account has the **Firebase Authentication Admin** role. This is required
to ensure that exported user records contain the password hashes of the user accounts:
1. Go to [Google Cloud console | IAM & admin](https://console.cloud.google.com/iam-admin).
2. Find your service account in the list. If not added click the pencil icon to edit its
permissions.
3. Click **ADD ANOTHER ROLE** and choose **Firebase Authentication Admin**.
4. Click **SAVE**.


Now run the following command to invoke the integration test suite:

Expand Down