Firebase: Unit-testing Firestore rules
Developing serverless web applications on Firebase is great. Quick and easy for new project ideas. The most important part of a Firebase deploy is the Firetore rules since the client speaks directly with the database. Todd Kerpelman at Firebase made a couple of really great videos on unit testing the security rules which is really good to get started. Once you have them running you really want to put them into your build chain and make sure they are executed before each deploy.
I use Google Cloud Build for my build chain. Every time I commit code to my repository the different parts of the application is built, unit tests executed and if all goes well the new code is deployed. The Google Cloud Build documentation actually provide the “firebase community builder” that can be used to run deploys. However that container doesn’t include a JAVA runtime which prevents the use of the firebase emulators.
Instead of building on the community builder to add a JVE I started from scratch. Since my dev environment is based on NPM started with a node docker container, added openjdk11 and then just npm install -g firebase-tools. Each Firebase emulator will download automatically when executed and the container can be used for the deploy step as well. The container image is actually smaller and faster then the community build when I tested it in my build chain.
See the videos with Todd Kerpelman below for building the unit tests in mocha and be able to execute them with npm test in your project. Once that is in place you can use the container in your build step to run the unit test like this:
- name: gcr.io/$PROJECT_ID/firebase_node args: ['emulators:exec', 'npm test', '--only=firestore']
The Dockerfile and instructions on how to use it with Google Cloud Build can be found in my cloud-builders GitHub repository. I also highly recommend the two Firecast YouTube videos below to get started with unit testing your security rules!