I am trying to upload a project to Firebase hosting. I recently reinstalled macOS Sierra, so have fresh installs of Node and firebase-tools.
However, I get the following error when running firebase deploy --debug
[2017-08-10T21:54:40.043Z] --------------------------------------------
--------------------------
[2017-08-10T21:54:40.046Z] Command:
/usr/local/bin/node/usr/local/bin/firebase deploy --debug
[2017-08-10T21:54:40.047Z] CLI Version: 3.9.2
[2017-08-10T21:54:40.047Z] Platform: darwin
[2017-08-10T21:54:40.047Z] Node Version: v8.3.0
[2017-08-10T21:54:40.048Z] Time: Thu Aug 10 2017 16:54:40 GMT-
0500 (CDT)
[2017-08-10T21:54:40.048Z] --------------------------------------------
--------------------------
[2017-08-10T21:54:40.058Z] > command requires scope:["email","openid","https://www.googleapis.com/auth/cloudplatformprojects.readonly","https://www.googleapis.com/auth/firebase","https://www.googleapis.com/auth/cloud-platform”][2017-08-10T21:54:40.059Z] > authorizing via signed-in user
[2017-08-10T21:54:40.061Z] >>> HTTP REQUEST GET https://admin.firebase.com/v1/projects/dornfeld-design
Thu Aug 10 2017 16:54:40 GMT-0500 (CDT)
[2017-08-10T21:54:40.471Z] <<< HTTP RESPONSE 200 server=nginx, date=Thu, 10 Aug 2017 21:54:40 GMT, content-type=application/json; charset=utf-8, content-length=121, connection=close, x-content-type-options=nosniff, strict-transport-security=max-age=31536000; includeSubdomains, cache-control=no-cache, no-store
[2017-08-10T21:54:40.472Z] >>> HTTP REQUEST GET https://admin.firebase.com/v1/database/name-of-project/tokens
Thu Aug 10 2017 16:54:40 GMT-0500 (CDT)
[2017-08-10T21:54:41.061Z] <<< HTTP RESPONSE 200 server=nginx, date=Thu, 10 Aug 2017 21:54:40 GMT, content-type=application/json; charset=utf-8, content-length=429, connection=close, x-content-type-options=nosniff, strict-transport-security=max-age=31536000; includeSubdomains, cache-control=no-cache, no-store
Whats the best way to proceed forward? I have tried reinstalling firebase-tools with 3 different versions of Node.
Additional comments:
had to install firebase-tools with --unsafe-perm command to get it to install.
firebase init only created .firebaserc file and a firebase.json file with {}
Manually created firebase.json file with proper public folder, etc.
Steps taken to correct problem
Uninstall Node cd /usr/local/lib
sudo rm -rf node_modules
Install Homebrew /usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
Install Yarn brew install yarn
Install Firebase CLI yarn add firebase-tools
Go to project folder, firebase login, firebase init
a. init creates .firebaserc file correctly
b. firebase.json still blank, i.e. {}
Create firebase.json manually:
{
"hosting": {
"public": "build/unbundled",
"ignore": [
"firebase.json",
"**/.*",
"**/node_modules/**"
],
"rewrites": [{
"source": "**",
"destination": "/index.html"
}]
}
}
firebase deploy now works properly.
After going to tons of pages (including some SO ones) suggesting some advice (see list below), I am still not able to give my APIGateway access to execute a newly added Lambda function via the AWS CLI Command Line tool.
i.e. I'm trying to replicate this:
I've created a new endpoint, with the following integration setup:
As soon as I try and test it (from within the API Gateway Console), I get this
<AccessDeniedException>
<Message>Unable to determine service/operation name to be authorized</Message>
</AccessDeniedException>
I know that this is because, although I have added the lambda function to the method, the APIGateway policy has still not been updated (image 1), hence, there are permission issues.
If I re-add the function and allow the permissions automatically (via the AWS GUI) the testing and execution works fine.
My current CLI command I am trying to execute is this (through PS):
aws lambda add-permission --function-name xx-url --statement-id apigateway-perm-1 --action lambda:InvokeFunction --principal apigateway.amazonaws.com --s
ource-arn "arn:aws:execute-api:{REGION}:{AWS_ACCOUNT_ID}:{API_ID}/*/*"
I have tried multiple versions of the above arn address (including /*/* | /{STAGE}/{METHOD} | /{STAGE}/{METHOD}/{RESOURCE})
I've also tried deploying the API before and after these changes, with no effect?
PS - I've also read the suggestion of changing the integration type of the function to a POST (see this URL), but my requirement is to have a GET method, also - adding this GET method manually through the console works fine, hence, so should doing the same through the CLI tool.
URL list (if anyone else is look for some resources on this issue / topic):
http://interworks.com.mk
docs AWS
docs AWS #2
remove-permission
UPDATE #1
I can also confirm that, after comparing the newly created get-policy against an existing, working one - they seem almost identical (just named differently):
AWS CLI command used: aws lambda get-policy --function-name {FunctionName}
Result of already working policy vs. the newly created one:
This makes me suspect it could be an additional step I'm missing.
EDIT (per request)
Test screenshot - this log goes on to display the AccessDeniedException error.
Log as text (made a little shorter for readability):
Execution log for request test-request
Tue Mar 28 22:59:40 UTC 2017 : Starting execution for request: test-invoke-request
Tue Mar 28 22:59:40 UTC 2017 : HTTP Method: GET, Resource Path: /api/v1/{path}
Tue Mar 28 22:59:40 UTC 2017 : Method request path: {}
Tue Mar 28 22:59:40 UTC 2017 : Method request query string: {fileName=x.doc}
Tue Mar 28 22:59:40 UTC 2017 : Method request headers: {}
Tue Mar 28 22:59:40 UTC 2017 : Method request body before transformations:
Tue Mar 28 22:59:40 UTC 2017 : Endpoint request URI: https://lambda.ap-southeast-2.amazonaws.com/2015-03-31/functions/arn:aws:lambda:ap-southeast-2:{accountid}:function:xx-url/invocations
Tue Mar 28 22:59:40 UTC 2017 : Endpoint request headers: {X-Amz-Date=20170328T240Z, x-amzn-apigateway-api-id={resouceId}, Accept=application/json, Access-Control-Allow-Origin=*, User-Agent=AmazonAPIGateway_f, Host=lambda.ap-southeast-2.amazonaws.com, X-Amz-Content-Sha256=93438097f7627fe6203432b05e2257de86b32f74f8306, X-Amzn-Trace-Id=Root=1-58daeadc-bdd8f80d35834164c70, x-amzn-lambda-integration-tag=test-request, Authorization=*********************************************d309e7, X-Amz-Source-Arn=arn:aws:execute-api:ap-southeast-2:{AccountId}:{resourceId}/null/GET/api/v1/{path}, X-Amz-Security-Token=FQoDYXdzEDcaDAzSjIbAbD9j0wBjWFBxP++dR0+CGiK3flLOatlCr2 [TRUNCATED]
Tue Mar 28 22:59:40 UTC 2017 : Endpoint request body after transformations: {"resource":"/api/v1/{path}","path":"/api/v1/{path}","httpMethod":"GET","headers":null,"queryStringParameters":{"fileName":"x.doc"},"pathParameters":null,"stageVariables":null,"requestContext":{"accountId":"{AccountId}","resourceId":"{AccountId}:{resourceId}","stage":"test-invoke-stage","requestId":"test-invoke-request","identity":{"cognitoIdentityPoolId":null,"accountId""{resourceId}","cognitoIdentityId":null,"caller":"ABPPLGO4:","apiKey":"test-invoke-api-key","sourceIp":"test-invoke-source-ip","accessKey":"ASHYYQ","cognitoAuthenticationType":null,"cognitoAuthenticationProvider":null,"userArn":"arn:aws:sts::111:assumed-role/AWS-Admins/{name}","userAgent":"Apache-HttpClient/4.5.x (Java/1.8.0_112)","user":"AROZBPPLGO4:{name}"},"resourcePath":"/api/v1/{path}","httpMethod":"GET","apiId":"{resourceId}"},"body":null,"isBase64Encoded":false}
Tue Mar 28 22:59:40 UTC 2017 : Endpoint response body before transformations:
<AccessDeniedException>
<Message>Unable to determine service/operation name to be authorized</Message>
</AccessDeniedException>
Tue Mar 28 22:59:40 UTC 2017 : Endpoint response headers: {x-amzn-RequestId=39398a3e-140a-11e7-92a3-3fdc0fbb61c2, Connection=keep-alive, Content-Length=130, Date=Tue, 28 Mar 2017 22:59:39 GMT}
Tue Mar 28 22:59:40 UTC 2017 : Execution failed due to configuration error: Malformed Lambda proxy response
Tue Mar 28 22:59:40 UTC 2017 : Method completed with status: 502
The fact that this ends up reading Malformed Lambda proxy response is not the issue - I have proven it by re-selecting the lambda function manually, letting the permissions be applied, retest immediately and all works fine, the Lambda is not even getting invoked.
To summarize the debugging from the chat:
The GET method was created with the incorrect http method for Lambda, GET. This caused Lambda to not be able to interpret the request from API Gateway, generating the XML error response. The XML error response is not a valid JSON proxy response, and generated a 502 as a result.
The console is adding the necessary permissions and resetting the http method to POST, hence why it is successful after using the console.
The step you are trying to workout is solved by the command:
aws apigateway put-integration
There's a very specific thing in the options of that command you have to be very aware of. A complete "put-integration" statement comes like this:
aws apigateway put-integration
--region us-west-2
--rest-api-id y0UrApI1D
--resource-id r35ourc3ID
--http-method GET
--type AWS
--integration-http-method POST
--uri arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:111111111111:function:functionname/invocations
In the --uri option, you must be aware of:
us-west-2 is an example the region, be sure you put the correct region where your lamnda function resides
Be sure you do not change this next part, it must be exactly like stated, otherwise the permission will not be granted "lambda:path/2015-03-31/functions"
Change the value 111111111111 for your AWS account number
Change "functionname" for the exact name of your registered lambda function
Will work guaranteed
I am unable to even get CI's welcome page to come up on OpenShift - likely because of https. I checked my config file and it detects HTTPS and produces a correct base_url:
$config['base_url']="https//mysite.rhcloud.com/CI_base/";
But that seems to be as far as it goes - nothing in the response to CI's GET call. (I don't have a .htaccess set up. )
GET /CI_base/index.php
When I compare this to the GET request on my localhost system (over http), I noticed that the headers were a little different. But I can't tell which ones may be pointing to a culprit. The issue is probably jumping out at you - at least I hope so! Please could point me in the right direction?
Thanks!
Mmiz
LOCALHOST HEADER:
**Connection** Keep-Alive
**Content-Length** 1925
**Content-Type** text/html
**Date** Mon, 23 Sep 2013 17:16:17 GMT
**Keep-Alive timeout**=5, max=100
**Server** Apache/2.2.22 (Unix) DAV/2 PHP/5.3.15 with Suhosin-Patch mod_ssl/2.2.22 OpenSSL/0.9.8x
**Set-Cookie** TW_COOK=Vj <more>; expires=Mon, 23-Sep-2013 19:16:18 GMT; path=/
**X-Powered-By** PHP/5.3.15
OPENSHIFT HEADER
**Connection** Keep-Alive
**Content-Encoding** gzip
**Content-Length** 121
**Content-Type** text/html
**Date** Mon, 23 Sep 2013 17:16:55 GMT
**Keep-Alive** timeout=15, max=100
**Server** Apache/2.2.15 (Red Hat)
**Vary** Accept-Encoding
by default your application on Openshift responds to both http and https. For instance, if you use the following Codeigniter quickstart https://github.com/openshift/CodeIgniterQuickStart, you can go to http://ci-$yournamespace.rhcloud.com and https://ci-$yournamespace.rhcloud.com. To route to https by default take a look at this article here: https://help.openshift.com/hc/en-us/articles/202398810-How-to-redirect-traffic-to-HTTPS-
I'm currently attempting to write a basic client that listens to events from (enterprise) github, and makes API calls accordingly.
The problem I have is that I can't manage to get the PubSubHubbub client configured. I thought it was the client/authentication I'm using, but I now can't get the basic call from the docs working!
In an attempt to work out what I'm doing wrong, I'm making a curl request to my normal github account:
curl -u "joepym" -i \
https://api.github.com/hub \
-F "hub.mode=subscribe" \
-F "hub.topic=http://github.com/JoePym/faraday/events/push" \
-F "hub.callback=*callbackurl*"
and I'm getting back
HTTP/1.1 100 Continue
HTTP/1.1 422 Unprocessable Entity
Server: GitHub.com
Date: Wed, 08 May 2013 18:13:24 GMT
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Status: 422 Unprocessable Entity
X-RateLimit-Limit: 5000
X-RateLimit-Remaining: 4989
X-GitHub-Media-Type: github.beta
X-Content-Type-Options: nosniff
Content-Length: 38
{
"message": "Invalid event: nil"
}
This invalid event message is what my main client is also getting when I attempt to call my enterprise github account with enterprise credentials.
Has anyone encountered this before?
Try using https://github.com/JoePym/faraday/events/push as your hub.topic. Note that we are now using 'https'.
I just recently added the SSL Endpoint add-on to my "example" app, and
updated my SSL Cert and Private Key from DNSimple to Heroku (according to this article:
http://ryan.mcgeary.org/2011/09/16/how-to-add-a-dnsimple-ssl-certificate-to-heroku/
) thanks to this command:
$ heroku certs:add STAR_example_com-bundle.pem STAR_example_com-private.key --app example
Adding SSL endpoint to example... done
example now served by oita-4417.herokussl.com
Certificate details:
subject: /OU=Domain Control Validated/OU=EssentialSSL Wildcard/CN=*.example.com
start date: 2012-07-28 02:00:00 CEST
expire date: 2013-07-29 01:59:59 CEST
common name(s): *.example.com, example.com
issuer: /OU=Domain Control Validated/OU=EssentialSSL Wildcard/CN=*.example.com
SSL certificate is verified by a root authority.
But now, when I try to access to my app with https://example.com (and sub-domains such as https://foo.example.com), I have a
warning (inside a big red page, using Chrome)...
How could I fix this? Maybe I have to wait some hours? Thanks!