feat(deploy): unify backend and UI deployment under deploy.sh - updated README#106
Conversation
christophervoelpel
commented
Jun 5, 2026
christophervoelpel
commented
- Refactored argument parsing and added targeted deployment flags ( --backend-only , --ui-only ).
- Optimized API enablement with an API cache comparison to speed up subsequent runs.
- Made pre-flight tool requirements component-aware so they only check for what is actually needed.
- Deprecated deploy-ui.sh and redirected all UI flows through the unified deploy.sh .
- Added startup pre-flight checks to ensure the Firebase CLI session is actively authenticated.
- Optimized GCS/Firebase linkage checks to avoid timeouts on accounts with 1,500+ active projects.
- Restored direct Firestore API curl loops for database configurations upload.
- Added environment override capability for CLOUD_RUN_URL .
- Enforced OAuth Consent Screen setup via a blocking 15-second polling loop.
- Enforced App Engine IAP configuration via a blocking 15-second polling loop.
|
Readability review is not required. |
![gps-readability-bot[bot]](https://avatars.githubusercontent.com/u/106399418?s=60&v=4){kind=small}
| echo | ||
| echo "════════════════════════════════════════════════════════════════════════" | ||
| echo | ||
| echo "WARNING: deploy-ui.sh is deprecated. Redirecting to './deploy.sh --ui-only'..." |
There was a problem hiding this comment.
Let's remove deploy-ui.sh, no need to support it in the future
There was a problem hiding this comment.
+1. This seems more confusing than helpful to new users.
| echo " the setup dialog. User Type is set under 'Audience' — pick" | ||
| echo " 'Internal' if you have a Workspace org; otherwise 'External' and" | ||
| echo " add yourself as a test user." | ||
| echo " the setup dialog. Set User Type to 'Internal' for @google.com logins." |
There was a problem hiding this comment.
Why @google.com?
Proposed: "In the OAuth setup dialog, set User Type to 'Internal' if you only want users within your own Google Workspace organization to access the app (recommended for testing), or 'External' if you want anyone to be able to log in."
There was a problem hiding this comment.
I'd just say that internal is recommended for security purposes when possible.
| * **Deploy UI Only**: `./deploy.sh --ui-only` | ||
| * **Local Development Build**: `./deploy.sh --ui-only --local` (or `./deploy.sh --ui-only local`) to build the Angular application files locally without triggering an App Engine deployment. | ||
|
|
||
| To run the script in a non-interactive/headless environment (such as an AI agent like Jetski or Claude), use the `-y` / `--yes` / `--non-interactive` flag to auto-confirm target configuration prompts: |
There was a problem hiding this comment.
a bit confusing to have too many flags with the same functionality, I would keep only standard -y & --yes
There was a problem hiding this comment.
as above, I would go with --non-interactive, as it's the most clear.
| AUTO_CONFIRM=true | ||
| shift | ||
| ;; | ||
| --backend-only|--be-only) |
There was a problem hiding this comment.
let's leave only one --be-only
There was a problem hiding this comment.
+1. I'd say --backend-only is better, as it's more descriptive and clear.
| TARGETED=false | ||
| DEPLOY_MODE="" | ||
|
|
||
| while [[ $# -gt 0 ]]; do |
There was a problem hiding this comment.
Let's have flags -h & --help for help (to output all the available options)?
adamread
left a comment
adamread
left a comment
There was a problem hiding this comment.
I have some comments on the flags and some minor concerns about the polling during a non-interactive deployment.
| echo | ||
| echo "════════════════════════════════════════════════════════════════════════" | ||
| echo | ||
| echo "WARNING: deploy-ui.sh is deprecated. Redirecting to './deploy.sh --ui-only'..." |
There was a problem hiding this comment.
+1. This seems more confusing than helpful to new users.
| AUTO_CONFIRM=true | ||
| shift | ||
| ;; | ||
| --backend-only|--be-only) |
There was a problem hiding this comment.
+1. I'd say --backend-only is better, as it's more descriptive and clear.
There was a problem hiding this comment.
Google tools generally use lower_snake_case for flags. Should we do this for consistency?
|
|
||
| while [[ $# -gt 0 ]]; do | ||
| case "$1" in | ||
| -y|--yes|--non-interactive) |
There was a problem hiding this comment.
I think just having --non_interactive would suffice, as it's more descriptive and clear.
| TARGETED=true | ||
| shift | ||
| ;; | ||
| local|--local) |
There was a problem hiding this comment.
I would stick to just the flag version (i.e. --local) for consistency.
| echo "Enabling Firebase Management API..." | ||
| gcloud services enable firebase.googleapis.com --project=$PROJECT | ||
| # Refresh cache | ||
| ENABLED_APIS=$(gcloud services list --enabled --project="$PROJECT" --format="value(config.name)" 2>/dev/null || true) |
| echo " the setup dialog. User Type is set under 'Audience' — pick" | ||
| echo " 'Internal' if you have a Workspace org; otherwise 'External' and" | ||
| echo " add yourself as a test user." | ||
| echo " the setup dialog. Set User Type to 'Internal' for @google.com logins." |
There was a problem hiding this comment.
I'd just say that internal is recommended for security purposes when possible.
| else | ||
| echo "Enabling Identity Toolkit API (needed for Auth config)..." | ||
| gcloud services enable identitytoolkit.googleapis.com --project=$PROJECT | ||
| ENABLED_APIS=$(gcloud services list --enabled --project="$PROJECT" --format="value(config.name)" 2>/dev/null || true) |
There was a problem hiding this comment.
also not required. It's not used again in the script.
| echo "[>] Checking if bucket ${GCS_BUCKET} is linked to Firebase Storage..." | ||
| BUCKET_WAIT_ATTEMPTS=0 | ||
| BUCKET_WAIT_MAX=120 # 120 × 15s = 30 min total | ||
| while true; do |
There was a problem hiding this comment.
I'm not sure about this (and the polling further down) from the automated deployment perspective. If this isn't being run in an interactive session, someone may eventually see this in the logs after the deployment fails.
I think fast fail when AUTO_CONFIRM is true might be a good idea. That way we don't block CI pipelines for 30 min if someone messed up the initial deployment.
We should also add a note in the readme that an automated deployment cannot be done for the first time.
| * **Deploy UI Only**: `./deploy.sh --ui-only` | ||
| * **Local Development Build**: `./deploy.sh --ui-only --local` (or `./deploy.sh --ui-only local`) to build the Angular application files locally without triggering an App Engine deployment. | ||
|
|
||
| To run the script in a non-interactive/headless environment (such as an AI agent like Jetski or Claude), use the `-y` / `--yes` / `--non-interactive` flag to auto-confirm target configuration prompts: |
There was a problem hiding this comment.
as above, I would go with --non-interactive, as it's the most clear.
… setup steps in non-interactive mode
3 participants
