This issue does not have all the information required by the template. Looks like you forgot to fill out some sections. Please update the issue with more information.

Hey @siarheidudko, sorry to hear you encountered this issue and thanks for reporting this. I’ll raise this to our engineering team and try to bring someone who can take a look into this. Apologies again for the issue this has caused.

If you don't have your extension defined in the firebase.json file then you are asked to remove all the extensions - if enter "Y" the will be removed.

It did not asked anything, because this operation would have blocked CI. In addition, I've only been deploying functions, but not extensions. I have always set up extensions directly in the UI interface. Чт, 22 авг. 2024 г. в 22:47, Geoffrey Bourne @.>:
…
If you don't have your extension defined in the firebase.json file then you are asked to remove all the extensions - if enter "Y" the will be removed. — Reply to this email directly, view it on GitHub <#7582 (comment)>, or unsubscribe https://github.com/notifications/unsubscribe-auth/AIXASJQRYVV7XMCBB4V7AB3ZSYW27AVCNFSM6AAAAABM5UGPCGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGMBVGQYTMOBYGM . You are receiving this because you were mentioned.Message ID: @.>

The "--force" prevented the ask.

I've just faced this change also and trying to workaround it. My functions do not deploy anymore asking extensions to be added to the firebase.json. I still need to find a way to configure it for a cross-project environment, but for the short term I'd like to be able to keep the control via extensions exclusively over UI. Is that possible now? How can I avoid adding the extensions installed manually into the manifest?

@yurist38 I downgraded the version to 13.15.2 to be able to deploy projects without affecting extensions.

@siarheidudko good to know, thanks for sharing! I've decided to properly structure my project, actually didn't take me too long. So I've added the extensions to the json manifest already, it turned out they have support for setting up multiple projects (I used project suffix for the env files)

This is a major problem for people (like me) who use UI interface to install extensions. Now I am asked each time whether to delete the extension functions. Entering Y by mistake once would end up in a nightmare. It used to work fine.

Likely introduced by: #7575

I also have the same issue as mentioned by other commenters. We use firebase tools within our deployment workflows, and thus cannot interactively specify "N". Nor does it seem that the right answer is specifying --force because this will cause any of our extensions to be deleted. If I specify firebase deploy --only functions (or if I enumerate the specific functions I want deployed), I think only those functions should be affected, and not any others, whether they be part of an extension or not.

I suppose I could do something similar to #7582 (comment) but this doesn't seem extensible to me; if I have a repository which is in charge of deploying a function or set of functions, it shouldn't need to know about all the extensions I've installed, and it would be difficult to create a system wherein when I create an extension I would remember to update my unrelated function deploying repositories/directories.

Ideally the behavior could be returned to the status quo where my repository that only concerns itself with functions need not know about my extensions or their configuration. Thanks for your consideration.

Hey everyone, apologies for the trouble here. We're rolling out a new way to declare extensions from within your functions codebases soon, and this change was meant to se the table for that. However, it ended up negatively users who installed extensions via the console and deploy only their functions via CLI. We're reverting this behavior change for now and will release a version today to get the changes out(dee2c89).

Later, we'll revisit this feature and will roll it out again in a less disruptive way.

@joehan I'm meet by the permission error on v13.19.0. Shouldn't this be fixed?

[2024-09-25T08:14:55.651Z] [iam] error while checking permissions, command may fail: FirebaseError: Authorization failed. This account is missing the following required permissions on project qwerty-staging:

  firebaseextensions.instances.list

I use --force as part of the custom CI/CD solution. Adding Firebase Extensions Publisher - Extensions Viewer does not change things. I don't wan't to add Editor or similar IAM role. Forced firebase-tools to 13.15.2, and I'm still facing the same issue.

 [2024-09-25T09:04:48.428Z] >>> [apiv2][query] GET https://firebaseextensions.googleapis.com/v1beta/projects/qwerty-staging/instances pageSize=100&pageToken=
[2024-09-25T09:04:48.732Z] <<< [apiv2][status] GET https://firebaseextensions.googleapis.com/v1beta/projects/qwerty-staging/instances 403
[2024-09-25T09:04:48.732Z] <<< [apiv2][body] GET https://firebaseextensions.googleapis.com/v1beta/projects/qwerty-staging/instances {"error":{"code":403,"message":"The caller does not have permission","status":"PERMISSION_DENIED"}}

Error: HTTP Error: 403, The caller does not have permission
[2024-09-25T09:04:48.733Z] Error Context: {
  "body": {
    "error": {
      "code": 403,
      "message": "The caller does not have permission",
      "status": "PERMISSION_DENIED"
    }
  },
  "response": {
    "statusCode": 403
  }
}

Running with "extensions": {} does not fix it.

The firebaseextensions.instance.list permission is now required for any firebase deploy that includes functions. This is expected. It is because we have launched new features that allow you to define extension instances in your functions codebase and deploy them that way. See https://firebase.google.com/docs/extensions/install-extensions?interface=sdk) for details.

This means that when we deploy functions we will always be checking if you have extension instances in your project that were defined using an autogenerated SDK in a deploying codebase. So we need to list the current extension instances in your project to determine if there is anything to potentially delete or configure or update.

Consider enabling the Firebase Extensions Viewer permission which includes the ability to list extension instances.

(Note that this is different from the original bug.)

Thank you for pointing that out, @ifielker.

Hi @ifielker, thank you for pointing that out.

The permission firebaseextensions.instance.list cannot be found in the custom role IAM section in gcloud, which is the weird thing. This was pointed out here from the author of this related issue
#7754.

And weirdly adding the Firebase Extensions Viewer role resolves the issue even though the permission is not listed there.

Hi @ifielker is your mentioned Firebase Extensions Viewer role equal to the role Firebase Extensions Publisher – Extensions Viewer?
Or was it renamed in the meantime?

Because I can't seem to find the Firebase Extensions Viewer - I only see the Firebase Extensions Publisher – Extensions Viewer role.

Edit (figured it out by myself):
I think I figured it out. It's actually not the Firebase Extensions Publisher – Extensions Viewer role but the role with the ID roles/firebaseextensions.viewer.
You can find how it is called in your language in the GCloud IAM Roles section when searching for roles/firebaseextensions.viewer.