Deployment
The deploy targets below include staging and production for completeness, but Mia is not deployed there yet. The only live Mia today is on pivot-dev-2. The other targets are how a Mia rollout will land when it's ready, not where it lives now.
Two artifacts ship per release: the Firebase Functions bundle (covers all modules under functions/modules/) and the Cloud Run image (functions/pivotAiAgent/).
Local dev — full MIA stack
One command:
make ai-local
What it starts:
- Firebase emulators (hub at
:4400)- Auth
:9099, RTDB:9000, Functions:5001, Pub/Sub:8085
- Auth
- Temporal (Docker) — server
:7233, Web UI:8233 - pivotAiAgent (Docker) —
:3457, env.env.emulator - React frontend (foreground) —
:3000
Useful sub-targets:
| Target | What it does |
|---|---|
make emulators-up | Just the Firebase emulators (background). |
make temporal-up | Just Temporal (docker-compose). |
make ai-local-up | Emulators + Temporal + pivotAiAgent Docker (no frontend). |
make ai-local-frontend | Foreground React, points at :3457. |
make ai-cloud-up | pivotAiAgent Docker against real dev-2 RTDB (+ local Temporal). Risky — be sure you mean it. |
make ai-deploy | gcloud run deploy pivot-ai-agent --source . to $PROJECT. |
make ai-deploy requires a service account key at functions/pivotAiAgent/service-account.json (not committed).
Firebase function commands
From functions/:
| Command | Effect |
|---|---|
npm run build | Lint + type-check + esbuild bundles per module. |
npm run watch | TypeScript watch mode. |
npm run serve | concurrently watch + firebase serve --only functions. |
npm run start | firebase use default && npm run generate-env && npm run serve. |
npm run start-prod | Serves against production data. Don't use casually. |
npm run start-all | All emulators (functions + auth + RTDB + pubsub). |
npm run test | Jest. |
npm run lint / npm run type-check | Standalone. |
npm run clean | rm -rf lib/. |
npm run generate-env | Loads .env.<project-id> into the local shell via scripts/generate-env.ts. |
npm run upload-secrets | Pushes local secrets to Firebase Secret Manager. Manual. |
npm run migrate | RTDB migrations (ts-node). |
npm run migrate:pg | Postgres migrations (future). |
Deploy targets
Project aliases live in .firebaserc.
| Command | Target project | Notes |
|---|---|---|
npm run deploy-dev | pivot-dev-59310 | Legacy, being phased out. |
npm run deploy-dev-2 | pivot-dev-2 | Current dev target. |
npm run deploy-staging | pivot-not-production-project | |
npm run deploy | pivot-inc | Production. Be very careful. |
Switch between projects:
firebase use pivot-dev-2
firebase use production
Environment configuration
| File | Purpose |
|---|---|
.env.emulator | Fake credentials for the emulator stack. |
.env.local | Dev-2 credentials + Temporal address. |
.env.<project-id> | Per-project config, auto-loaded by generate-env.ts at startup. |
Secrets (API keys, signing keys) are not in .env files. They live in Firebase Secret Manager, declared via defineSecret() from firebase-functions/params and injected into function options:
import { defineSecret } from 'firebase-functions/params'
const ANTHROPIC_KEY = defineSecret('ANTHROPIC_KEY')
export const myFn = onRequest({ secrets: [ANTHROPIC_KEY] }, async (req, res) => {
// ANTHROPIC_KEY.value() available here
})
Build internals
functions/build.js orchestrates:
- Lint (
npm run lint). - Type-check (
npm run type-check). - esbuild — one bundle per module entry point:
functions/modules/<name>/endpoints/apis/router.ts→lib/<name>-api.jsfunctions/modules/<name>/endpoints/events/*.ts→lib/<name>-event-*.jsfunctions/modules/<name>/endpoints/scheduled/*.ts→lib/<name>-scheduled-*.jsfunctions/pivotAiAgent/index.ts→ separate bundle for Cloud Run.
firebase deploy --only functions picks up the bundles in lib/.
Production Temporal — TBD
The dev-2 setup uses self-hosted Temporal at localhost:7233 (Docker). Production Temporal config (Cloud namespace, TLS, certs) isn't documented in the repo. See Reference: TODOs.