I couldn't make google analytics works inside Google Kubernetes Engine (GKE) environment
11/20/2021
I've got the Content Security Policy (CPS) error:
My google analytics code at the index.html:
<script>
(function (b, o, i, l, e, r) {
b.GoogleAnalyticsObject = l;
b[l] ||
(b[l] = function () {
(b[l].q = b[l].q || []).push(arguments);
});
b[l].l = +new Date();
e = o.createElement(i);
r = o.getElementsByTagName(i)[0];
e.src = '//www.google-analytics.com/analytics.js';
r.parentNode.insertBefore(e, r);
})(window, document, 'script', 'ga');
ga('create', 'UA-211719802-1');
ga('send', 'pageview');
</script>
<!-- Global site tag (gtag.js) - Google Analytics -->
<script async src="https://www.googletagmanager.com/gtag/js?id=G-C54CGGPPQG"></script>
<script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', 'G-C54CGGPPQG');
</script>
I didn't define any CPS rule, I don't know where this CPS rule is defined:
because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.So I tried to define a insecure CPS rule at the index just to see if it works:
<meta http-equiv="Content-Security-Policy" content="default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'>Nothing happened after deployed on GKE, so I tried to define a CPS rule at my ingress.yml:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: gateway
annotations:
ingress.kubernetes.io/content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline' 'unsafe-eval'
kubernetes.io/ingress.global-static-ip-name: "gateway-ingress-ip"
networking.gke.io/managed-certificates: "gateway-certificate"
spec:
rules:
- http:
paths:
- path: /*
pathType: ImplementationSpecific
backend:
service:
name: gateway
port:
number: 8080The CPS error message still the same after apply the ingress.yml changes.
Here are some links that I tried on without any success:
- https://content-security-policy.com/faq/
- https://stackoverflow.com/questions/30280370/how-does-content-security-policy-csp-work
- https://stackoverflow.com/questions/30280370/how-does-content-security-policy-csp-work
- https://doc.traefik.io/traefik/v1.7/configuration/backends/kubernetes/
What am I doing wrong? Thank you in advanced 😀
-- Renan Franca
google-analytics
google-kubernetes-engine
kubernetes