I couldn't make google analytics works inside Google Kubernetes Engine (GKE) environment

11/20/2021

I've got the Content Security Policy (CPS) error: enter image description here

My google analytics code at the index.html:

<script>
  (function (b, o, i, l, e, r) {
    b.GoogleAnalyticsObject = l;
    b[l] ||
      (b[l] = function () {
        (b[l].q = b[l].q || []).push(arguments);
      });
    b[l].l = +new Date();
    e = o.createElement(i);
    r = o.getElementsByTagName(i)[0];
    e.src = '//www.google-analytics.com/analytics.js';
    r.parentNode.insertBefore(e, r);
  })(window, document, 'script', 'ga');
  ga('create', 'UA-211719802-1');
  ga('send', 'pageview');
</script>

<!-- Global site tag (gtag.js) - Google Analytics -->
<script async src="https://www.googletagmanager.com/gtag/js?id=G-C54CGGPPQG"></script>
<script>
  window.dataLayer = window.dataLayer || [];
  function gtag(){dataLayer.push(arguments);}
  gtag('js', new Date());

  gtag('config', 'G-C54CGGPPQG');
</script>

I didn't define any CPS rule, I don't know where this CPS rule is defined:

because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

So I tried to define a insecure CPS rule at the index just to see if it works:

<meta http-equiv="Content-Security-Policy" content="default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'>

Nothing happened after deployed on GKE, so I tried to define a CPS rule at my ingress.yml:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: gateway
  annotations:
    ingress.kubernetes.io/content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline' 'unsafe-eval'
    kubernetes.io/ingress.global-static-ip-name: "gateway-ingress-ip"
    networking.gke.io/managed-certificates: "gateway-certificate"
spec:
  rules:
  - http:
      paths:
      - path: /*
        pathType: ImplementationSpecific
        backend:
          service:
            name: gateway
            port:
              number: 8080

The CPS error message still the same after apply the ingress.yml changes.

Here are some links that I tried on without any success:

What am I doing wrong? Thank you in advanced 😀

-- Renan Franca
google-analytics
google-kubernetes-engine
kubernetes

0 Answers