[ALS-4884] Add Google Analytics job (#72)

[ALS-4884] Add new Jenkins Job to set Google analytics ID in the `picsureui_settings.json`. Add Google manager to CSP to allow Google Tag script to load when an Analytics ID has been set.
hms-dbmi · Aug 16, 2023 · f16de7d · f16de7d
1 parent e99a5f7
commit f16de7d
Show file tree

Hide file tree

Showing 5 changed files with 41 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -95,6 +95,8 @@ In Jenkins you will see 5 tabs: All, Configuration, Deployment, PIC-SURE Builds,
 
     - RELEASE_CONTROL_REPOSITORY: This is the repo that contains the build-spec.json file for your project. This file controls what code is built and deployed. If you just want the default PIC-SURE behavior use this repo : https://github.com/hms-dbmi/baseline-pic-sure-release-control
 
+    - ANALYTICS_ID: This is the Google Analytics ID for your project. If you do not have one, you can leave this blank.
+
 Note: Ensure none of these fields contain leading or trailing whitespace, the values must be exact. Once you have entered the information,
 
 7. Click the "Build" button.

diff --git a/initial-configuration/config/httpd/httpd-vhosts-ssloffload.conf b/initial-configuration/config/httpd/httpd-vhosts-ssloffload.conf
@@ -8,7 +8,7 @@ Listen 0.0.0.0:80
     # frame-ancestors 'none' - Stops our application from being loaded in an iframe
     # default-src - Restricts loading resources to the same origin
     # script-src - Allows inline scripts but only from the same origin
-    Header always set Content-Security-Policy "frame-ancestors 'none'; default-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline'; img-src 'self' data:;"
+    Header always set Content-Security-Policy "frame-ancestors 'none'; default-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googletagmanager.com; img-src 'self' data:;"
 
     # A fall back for legacy browsers that don't yet support CSP frame-ancestors.
     Header always set X-Frame-Options "DENY"

diff --git a/initial-configuration/config/httpd/httpd-vhosts.conf b/initial-configuration/config/httpd/httpd-vhosts.conf
@@ -62,7 +62,7 @@ ServerTokens Prod
     # unsafe-inline - Allows inline JavaScript, CSS, and event handlers
     # style-src - Allows inline styles but only from the same origin
     # img-src - Allows images from the same origin and data: URIs
-    Header always set Content-Security-Policy "frame-ancestors 'none'; default-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline'; img-src 'self' data:;"
+    Header always set Content-Security-Policy "frame-ancestors 'none'; default-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googletagmanager.com; img-src 'self' data:;"
 
     # A fall back for legacy browsers that don't yet support CSP frame-ancestors.
     Header always set X-Frame-Options "DENY"

diff --git a/initial-configuration/config/httpd/picsureui_settings.json b/initial-configuration/config/httpd/picsureui_settings.json
@@ -20,5 +20,6 @@
   ],
   "customizeAuth0Login": true,
   "auth0domain":"__AUTH0_DOMAIN__",
-  "client_id":"__PIC_SURE_CLIENT_ID__"
+  "client_id":"__PIC_SURE_CLIENT_ID__",
+  "analytics_id": "__ANALYTICS_ID__"
 }
diff --git a/initial-configuration/jenkins/jenkins-docker/jobs/Configure Google Analytics/config.xml b/initial-configuration/jenkins/jenkins-docker/jobs/Configure Google Analytics/config.xml
@@ -0,0 +1,35 @@
+<?xml version='1.1' encoding='UTF-8'?>
+<project>
+    <actions/>
+    <description></description>
+    <keepDependencies>false</keepDependencies>
+    <properties>
+        <hudson.model.ParametersDefinitionProperty>
+            <parameterDefinitions>
+                <hudson.model.StringParameterDefinition>
+                    <name>ANALYTICS_ID</name>
+                    <description>Google Analytics id. Reset to default to remove.</description>
+                    <defaultValue>__ANALYTICS_ID__</defaultValue>
+                    <trim>false</trim>
+                </hudson.model.StringParameterDefinition>
+            </parameterDefinitions>
+        </hudson.model.ParametersDefinitionProperty>
+    </properties>
+    <scm class="hudson.scm.NullSCM"/>
+    <canRoam>true</canRoam>
+    <disabled>false</disabled>
+    <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+    <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+    <triggers/>
+    <concurrentBuild>false</concurrentBuild>
+    <builders>
+        <hudson.tasks.Shell>
+            <command>export old_analytics_id=`cat /usr/local/docker-config/httpd/picsureui_settings.json | grep analytics_id | cut -d &apos;:&apos; -f 2 | sed &apos;s/\&quot;,*//g&apos;`
+
+                sed -i &quot;s/$old_analytics_id/ANALYTICS_ID/g&quot; /usr/local/docker-config/httpd/picsureui_settings.json
+            </command>
+        </hudson.tasks.Shell>
+    </builders>
+    <publishers/>
+    <buildWrappers/>
+</project>