search

GoogleCloudPlatform / cloud-run-anthos-reference-web-app

An opinionated set of best practices aimed at demonstrating a reference architecture for building a web application on Google Cloud using Cloud Run for Anthos.
https://cloud.google.com/anthos/run
Apache License 2.0
37 stars 22 forks source link

Clarify Identity Platform and Firestore setup #16

Closed josueetcom closed 4 years ago

josueetcom commented 4 years ago

Summary:

I also included an image of what the Firestore rules page should look like and moved the scripts to a scripts/ directory.

README.md preview: https://github.com/GoogleCloudPlatform/cloud-run-anthos-reference-web-app/blob/readme-tweaks/README.md

josueetcom commented 4 years ago

Hey all, I'd like to get some feedback on these changes. I plan to walk through them entirely for a project to make sure there aren't any gaps before marking this PR ready for review.

josueetcom commented 4 years ago

Additional question: Steps 4 and 5 could be written more succinctly. E.g.

Instead of:

  1. Configure your OAuth 2.0 Client ID to be used by your Custom Domain.
    • In the GCP console, navigate to APIs & Services -> Credentials.
    • Click on the OAuth 2.0 Client ID that was auto created.
      • $PROJECT_ID.firebaseapp.com should appear under Authorized JavaScript origins.
    • Take note of the Client ID and Client secret. You'll use them in the next step.
    • Under Authorized JavaScript origins, add your custom domain.
    • Click Save.
  2. Add Google as an Identity Provider in Identity Platform:
    • In the GCP console, navigate to Identity Platform -> Providers.
    • Click Add a provider.
    • Select Google from the list.
    • Fill in the Web Client ID and Web Client Secret fields with those from the OAuth 2.0 Client ID created in the previous step.
    • Click Save.

It could be more succinctly:

  1. On the APIs & Services -> Credentials page, click the OAuth 2.0 Client ID that was auto created and add your custom domain under Authorized JavaScript origins.
    • $PROJECT_ID.firebaseapp.com should appear under Authorized JavaScript origins.
    • Take note of the Client ID and Client secret. You'll use them in the next step.
  2. On the Identity Platform -> Providers page, add Google as an Identity Provider.
    • Fill in the Web Client ID and Web Client Secret fields with the Client ID and Client secret values from the previous step.

Which style do you all think is better?

ssmall commented 4 years ago

Which style do you all think is better?

I think having more details instructions is better in this case -- one of the big pieces of feedback we've received is that our more succinct descriptions left just enough room for confusion, so I'd rather err on the side of being too wordy.

zsxking commented 4 years ago

Or we can have succinct description with screenshot and highlights, like HJPsXkbycZE

josueetcom commented 4 years ago

Hmm, using a screenshot would still require instructions, at least in the screenshot you gave for steps 2 and 3.

The thing that's also tricky about detailed steps/screenshots is that if the Cloud Console UI changes then they'll quickly go out of date. I suppose this is also true of using gcloud alpha commands though.

I'm indifferent either way. Let me know if you strongly prefer one or the other

zsxking commented 4 years ago

I don't have strong preference either. As a reader I would definitively prefer more pictures. But the burden of maintenance is real. I think we should just go with the detailed version for now, and see how it works out in bug bash.

josueetcom commented 4 years ago

Yeah let's see how it goes in the bug bash. Maybe we can ask if screenshots would be clearer