Background: We have some GitHub Actions that import data from Google Analytics and save the data iso it can be used on our custom analytics page. The data importer jobs run this code for each org. The Google API keys are not being properly saved as GitHub environment secrets in the bootstrap script here. This is likely because of how GOOGLE_CREDENTIALS_PRIVATE_KEY is formatted with the newlines in .env.local.
Since these strings are shared and since Google came out with keyless authentication, it's worth exploring whether we can edit the bootstrap script and the GitHub Actions to use this solution instead.
Tasks:
1) Manually update the Google API keys in the environment secrets. This will unblock the current orgs that are not getting updated GA information.
2) Update the onboarding documentation to include this extra step when we add new orgs.
3) Investigate if keyless authentication supports our use case. There are some other potential solutions we can explore, too, like a shared repo secret instead of a redundant environment secret.
Background: We have some GitHub Actions that import data from Google Analytics and save the data iso it can be used on our custom analytics page. The data importer jobs run this code for each org. The Google API keys are not being properly saved as GitHub environment secrets in the bootstrap script here. This is likely because of how GOOGLE_CREDENTIALS_PRIVATE_KEY is formatted with the newlines in .env.local.
Since these strings are shared and since Google came out with keyless authentication, it's worth exploring whether we can edit the bootstrap script and the GitHub Actions to use this solution instead.
Tasks: 1) Manually update the Google API keys in the environment secrets. This will unblock the current orgs that are not getting updated GA information. 2) Update the onboarding documentation to include this extra step when we add new orgs. 3) Investigate if keyless authentication supports our use case. There are some other potential solutions we can explore, too, like a shared repo secret instead of a redundant environment secret.