feat: add OAuth 2.0 support for GSC monitoring
Some checks failed
Build and Deploy / build (push) Has been cancelled
Some checks failed
Build and Deploy / build (push) Has been cancelled
- Updated monitor.py to support both OAuth and Service Account - Created setup-oauth-local.py for easy local authorization - Created cronjob-oauth.yaml for OAuth-based deployment - Updated README with both authentication options - OAuth is now the recommended method (no key file needed)
This commit is contained in:
Unchained
@@ -8,6 +8,82 @@ This setup creates an automated monitoring system for Google Search Console that
|
||||
2. Access to Google Search Console for manoonoils.com
|
||||
3. kubectl access to your Kubernetes cluster
|
||||
|
||||
## Authentication Methods
|
||||
|
||||
Choose one of the following authentication methods:
|
||||
|
||||
### Option A: OAuth 2.0 (Recommended - No Service Account Key)
|
||||
|
||||
This is the **easiest method** if you can't create service account keys.
|
||||
|
||||
#### Step 1: Enable Search Console API
|
||||
1. Go to https://console.cloud.google.com
|
||||
2. Create/select project: `manoonoils-monitoring`
|
||||
3. Go to **APIs & Services → Library**
|
||||
4. Search: "Google Search Console API"
|
||||
5. Click: **Enable**
|
||||
|
||||
#### Step 2: Create OAuth Credentials
|
||||
1. Go to **APIs & Services → Credentials**
|
||||
2. Click: **Create Credentials → OAuth client ID**
|
||||
3. Click: **Configure Consent Screen**
|
||||
4. User Type: **External**
|
||||
5. Fill in:
|
||||
- App name: `ManoonOils GSC Monitor`
|
||||
- User support email: your email
|
||||
- Developer contact: your email
|
||||
6. Click: **Save and Continue** (3 times)
|
||||
7. Click: **Back to Dashboard**
|
||||
8. Back on Credentials page
|
||||
9. Click: **Create Credentials → OAuth client ID**
|
||||
10. Application type: **Desktop app**
|
||||
11. Name: `GSC Desktop Client`
|
||||
12. Click: **Create**
|
||||
13. Click: **DOWNLOAD JSON**
|
||||
|
||||
#### Step 3: Run Local Authorization
|
||||
On your local machine (laptop):
|
||||
|
||||
```bash
|
||||
# Go to the monitoring directory
|
||||
cd scripts/gsc-monitoring
|
||||
|
||||
# Install dependencies
|
||||
pip3 install google-auth google-auth-oauthlib google-auth-httplib2 google-api-python-client
|
||||
|
||||
# Run the OAuth setup
|
||||
python3 setup-oauth-local.py
|
||||
```
|
||||
|
||||
This will:
|
||||
- Open a browser for you to authorize the app
|
||||
- Generate a `gsc-oauth-credentials.json` file
|
||||
- The refresh token never expires!
|
||||
|
||||
#### Step 4: Deploy to Kubernetes
|
||||
|
||||
```bash
|
||||
# Copy the credentials to server
|
||||
scp gsc-oauth-credentials.json doorwaysftw:/tmp/
|
||||
|
||||
# Create the secret
|
||||
ssh doorwaysftw "kubectl create secret generic gsc-oauth-credentials \
|
||||
--namespace=manoonoils \
|
||||
--from-file=oauth-credentials.json=/tmp/gsc-oauth-credentials.json"
|
||||
|
||||
# Deploy the monitoring
|
||||
ssh doorwaysftw "kubectl apply -f -" < cronjob-oauth.yaml
|
||||
|
||||
# Verify
|
||||
ssh doorwaysftw "kubectl get cronjob gsc-monitoring-oauth -n manoonoils"
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
### Option B: Service Account (Requires Key Creation)
|
||||
|
||||
**Note:** This only works if you can create service account keys in Google Cloud.
|
||||
|
||||
## Setup Steps
|
||||
|
||||
### Step 1: Create Google Cloud Project
|
||||
|
||||
Reference in New Issue
Block a user