diff options
Diffstat (limited to 'doc/integration/google.md')
| -rw-r--r-- | doc/integration/google.md | 73 |
1 files changed, 39 insertions, 34 deletions
diff --git a/doc/integration/google.md b/doc/integration/google.md index d60c1b43ed6..211c86b557a 100644 --- a/doc/integration/google.md +++ b/doc/integration/google.md @@ -9,29 +9,34 @@ info: To determine the technical writer assigned to the Stage/Group associated w To enable the Google OAuth 2.0 OmniAuth provider you must register your application with Google. Google generates a client ID and secret key for you to use. -## Enable Google OAuth - -In Google's side: - -1. Navigate to the [cloud resource manager](https://console.cloud.google.com/cloud-resource-manager) page -1. Select **Create Project** -1. Provide the project information: - - **Project name** - "GitLab" works just fine here. - - **Project ID** - Must be unique to all Google Developer registered applications. - Google provides a randomly generated Project ID by default. You can use - the randomly generated ID or choose a new one. -1. Refresh the page and you should see your new project in the list -1. Go to the [Google API Console](https://console.developers.google.com/apis/dashboard) -1. In the upper-left corner, select the previously created project -1. Select **Credentials** from the sidebar -1. Select **OAuth consent screen** and fill the form with the required information -1. In the **Credentials** tab, select **Create credentials > OAuth client ID** -1. Fill in the required information - - **Application type** - Choose "Web Application" - - **Name** - Use the default one or provide your own - - **Authorized JavaScript origins** -This isn't really used by GitLab but go - ahead and put `https://gitlab.example.com` - - **Authorized redirect URIs** - Enter your domain name followed by the +To enable Google OAuth, you must configure the: + +- Google Cloud Resource Manager +- Google API Console +- GitLab server + +## Configure the Google Cloud Resource Manager + +1. Go to the [Google Cloud Resource Manager](https://console.cloud.google.com/cloud-resource-manager). +1. Select **CREATE PROJECT**. +1. In **Project name**, enter `GitLab`. +1. In **Project ID**, Google provides a randomly generated project ID by default. + You can use this randomly generated ID or create a new one. If you create a new + ID, it must be unique to all Google Developer registered applications. + +To see your new project in the list, refresh the page. + +## Configure the Google API Console + +1. Go to the [Google API Console](https://console.developers.google.com/apis/dashboard). +1. In the upper-left corner, select your previously created project. +1. Select **OAuth consent screen** and complete the fields. +1. Select **Credentials > Create credentials > OAuth client ID**. +1. Complete the fields: + - **Application type**: Select **Web application**. + - **Name**: Use the default name or enter your own. + - **Authorized JavaScript origins**: Enter `https://gitlab.example.com`. + - **Authorized redirect URIs**: Enter your domain name followed by the callback URIs one at a time: ```plaintext @@ -39,22 +44,22 @@ In Google's side: https://gitlab.example.com/-/google_api/auth/callback ``` -1. You should now be able to see a Client ID and Client secret. Note them down +1. You should see a client ID and client secret. Note them down or keep this page open as you need them later. -1. To enable projects to access [Google Kubernetes Engine](../user/infrastructure/clusters/index.md), you must also - enable these APIs: +1. To enable projects to access [Google Kubernetes Engine](../user/infrastructure/clusters/index.md), + you must also enable the: - Google Kubernetes Engine API - Cloud Resource Manager API - Cloud Billing API - To do so you should: + To do so: 1. Go to the [Google API Console](https://console.developers.google.com/apis/dashboard). 1. Select **ENABLE APIS AND SERVICES** at the top of the page. 1. Find each of the above APIs. On the page for the API, select **ENABLE**. It may take a few minutes for the API to be fully functional. -On your GitLab server: +## Configure the GitLab server 1. Open the configuration file. @@ -83,8 +88,8 @@ On your GitLab server: { name: "google_oauth2", # label: "Provider name", # optional label for login button, defaults to "Google" - app_id: "YOUR_APP_ID", - app_secret: "YOUR_APP_SECRET", + app_id: "<YOUR_APP_ID>", + app_secret: "<YOUR_APP_SECRET>", args: { access_type: "offline", approval_prompt: "" } } ] @@ -100,8 +105,8 @@ On your GitLab server: args: { access_type: 'offline', approval_prompt: '' } } ``` -1. Change `YOUR_APP_ID` to the client ID from the Google Developer page -1. Similarly, change `YOUR_APP_SECRET` to the client secret +1. Replace `<YOUR_APP_ID>` with the client ID from the Google Developer page. +1. Replace `<YOUR_APP_SECRET>` with the client secret from the Google Developer page. 1. Make sure that you configure GitLab to use a fully-qualified domain name, as Google doesn't accept raw IP addresses. @@ -120,8 +125,8 @@ On your GitLab server: 1. Save the configuration file. 1. For the changes to take effect: - - If you installed via Omnibus, [reconfigure GitLab](../administration/restart_gitlab.md#omnibus-gitlab-reconfigure). - - If you installed from source, [restart GitLab](../administration/restart_gitlab.md#installations-from-source). + - If you installed using the Linux package, [reconfigure GitLab](../administration/restart_gitlab.md#reconfigure-a-linux-package-installation). + - If you self-compiled your installation, [restart GitLab](../administration/restart_gitlab.md#installations-from-source). On the sign in page there should now be a Google icon below the regular sign in form. Select the icon to begin the authentication process. Google asks the |