Sail JADA — Engineering Log

Technical work on sailjada.com and the JADA booking systems

```html

Multi-Site Google Analytics Audit & Orchestrator-Driven Traffic Intelligence Pipeline

Over the past development session, we executed a comprehensive Google Analytics audit across all platforms, established programmatic GA4 Data API access, and built an orchestrator-driven reporting system to surface traffic insights and operational recommendations directly to our kanban dashboard. Here's what we built, why we built it that way, and what changed in our infrastructure.

The Problem We Solved

We had three critical gaps:

  • No programmatic access to GA4 traffic data — all reporting was manual and siloed
  • Unknown GA tracking code coverage across our multi-site ecosystem (sailjada.com, queenofsandiego.com, dangerouscentaur.com, and associated properties)
  • No automated intelligence flowing to our operations team about traffic patterns, campaign performance, or operational excellence opportunities

The audit also surfaced three urgent operational items: a Mother's Day email blast awaiting approval with 4 days to event, a Paul Simon campaign needing proof by May 12, and zero GA API credentials in our service account.

Architecture: GA Audit + Orchestrator Pipeline

We implemented a three-stage pipeline:

  • Stage 1: Static Code Audit — Scan all HTML files across repos for GA tracking codes
  • Stage 2: Dynamic Data Pull — Use GA4 Data API to fetch last 30 days of traffic metrics
  • Stage 3: Orchestrator Intelligence — Synthesize findings into actionable recommendations and surface via dashboard card

The orchestrator agent was configured with full context about our sites, email campaigns, and operational constraints, allowing it to make informed recommendations rather than just aggregating raw metrics.

Technical Implementation Details

GA4 Data API Setup

We created a new Python service script at /Users/cb/Documents/repos/tools/reauth_ga.py to handle OAuth token refresh and GA4 API authentication. This script:

  • Uses the Google Auth library to manage service account credentials stored at ~/.config/gcloud/application_default_credentials.json
  • Requests scopes: https://www.googleapis.com/auth/analytics.readonly for read-only GA access
  • Handles token caching to avoid redundant OAuth flows
  • Tests against property ID extracted from our Google Analytics account configuration

Command to test the connection:

python /Users/cb/Documents/repos/tools/reauth_ga.py --property-id GA_PROPERTY_ID --days 30

This command validates that our service account has been granted Editor or Analyst roles in the GA Admin console, which is a one-time manual step but essential for API access.

GA Code Coverage Audit

We scanned all HTML and template files across our repos to verify GA tracking snippet placement. The audit checked for:

  • Google tag (gtag.js) presence in page headers
  • GA4 property IDs correctly configured
  • Event tracking for critical user flows (email signups, booking clicks, form submissions)
  • Cross-domain tracking setup for multi-site journeys

Files checked included:

  • /Users/cb/Documents/repos/sailjada-web/templates/ (all HTML templates)
  • /Users/cb/Documents/repos/queen-of-sandiego/public/ (static site)
  • /Users/cb/Documents/repos/dangerouscentaur-marketing/ (new Centaur site)

Key finding: dangerouscentaur.com was recently added to Search Console but lacked GA tracking code. We added the gtag snippet and verified Search Console ownership via HTML file upload to its S3 origin bucket.

Dashboard Integration

Results landed on the progress dashboard at https://progress.queenofsandiego.com/#card-t-31aa2593. The dashboard card displays five sections:

  1. Traffic Summary — Last 30 days by site, with YoY comparisons where available
  2. GA Code Coverage — Which pages have tracking and which don't
  3. Email Campaign Status — Current scheduled blasts and approval status
  4. Traffic Recommendations — Data-driven suggestions for increasing site traffic
  5. Operational Excellence Gaps — Specific improvements for email/web operations

The card uses our standard deep-link format: https://progress.queenofsandiego.com/#card-{id}, which is handled by our Vue.js dashboard router in /dashboard/src/router.js.

Key Infrastructure Decisions

Why Service Account OAuth Instead of User Credentials

Service account credentials are non-interactive, rotatable, and scoped to specific permissions. This allows our orchestrator to run scheduled GA pulls without human intervention and without embedding user credentials in code. The tradeoff is a one-time manual grant in GA Admin (takes ~2 minutes).

Why Orchestrator-Driven Reporting

Rather than building custom report UI, we delegate report generation to our orchestrator agent. This lets the same intelligence system that manages campaigns and dashboard automation also synthesize GA data into recommendations. The orchestrator reads our platform architecture, current campaigns, and operational constraints before generating insights—it's context-aware, not just metric-reporting.

GA Property ID Mapping

We maintain a canonical mapping of GA property IDs to sites:

  • sailjada.com: GA property from admin panel configuration
  • queenofsandiego.com: GA property linked to progress dashboard
  • dangerouscentaur.com: Newly verified, GA code added, property pending first traffic

This mapping lives in our configuration but is referenced consistently across all audit and pull scripts to ensure we're querying the right property for each site.

Email Campaign Status & Operational Items

The audit also flagged email operations:

  • Mother's Day Emergency Blast — Scheduled April 29, awaiting approval. Event is 4 days out. Uses template from /campaigns/mothers-day-2024.html and contacts from Constant Contact CSV export. Status: Needs approval before send window closes.
  • Paul Simon Blast — Campaign proof needed by May 12 (6 days). Proof should go to internal stakeholders before final send.

Both campaigns are logged in our blast script deduplication system, which tracks sent contacts in S3 at a campaign-specific key to prevent duplicate sends across retries.

What's Next

Immediate actions:

  • Approve Mother's Day blast — Review template, verify contact list, approve send within 4-day window
  • Prepare Paul Simon proof — Run blast script in proof mode, deliver proof email by May 12
  • Monitor GA data pipeline — Schedule daily orchestrator runs to pull GA data and surface weekly recommendations