setup-gcloud GitHub Action
Configures the Google Cloud SDK in the GitHub Actions environment. The Google Cloud SDK includes both the gcloud and gsutil binaries.
Or integrate natively with other Google Cloud GitHub Actions:
- Deploy a Cloud Run service
- Deploy an App Engine app
- Deploy a Cloud Function
- Access Secret Manager secrets
- Upload to Cloud Storage
- Configure GKE credentials
📢 NOTICE
Previously this repository contained the code for ALL of the GCP GithHub Actions. Now each action has it's own repo and this repo is only for setup-gcloud
Use google-github-actions/setup-gcloud
steps:
- id: gcloud
- uses: GoogleCloudPlatform/github-actions/setup-gcloud@master
+ uses: google-github-actions/setup-gcloud@masterOr google-github-actions/{action}
steps:
- id: deploy
- uses: GoogleCloudPlatform/github-actions/deploy-cloudrun@master
+ uses: google-github-actions/deploy-cloudrun@mainTable of Contents
Usage
jobs:
job_id:
# Add "id-token" with the intended permissions.
permissions:
contents: 'read'
id-token: 'write'
steps:
- id: auth
uses: google-github-actions/auth@v0
with:
workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider'
service_account: 'my-service-account@my-project.iam.gserviceaccount.com'
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v0.3.0
- name: Use gcloud CLI
run: gcloud infoInputs
| Name | Requirement | Default | Description |
|---|---|---|---|
version |
optional | latest |
The version of the gcloud to be installed. Example: 290.0.1 |
project_id |
optional | ID of the Google Cloud Platform project. If provided, this will configure gcloud to use this project ID by default for commands. Individual commands can still override the project using the --project flag which takes precedence. |
|
service_account_email |
optional | Service account email address to use for authentication. This is required for legacy .p12 keys but can be omitted for JSON keys. This is usually of the format <name>@<project-id>.iam.gserviceaccount.com. |
|
export_default_credentials |
optional | false |
Exports the path to Default Application Credentials as the environment variable GOOGLE_APPLICATION_CREDENTIALS to be available in later steps. Google Cloud services automatically use this environment variable to find credentials. |
credentials_file_path |
optional | (temporary file) | Only valid when export_default_credentials is true. Sets the path at which the credentials should be written. |
cleanup_credentials |
optional | true |
If true, the action will remove any generated credentials from the filesystem upon completion. |
service_account_key |
optional | (Deprecated) This input is deprecated. See auth section for more details. The service account key which will be used for authentication credentials. This key should be created and stored as a secret. It can be encoded as a Base64 string or as JSON. |
Example Workflows
-
Google Kubernetes Engine: An example workflow that uses GitHub Actions to deploy a static website to an existing Google Kubernetes Engine cluster.
-
Cloud Run: An example workflow that uses GitHub Actions to build and deploy a container to Cloud Run.
-
Google Compute Engine: An example workflow that uses GitHub Actions to deploy a container to an existing Google Compute Engine (GCE) instance.
-
App Engine: An example workflow that uses GitHub Actions to deploy source code to App Engine, a fully managed serverless platform.
-
Cloud Build: An example workflow that uses GitHub Actions to build a container image with Cloud Build.
Authorization
This action installs the Cloud SDK (gcloud). To configure its authentication to Google Cloud, use the google-github-actions/auth action. You can authenticate via:
Workload Identity Federation (preferred)
jobs:
job_id:
# Add "id-token" with the intended permissions.
permissions:
contents: 'read'
id-token: 'write'
steps:
- id: auth
uses: google-github-actions/auth@v0
with:
workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider'
service_account: 'my-service-account@my-project.iam.gserviceaccount.com'
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v0.3.0
- name: Use gcloud CLI
run: gcloud infoService Account Key JSON
job:
job_id:
steps:
- id: auth
uses: google-github-actions/auth@v0
with:
credentials_json: ${{ secrets.gcp_credentials }}
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v0.3.0
- name: Use gcloud CLI
run: gcloud infoApplication Default Credentials
If and only if you are using self-hosted runners that are hosted on Google Cloud Platform, the Cloud SDK will automatically authenticate using the machine credentials:
job:
job_id:
steps:
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v0.3.0
- name: Use gcloud CLI
run: gcloud infoContributing
See CONTRIBUTING.
License
See LICENSE.
![@dependabot[bot]](https://web.archive.org/web/20211213235550im_/https://avatars.githubusercontent.com/in/29110?v=4){kind=small}
