google-github-actions/setup-gcloud google-github-actions/setup-gcloud

  • Stars
    star
    1,658
  • Rank 28,199 (Top 0.6 %)
  • Language
    TypeScript
  • License
    Apache License 2.0
  • Created about 5 years ago
  • Updated 7 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
google-github-actions/setup-gcloud
github

google-github-actions

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A GitHub Action for installing and configuring the gcloud CLI.

setup-gcloud GitHub Action

Configures the Google Cloud SDK in the GitHub Actions environment. The Google Cloud SDK includes both the gcloud and gsutil binaries.

Or integrate natively with other Google Cloud GitHub Actions:

This is not an officially supported Google product, and it is not covered by a Google Cloud support contract. To report bugs or request features in a Google Cloud product, please contact Google Cloud support.

Prerequisites

  • This action requires Google Cloud credentials to execute gcloud commands. See Authorization for more details.

  • This action runs using Node 16. If you are using self-hosted GitHub Actions runners, you must use runner version 2.285.0 or newer.

Usage

jobs:
  job_id:
    # Add "id-token" with the intended permissions.
    permissions:
      contents: 'read'
      id-token: 'write'

    steps:
    - id: 'auth'
      uses: 'google-github-actions/auth@v1'
      with:
        workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider'
        service_account: '[email protected]'

    - name: 'Set up Cloud SDK'
      uses: 'google-github-actions/setup-gcloud@v1'
      with:
        version: '>= 363.0.0'

    - name: 'Use gcloud CLI'
      run: 'gcloud info'

Inputs

Cloud SDK inputs

  • skip_install: (Optional) Skip the gcloud installation and use the system-installed gcloud instead. This can dramatically improve workflow speeds at the expense of a slightly older gcloud version. Setting this to true ignores any value for the version input. If you skip installation, you will be unable to install components because the system-install gcloud is locked. The default value is false. ⚠️ Be aware that GitHub plans to remove the system-installed gcloud, and any workflows with skip_install: true will stop working when that happens.

  • version: (Optional) A string representing the version or version constraint of the Cloud SDK (gcloud) to install (e.g. "290.0.1" or ">= 197.0.1"). The default value is "latest", which will always download and install the latest available Cloud SDK version.

    - uses: 'google-github-actions/setup-gcloud@v1'
  with:
    version: '>= 416.0.0'

    If there is no installed gcloud version that matches the given constraint, this GitHub Action will download and install the latest available version that still matches the constraint.

    Warning! Workload Identity Federation requires version 363.0.0 or newer. If you need support for Workload Identity Federation, specify your version constraint as such:

    - uses: 'google-github-actions/setup-gcloud@v1'
  with:
    version: '>= 363.0.0'

    You are responsible for ensuring the gcloud version matches the features and components required. See the gcloud release notes for a full list of versions.

  • project_id: (Optional) Project ID (not project number) of the Google Cloud project. If provided, this will configure the gcloud CLI to use that project ID for commands. Individual commands can still override the project with the --project flag. If unspecified, the action attempts to find the "best" project ID by looking at other inputs and environment variables.

  • install_components: (Optional) List of Cloud SDK components to install specified as a comma-separated list of strings:

    install_components: 'alpha,cloud-datastore-emulator'

Authorization

This action installs the Cloud SDK (gcloud). To configure its authentication to Google Cloud, use the google-github-actions/auth action. You can authenticate via:

Workload Identity Federation (preferred)

⚠️ You must use the Cloud SDK version 390.0.0 or later to authenticate the bq and gsutil tools.

jobs:
  job_id:
    # Add "id-token" with the intended permissions.
    permissions:
      contents: 'read'
      id-token: 'write'

    steps:
    - id: 'auth'
      uses: 'google-github-actions/auth@v1'
      with:
        workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider'
        service_account: '[email protected]'

    - name: 'Set up Cloud SDK'
      uses: 'google-github-actions/setup-gcloud@v1'

    - name: 'Use gcloud CLI'
      run: 'gcloud info'

Service Account Key JSON

job:
  job_id:
    steps:
    - id: 'auth'
      uses: 'google-github-actions/auth@v1'
      with:
        credentials_json: '${{ secrets.GCP_CREDENTIALS }}'

    - name: 'Set up Cloud SDK'
      uses: 'google-github-actions/setup-gcloud@v1'

    - name: 'Use gcloud CLI'
      run: 'gcloud info'

Application Default Credentials

If and only if you are using self-hosted runners that are hosted on Google Cloud Platform, the Cloud SDK will automatically authenticate using the machine credentials:

job:
  job_id:
    steps:
    - name: 'Set up Cloud SDK'
      uses: 'google-github-actions/setup-gcloud@v1'

    - name: 'Use gcloud CLI'
      run: 'gcloud info'

Multiple Service Accounts

To use multiple service accounts, a second auth step is required to update the credentials before using setup-gcloud:

jobs:
  job_id:
    # Add "id-token" with the intended permissions.
    permissions:
      contents: 'read'
      id-token: 'write'

    steps:
      - id: 'auth service account 1'
        uses: 'google-github-actions/auth@v1'
        with:
          workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider'
          service_account: '[email protected]'

      - name: 'Set up Cloud SDK'
        uses: 'google-github-actions/setup-gcloud@v1'

      - name: 'Use gcloud CLI'
        run: 'gcloud auth list --filter=status:ACTIVE --format="value(account)"'
        # [email protected]

      - id: 'auth service account 2'
        uses: 'google-github-actions/auth@v1'
        with:
          credentials_json: '${{ secrets.GCP_CREDENTIALS }}'

      - name: 'Set up Cloud SDK'
        uses: 'google-github-actions/setup-gcloud@v1'

      - name: 'Use gcloud CLI'
        run: 'gcloud auth list --filter=status:ACTIVE --format="value(account)"'
        # [email protected]

Versioning

We recommend pinning to the latest available major version:

- uses: 'google-github-actions/setup-gcloud@v1'

While this action attempts to follow semantic versioning, but we're ultimately human and sometimes make mistakes. To prevent accidental breaking changes, you can also pin to a specific version:

- uses: 'google-github-actions/[email protected]'

However, you will not get automatic security updates or new features without explicitly updating your version number. Note that we only publish MAJOR and MAJOR.MINOR.PATCH versions. There is not a floating alias for MAJOR.MINOR.

More Repositories

1

release-please-action

automated releases based on conventional commits
TypeScript
1,413
star
2

auth

A GitHub Action for authenticating to Google Cloud.
TypeScript
807
star
3

deploy-cloudrun

A GitHub Action for deploying services to Google Cloud Run.
TypeScript
352
star
4

deploy-cloud-functions

A GitHub Action that deploys source code to Google Cloud Functions.
TypeScript
261
star
5

deploy-appengine

A GitHub Action that deploys source code to Google App Engine.
TypeScript
209
star
6

upload-cloud-storage

A GitHub Action for uploading files to a Google Cloud Storage (GCS) bucket.
TypeScript
176
star
7

get-secretmanager-secrets

A GitHub Action for accessing secrets from Google Secret Manager and making them available as outputs.
TypeScript
111
star
8

get-gke-credentials

A GitHub Action that configure authentication to a GKE cluster.
TypeScript
82
star
9

ssh-compute

A GitHub Action to SSH into a Google Compute Engine instance.
TypeScript
40
star
10

example-workflows

Repository to demonstrate example workflows.
Go
29
star
11

run-vertexai-notebook

A GitHub Action for running a Google Cloud Vertex AI notebook.
17
star
12

create-cloud-deploy-release

A GitHub Action for creating releases via Cloud Deploy.
TypeScript
15
star
13

github-workflow-job-to-pubsub

Fulfills a GitHub workflow_job webhooks into a Pub/Sub queue.
Go
10
star
14

github-runner-token-proxy

Generate registration tokens for GitHub self-hosted runners without disclosing a privileged credential to the caller.
Go
7
star
15

setup-cloud-sdk

An NPM package for installing and configuring the Google Cloud SDK in GitHub Actions.
TypeScript
7
star
16

actions-utils

An NPM package for Google GitHub Actions utils.
TypeScript
6
star
17

test-infra

Test infrastructure for Google Github Actions.
HCL
5
star
18

.github

Default files for google-github-actions
JavaScript
4
star
19

send-google-chat-webhook

Go
3
star
20

analyze-code-security-scc

TypeScript
1
star
21

deploy-workflow

A GitHub Action for deploying Google Cloud Deploy workflows.
1
star