Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix ADC documentation, issue#685 #686

Merged
merged 3 commits into from Apr 4, 2024
Merged

Fix ADC documentation, issue#685 #686

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
aaadca9
Readme fixes for issue#685
eeaton Apr 4, 2024
d7844cd
fix typo
eeaton Apr 4, 2024
46511f8
disambiguate "this action" to be clear which parts refer to `setup-gc…
eeaton Apr 4, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
18 changes: 11 additions & 7 deletions README.md
View file
Open in desktop
Expand Up @@ -114,9 +114,11 @@ jobs:

## Authorization

This action installs the Cloud SDK (`gcloud`). To configure its authentication
to Google Cloud, use the [google-github-actions/auth][auth] action. You can
authenticate via:
The `setup-gcloud` action installs the Cloud SDK (`gcloud`). To configure its authentication
to Google Cloud, you must first use the [google-github-actions/auth][auth] action. The `auth`
action sets [Application Default Credentials][adc], then the `setup-gcloud` action references
these credentials to configure [gcloud credentials][gcloud-credentials] . You can
authenticate via the following options:

### Workload Identity Federation (preferred)

Expand Down Expand Up @@ -163,10 +165,11 @@ jobs:
run: 'gcloud info'
```

### Application Default Credentials
### Self-hosted runners on Google Cloud Platform

If and only if you are using self-hosted runners that are hosted on Google Cloud Platform,
the Cloud SDK will automatically authenticate using the machine credentials:
If you are using self-hosted runners that are hosted on Google Cloud Platform, credentials
are automatically obtained from the service account attached to the runner.
In this scenario, you do not need to run the [google-github-actions/auth][auth] action.

```yaml
jobs:
Expand Down Expand Up @@ -243,9 +246,10 @@ explicitly updating your version number. Note that we only publish `MAJOR` and

[github-action]:https://help.github.com/en/categories/automating-your-workflow-with-github-actions
[auth]: https://github.com/google-github-actions/auth
[adc]: https://cloud.google.com/docs/authentication/production
[adc]: https://cloud.google.com/docs/authentication/application-default-credentials
[sdk]: https://cloud.google.com/sdk/
[gcloud]: https://cloud.google.com/sdk/gcloud/
[gcloud-credentials]: https://cloud.google.com/docs/authentication/gcloud#gcloud-credentials
[gsutil]: https://cloud.google.com/storage/docs/gsutil
[sa-iam-docs]: https://cloud.google.com/iam/docs/service-accounts
[sa]: https://cloud.google.com/iam/docs/creating-managing-service-accounts
Expand Down