Please refer to this link https://github.com/google-github-actions/auth to complete the prerequisites. Make sure we don't miss any single step.
- Create service account in IAM GCP and download
credentials.json
with contain following permisson:
- Read/Write Cloud Run IAM permissions
- Read/Write Artifact Registry IAM permissions
- Read/Write Storage Admin
- Enable API each GCP service that needed:
- Cloud Run
- Cloud Container Registry / Artifact Registry
-
OIDC Provider Identitiy Federation at GCP must be active
-
Create Github secret with desired environment name to secure sensitive information.