Skip to content

sws2apps/github-gcloud-cli

Repository files navigation

GitHub GCloud CLI

A quickest way to setup the keyless authentication to Google Cloud from GitHub Action. We internally use the gcloud CLI to make this setup much easier. The detailed steps which our CLI is handling are found on this page: Setting up Workload Identity Federation.

Usage

Run the CLI by typing the following in the terminal:

npx @sws2apps/github-gcloud-cli setup

img1

A browser window will now open, and asks you to authenticate to the Google Cloud SDK. Complete the authentication in that window, and the CLI window will use the authentication token it gets:

img2

Provide the PROJECT_ID and the service account name to be created (if not provided, github-service-account will be used):

img3

A set of commands will be executed in the terminal to complete the Workload Identity Federation setup:

img5

Finally, add the two secrets generated at the end to corresponding GitHub repository:

img6

Note

DO NOT FORGET to add the necessary permissions to the service account created in the Google Cloud Console.