Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/google-github-actions/setup-gcloud
A GitHub Action for installing and configuring the gcloud CLI.
https://github.com/google-github-actions/setup-gcloud
actions bq gcloud gcloud-cli gcloud-sdk gcp github-actions google-cloud google-cloud-platform gsutil
Last synced: 5 days ago
JSON representation
A GitHub Action for installing and configuring the gcloud CLI.
- Host: GitHub
- URL: https://github.com/google-github-actions/setup-gcloud
- Owner: google-github-actions
- License: apache-2.0
- Created: 2019-11-05T22:54:11.000Z (about 5 years ago)
- Default Branch: main
- Last Pushed: 2024-10-30T18:54:36.000Z (3 months ago)
- Last Synced: 2025-01-06T22:40:59.217Z (12 days ago)
- Topics: actions, bq, gcloud, gcloud-cli, gcloud-sdk, gcp, github-actions, google-cloud, google-cloud-platform, gsutil
- Language: TypeScript
- Homepage: https://cloud.google.com/sdk/docs
- Size: 26.2 MB
- Stars: 1,735
- Watchers: 68
- Forks: 511
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
- Codeowners: CODEOWNERS
Awesome Lists containing this project
- awesome-repositories - google-github-actions/setup-gcloud - A GitHub Action for installing and configuring the gcloud CLI. (TypeScript)
- stars - google-github-actions/setup-gcloud - A GitHub Action for installing and configuring the gcloud CLI. (TypeScript)
- jimsghstars - google-github-actions/setup-gcloud - A GitHub Action for installing and configuring the gcloud CLI. (TypeScript)
README
# `setup-gcloud` GitHub Action
Configures the [Google Cloud SDK][sdk] in the GitHub Actions environment. The Google Cloud SDK includes both the [gcloud][gcloud] and
[gsutil][gsutil] binaries.
Or integrate natively with other Google Cloud GitHub Actions:
* [Authenticate to Google Cloud][auth]
* [Deploy a Cloud Run service](https://github.com/google-github-actions/deploy-cloudrun)
* [Deploy an App Engine app](https://github.com/google-github-actions/deploy-appengine)
* [Deploy a Cloud Function](https://github.com/google-github-actions/deploy-cloud-functions)
* [Access Secret Manager secrets](https://github.com/google-github-actions/get-secretmanager-secrets)
* [Upload to Cloud Storage](https://github.com/google-github-actions/upload-cloud-storage)
* [Configure GKE credentials](https://github.com/google-github-actions/get-gke-credentials)
**This is not an officially supported Google product, and it is not covered by a
Google Cloud support contract. To report bugs or request features in a Google
Cloud product, please contact [Google Cloud
support](https://cloud.google.com/support).**
## Prerequisites
- This action requires Google Cloud credentials to execute gcloud commands.
See [Authorization](#Authorization) for more details.
- This action runs using Node 20. If you are using self-hosted GitHub Actions
runners, you must use a [runner
version](https://github.com/actions/virtual-environments) that supports this
version or newer.
## Usage
```yaml
jobs:
job_id:
# Add "id-token" with the intended permissions.
permissions:
contents: 'read'
id-token: 'write'
steps:
- id: 'auth'
uses: 'google-github-actions/auth@v2'
with:
workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider'
service_account: '[email protected]'
- name: 'Set up Cloud SDK'
uses: 'google-github-actions/setup-gcloud@v2'
with:
version: '>= 363.0.0'
- name: 'Use gcloud CLI'
run: 'gcloud info'
```
## Inputs
- version: _(Optional, default: `latest`)_ A string representing the version or version constraint of the Cloud SDK
(`gcloud`) to install (e.g. `"290.0.1"` or `">= 197.0.1"`). The default
value is `"latest"`, which will always download and install the latest
available Cloud SDK version.
- uses: 'google-github-actions/setup-gcloud@v2'
with:
version: '>= 416.0.0'
If there is no installed `gcloud` version that matches the given
constraint, this GitHub Action will download and install the latest
available version that still matches the constraint.
Authenticating via Workload Identity Federation requires version
[363.0.0](https://cloud.google.com/sdk/docs/release-notes#36300_2021-11-02)
or newer. If you need support for Workload Identity Federation, specify
your version constraint as such:
- uses: 'google-github-actions/setup-gcloud@v2'
with:
version: '>= 363.0.0'
You are responsible for ensuring the `gcloud` version matches the features
and components required.
- project_id: _(Optional)_ ID of the Google Cloud project. If provided, this will configure gcloud to
use this project ID by default for commands. Individual commands can still
override the project using the `--project` flag which takes precedence. If
unspecified, the action attempts to find the "best" project ID by looking
at other inputs and environment variables.
- install_components: _(Optional)_ List of additional [gcloud
components](https://cloud.google.com/sdk/docs/components) to install,
specified as a comma-separated list of strings:
install_components: 'alpha,cloud-datastore-emulator'
- skip_install: _(Optional)_ Skip installation of gcloud and use the [system-supplied
version](https://github.com/actions/runner-images) instead. If specified,
the `version` input is ignored.
⚠️ You will not be able to install additional gcloud components, because the
system installation is locked.
## Outputs
- `version`: Version of gcloud that was installed.
## Authorization
The `setup-gcloud` action installs the Cloud SDK (`gcloud`). To configure its authentication
to Google Cloud, you must first use the [google-github-actions/auth][auth] action. The `auth`
action sets [Application Default Credentials][adc], then the `setup-gcloud` action references
these credentials to configure [gcloud credentials][gcloud-credentials] . You can
authenticate via the following options:
### Workload Identity Federation (preferred)
**⚠️ You must use the Cloud SDK version 390.0.0 or later to authenticate the
`bq` and `gsutil` tools.**
```yaml
jobs:
job_id:
# Add "id-token" with the intended permissions.
permissions:
contents: 'read'
id-token: 'write'
steps:
- id: 'auth'
uses: 'google-github-actions/auth@v2'
with:
workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider'
service_account: '[email protected]'
- name: 'Set up Cloud SDK'
uses: 'google-github-actions/setup-gcloud@v2'
- name: 'Use gcloud CLI'
run: 'gcloud info'
```
### Service Account Key JSON
```yaml
jobs:
job_id:
steps:
- id: 'auth'
uses: 'google-github-actions/auth@v2'
with:
credentials_json: '${{ secrets.GCP_CREDENTIALS }}'
- name: 'Set up Cloud SDK'
uses: 'google-github-actions/setup-gcloud@v2'
- name: 'Use gcloud CLI'
run: 'gcloud info'
```
### Self-hosted runners on Google Cloud Platform
If you are using self-hosted runners that are hosted on Google Cloud Platform, credentials
are automatically obtained from the service account attached to the runner.
In this scenario, you do not need to run the [google-github-actions/auth][auth] action.
```yaml
jobs:
job_id:
steps:
- name: 'Set up Cloud SDK'
uses: 'google-github-actions/setup-gcloud@v2'
- name: 'Use gcloud CLI'
run: 'gcloud info'
```
### Multiple Service Accounts
To use multiple service accounts, a second auth step is required to update the credentials before using `setup-gcloud`:
```yaml
jobs:
job_id:
# Add "id-token" with the intended permissions.
permissions:
contents: 'read'
id-token: 'write'
steps:
- id: 'auth service account 1'
uses: 'google-github-actions/auth@v2'
with:
workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider'
service_account: '[email protected]'
- name: 'Set up Cloud SDK'
uses: 'google-github-actions/setup-gcloud@v2'
- name: 'Use gcloud CLI'
run: 'gcloud auth list --filter=status:ACTIVE --format="value(account)"'
# [email protected]
- id: 'auth service account 2'
uses: 'google-github-actions/auth@v2'
with:
credentials_json: '${{ secrets.GCP_CREDENTIALS }}'
- name: 'Set up Cloud SDK'
uses: 'google-github-actions/setup-gcloud@v2'
- name: 'Use gcloud CLI'
run: 'gcloud auth list --filter=status:ACTIVE --format="value(account)"'
# [email protected]
```
## Versioning
We recommend pinning to the latest available major version:
```yaml
- uses: 'google-github-actions/setup-gcloud@v2'
```
While this action attempts to follow semantic versioning, but we're ultimately
human and sometimes make mistakes. To prevent accidental breaking changes, you
can also pin to a specific version:
```yaml
- uses: 'google-github-actions/[email protected]'
```
However, you will not get automatic security updates or new features without
explicitly updating your version number. Note that we only publish `MAJOR` and
`MAJOR.MINOR.PATCH` versions. There is **not** a floating alias for
`MAJOR.MINOR`.
[github-action]:https://help.github.com/en/categories/automating-your-workflow-with-github-actions
[auth]: https://github.com/google-github-actions/auth
[adc]: https://cloud.google.com/docs/authentication/application-default-credentials
[sdk]: https://cloud.google.com/sdk/
[gcloud]: https://cloud.google.com/sdk/gcloud/
[gcloud-credentials]: https://cloud.google.com/docs/authentication/gcloud#gcloud-credentials
[gsutil]: https://cloud.google.com/storage/docs/gsutil
[sa-iam-docs]: https://cloud.google.com/iam/docs/service-accounts
[sa]: https://cloud.google.com/iam/docs/creating-managing-service-accounts
[wif]: https://cloud.google.com/iam/docs/workload-identity-federation
[github-runners]: https://github.com/actions/runner-images
[gcloud-release-notes]: https://cloud.google.com/sdk/docs/release-notes