CLI to setup Workload Identity Federation to Google Cloud for GitHub Actions
npm install @sws2apps/github-gcloud-cliA quickest way to setup the keyless authentication to Google Cloud from GitHub Action. We internally use the gcloud CLI to make this setup much easier. The detailed steps which our CLI is handling are found on this page: Setting up Workload Identity Federation.
Run the CLI by typing the following in the terminal:
``bash`
npx @sws2apps/github-gcloud-cli setup
!img1
A browser window will now open, and asks you to authenticate to the Google Cloud SDK. Complete the authentication in that window, and the CLI window will use the authentication token it gets:
!img2
Provide the PROJECT_ID and the service account name to be created (if not provided, github-service-account` will be used):
!img3
A set of commands will be executed in the terminal to complete the Workload Identity Federation setup:
!img5
Finally, add the two secrets generated at the end to corresponding GitHub repository:
!img6
DO NOT FORGET to add the necessary permissions to the service account created in the Google Cloud Console.