Usage guide for Workload Identity Federation does not include `permissions` block

This issue has been tracked since 2021-12-09.


Actions require additional permissions when using WIF, and the "Usage" guide on this repo does not include the permissions block.

Expected behavior

Usage sample would work.

Observed behavior

Run google-github-actions/[email protected]
Error: google-github-actions/auth failed with: Error: Error message: Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable

Action YAML

  # This workflow contains a single job called "build"
    # The type of runner that the job will run on
    runs-on: ubuntu-latest

    # Steps represent a sequence of tasks that will be executed as part of the job

    - id: auth
      uses: google-github-actions/[email protected]
        workload_identity_provider: 'projects/FOO/locations/global/workloadIdentityPools/BAR/providers/BIZ'
        service_account: '[email protected]'

    - name: Set up Cloud SDK
      uses: google-github-actions/[email protected]

    - name: Use gcloud CLI
      run: gcloud info

Additional information

Usage guide from google-github-actions/setup-gcloud

bharathkkb wrote this answer on 2021-12-09

@sethvargo Let's do this across all Actions? Reopening to track.

sethvargo wrote this answer on 2021-12-09

@FrodoTheTrue heads up since you're updating a few

sethvargo wrote this answer on 2021-12-09

We should also update the pings to [email protected] while we're there.

sethvargo wrote this answer on 2021-12-15

@bharathkkb all the readmes have been updated or have open PRs, so I'm going to close this out.

More Details About Repo
Owner Name google-github-actions
Repo Name setup-gcloud
Full Name google-github-actions/setup-gcloud
Language TypeScript
Created Date 2019-11-05
Updated Date 2023-03-23
Star Count 1505
Watcher Count 65
Fork Count 548
Issue Count 11


Issue Title Created Date Updated Date