Configures the Google Cloud SDK in the GitHub Actions environment. The Google Cloud SDK includes both the gcloud and gsutil binaries.

Or integrate natively with other Google Cloud GitHub Actions:

• Authenticate to Google Cloud
• Deploy a Cloud Run service
• Deploy an App Engine app
• Deploy a Cloud Function
• Access Secret Manager secrets
• Upload to Cloud Storage
• Configure GKE credentials

This is not an officially supported Google product, and it is not covered by a Google Cloud support contract. To report bugs or request features in a Google Cloud product, please contact Google Cloud support.

• This action requires Google Cloud credentials to execute gcloud commands. See Authorization for more details.

• This action runs using Node 20. If you are using self-hosted GitHub Actions runners, you must use a runner version that supports this version or newer.

jobs:
  job_id:
    # Add "id-token" with the intended permissions.
    permissions:
      contents: 'read'
      id-token: 'write'

    steps:
    - id: 'auth'
      uses: 'google-github-actions/auth@v2'
      with:
        workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider'
        service_account: '[email protected]'

    - name: 'Set up Cloud SDK'
      uses: 'google-github-actions/setup-gcloud@v2'
      with:
        version: '>= 363.0.0'

    - name: 'Use gcloud CLI'
      run: 'gcloud info'

• skip_install: (Optional) Skip the gcloud installation and use the system-installed gcloud instead. This can dramatically improve workflow speeds at the expense of a slightly older gcloud version. Setting this to true ignores any value for the version input. If you skip installation, you will be unable to install components because the system-install gcloud is locked. The default value is false. ⚠️ Be aware that GitHub plans to remove the system-installed gcloud, and any workflows with skip_install: true will stop working when that happens.

• version: (Optional) A string representing the version or version constraint of the Cloud SDK (gcloud) to install (e.g. "290.0.1" or ">= 197.0.1"). The default value is "latest", which will always download and install the latest available Cloud SDK version.

  - uses: 'google-github-actions/setup-gcloud@v2'
    with:
      version: '>= 416.0.0'

  If there is no installed gcloud version that matches the given constraint, this GitHub Action will download and install the latest available version that still matches the constraint.

  Warning! Workload Identity Federation requires version 363.0.0 or newer. If you need support for Workload Identity Federation, specify your version constraint as such:

  - uses: 'google-github-actions/setup-gcloud@v2'
    with:
      version: '>= 363.0.0'

  You are responsible for ensuring the gcloud version matches the features and components required. See the gcloud release notes for a full list of versions.

• project_id: (Optional) Project ID (not project number) of the Google Cloud project. If provided, this will configure the gcloud CLI to use that project ID for commands. Individual commands can still override the project with the --project flag. If unspecified, the action attempts to find the "best" project ID by looking at other inputs and environment variables.

• install_components: (Optional) List of Cloud SDK components to install specified as a comma-separated list of strings:

  install_components: 'alpha,cloud-datastore-emulator'

The setup-gcloud action installs the Cloud SDK (gcloud). To configure its authentication to Google Cloud, you must first use the google-github-actions/auth action. The auth action sets Application Default Credentials, then the setup-gcloud action references these credentials to configure gcloud credentials . You can authenticate via the following options:

⚠️ You must use the Cloud SDK version 390.0.0 or later to authenticate the bq and gsutil tools.

jobs:
  job_id:
    # Add "id-token" with the intended permissions.
    permissions:
      contents: 'read'
      id-token: 'write'

    steps:
    - id: 'auth'
      uses: 'google-github-actions/auth@v2'
      with:
        workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider'
        service_account: '[email protected]'

    - name: 'Set up Cloud SDK'
      uses: 'google-github-actions/setup-gcloud@v2'

    - name: 'Use gcloud CLI'
      run: 'gcloud info'

jobs:
  job_id:
    steps:
    - id: 'auth'
      uses: 'google-github-actions/auth@v2'
      with:
        credentials_json: '${{ secrets.GCP_CREDENTIALS }}'

    - name: 'Set up Cloud SDK'
      uses: 'google-github-actions/setup-gcloud@v2'

    - name: 'Use gcloud CLI'
      run: 'gcloud info'

If you are using self-hosted runners that are hosted on Google Cloud Platform, credentials are automatically obtained from the service account attached to the runner. In this scenario, you do not need to run the google-github-actions/auth action.

jobs:
  job_id:
    steps:
    - name: 'Set up Cloud SDK'
      uses: 'google-github-actions/setup-gcloud@v2'

    - name: 'Use gcloud CLI'
      run: 'gcloud info'

To use multiple service accounts, a second auth step is required to update the credentials before using setup-gcloud:

jobs:
  job_id:
    # Add "id-token" with the intended permissions.
    permissions:
      contents: 'read'
      id-token: 'write'

    steps:
      - id: 'auth service account 1'
        uses: 'google-github-actions/auth@v2'
        with:
          workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider'
          service_account: '[email protected]'

      - name: 'Set up Cloud SDK'
        uses: 'google-github-actions/setup-gcloud@v2'

      - name: 'Use gcloud CLI'
        run: 'gcloud auth list --filter=status:ACTIVE --format="value(account)"'
        # [email protected]

      - id: 'auth service account 2'
        uses: 'google-github-actions/auth@v2'
        with:
          credentials_json: '${{ secrets.GCP_CREDENTIALS }}'

      - name: 'Set up Cloud SDK'
        uses: 'google-github-actions/setup-gcloud@v2'

      - name: 'Use gcloud CLI'
        run: 'gcloud auth list --filter=status:ACTIVE --format="value(account)"'
        # [email protected]

We recommend pinning to the latest available major version:

- uses: 'google-github-actions/setup-gcloud@v2'

While this action attempts to follow semantic versioning, but we're ultimately human and sometimes make mistakes. To prevent accidental breaking changes, you can also pin to a specific version:

- uses: 'google-github-actions/[email protected]'

However, you will not get automatic security updates or new features without explicitly updating your version number. Note that we only publish MAJOR and MAJOR.MINOR.PATCH versions. There is not a floating alias for MAJOR.MINOR.