bq component fails when using Workload Identity Federation through /auth
pramod-prabhakar-kapase-db opened this issue · comments
TL;DR
We are trying to create Bigquery Snapshot with bq command in Github workflow.
We authenticated service account via Workload Identity Federation
We also did gcloud setup
but when we try to run bq cp --snapshot, we are getting below error -
ERROR: (bq) Your current active account [SA Account] does not have any valid credentials
Expected behavior
bq command should run seamless without issue
Observed behavior
ERROR: (bq) Your current active account [SA Account] does not have any valid credentials
Action YAML
jobs:
py-dataflow:
name: Create BQ Snapshot
steps:
- name: checkout code
uses: actions/checkout@v3
- name: Add Env
shell: bash
run: |
export CLOUDSDK_PYTHON_SITEPACKAGES=1
- name: GCP Auth
uses: google-github-actions/auth@v1
with:
workload_identity_provider:
service_account: SA
export_environment_variables: true
create_credentials_file: true
- name: Authenticate on GCP
uses: google-github-actions/setup-gcloud@v1
with:
service_account_email: SA
export_default_credentials: true
cleanup_credentials: false
- name: Create BQ Table Snapshot
shell: bash
run: |
echo "Creating Snapshot.."
gcloud auth list
gcloud init
bq cp \
--snapshot \
--no_clobber \
--expiration=86400 \
TABLE \
TABLE_SNAP_08_07_2023
echo "done.."
Log output
No response
Additional information
No response
Hi there - could you please provide the debug output for the complete GitHub Actions workflow run?