Giters

nektos / act

Run your GitHub Actions locally 🚀

Home Page:https://nektosact.com

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Make GCP Workload Identity work with act

RS185734 opened this issue · comments

commented

Act version

0.2.60

Feature description

GCP Recommends not to use a Service account, and we are trying to implement workload identity.

    steps:
      - uses: actions/checkout@v4
      - name: "Authenticate to Google Cloud"
        uses: "google-github-actions/auth@v2"
        with:
          workload_identity_provider: "projects/some/locations/global/workloadIdentityPools/some-gh-pool/providers/some-gh-provider"
          service_account: "sa_name@project.iam.gserviceaccount.com"

the process works well in Github action but in act I see

[GCP - Rocky 8/GCP-VM-DEPLOY]   ❗  ::error::google-github-actions/auth failed with: gitHub Actions did not inject $ACTIONS_ID_TOKEN_REQUEST_TOKEN or $ACTIONS_ID_TOKEN_REQUEST_URL into this job. This most likely means the GitHub Actions workflow permissions are incorrect, or this job is being run from a fork. For more information, please see https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token

am I missing some variables ?