TL;DR

Step 6 of the WIF via Service Account in the readme shows github actions workflow yaml that only has the pool ID. I could not get that to work, I had to add the service account line using the service_account attribute. This should be added.

Also, I could not get Direct WIF (preferred) to work.

Expected behavior

Code copy from direct method, after replacing placeholders, should work out of the box

Observed behavior

It does not work, for both the WIF methods. I got the 2nd WIF method to work by adding the service account ID to the with clause.

Action YAML

jobs:
  deploy:
    runs-on: ubuntu-latest
    permissions:
      id-token: write
    steps:
      - id: auth
        name: Authenticate to GCP
        uses: google-github-actions/auth@v2
        with:
          workload_identity_provider: projects/YOUR_PROJ_NUMBER/locations/global/workloadIdentityPools/github-actions-pool/providers/github-actions
          service_account: github-actions@YOUR_PROJ_ID.iam.gserviceaccount.com

Log output

No response

Additional information

No response