The first thing to do would be to go to the actions and look at the build log and specifically at the failed step (which most likely is going to be function deploying). Look at the error, good chance it is going to tell you what exactly went wrong.
If I had to make an educated guess, I'd say your service account doesn't have enough permissions (mine was setup with two - Cloud Functions Developer role and Service Account User) or the way you deploy the function isn't correct. I see that you are not exporting default credentials when you setup gcloud sdk, is there a reason for that?
Picture worth a thousand words - I've created a simple repo, where I have the most basic (default) python function that I deploy to GCF. Check it out, this should be enough to get you started.
UPDATE:
In case I decide to delete the repo one day, I am going to include the build yaml in here as well:
# This is a basic workflow to help you get started with Actions
name: CI
# Controls when the action will run.
on:
# Triggers the workflow on push or pull request events but only for the main branch
push:
branches: [ main ]
pull_request:
branches: [ main ]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
build:
# The type of runner that the job will run on
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v2
- name: Set up gcloud Cloud SDK environment
# You may pin to the exact commit or the version.
# uses: google-github-actions/setup-gcloud@94337306dda8180d967a56932ceb4ddcf01edae7
uses: google-github-actions/[email protected]
with:
# Service account email address to use for authentication. This is required
# for legacy .p12 keys but can be omitted for .json keys. This is usually of
# the format <name>@<project-id>.iam.gserviceaccount.com.
service_account_email: ${{ secrets.SERVICE_ACCOUNT_EMAIL }} # optional
# Service account key to use for authentication. This should be the JSON
# formatted private key which can be exported from the Cloud Console. The
# value can be raw or base64-encoded.
service_account_key: ${{ secrets.SERVICE_ACCOUNT_KEY }} # optional
# ID of the Google Cloud project. If provided, this will configure gcloud to
# use this project ID by default for commands. Individual commands can still
# override the project using the --project flag which takes precedence.
project_id: ${{ secrets.PROJECT_ID }} # optional
# Export the provided credentials as Google Default Application Credentials.
# This will make the credentials available to later steps via the
# GOOGLE_APPLICATION_CREDENTIALS environment variable. Future steps that
# consume Default Application Credentials will automatically detect and use
# these credentials.
export_default_credentials: true # optional
# Runs a single command using the runners shell
- name: Deploy the function
run: gcloud functions deploy myfunc --trigger-http --runtime=python39
CICube
cicube.io › home › workflow hub › how to configure google cloud sdk in github action?
How to Configure Google Cloud SDK in GitHub Action? - Workflow Hub - CI Cube
May 10, 2024 - 🤖Meet the First AI DevOps Agent for GitHub Actions – Detect, Analyze, Fix!Save up to $132K/month in CI costs!Try Free→ ... name: 'Usage of Google Cloud SDK in GitHub Action' on: push: branches: - main jobs: deploy: permissions: contents: 'read' id-token: 'write' runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - id: 'auth' uses: 'google-github-actions/auth@v2' with: workload_identity_provider: 'projects/123/locations/global/workloadIdentityPools/pool/providers' service_account: '[email protected]' - name: 'Set up Cloud SDK' uses: 'google-github-actions/setup-gcloud@v2' with: version: '>= 363.0.0' - name: 'Use gcloud CLI' run: 'gcloud info'
Github actions to google cloud run takes about 7 mins. Is that normal?
I haven't worked with these particular GitHub Actions myself, but two things that you could try: Looking at google-github-actions/setup-gcloud, the latest version appears to be v2.1.1. ( https://github.com/google-github-actions/setup-gcloud/tags ). Perhaps it is worth trying v2.1.1 rather than v0.2.1 which is 3+ years old. Potentially, there are speed improvements there. For the Docker container building process, you'd have to review the Dockerfile and see whether you can perform any optimizations. Can you remove unnecessary dependencies? Can you utilize multi-stage builds to decrease the image size? ( https://docs.docker.com/build/building/multi-stage/ ) More on reddit.com
9
9
October 1, 2024Github Actions | google cloud authentication - Stack Overflow
I am building a github actions workflow and I am failing to authenticate into google cloud. I get the following error : google-github-actions/auth failed with: failed to parse service account key J... More on stackoverflow.com
google-github-actions/auth@v2 Cannot Parse Google Service Account Key From Secret Manager
Hello! I am building an expo app and at this point I have a yml file for my pipeline which builds eas successfully, but upon submission, I get an error of eas submit seeing my pub/priv key which is part of the Google Se… More on googlecloudcommunity.com
0
0
October 1, 2024Google Sheets credentials in GitHub Actions Environment
I found a really simple way to do it, you can find it in this GitHub repository. The docs in README teach many ways to make it using the google-github-actions/auth action to connect it. As advice, i can suggest to use a google cloud service account, get the token file, “compress” it into ... More on googlecloudcommunity.com
1
0
October 19, 2023Videos
11:33
How to use Github Actions with Google's Workload Identity Federation ...
04:44
Automate Deployments to GCP ☁️ Cloud Run 🏃 with GitHub Actions ...
23:19
Build and deploy to Cloud Run using GitHub Action - YouTube
15:20
5 ways to automate everyday workflows with GitHub Actions - YouTube
25:40
How to Setup Google Cloud Workload Identity Federation for GitHub ...
10:57
How to deploy Cloud Run services with GitHub Actions - YouTube
Reddit
reddit.com › r/googlecloud › how do you handle google cloud creds in github actions?
r/googlecloud on Reddit: How do you handle Google cloud creds in GitHub Actions?
December 7, 2021 -
I've recently been working on a new set of composable GitHub actions to run the open source Infracost project in CI/CD pipelines. For AWS, I see users using https://github.com/aws-actions/configure-aws-credentials to setup their creds (Terraform then uses those).
How do Google cloud users setup their creds with GitHub Actions? Do people usually just use the env variables that the Terraform docs suggests? Does anyone use https://github.com/google-github-actions/auth with Terraform?
Google Cloud
cloud.google.com › blog › topics › developers-practitioners › deploying-serverless-platforms-github-actions
Deploying to serverless platforms with GitHub Actions | Google Cloud Blog
December 15, 2020 - Serverless applications are quick and easy to spin up, but a system for continuous integration and continuous delivery (CI/CD) is key for long-term operability. However, CI/CD systems tend to be known for their complexity, so GitHub Actions aim to reduce the overhead by abstracting away the test infrastructure and creating a developer-centric CI/CD system.
GitHub
githubstatus.com
GitHub Status
Visit www.githubstatus.com for more information Operational · API Requests ? Operational · 90 days ago · 99.92 % uptime · Today · Issues ? Operational · 90 days ago · 99.68 % uptime · Today · Pull Requests ? Operational · 90 days ago · 99.65 % uptime · Today · Actions ?
Google
google.github.io › adk-docs › integrations
Tools and Integrations for Agents - Agent Development Kit (ADK)
Filter: All Code Connectors Data Google MCP Observability Resilience Search · Generate rich, structured UIs from your agents using the Agent-to-UI protocol · Build interactive chat UIs with streaming, state sync, and agentic actions
GitHub
docs.github.com › en › enterprise-server@3.17 › admin › managing-github-actions-for-your-enterprise › enabling-github-actions-for-github-enterprise-server › enabling-github-actions-with-google-cloud-storage
Enabling GitHub Actions with Google Cloud Storage - GitHub Enterprise Server 3.17 Docs
Under "GitHub Actions", select Enable GitHub Actions. Under "Artifact & Log Storage", next to "Google Cloud Storage", click Setup.
Stepsecurity
stepsecurity.io › blog › hackerbot-claw-github-actions-exploitation
hackerbot-claw: An AI-Powered Bot Actively Exploiting GitHub Actions - Microsoft, DataDog, and CNCF Projects Hit So Far - StepSecurity
February 20, 2026 - Aqua Security's Trivy is one of the most widely used open source vulnerability scanners, with 25k+ stars on GitHub and embedded in CI/CD pipelines across thousands of organizations. A cached Google search result reveals that hackerbot-claw triggered a workflow run in this repository — and the aftermath suggests the attacker may have gained far more access than in any other target.
Boer
boer.dev › blog › deploying-google-cloud-functions-using-github-actions
Deploying google cloud functions using Github actions
Lastly, time to deploy the app. Github will run our deployment script as soon as we push a new commit to our repository, let’s do that. Head over to your github repository → actions.
GitHub
github.com › google-github-actions
Google GitHub Actions · GitHub
A GitHub Action for authenticating to Google Cloud.
Google Cloud
cloud.google.com › blog › products › devops-sre › using-github-actions-with-google-cloud-deploy
Using GitHub Actions with Google Cloud Deploy | Google Cloud Blog
May 9, 2023 - First, we will use the checkout and auth actions to check out the repository and authenticate to Google Cloud. Note that Workload Identity Federation with OAuth is used to avoid exporting powerful credentials outside Google Cloud itself: ... Next, we’ll use another Google GitHub Action, gcloud-setup, to install and configure the Google Cloud SDK, and configure Docker to use Google Cloud Artifact Registry to store the built images:
GitHub
docs.github.com › en › actions
GitHub Actions documentation - GitHub Docs
Automate, customize, and execute your software development workflows right in your repository with GitHub Actions. You can discover, create, and share actions to perform any job you'd like, including CI/CD, and combine actions in a completely ...
Reddit
reddit.com › r/devops › github actions to google cloud run takes about 7 mins. is that normal?
r/devops on Reddit: Github actions to google cloud run takes about 7 mins. Is that normal?
October 1, 2024 -
Hi everyone, am new to ci/cd and am trying to automate a deployment of an api (written in nodejs) and deploy it as a Google Cloud Run upon a commit made to GitHub "main" branch.
Currently am using the below script for the requirement and running on GitHub Actions. However it seems to be taking approximately 7 mins in total (3.5 mins to 'setup Google Cloud SDK' & 3.5 min to 'build and push container' ) for the workflow to complete running.
Am wondering if that is normal or is there anyway to reduce the time taken to run it?
jobs: deploy: runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Setup Google Cloud SDK
uses: google-github-actions/setup-gcloud@v0.2.1
with:
project_id: ${{ secrets.GCP_PROJECT_ID }}
service_account_key: ${{ secrets.GCP_SA_KEY }}
export_default_credentials: true
- name: Authorize Docker push
run: gcloud auth configure-docker
- name: Build and Push Container
run: |-
gcloud builds submit --gcs-log-dir $BUILD_LOGS_BUCKET --tag gcr.io/$PROJECT_ID/$SERVICE_NAME:${{ github.sha }}
- name: Deploy to Cloud Run
run: |-
gcloud run deploy $SERVICE_NAME \
--region $REGION \
--image gcr.io/$PROJECT_ID/$SERVICE_NAME:${{ github.sha }} \
--platform managed \
--allow-unauthenticated Top answer 1 of 4
11
I haven't worked with these particular GitHub Actions myself, but two things that you could try: Looking at google-github-actions/setup-gcloud, the latest version appears to be v2.1.1. ( https://github.com/google-github-actions/setup-gcloud/tags ). Perhaps it is worth trying v2.1.1 rather than v0.2.1 which is 3+ years old. Potentially, there are speed improvements there. For the Docker container building process, you'd have to review the Dockerfile and see whether you can perform any optimizations. Can you remove unnecessary dependencies? Can you utilize multi-stage builds to decrease the image size? ( https://docs.docker.com/build/building/multi-stage/ )
2 of 4
3
This should be helpful Optimize SDK Setup (Target: Under 1 minute) Caching Google Cloud SDK: By caching the SDK, you avoid downloading and installing it every time. name: Cache Google Cloud SDK uses: actions/cache@v3 with: path: /opt/hostedtoolcache/gcloud key: ${{ runner.os }}-gcloud-${{ hashFiles('**/yarn.lock') }} restore-keys: | ${{ runner.os }}-gcloud- Prebuilt Image: Use a prebuilt Docker image that already includes the Google Cloud SDK. This avoids the installation time altogether: runs-on: ubuntu-latest container: image: google/cloud-sdk:latest ==> This skips the SDK setup step, bringing the time down significantly. 2. Speed Up Docker Build and Push (Target: 1-1.5 minutes) Layer Caching in Google Cloud Build: Enable caching in Cloud Build by adding caching flags when submitting the build: name: Build and Push Container with Cache run: | gcloud builds submit --gcs-log-dir $BUILD_LOGS_BUCKET --tag gcr.io/$PROJECT_ID/$SERVICE_NAME:${{ github.sha }} --cache="true" Optimize Dockerfile: Use lightweight base images like node:alpine. Minimize the number of layers in the Dockerfile by combining commands where possible. Use multi-stage builds to reduce final image size if necessary. FROM node:alpine AS builder WORKDIR /app COPY . . RUN npm install RUN npm run build FROM node:alpine WORKDIR /app COPY --from=builder /app . CMD ["npm", "start"] Use Pre-built or Smaller Images: If you have a very static application, use a pre-built image for certain layers or choose a smaller, optimized image to reduce build time. Faster Deployment to Cloud Run (Target: Under 1 minute) Use Smaller Container Images: By reducing your image size (through the steps above), you can push and deploy much faster. Split the Build and Deploy Steps: If the build is more expensive in time than the deployment, you could potentially parallelize these steps or split them across different actions: name: Deploy to Cloud Run run: | gcloud run deploy $SERVICE_NAME --region $REGION --image gcr.io/$PROJECT_ID/$SERVICE_NAME:${{ github.sha }} --platform managed --allow-unauthenticated --no-traffic Parallelize Docker Push and Deployment: You might be able to parallelize certain tasks such as authorization and deployment to shave off time. Final Optimized Workflow: Here’s a consolidated view of what the GitHub Action might look like after optimization: jobs: deploy: runs-on: ubuntu-latest container: image: google/cloud-sdk:latest steps: - name: Checkout code uses: actions/checkout@v3 - name: Authorize Docker push run: gcloud auth configure-docker - name: Build and Push Container with Cache run: | gcloud builds submit \ --gcs-log-dir $BUILD_LOGS_BUCKET \ --tag gcr.io/$PROJECT_ID/$SERVICE_NAME:${{ github.sha }} \ --cache="true" - name: Deploy to Cloud Run run: | gcloud run deploy $SERVICE_NAME \ --region $REGION \ --image gcr.io/$PROJECT_ID/$SERVICE_NAME:${{ github.sha }} \ --platform managed \ --allow-unauthenticated With these optimizations, it’s possible to reduce the runtime to around 3 minutes, but the exact time might vary depending on network conditions, container complexity, and caching effectiveness.
Google
blog.google › technology › developers › introducing-gemini-cli-github-actions
Meet your new AI coding teammate: Gemini CLI GitHub Actions
August 6, 2025 - It’s a no-cost, powerful AI coding teammate for your repository. It acts both as an autonomous agent for critical routine coding tasks, and an on-demand collaborator you can quickly delegate work to.
GitHub
docs.github.com › en › actions › how-tos › security-for-github-actions › security-hardening-your-deployments › configuring-openid-connect-in-google-cloud-platform
Configuring OpenID Connect in Google Cloud Platform - GitHub Docs
# This workflow uses actions that are not certified by GitHub. # They are provided by a third-party and are governed by # separate terms of service, privacy policy, and support # documentation. name: List services in GCP on: pull_request: branches: - main permissions: id-token: write jobs: Get_OIDC_ID_token: runs-on: ubuntu-latest steps: - id: 'auth' name: 'Authenticate to GCP' uses: 'google-github-actions/auth@f1e2d3c4b5a6f7e8d9c0b1a2c3d4e5f6a7b8c9d0' with: create_credentials_file: 'true' workload_identity_provider: 'WORKLOAD-IDENTITY-PROVIDER' service_account: 'SERVICE-ACCOUNT' - id: 'gcloud' name: 'gcloud' run: |- gcloud auth login --brief --cred-file="${{ steps.auth.outputs.credentials_file_path }}" gcloud services list
Google Cloud
googlecloudcommunity.com › google cloud › serverless applications
google-github-actions/auth@v2 Cannot Parse Google Service Account Key From Secret Manager - #2 by David-French - Serverless Applications - Google Developer forums
October 1, 2024 - Here are a few things to try, if you’re trying to authenticate using a service account key that’s stored as a secret in your GitHub repo. Can you confirm that your service account key is stored in a GitHub Actions secret within your GitHub repo in the following format?
Google Cloud
cloud.google.com › blog › products › devops-sre › deploy-to-cloud-run-with-github-actions
Deploy to Cloud Run with GitHub Actions | Google Cloud Blog
September 28, 2023 - How to use github actions to deploy on Google Cloud Run, a helpful integration.
Google Developer forums
googlecloudcommunity.com › google cloud › compute infrastructure
Google Sheets credentials in GitHub Actions Environment - #2 by anonymous - Compute Infrastructure - Google Developer forums
October 19, 2023 - I found a really simple way to do it, you can find it in this GitHub repository. The docs in README teach many ways to make it using the google-github-actions/auth action to connect it. As advice, i can suggest to use a google cloud service account, get the token file, “compress” it into a one line string and set it on your GitHub Secrets, and then in your code you can parse it to json, using as parameter of the following method: from google.oauth2 import service_account self.__credentials =...
GitHub
github.com › marketplace › actions › authenticate-to-google-cloud
Authenticate to Google Cloud · Actions · GitHub Marketplace · GitHub
Authenticate to Google Cloud from GitHub Actions via Workload Identity Federation or service account keys