deploy action/workflow: setup and opt-in to use gke auth plugin

.github/actions/setup-deploy/action.yaml

@@ -88,6 +88,27 @@ runs:
       with:
         version: v3.7.2
 
+    # Install pre-requisite for "gcloud container clusters get-credentials"
+    # command with a modern k8s client.
+    #
+    # A manual install step has been needed as they opted to not provide it in
+    # the github-runner image. See
+    # https://github.com/actions/runner-images/issues/5925#issuecomment-1216417721.
+    #
+    # Snippet based on
+    # https://github.com/actions/runner-images/blob/9753e7301e19e29b89b0622b811bbb9b3891d02e/images/linux/scripts/installers/google-cloud-sdk.sh#L9-L13.
+    #
+    - name: Install gke-gcloud-auth-plugin
+      if: inputs.provider == 'gcp'
+      run: |
+        REPO_URL="https://packages.cloud.google.com/apt"
+        echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] $REPO_URL cloud-sdk main" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list >/dev/null
+        sudo wget -q https://packages.cloud.google.com/apt/doc/apt-key.gpg -O /usr/share/keyrings/cloud.google.gpg
+
+        sudo apt-get update -y
+        sudo apt-get install -y google-cloud-sdk-gke-gcloud-auth-plugin
+      shell: bash
+
     - name: Setup sops credentials to decrypt repo secrets
       uses: google-github-actions/auth@v1
       with:

.github/workflows/deploy-hubs.yaml

@@ -36,6 +36,9 @@ concurrency: deploy
 # GitHug Actions logs for easy reading
 env:
   TERM: xterm
+  # This may not be required any more, and it may depend on the kubectl version
+  # we use etc as well. For now, we have it added to avoid issues.
+  USE_GKE_GCLOUD_AUTH_PLUGIN: "True"
 
 jobs:
   # This job runs in Pull Requests and on pushes to the default branch. It identifies