New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow Bigquery Authentication via keyless auth. #63

Open

benedikt-buchert opened this issue Apr 24, 2024 · 1 comment

benedikt-buchert commented Apr 24, 2024

Hi thank you for maintaining this. To improve security I have the following suggestion:

Allow the authentication of the action via https://cloud.google.com/blog/products/identity-security/enabling-keyless-authentication-from-github-actions?hl=en

If this is already possible can you add documentation how to approach this?

dejii commented Jan 22, 2025

This is possible with keyless authentication. In your profiles.yaml file, set the method to oauth.

bigquery:
  target: dev
  outputs:
    dev:
      type: bigquery
      method: oauth 
      project: project_id
      dataset: dataset_id
      location: US
      priority: interactive
      threads: 4

Use the dbt-action without passing the DBT_BIGQUERY_TOKEN env field.

 - name: dbt-action
      id: dbt-run
      uses: mwhitaker/dbt-action@master
      with:
        dbt_command: "dbt run --profiles-dir ."

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment