Skip to main content

skyhook onboard github

Set up GitHub Actions authentication with your cloud provider

Synopsis

Configure OIDC trust between GitHub Actions and your cloud provider. This enables GitHub Actions workflows to securely authenticate with AWS/GCP without storing long-lived credentials. The setup creates: AWS: OIDC Identity Provider + IAM Role GCP: Workload Identity Federation + Service Account The CLI can either:
  1. Run cloud CLI commands directly (requires gcloud/aws CLI)
  2. Generate a CloudFormation/Terraform template for manual deployment
Full documentation: https://docs.skyhook.io/infrastructure/cicd-setup/github-oidc 
skyhook onboard github [flags]

Examples

  skyhook onboard github                    # Interactive setup
  skyhook onboard github --cloud gcp        # GCP-specific setup
  skyhook onboard github --template-only    # Just generate template

Options

      --cloud string        Cloud provider (gcp, aws)
      --dry-run             Show what would be done
      --github-org string   GitHub organization (auto-detected from git remote)
  -h, --help                help for github
      --repo string         GitHub repository for infrastructure (optional)
      --template-only       Generate template without executing

Options inherited from parent commands

      --debug        Enable debug mode (shows full API requests/responses)
  -o, --org string   Organization name
  -v, --verbose      Enable user-friendly verbose output

SEE ALSO