Allow Bigquery Authentication via keyless auth.

[benedikt-buchert]

Hi thank you for maintaining this. To improve security I have the following suggestion:

Allow the authentication of the action via https://cloud.google.com/blog/products/identity-security/enabling-keyless-authentication-from-github-actions?hl=en

If this is already possible can you add documentation how to approach this?

[dejii]

This is possible with keyless authentication. In your profiles.yaml file, set the method to oauth.

bigquery:
  target: dev
  outputs:
    dev:
      type: bigquery
      method: oauth 
      project: project_id
      dataset: dataset_id
      location: US
      priority: interactive
      threads: 4

Use the dbt-action without passing the DBT_BIGQUERY_TOKEN env field.

 - name: dbt-action
      id: dbt-run
      uses: mwhitaker/dbt-action@master
      with:
        dbt_command: "dbt run --profiles-dir ."