diff --git a/.github/workflows/pre-commit.yaml b/.github/workflows/pre-commit.yaml
index 38a2b64c..a52bf9e2 100644
--- a/.github/workflows/pre-commit.yaml
+++ b/.github/workflows/pre-commit.yaml
@@ -11,6 +11,10 @@ on:
 env:
  BRANCH: ${{ github.head_ref || github.ref_name }}
 
+concurrency:
+  group: pre-commit-check
+  cancel-in-progress: true
+
 jobs:
   pre-commit:
     runs-on: ubuntu-latest
diff --git a/infra/tools/gcloud/action.yaml b/infra/tools/gcloud/action.yaml
index fe405f70..36d1fdbb 100644
--- a/infra/tools/gcloud/action.yaml
+++ b/infra/tools/gcloud/action.yaml
@@ -52,15 +52,36 @@ inputs:
     description: "List of additional gcloud components to install"
     type: string
 
+  service_account:
+    required: false
+    description: "Service Account name for workload identity"
+    type: string
+    default: 'false'
+
+  workload_identity_provider:
+    required: false
+    description: "Workload identity provider"
+    type: string
+    default: 'false'
+
 runs:
   using: "composite"
   steps:
-    - name: Authenticate to Google Cloud
+    - name: Authenticate to Google Cloud with SA
+      if: "${{ inputs.workload_identity_provider == 'false' }}"
       uses: google-github-actions/auth@v2
       with:
         project_id: ${{ inputs.project_id }}
         credentials_json: ${{ inputs.credentials_json }}
 
+    - name: Authenticate to Google Cloud with Workload Identity
+      if: "${{ (inputs.workload_identity_provider != 'false') && (inputs.service_account != 'false') }}"
+      uses: google-github-actions/auth@v2
+      with:
+        project_id: ${{ inputs.project_id }}
+        workload_identity_provider: ${{ inputs.workload_identity_provider }}
+        service_account: ${{ inputs.service_account }}
+
     - name: Setup gcloud
       uses: google-github-actions/setup-gcloud@v2
       with: