diff --git a/templates/gitlab-ci-k8s-gcp.yml b/templates/gitlab-ci-k8s-gcp.yml
index 08e370ed269d3517213dedfeae4faf7d84246324..5a1669dfff56b0fdf6bbdcbe8cb0b264907ffb3c 100644
--- a/templates/gitlab-ci-k8s-gcp.yml
+++ b/templates/gitlab-ci-k8s-gcp.yml
@@ -57,42 +57,46 @@ variables:
   K8S_KUBECTL_IMAGE: $[[ inputs.kubectl-image ]]
 
 .k8s-gcp-adc:
-  - echo "Installing GCP authentication with env GOOGLE_APPLICATION_CREDENTIALS file"
-  - echo $GCP_JWT > "$CI_BUILDS_DIR/.auth_token.jwt"
-  - |-
-    if [[ "$ENV_TYPE" ]]
+  - |
+    if [[ "$GCP_JWT" ]]
     then
-      case "$ENV_TYPE" in
-      review*)
-        env_prefix=REVIEW;;
-      integ*)
-        env_prefix=INTEG;;
-      staging*)
-        env_prefix=STAGING;;
-      prod*)
-        env_prefix=PROD;;
-      *)
-        ;;
-      esac
-      env_oidc_provider=$(eval echo "\$GCP_${env_prefix}_OIDC_PROVIDER")
-      env_oidc_account=$(eval echo "\$GCP_${env_prefix}_OIDC_ACCOUNT")
-    fi
-    oidc_provider="${env_oidc_provider:-$GCP_OIDC_PROVIDER}"
-    oidc_account="${env_oidc_account:-$GCP_OIDC_ACCOUNT}"
-  - |-
-    cat << EOF > "$CI_BUILDS_DIR/google_application_credentials.json"
-    {
-      "type": "external_account",
-      "audience": "//iam.googleapis.com/${oidc_provider}",
-      "subject_token_type": "urn:ietf:params:oauth:token-type:jwt",
-      "token_url": "https://sts.googleapis.com/v1/token",
-      "credential_source": {
-        "file": "$CI_BUILDS_DIR/.auth_token.jwt"
-      },
-      "service_account_impersonation_url": "https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/${oidc_account}:generateAccessToken"
-    }
+      echo "Installing GCP authentication with env GOOGLE_APPLICATION_CREDENTIALS file"
+      echo $GCP_JWT > "$CI_BUILDS_DIR/.auth_token.jwt"
+      if [[ "$ENV_TYPE" ]]
+      then
+        case "$ENV_TYPE" in
+        review*)
+          env_prefix=REVIEW;;
+        integ*)
+          env_prefix=INTEG;;
+        staging*)
+          env_prefix=STAGING;;
+        prod*)
+          env_prefix=PROD;;
+        *)
+          ;;
+        esac
+        env_oidc_provider=$(eval echo "\$GCP_${env_prefix}_OIDC_PROVIDER")
+        env_oidc_account=$(eval echo "\$GCP_${env_prefix}_OIDC_ACCOUNT")
+      fi
+      oidc_provider="${env_oidc_provider:-$GCP_OIDC_PROVIDER}"
+      oidc_account="${env_oidc_account:-$GCP_OIDC_ACCOUNT}"
+      cat << EOF > "$CI_BUILDS_DIR/google_application_credentials.json"
+      {
+        "type": "external_account",
+        "audience": "//iam.googleapis.com/${oidc_provider}",
+        "subject_token_type": "urn:ietf:params:oauth:token-type:jwt",
+        "token_url": "https://sts.googleapis.com/v1/token",
+        "credential_source": {
+          "file": "$CI_BUILDS_DIR/.auth_token.jwt"
+        },
+        "service_account_impersonation_url": "https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/${oidc_account}:generateAccessToken"
+      }
     EOF
-  - export GOOGLE_APPLICATION_CREDENTIALS="$CI_BUILDS_DIR/google_application_credentials.json"
+      export GOOGLE_APPLICATION_CREDENTIALS="$CI_BUILDS_DIR/google_application_credentials.json"
+    else
+      echo '[WARN] $GCP_JWT is not set: cannot setup Application Default Credentials (ADC) authentication'
+    fi
 
 .k8s-deploy:
   id_tokens: