Microg is not an option as it requires signature spoofing, which requires security to broken in various ways. Forces rooting the device or running Xposed, or applying dodgy kernel hacks and prevents using verified boot, which is a sensible security requirement.