From e7f51df566442cb02ab4f2f2e5a807003a5518af Mon Sep 17 00:00:00 2001 From: Jonathan Meyers Date: Tue, 21 Feb 2023 01:00:37 +0000 Subject: [PATCH] feat: cloud-sql-proxy 2.0.0 and metrics support (#212) --- catalog/sql/auth-proxy/README.md | 3 ++- catalog/sql/auth-proxy/daemonset.yaml | 5 ++--- catalog/sql/auth-proxy/iam.yaml | 16 ++++++++++++++++ 3 files changed, 20 insertions(+), 4 deletions(-) diff --git a/catalog/sql/auth-proxy/README.md b/catalog/sql/auth-proxy/README.md index 828ec626..15cb7dbf 100644 --- a/catalog/sql/auth-proxy/README.md +++ b/catalog/sql/auth-proxy/README.md @@ -13,7 +13,7 @@ Launch a Cloud SQL Auth proxy instance as a DaemonSet in Kubernetes | connection-name | example-connection | str | 1 | | daemonset-name | cloud-sql-auth-proxy | str | 4 | | namespace | default | str | 1 | -| project-id | | str | 2 | +| project-id | | str | 3 | | service-account-name | cloud-sql-proxy-sa | str | 2 | | service-name | cloud-sql-auth-proxy | str | 1 | | servie-account-name | cloud-sql-auth-proxy | str | 1 | @@ -29,6 +29,7 @@ This package has no sub-packages. |---------------------|-----------------------------------|-------------------|--------------------------------------|-----------| | daemonset.yaml | apps/v1 | DaemonSet | cloud-sql-auth-proxy | default | | iam.yaml | iam.cnrm.cloud.google.com/v1beta1 | IAMPolicyMember | iam-member-cloud-sql | default | +| iam.yaml | iam.cnrm.cloud.google.com/v1beta1 | IAMPolicyMember | iam-member-cloudsql-metrics | default | | iam.yaml | iam.cnrm.cloud.google.com/v1beta1 | IAMServiceAccount | cloud-sql-auth-proxy | default | | iam.yaml | iam.cnrm.cloud.google.com/v1beta1 | IAMPolicy | iampolicy-cloud-sql-workloadidentity | default | | service.yaml | v1 | Service | cloud-sql-auth-proxy | default | diff --git a/catalog/sql/auth-proxy/daemonset.yaml b/catalog/sql/auth-proxy/daemonset.yaml index 86951963..c30e049a 100644 --- a/catalog/sql/auth-proxy/daemonset.yaml +++ b/catalog/sql/auth-proxy/daemonset.yaml @@ -33,9 +33,8 @@ spec: serviceAccountName: cloud-sql-proxy-sa # kpt-set: ${service-account-name} containers: - name: gce-proxy - image: gcr.io/cloudsql-docker/gce-proxy:1.33.0 - command: ["/cloud_sql_proxy"] - args: ["-instances=$(CONNECTION_NAME)=tcp:0.0.0.0:5432", "-ip_address_types=PRIVATE", "-log_debug_stdout=true", "-verbose=false"] + image: gcr.io/cloud-sql-connectors/cloud-sql-proxy:2.0.0 + args: ["$(CONNECTION_NAME)", '--address=0.0.0.0', "--private-ip", "--structured-logs"] env: - name: CONNECTION_NAME value: "example-connection" # kpt-set: ${connection-name} diff --git a/catalog/sql/auth-proxy/iam.yaml b/catalog/sql/auth-proxy/iam.yaml index 19094934..7abb5355 100644 --- a/catalog/sql/auth-proxy/iam.yaml +++ b/catalog/sql/auth-proxy/iam.yaml @@ -28,6 +28,22 @@ spec: external: projects/example-project # kpt-set: projects/${project-id} --- apiVersion: iam.cnrm.cloud.google.com/v1beta1 +kind: IAMPolicyMember +metadata: + name: iam-member-cloudsql-metrics + namespace: default + annotations: + cnrm.cloud.google.com/blueprint: cnrm/sql/auth-proxy/v0.1.0 +spec: + memberFrom: + serviceAccountRef: + name: cloud-sql-auth-proxy + role: roles/monitoring.metricWriter + resourceRef: + kind: Project + external: projects/example-project # kpt-set: projects/${project-id} +--- +apiVersion: iam.cnrm.cloud.google.com/v1beta1 kind: IAMServiceAccount metadata: name: cloud-sql-auth-proxy