search

magda-io / magda

A federated, open-source data catalog for all your big data and small data
https://magda.io
Apache License 2.0
496 stars 93 forks source link

Allow to specify service account for cloud sql proxy pod #3473

Closed t83714 closed 1 year ago

t83714 commented 1 year ago

Allow to specify service account for cloud SQL pod

In v1, when -enable_iam_login (or auto-iam-authn for v2) is on, cloud SQL proxy can connect to Cloud SQL without GCP service account credential (e.g. json key file).

See details here: https://cloud.google.com/sql/docs/postgres/connect-instance-kubernetes

However, we need to specify the k8s service account that runs the pod for this case.

The current helm template doesn't support it yet.

This ticket was about adding support of config the service account that run the cloud SQL proxy pods.

t83714 commented 1 year ago

closed via PR: https://github.com/magda-io/magda/pull/3474