A CLI app which establishes a connection to a private Google Cloud SQL instance and port-forwards it to a local machine.
Connection is established by running a Google Cloud SQL Auth Proxy pod in a Google Kubernetes Engine cluster which runs in the same VPC network as the private Cloud SQL instance. Connection is then port-forwarded to the local machine, where a user can connect to the instance on localhost. Corresponding workload identity has to be configured in the cluster, with service account which has Cloud SQL Client role on the given SQL instance. Configurations in the app can be saved for practical future usage.
The app relies on local gcloud and kubectl commands which have to be configured and authenticated with the proper Google Cloud user and GKE Kubernetes cluster.
Download a corresponding distribution from Releases and add
the executable to your PATH.
-
Install
gcloudtool -
Install
kubectltool -
Authenticate to Google Cloud:
gcloud auth login -
Get GKE cluster credentials:
gcloud container clusters get-credentials -
Configure workload identity in GKE namespace(s) and assign Cloud SQL Client role in IAM for Cloud SQL instances that you want to use
-
Enable Cloud SQL Admin API for project(s) that host Cloud SQL instances that you want to use:
gcloud services enable sqladmin.googleapis.com --project=$PROJECT
# Help
google-cloud-sql help
# Create (or override existing) configuration
google-cloud-sql configurations create
# Run configuration (interactive mode)
google-cloud-sql configurations run
# Run configuration (non-interactive mode)
google-cloud-sql configurations run $NAME
# HINT: Add alias
alias myDbProd="google-cloud-sql configurations run $NAME"
## Connect to the instance on localhost
psql -h localhost -p $LOCAL_PORT -U $USER
# Export configurations (and share :-])
cat $(google-cloud-sql configurations path)To deploy a new version of google-cloud-sql app, manually run a "Continuous Deployment" worklow in GitHub Actions.