Setting up Cloud SQL (MySQL) - ProVR-Norway/ProvrBackend GitHub Wiki

Why Cloud SQL?

To host our MySQL database we used a Google Cloud service called Cloud SQL. This service helps us to ensure an extra layer of security, since only the microservices running on Cloud Run that have a connection to it, will be able to access its data. Likewise, it provides scalability, since its capacity can be automatically adjusted based on usage.

Security

All sensitive data for the database is stored as GitHub secrets. To find the values of these you will need to check the info about the Cloud SQL instance on Google Cloud.

Note: The host of the MySQL is set to the value under Private IP address. Do not use the public one!

Accessing the instance

Without enabling Public IP under the settings of the Cloud SQL instance, you will not be able to access the server without it happening through a service running on Cloud Run.

Note: The service running on Cloud Run will not be able to access the MySQL server unless it is connected to it! This happens in the GitHub Action workflow-file, but it can be done manually also (EDIT & DEPLOY NEW REVISION < CONNECTIONS < Cloud SQL connections).

When Public IP is enabled you will need to select your current IP Address. When your IP has been added, you can access the server through the Cloud Shell by using the following command: gcloud sql connect <NAME-OF-CLOUD-SQL-INSTANCE> -u <USERNAME-OF-THE-CLOUD-SQL-INSTANCE>

To make a connection to the Cloud SQL instance from Cloud Run you will need to make sure that they are both in the same region (e.g. us-west1). In addition, they will need to run on the same network in Google Cloud. In most cases this network will be called default.