When working with GCP, configuration and secrets are key to ensuring connectivity to GCP as well as security. Learn how to configure your application leveraging the GCP library to make a connection to your Cloud SQL instance.
- [Instructor] Our application has imported two dependencies focused on managing databases. Spring Java persistence API, or JPA and spring cloud SQL. However, our application is not configured to communicate with the database we created just yet which we'll do in this video. Application that properties file allows us to configure fields specifically associated with spring cloud SQL and JPA. In order to find these values, you will have to use the GCP console. On line one, we have to specify the GCP project ID since there can be multiple projects. We want our app to connect to only one specific project. We can find this project ID in the GCP console from the project's dashboard and the project's enforce section in this top left. You can get to this page by clicking on the project selector at the top and clicking on the project's name. We've narrowed down how our app is talking to a specific project. We now need to narrow its connectivity to a specific instance within that project. Which we will do on line two. We can find the instance connection name by going to the SQL dashboard. From here on our GCP console, we can slide over and see the instance connection name and the table. This instance connection name consists of the project ID, the region in which the instance exists and the name of the instance itself. On line three, we want to narrow our focus to a specific database in our instance by providing the database name. We can find this value by clicking into the instance on the GCP console, clicking databases and copying the name of the database listed here. For lines five and six, we have to provide the username and password that we used when creating the database. This allows our app to authenticate itself specifically with the database. You can find the username, from the SQL dashboard by clicking on users in the left navigation menu and finding the username here. If you forgotten the password for your user you can click on the three dots and change the password. A note on security here, you should never commit your password to your git repo which I'm doing here. You should, instead use secrets or environment variables. Do as I say, and not as I do. On line eight, this will point to the location of the credentials our app needs to authenticate itself with GCP. We the humans are able to use the GCP console because we are logged in. We need credentials for our app to do the same. We can create the credentials file by clicking on the three lines to go back to the navigation menu. Highlighting I am an admin and selecting service accounts. Service accounts are basically accounts for any non-human interactor with our GCP resources like our app. We want to select create service account at the top and provide a useful service name so that we can remember what this account is doing. We then want to provide a role for our user. This provides the minimum permissions required for connecting to our database in the cloud SQL client. We will skip this section on configuring other users within organization to be able to use the service account for now. GCP has great documentation on how you can use this with your team or company. From our service accounts dashboard, We can click on the three dots on the right under actions and hit create key. We want to download this key as a Jason file and download this into a location we can remember. Now that we have that file and we know where it exists, we have to be sure to update line eight in our application the properties file. The last value in this file is generate -ddl for spring JPA. When this value is true, this tells JPA to evaluate the structure of our puzzle entity and use that to create the table and the columns necessary in our database, when our application boots up. There is one more thing that we have to do from our GCP console. We need to activate the specific API that our application will use to communicate with GCP for cloud SQL. We can go back to the navigation bar, go to APIs and services and hit library. We want to find the cloud SQL admin API and enable that. With these configurations our app can now talk to our spring GCP cloud database, but we're missing one thing. Our controller is not currently using our puzzle repository interface which is what we need to use in order to interact with our database.