-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support PostgreSQL Databases #437
Conversation
Co-authored-by: Raphael Santo Domingo <[email protected]>
dsn = fmt.Sprintf( | ||
// sslmode is disabled because the alloy db connection dialer will handle it | ||
// no password is used with IAM | ||
"user=%s dbname=%s sslmode=disable", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there a reason we format a DSN here but for vanilla postgres use their URI syntax?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Either should work. I just preferred the key=value
syntax when not giving a server (since thats handled by the alloydbconn
library when connecting to a hosted AlloyDB instance)
Adds support for PostgreSQL:
alloydbomni
containergencerts.sh
to create certs used in local server config and client tests to enable TLS testspgx
Local testing can be done against a
alloydbomni
container, which uses the same database engine as hosted AlloyDB, using a normal postgres connection. Connections with a alloydb-go-connector need a GCP AlloyDB instance to connect to. However both connection methods use the same database driver. This means our local testing of business logic and its sql queries use the same database driver and engine as higher environments, and only the connection method will differ between environments.Tested with alloybd-go-connector successfully using hosted AlloyDB instance for both IAM and native db login.
TODOs:
alloydbconn.NewDialer
NOTE:
pg_hba.conf
to require client certs withhostssl all all all scram-sha-256 clientcert=verify-full
but not automated to do that