cc9f4fe692
The Cloud SQL Proxy container needs to mount the cloud-sql-proxy service account key as a file so it can connect to the db. I was incorrectly setting the permissions on this file to 400. Inside the container, the proxy binary is being run by the `nonroot` user. This user has a different uid compared to the user running `docker` outside the container, so it can't read the file. The solution is to change the permissions on the key to 444, so it's readable by `nonroot`.
1.6 KiB
1.6 KiB