The docker container contains cloud CLIs needed for interacting with the various clouds.
When using external postgres in Google Cloud, we default to using Google Cloud SQL proxy. For security the setup is via a workload identity configuration. This requires the following vars to be set:
Name of the SQL cluster connection, as listed in the Google Cloud console.
Name of service account in Google Cloud that has the cloudsql.admin role. This account will be mapped to a Kubernetes service account, thus granting the SQL proxy access, via workload identity, to the SQL server.
Name of service account in Google Cloud that has the iam.serviceAccountAdmin role. This account will be used to setting up the sql proxy's Google service account mapping to the kubernetes service account
Path to the <V4_CFG_CLOUD_SERVICE_ACCOUNT_NAME> service account's keys