Q&A

What does SQL Proxy provide?

a secure way to access Cloud SQL instances without having to allowlist IP addresses or configure SSL.
Secure connections (automatic traffic encryption and SSL certification encryption) and easier connection management (automatic authentication)

App engine and other flexible environments have "built-in" proxy implementation, so you don't have to.

to download the proxy:

$ wget https://dl.google.com/cloudsql/cloud_sql_proxy.linux.amd64 -O cloud_sql_proxy

$ export GOOGLE_PROJECT=$(gcloud config get-value project)
$ MYSQL_DB_NAME=$(terraform output -json | jq -r '.instance_name.value')
$ MYSQL_CONN_NAME="${GOOGLE_PROJECT}:REGION:${MYSQL_DB_NAME}"

$ ./cloud-sql-proxy --port 3306 ${MYSQL_CONN_NAME} 

# Then use normal config to connect as if the database is at localhost:
$ mysql -udefault -p --host 127.0.0.1 default

Diff between cloud run services and cloud run jobs?

Purpose: services are for long-running web services; jobs are short-lived, one-time tasks
Trigger: services are triggered by HTTP requests; jobs are triggered by events and schedules
Statefullness: services are stateless; jobs can be stateful within a job execution
Scaling: automatic; automatic
Timeout: services have no timeouts; jobs timeout after 24 hours
Integration with GCP: services are integrated with other GCP services; jobs has less integrations