Skip to content

Enforce database permissions, data masking with Bytebase API and GitHub Actions.

Notifications You must be signed in to change notification settings

bytebase/database-security-github-actions-example

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

94 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Database Security GitHub Actions Example

This directory demonstrates how to use Bytebase API and GitHub Actions to configure data security related features. You can refer this example to build a GitOps solution to codify all data security policies.

This example shows a typical directory structure:

  1. principal. Users, groups.
  2. iam. Roles, Query, and Export permission settings.
  3. masking. Dynamic data masking.

If you are familiar with Google Cloud Platform (GCP), you may notice the Bytebase model is quite familiar:

  1. GCP Project
  2. GCP IAM
  3. GCP Org policy

Fetch the access token with service account

To call the Bytebase API, you need to use the service account

Doc: https://www.bytebase.com/docs/api/authentication/

export bytebase_url=http://localhost:5678
bytebase_account="[email protected]"
bytebase_password="bbs_QUYgvZaOsI2Hlal3a7k4"
bytebase_token=$(curl -v ${bytebase_url}/v1/auth/login \
    --data-raw '{"email":"'${bytebase_account}'","password":"'${bytebase_password}'","web":true}' \
    --compressed 2>&1 | grep token | grep -o 'access-token=[^;]*;' | grep -o '[^;]*' | sed 's/access-token=//g; s/;//g')
echo $bytebase_token

About

Enforce database permissions, data masking with Bytebase API and GitHub Actions.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •