-
Notifications
You must be signed in to change notification settings - Fork 0
40 lines (39 loc) · 1.96 KB
/
monitor-ecommerce.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
name: Monitor Ecommerce DB
on:
workflow_dispatch:
schedule:
- cron: '0 9,16 * * 0-4' # Runs at 9 AM and 4 PM (UTC) on Sunday to Thursday
jobs:
monitor:
runs-on: ubuntu-latest
steps:
# This is a public repository to showcase how a GitHub action can be used to monitor schema changes.
# This action runs on a schedule to check if the schema of the ecommerce database has changed.
# The first few steps are done to hide sensitive information like database credentials from the logs.
- name: Add AWS Profile
run: |
aws configure set aws_access_key_id ${{ secrets.AWS_SANDBOX_DEPLOYER_KEY_ID }} --profile sandbox
aws configure set aws_secret_access_key ${{ secrets.AWS_SANDBOX_SECRET_SECRET_KEY }} --profile sandbox
aws configure set region us-east-1 --profile sandbox
- name: Read AWS Secret
id: secrets
run: |
SECRET_STRING=$(aws secretsmanager get-secret-value --secret-id aurora-mysql --profile sandbox | jq -rc '.SecretString')
for key in $(echo $SECRET_STRING | jq -r 'keys[]'); do
SECRET=$(echo $SECRET_STRING | jq -r ".$key")
echo "::add-mask::$SECRET"
echo "$key=$SECRET" >> $GITHUB_OUTPUT
done
- name: Install socat
run: sudo apt-get install -y socat
- name: Port Forward to Aurora
run: |
socat tcp-l:3306,fork,reuseaddr tcp:${{ steps.secrets.outputs.host }}:${{ steps.secrets.outputs.port }} &
echo "127.0.0.1 ecommerce.atlas.ariga" | sudo tee -a /etc/hosts
# The next steps are the only ones required to monitor schema changes.
- name: Setup Atlas
uses: ariga/setup-atlas@master
- uses: ariga/atlas-action/monitor/schema@master
with:
cloud-token: ${{ secrets.ATLAS_CLOUD_TOKEN }}
url: mysql://${{ steps.secrets.outputs.username }}:${{ steps.secrets.outputs.password }}@ecommerce.atlas.ariga:3306/${{ steps.secrets.outputs.schema }}