Skip to content

Commit

Permalink
.github/workflows: add action to monitor schema changes agentless (#120)
Browse files Browse the repository at this point in the history
  • Loading branch information
masseelch authored Nov 28, 2024
1 parent 48f423b commit a1b2daf
Showing 1 changed file with 42 additions and 0 deletions.
42 changes: 42 additions & 0 deletions .github/workflows/monitor-ecommerce.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
name: Monitor Ecommerce DB
on:
workflow_dispatch:
schedule:
- cron: '0 9,16 * * 0-4' # Runs at 9 AM and 4 PM (UTC) on Sunday to Thursday
jobs:
monitor:
runs-on: ubuntu-latest
steps:
# This is a public repository to showcase how a GitHub action can be used to monitor schema changes.
# This action runs on a schedule to check if the schema of the ecommerce database has changed.
# The first few steps are done to hide sensitive information like database credentials from the logs.
- name: Add AWS Profile
run: |
aws configure set aws_access_key_id ${{ secrets.AWS_SANDBOX_DEPLOYER_KEY_ID }} --profile sandbox
aws configure set aws_secret_access_key ${{ secrets.AWS_SANDBOX_SECRET_SECRET_KEY }} --profile sandbox
aws configure set region us-east-1 --profile sandbox
- name: Read AWS Secret
id: secrets
run: |
SECRET_STRING=$(aws secretsmanager get-secret-value --secret-id aurora-mysql --profile sandbox | jq -rc '.SecretString')
for key in $(echo $SECRET_STRING | jq -r 'keys[]'); do
SECRET=$(echo $SECRET_STRING | jq -r ".$key")
echo "::add-mask::$SECRET"
echo "$key=$SECRET" >> $GITHUB_OUTPUT
done
- name: Install socat
run: sudo apt-get install -y socat
- name: Port Forward to Aurora
run: |
socat tcp-l:3306,fork,reuseaddr tcp:${{ steps.secrets.outputs.host }}:${{ steps.secrets.outputs.port }} &
echo "127.0.0.1 ecommerce.atlas.ariga" | sudo tee -a /etc/hosts
# The next steps are the only ones required to monitor schema changes.
- name: Setup Atlas
uses: ariga/setup-atlas@master
with:
cloud-token: ${{ secrets.ATLAS_CLOUD_TOKEN }}
- uses: ariga/atlas-action/monitor/schema@master
with:
cloud-token: ${{ secrets.ATLAS_CLOUD_TOKEN }}
url: mysql://${{ steps.secrets.outputs.username }}:${{ steps.secrets.outputs.password }}@ecommerce.atlas.ariga:3306/${{ steps.secrets.outputs.schema }}

0 comments on commit a1b2daf

Please sign in to comment.