Skip to content

khulnasoft/devsecdb

⚙️ Install📚 Docs💬 Discord🙋‍♀️ Book Demo

go report Artifact Hub Github Stars

Different database development tasks

Multiple database systems

Unified process

Single tool





🪜

Change

Want to formalize the database change process but don't know how?

Standard Operating Procedure (SOP)
Standardize the database schema and data change process across different database systems, small or large tables and different tenants.

SQL Review
100+ lint rules to detect SQL anti-patterns and enforce consistent SQL style in the organization.

GitOps
Point-and-click GitHub and GitLab integration to enable GitOps workflow for changing database.

🔮

Query

Want to control the data access but don't know how?

All-in-one SQL Editor
Web-based IDE specifically for performing SQL specific tasks.

Data Masking
State-of-the-art column level masking engine to cover complex situations like subquery, CTE.

Data Access Control
Organization level policy to centralize the database permission.

🔒

Secure

Want to avoid data leakage, change outage and detect malicious behavior but don't know how?

Centralize Change, Query and Admin Tasks
A single place to perform different tasks on different databases, thus enforce policy and monitor activity accordingly.

RBAC
Two-level RBAC model mapping to the organization wide privileges and application team privileges respectively.

Anomaly Center and Audit Logging
Capture all database anomalies, user actions and system events and present them in a holistic view.

👩‍💼

Govern

Want to enforce organization policy but don't know how?

Manage Database Resources
A single place to manage environments, database instances, database users for application development, with optional Terraform integration.

Policy Enforcement
Enforce organization wide SQL Review policy, backup policy and data access policy.

SQL Editor Admin mode
CLI like experience without setting up bastion.

🖖 Intro

Watch the 30-second product video

Devsecdb is a Database CI/CD solution for the Developers and DBAs. It's the only database CI/CD project included by the CNCF Landscape and Platform Engineering. The Devsecdb family consists of these tools:

  • Devsecdb Console: A web-based GUI for developers and DBAs to manage the database development lifecycle.
  • Devsecdb API: Provide both gRPC and RESTful API to manipulate every aspect of Devsecdb.
  • SQL Review GitHub Action: The GitHub Action to detect SQL anti-patterns and enforce a consistent SQL style guide during Pull Request.
  • Terraform Devsecdb Provider: The Terraform provider enables team to manage Devsecdb resources via Terraform. A typical setup involves teams using Terraform to provision database instances from Cloud vendors, followed by using Devsecdb provider to prepare those instances ready for application use.
Topic
🔧 Installation
🎮 Demo
👩‍🏫 Tutorials
💎 Design Principles
🧩 Data Model
🎭 Roles
🕊 Developing and Contributing
🤺 Devsecdb vs Alternatives

🔧 Installation


🎮 Demo

Live demo at https://demo.secdb.khulnasoft.com

You can also book a 30min product walkthrough with one of our product experts.


👩‍🏫 Tutorials

Product tutorials are available at https://www.secdb.khulnasoft.com/tutorial.

Integrations


💎 Design Principles

🪶 Dependency Free Start with a single command ./devsecdb without any external dependency. External PostgreSQL data store and others are optional.
🔗 Integration First Solely focus on database management and leave the rest to others. We have native VCS integration with GitHub/GitLab, Terraform Provider, webhook, and etc.
💂‍♀️ Engineering Disciplined Disciplined bi-weekly release and engineering practice.

🧩 Data Model

More details in Data Model Doc.

Data Model


🎭 Roles

More details in Roles and Permissions Doc.

Devsecdb employs RBAC (role based access control) and provides two role sets at the workspace and project level:

  • Workspace roles: Admin, DBA, Member. The workspace role maps to the role in an organization.
  • Project roles: Owner, Developer, Releaser, SQL Editor User, Exporter, Viewer. The project level role maps to the role in a specific team or project.

Every user is assigned a workspace role, and if a particular user is involved in a particular project, then she will also be assigned a project role accordingly.

Below diagram describes a typical mapping between an engineering org and the corresponding roles in the Devsecdb workspace

Role Mapping


🕊 Developing and Contributing

Tech Stack

  • Devsecdb is built with a curated tech stack. It is optimized for developer experience and is very easy to start working on the code:

    1. It has no external dependency.
    2. It requires zero config.
    3. 1 command to start backend and 1 command to start frontend, both with live reload support.
  • Interactive code walkthrough

  • Follow Life of a Feature.

Dev Environment Setup

Prerequisites

  • Go (1.23.2 or later)
  • pnpm
  • Air (our forked repo @87187cc with the proper signal handling). This is for backend live reload.
    go install github.com/devsecdb/air@87187cc

Steps

  1. Pull source.

    git clone https://github.com/khulnasoft/devsecdb
  2. Create an external Postgres database on localhost.

    CREATE USER bbdev SUPERUSER;
    CREATE DATABASE bbdev;
  3. Start backend using air (with live reload).

    PG_URL=postgresql://bbdev@localhost/bbdev $(go env GOPATH)/bin/air -c scripts/.air.toml

    Change the open file limit if you encounter "error: too many open files".

    ulimit -n 10240

    If you need additional runtime parameters such as --backup-bucket, please add them like this:

    air -c scripts/.air.toml -- --backup-region us-east-1 --backup-bucket s3:\\/\\/example-bucket --backup-credential ~/.aws/credentials
  4. Start frontend (with live reload).

    cd frontend && pnpm i && pnpm dev

    Devsecdb should now be running at http://localhost:3000 and change either frontend or backend code would trigger live reload.

Tips

  • Use Code Inspector to locate frontend code from UI. Hold Option + Shift on Mac or Alt + Shift on Windows

🤺 Devsecdb vs Alternatives

Devsecdb vs Flyway, Liquibase

Either Flyway or Liquibase is a library and CLI focusing on schema change. While Devsecdb is an one-stop solution covering the entire database development lifecycle for Developers and DBAs to collaborate.

Another key difference is Devsecdb doesn't support Oracle and SQL Server. This is a conscious decision we make so that we can focus on supporting other databases without good tooling support. In particular, many of our users tell us Devsecdb is by far the best (and sometimes the only) database tool that can support their PostgreSQL and ClickHouse use cases.

Star History Chart

Devsecdb vs Yearning, Archery

Either Yearning or Archery provides a DBA operation portal. While Devsecdb provides a collaboration workspace for DBAs and Developers, and brings DevOps practice to the Database Change Management (DCM). Devsecdb has the similar Project concept seen in GitLab/GitHub and provides native GitOps integration with GitLab/GitHub.

Another key difference is Yearning, Archery are open source projects maintained by the individuals part-time. While Devsecdb is open-sourced, it adopts an open-core model and is a commercialized product, supported by a fully staffed team releasing new version every 2 weeks.

Star History Chart

Devsecdb vs Metabase

Metabase is a data visualization and business intelligence (BI) tool. It's built for data teams and business analysts to make sense of the data.

Devsecdb is a database development platform. It's built for the developer teams to perform database operations during the application development lifecycle.

Star History Chart

Devsecdb vs CloudBeaver

Both have web-based SQL clients. Additionally, Devsecdb offers review workflow, more collaboration and security features.

Star History Chart

Devsecdb vs DBeaver / Navicat

SQL GUI Client such as MySQL Workbench, pgAdmin, DBeaver, Navicat provide a GUI to interact with the database. Devsecdb not only provides a GUI client, it can also enforce centralized data access control for data security and governance.

Devsecdb vs Jira

Jira is a general-purpose issue ticketing system. Devsecdb is a database domain-specific change management system. Devsecdb provides an integrated experience to plan, review, and deploy database changes.

👨‍👩‍👧‍👦 Community

Hang out on Discord

Follow us on Twitter


🤔 Frequently Asked Questions (FAQs)

Check out our FAQ.


🙋 Contact Us

  • Interested in joining us? Check out our jobs page for openings.
  • Want to solve your schema change and database management headache? Book a 30min demo with one of our product experts.

About

No description, website, or topics provided.

Resources

License

Unknown, Unknown licenses found

Licenses found

Unknown
LICENSE
Unknown
LICENSE.enterprise

Code of conduct

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •