Skip to content
Bytebase Masking Policy Update Semantic Type and Global Masking Rule

update #3

Sign in to view logs

update

update #3

Workflow file for this run

.github/workflows/1-bb-masking-semantic-type-global.yml at 529279f
name: Bytebase Masking Policy Update Semantic Type and Global Masking Rule
on:
pull_request:
types: [closed]
branches:
- main
workflow_dispatch:
jobs:
bytebase-masking-semantic-type-global:
if: github.event.pull_request.merged == true
runs-on: ubuntu-latest
permissions:
pull-requests: write
issues: write
contents: read
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 0
- name: Login Bytebase
id: bytebase-login
uses: bytebase/[email protected]
with:
bytebase-url: ${{ secrets.BYTEBASE_URL }}
service-key: ${{ secrets.BYTEBASE_SERVICE_KEY }}
service-secret: ${{ secrets.BYTEBASE_SERVICE_SECRET }}
- name: Debug Bytebase Login Outputs
run: |
echo "Bytebase Login Outputs:"
echo "${{ toJSON(steps.bytebase-login.outputs) }}"
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v42
with:
files: |
masking/semantic-type.json
masking/global-masking-rule.json
since_last_remote_commit: true
fetch_depth: 0
include_all_old_new_renamed_files: true
- name: Debug changed files
run: |
echo "All changed and added files:"
echo "Modified files: ${{ steps.changed-files.outputs.modified_files }}"
echo "Added files: ${{ steps.changed-files.outputs.added_files }}"
echo "All changes: ${{ steps.changed-files.outputs.all_changed_files }}"
- name: Debug changed files in detail
run: |
echo "All changed files:"
echo "${{ steps.changed-files.outputs.all_changed_files }}"
echo "Contains semantic-type.json: ${{ contains(steps.changed-files.outputs.all_changed_files, 'semantic-type.json') }}"
echo "Contains global-masking-rule.json: ${{ contains(steps.changed-files.outputs.all_changed_files, 'global-masking-rule.json') }}"
echo "Raw output:"
echo "${{ toJSON(steps.changed-files.outputs) }}"
- name: Apply semantic type
id: apply-semantic-type
if: ${{ steps.changed-files.outputs.any_changed == 'true' && contains(steps.changed-files.outputs.all_changed_files, 'semantic-type.json') }}
run: |
CHANGED_FILE="masking/semantic-type.json"
echo "Processing: $CHANGED_FILE"
# Check if file exists
if [ ! -f "$CHANGED_FILE" ]; then
echo "Error: $CHANGED_FILE does not exist"
exit 1
fi
# Print file content for debugging
echo "File content:"
cat "$CHANGED_FILE"
response=$(curl -s -w "\n%{http_code}" --request PATCH "${{ steps.bytebase-login.outputs.api_url }}/settings/bb.workspace.semantic-types" \
--header "Authorization: Bearer ${{ steps.bytebase-login.outputs.token }}" \
--header "Content-Type: application/json" \
--data @"$CHANGED_FILE")
# Extract status code and response body
status_code=$(echo "$response" | tail -n1)
body=$(echo "$response" | sed '$d')
# Save outputs for GitHub Actions
echo "status_code=${status_code}" >> $GITHUB_OUTPUT
echo "response_body<<EOF" >> $GITHUB_OUTPUT
echo "${body}" >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
echo "Status Code: ${status_code}"
echo "Response Body: ${body}"
if [[ $status_code -lt 200 || $status_code -ge 300 ]]; then
echo "Failed with status code: $status_code"
echo "Response body: ${body}"
exit 1
fi
- name: Apply global masking rule
id: apply-global-masking-rule
if: ${{ steps.changed-files.outputs.any_changed == 'true' && contains(steps.changed-files.outputs.all_changed_files, 'global-masking-rule.json') }}
run: |
CHANGED_FILE="masking/global-masking-rule.json"
echo "Processing: $CHANGED_FILE"
response=$(curl -s -w "\n%{http_code}" --request PATCH "${{ steps.bytebase-login.outputs.api_url }}/policies/masking_rule?allow_missing=true&update_mask=payload" \
--header "Authorization: Bearer ${{ steps.bytebase-login.outputs.token }}" \
--data @"$CHANGED_FILE")
# Extract status code and response body
status_code=$(echo "$response" | tail -n1)
body=$(echo "$response" | sed '$d')
echo "status_code=${status_code}" >> $GITHUB_OUTPUT
echo "response_body<<EOF" >> $GITHUB_OUTPUT
echo "${body}" >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
echo "status_code=${status_code}"
echo "response_body=${body}"
if [[ $status_code -lt 200 || $status_code -ge 300 ]]; then
echo "Failed with status code: $status_code"
exit 1
fi
- name: Comment on PR
uses: actions/github-script@v7
env:
CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }}
with:
script: |
const changedFiles = process.env.CHANGED_FILES || '';
let commentBody = `### Update Semantic Type and Global Masking Rule Summary\n\n`;
// Add status of merge
commentBody += `✅ **PR Status:** Merged\n\n`;
// Add changed files section
commentBody += `📝 **Changed Files:**\n\n`;
if (changedFiles.trim()) {
commentBody += changedFiles.split(' ').map(f => `- ${f}`).join('\n');
} else {
commentBody += `None`;
}
commentBody += '\n\n';
// Add API calls summary
commentBody += `🔄 **API Calls:**\n\n`;
let apiCallsFound = false;
if (changedFiles.includes('semantic-type.json')) {
const status = ${{ toJSON(steps.apply-semantic-type.outputs) }}.status_code;
if (status) {
apiCallsFound = true;
const success = status >= 200 && status < 300;
commentBody += `- Semantic Type: ${success ? '✅' : '❌'} ${status}\n`;
}
}
if (changedFiles.includes('global-masking-rule.json')) {
const status = ${{ toJSON(steps.apply-global-masking-rule.outputs) }}.status_code;
if (status) {
apiCallsFound = true;
const success = status >= 200 && status < 300;
commentBody += `- Global Masking Rule: ${success ? '✅' : '❌'} ${status}\n`;
}
}
if (!apiCallsFound) {
commentBody += `None`;
}
await github.rest.issues.createComment({
...context.repo,
issue_number: context.issue.number,
body: commentBody
});