Use python to write your custom policy checks for Liquibase
Project description
liquibase-checks-python
Write your custom policy checks using Python! Secure your database and lock down your CI by running your own custom logic to evaluate the safety and security of each database change.
Requirements
- Python 3.10 or graalpy-24.0.0
- Liquibase 4.29.0
Getting Started
We recommend installing liquibase-checks-python in a virtual environment.
Installation
Create your virtual environment
python -m venv <path/to/venv>
Install liquibase-checks-python
pip install liquibase-checks-python
You can validate the package has been successfully installed by running pip list
Writing your first custom policy check
Create a file custom.py inside your liquibase working directory.
touch custom.py
Configure a new database scoped CustomCheckTemplate with the name MyCustomCheck with liquibase and set the SCRIPT_PATH to custom.py
liquibase checks customize --check-name CustomCheckTemplate
Open your custom.py in your text editor and add the following:
from liquibase_checks_python import liquibase_utilities as lb
import sys
obj = lb.get_database_object()
status = lb.get_status()
if lb.is_table(obj):
status.fired = True
status.message = "No tables allowed!"
sys.exit(1)
Run your new custom check
liquibase --script-python-executable-path <path/to/venv>/bin/python --checks checks run --check-name MyCustomCheck --checks-scope database --checks-scripts-enabled
If your database has any tables, you should see a warning like this:
DATABASE CHECKS
---------------
Validation of the database snapshot found the following issues:
Check Name: Custom Check Template (test)
Object Type: table
Object Name: my_table
Object Location: DEV.PUBLIC.my_table
Check Severity: BLOCKER (Return code: 4)
Message: No tables allowed!
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file liquibase_checks_python-2.0.0.tar.gz.
File metadata
- Download URL: liquibase_checks_python-2.0.0.tar.gz
- Upload date:
- Size: 13.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/5.1.0 CPython/3.12.8
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
2e911aea02c1cf4c1fc35ef32644884b51db00d7fde7003e73f01e759166261a
|
|
| MD5 |
abd0e63c8b7c0928d65861471e8dd9b0
|
|
| BLAKE2b-256 |
739b67d7576e4c13aecfefff9281627114e147c9680702192a55eab07f998c8c
|
File details
Details for the file liquibase_checks_python-2.0.0-py3-none-any.whl.
File metadata
- Download URL: liquibase_checks_python-2.0.0-py3-none-any.whl
- Upload date:
- Size: 14.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/5.1.0 CPython/3.12.8
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a98ce95a4e6e46a02a3486d08049ba77e075176ef7ddb385fa1f171efc5e19fe
|
|
| MD5 |
e6b609fe58bc5f0a1e2d1af7afbad76b
|
|
| BLAKE2b-256 |
05541a6a4c8177ed120018122ca1620589e4bb91053a98963d3799edccea5eef
|
