-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsetup_packages.txt
137 lines (87 loc) · 5.6 KB
/
setup_packages.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
--create checks conf file
liquibase checks show
# Select option [3]
# Rename the file to security-checks.conf
# Move file to "checks" directory
liquibase checks show
# Select option [3]
# Rename the file to data-checks.conf
# Move file to "checks" directory
liquibase checks show
# Select option [3]
# Rename the file to performance-checks.conf
# Move file to "checks" directory
liquibase checks show
# Select option [3]
# Rename the file to liquibase-metadata-checks.conf
# Move file to "checks" directory
--bulk-set disable
liquibase checks bulk-set --disable --checks-settings-file=checks/security-checks.conf
# Select [Y] to confirm.
liquibase checks bulk-set --disable --checks-settings-file=checks/data-checks.conf
# Select [Y] to confirm.
liquibase checks bulk-set --disable --checks-settings-file=checks/performance-checks.conf
# Select [Y] to confirm.
liquibase checks bulk-set --disable --checks-settings-file=checks/liquibase-metadata-checks.conf
# Select [Y] to confirm.
--Security Checks
-- No "GRANT" allowed
liquibase checks enable --check-name=SqlGrantWarn --checks-settings-file=checks/security-checks.conf
liquibase checks customize --check-name=SqlGrantWarn --checks-settings-file=checks/security-checks.conf
# Choose severity level [1-4]
-- No "REVOKE" allowed
liquibase checks enable --check-name=SqlRevokeWarn --checks-settings-file=checks/security-checks.conf
liquibase checks customize --check-name=SqlRevokeWarn --checks-settings-file=checks/security-checks.conf
# Choose severity level [1-4]
--Data Checks
--No "DROP TABLE" allowed
liquibase checks enable --check-name=ChangeDropTableWarn --checks-settings-file=checks/data-checks.conf
liquibase checks customize --check-name=ChangeDropTableWarn --checks-settings-file=checks/data-checks.conf
# Choose severity level [1-4]
--No "DROP COLUMN" allowed
liquibase checks enable --check-name=ChangeDropColumnWarn --checks-settings-file=checks/data-checks.conf
liquibase checks customize --check-name=ChangeDropColumnWarn --checks-settings-file=checks/data-checks.conf
# Choose severity level [1-4]
--No "TRUNCATE" allowed
liquibase checks enable --check-name=ChangeTruncateTableWarn --checks-settings-file=checks/data-checks.conf
liquibase checks customize --check-name=ChangeTruncateTableWarn --checks-settings-file=checks/data-checks.conf
# Choose severity level [1-4]
--Performance Checks
--No "SELECT *" allowed
liquibase checks enable --check-name=SqlSelectStarWarn --checks-settings-file=checks/performance-checks.conf
liquibase checks customize --check-name=SqlSelectStarWarn --checks-settings-file=checks/performance-checks.conf
# Choose severity level [1-4]
--Liquibase Metadata Checks
--Rollback Required
liquibase checks enable --check-name=RollbackRequired --checks-settings-file=checks/liquibase-metadata-checks.conf
liquibase checks customize --check-name=RollbackRequired --checks-settings-file=checks/liquibase-metadata-checks.conf
# Choose severity level [1-4]
--One Change Per Changeset
liquibase checks enable --check-name=OneChangePerChangeset --checks-settings-file=checks/liquibase-metadata-checks.conf
liquibase checks customize --check-name=OneChangePerChangeset --checks-settings-file=checks/liquibase-metadata-checks.conf
# Choose severity level [1-4]
--Show enabled checks
liquibase checks show --check-status=enabled --checks-settings-file=checks/security-checks.conf
liquibase checks show --check-status=enabled --checks-settings-file=checks/data-checks.conf
liquibase checks show --check-status=enabled --checks-settings-file=checks/performance-checks.conf
liquibase checks show --check-status=enabled --checks-settings-file=checks/liquibase-metadata-checks.conf
--show checks
liquibase checks show --checks-settings-file=checks/security-checks.conf --check-status=enabled
liquibase checks show --checks-settings-file=checks/data-checks.conf --check-status=enabled
liquibase checks show --checks-settings-file=checks/performance-checks.conf --check-status=enabled
liquibase checks show --checks-settings-file=checks/liquibase-metadata-checks.conf --check-status=enabled
--create packages
liquibase checks create --package-contents=checks/security-checks.conf --package-name=security-checks --package-file=checks.pkg
liquibase checks create --package-contents=checks/data-checks.conf --package-name=data-checks --package-file=checks.pkg
liquibase checks create --package-contents=checks/performance-checks.conf --package-name=performance-checks --package-file=checks.pkg
liquibase checks create --package-contents=checks/liquibase-metadata-checks.conf --package-name=liquibase-metadata-checks --package-file=checks.pkg
--show packages
liquibase checks show --checks-settings-file=checks.pkg --checks-packages=security-checks --check-status=enabled
liquibase checks show --checks-settings-file=checks.pkg --checks-packages=data-checks --check-status=enabled
liquibase checks show --checks-settings-file=checks.pkg --checks-packages=performance-checks --check-status=enabled
liquibase checks show --checks-settings-file=checks.pkg --checks-packages=liquibase-metadata-checks --check-status=enabled
--run
liquibase checks run --checks-settings-file=checks.pkg --checks-packages=security-checks --changeset-filter=pending
liquibase checks run --checks-settings-file=checks.pkg --checks-packages=data-checks --changeset-filter=pending
liquibase checks run --checks-settings-file=checks.pkg --checks-packages=performance-checks --changeset-filter=pending
liquibase checks run --checks-settings-file=checks.pkg --checks-packages=liquibase-metadata-checks --changeset-filter=pending