|
| 1 | + - name: Liquibase Connect Action |
| 2 | + # You may pin to the exact commit or the version. |
| 3 | + # uses: liquibase-github-actions/connect@1c0ef25a2b6b2b6469be7252bc1925c5ca693a9e |
| 4 | + uses: liquibase-github-actions/[email protected] |
| 5 | + with: |
| 6 | + # The default catalog name to use for the database connection |
| 7 | + defaultCatalogName: # optional |
| 8 | + # The default schema name to use for the database connection |
| 9 | + defaultSchemaName: # optional |
| 10 | + # The JDBC driver class |
| 11 | + driver: # optional |
| 12 | + # The JDBC driver properties file |
| 13 | + driverPropertiesFile: # optional |
| 14 | + # Password to use to connect to the database |
| 15 | + password: # optional |
| 16 | + # *required* The JDBC database connection URL |
| 17 | + url: |
| 18 | + # Username to use to connect to the database |
| 19 | + username: # optional |
| 20 | + # If true, a subset of the MdcKeys, as defined by product, will be set to empty strings upon system startup. |
| 21 | + addEmptyMdcValues: # optional |
| 22 | + # Allows duplicated changeset identifiers without failing Liquibase execution. |
| 23 | + allowDuplicatedChangesetIdentifiers: # optional |
| 24 | + # If true, drop and recreate a view instead of replacing it. |
| 25 | + alwaysDropInsteadOfReplace: # optional |
| 26 | + # When generating SQL for createProcedure, should the procedure schema be forced to the default schema if no schemaName attribute is set? |
| 27 | + alwaysOverrideStoredLogicSchema: # optional |
| 28 | + # Liquibase caches the results from the config endpoint, and this value determines how long that cache should live for before being refreshed. |
| 29 | + analyticsConfigCacheTimeoutMillis: # optional |
| 30 | + # |
| 31 | + analyticsConfigEndpointTimeoutMillis: # optional |
| 32 | + # |
| 33 | + analyticsConfigEndpointUrl: # optional |
| 34 | + # By default, Liquibase will not send analytics in dev (non release) builds. To override this behavior, set this value to true and provide a value for liquibase.analytics.configEndpointUrl |
| 35 | + analyticsDevOverride: # optional |
| 36 | + # Enable or disable sending product usage data and analytics to Liquibase. Learn more at https://docs.liquibase.com/analytics. |
| 37 | + analyticsEnabled: # optional |
| 38 | + # Number of characters of the license key that should be appended to the userId. This is used in the event that the same customer has multiple license keys associated with them. |
| 39 | + analyticsLicenseKeyChars: # optional |
| 40 | + # |
| 41 | + analyticsLogLevel: # optional |
| 42 | + # By default, the timeout for sending data to the remote endpoint is configured in the config endpoint. Any value set here will override that value. |
| 43 | + analyticsTimeoutMillis: # optional |
| 44 | + # Should Liquibase automatically include REORG TABLE commands when needed? |
| 45 | + autoReorg: # optional |
| 46 | + # Number of seconds wait between checks to the changelog lock when it is locked |
| 47 | + changelogLockPollRate: # optional |
| 48 | + # Number of minutes to wait for the changelog lock to be available before giving up |
| 49 | + changelogLockWaitTimeInMinutes: # optional |
| 50 | + # Configures how to handle unknown fields in changelog files. Possible values: STRICT which causes parsing to fail, and LAX which continues with the parsing. |
| 51 | + changelogParseMode: # optional |
| 52 | + # Enable liquibase-checks extension compatibility check. Can be used when running tests to turn off the check. |
| 53 | + checksCompatibilityEnabled: # optional |
| 54 | + # Additional classpath entries to use |
| 55 | + classpath: # optional |
| 56 | + # Should Liquibase convert to/from STANDARD data types. Applies to both snapshot and update commands. |
| 57 | + convertDataTypes: # optional |
| 58 | + # [PRO]Relative or fully qualified path to a yaml file containing key:value data to inject or exclude data from JSON structured logs. Learn more at https://docs.liquibase.com/structured-logging |
| 59 | + customLogDataFile: # optional |
| 60 | + # [PRO]The frequency that the custom log data will be entered into the logs. Available options are: ONCE,REPEATED |
| 61 | + customLogDataFrequency: # optional |
| 62 | + # Name of table to use for tracking concurrent Liquibase usage |
| 63 | + databaseChangelogLockTableName: # optional |
| 64 | + # Name of table to use for tracking change history |
| 65 | + databaseChangelogTableName: # optional |
| 66 | + # Class to use for Database implementation |
| 67 | + databaseClass: # optional |
| 68 | + # The index name for the DATABASECHANGELOG table on DB2 z/OS |
| 69 | + db2zDatabasechangelogIndex: # optional |
| 70 | + # The index name for the DATABASECHANGELOGLOCK table on DB2 z/OS |
| 71 | + db2zDatabasechangeloglockIndex: # optional |
| 72 | + # The database name for the Liquibase tracking tables on DB2 z/OS |
| 73 | + db2zTrackingTablesLocationDatabase: # optional |
| 74 | + # The tablespace name for the Liquibase tracking tables on DB2 z/OS |
| 75 | + db2zTrackingTablesLocationTablespace: # optional |
| 76 | + # If true, extensions are captured in the history table |
| 77 | + dbclhistoryCaptureExtensions: # optional |
| 78 | + # If true, executed SQL is captured in the history table |
| 79 | + dbclhistoryCaptureSql: # optional |
| 80 | + # [PRO]This property enables Liquibase Pro users to store a record of all database changing liquibase operations in a new table DATABASECHANGELOGHISTORY. This table includes records of rollback, dropalls, and repeated runOnChange type activity, which is not available in the standard DATABASECHANGELOG table. |
| 81 | + dbclhistoryEnabled: # optional |
| 82 | + # The exit code to use if an exception is encountered while recording history events |
| 83 | + dbclhistorySeverity: # optional |
| 84 | + # |
| 85 | + dbclhistoryTableName: # optional |
| 86 | + # The DDL_LOCK_TIMEOUT parameter indicates the number of seconds a DDL command should wait for the locks to become available before throwing the resource busy error message. This applies only to Oracle databases. |
| 87 | + ddlLockTimeout: # optional |
| 88 | + # File with default Liquibase properties |
| 89 | + defaultsFile: # optional |
| 90 | + # Should Liquibase compare column order in diff operation? |
| 91 | + diffColumnOrder: # optional |
| 92 | + # How to handle multiple files being found in the search path that have duplicate paths. Options are SILENT (do not log and choose one at random), DEBUG, INFO, WARN (log at the given level and choose one at random), or ERROR (fail current operation). |
| 93 | + duplicateFileMode: # optional |
| 94 | + # Throw an error if Liquibase detects that an includeAll will cause a circular reference (and thus a changelog parse error). |
| 95 | + errorOnCircularIncludeAll: # optional |
| 96 | + # Encoding to use when reading files. Valid values include: UTF-8, UTF-16, UTF-16BE, UTF-16LE, US-ASCII, or OS to use the system configured encoding. |
| 97 | + fileEncoding: # optional |
| 98 | + # DEPRECATED: No longer used |
| 99 | + filterLogMessages: # optional |
| 100 | + # If true, display a more verbose output for the FlowFile toString representation |
| 101 | + flowVerboseToString: # optional |
| 102 | + # Should Liquibase include a "created" attribute in diff/generateChangelog changesets with the current datetime |
| 103 | + generateChangesetCreatedValues: # optional |
| 104 | + # Should Liquibase include the change description in the id when generating changesets? |
| 105 | + generatedChangesetIdsContainsDescription: # optional |
| 106 | + # Force Liquibase to think it has no access to a keyboard |
| 107 | + headless: # optional |
| 108 | + # Should Liquibase include the catalog name when determining equality? |
| 109 | + includeCatalogInSpecification: # optional |
| 110 | + # If set to true, and there are multiple identical tags in the database changelog table, all of the newer matching tags will be rolled back while rolling back to the oldest tag. The default value for this option was false for all Liquibase versions equal to or older than 4.25.1. |
| 111 | + includeMatchingTagInRollbackOldest: # optional |
| 112 | + # If true, the parent relationship for computed columns is preserved in snapshot-dependent commands: snapshot and diff |
| 113 | + includeRelationsForComputedColumns: # optional |
| 114 | + # If true, the schema name is included for the default schema when loading a snapshot |
| 115 | + includeSchemaNameForDefault: # optional |
| 116 | + # Include the system classpath when resolving classes at runtime |
| 117 | + includeSystemClasspath: # optional |
| 118 | + # The name of the integration used to invoke Liquibase, for example, cli, or JavaAPI. It is not required to specify this value. This is primarily used by wrappers around Liquibase (like Gradle), so that analytics can be differentiated for those integrations. |
| 119 | + integrationName: # optional |
| 120 | + # If true, then write to a JCL log file |
| 121 | + jclCreateLogFile: # optional |
| 122 | + # Log file path for JCL output |
| 123 | + jclLogFilePath: # optional |
| 124 | + # Minimum return code recognized as an error |
| 125 | + jclMinimumErrorReturnCode: # optional |
| 126 | + # If true, overwrite JCL log file |
| 127 | + jclOverwriteLogFile: # optional |
| 128 | + # Enable or disable sending license usage data. |
| 129 | + licenseUtilityEnabled: # optional |
| 130 | + # |
| 131 | + licenseUtilityLogLevel: # optional |
| 132 | + # Time, in milliseconds, to wait for HTTP request to complete |
| 133 | + licenseUtilityTimeout: # optional |
| 134 | + # Specifies an identifier (e.g., team name, pipeline ID, or environment) to track and analyze Liquibase license usage. If not provided, the hostname and user is used for identification. |
| 135 | + licenseUtilityTrackingId: # optional |
| 136 | + # |
| 137 | + licenseUtilityUrl: # optional |
| 138 | + # Liquibase Pro or Liquibase Labs license key used to unlock paid capabilities. Get a free trial at https://liquibase.com/trial and use in CLI or add liquibase.licenseKey=<yourKey> into your defaults file. |
| 139 | + licenseKey: # optional |
| 140 | + # Catalog to use for Liquibase objects |
| 141 | + liquibaseCatalogName: # optional |
| 142 | + # Schema to use for Liquibase objects |
| 143 | + liquibaseSchemaName: # optional |
| 144 | + # Tablespace to use for Liquibase objects |
| 145 | + liquibaseTablespaceName: # optional |
| 146 | + # Controls which log channels have their level set by the liquibase.logLevel setting. Comma separate multiple values. To set the level of all channels, use "all". Example: liquibase,org.mariadb.jdbc |
| 147 | + logChannels: # optional |
| 148 | + # Users can use .gz file extension to enable log files compression. |
| 149 | + logFile: # optional |
| 150 | + # Sets the format of log output to console or log files. Open Source users default to unstructured "TEXT" logs to the console or output log files. Pro users have the option to set value as "JSON" or "JSON_PRETTY" to enable json-structured log files to the console or output log files. |
| 151 | + logFormat: # optional |
| 152 | + # Controls which logs get set to stderr AND to any log file. The CLI defaults, if log file set, to SEVERE. Others vary by integration. The official log levels are: OFF, SEVERE, WARNING, INFO, FINE |
| 153 | + logLevel: # optional |
| 154 | + # When set to true, the console messages are mirrored to the logs as [liquibase.ui] to provide a more complete picture of liquibase operations to log analysis tools. Set to false to change this behavior. |
| 155 | + mirrorConsoleMessagesToLog: # optional |
| 156 | + # [PRO]When set to true, console output will be mirrored to both the specified output-file and the console. If output-file is not set, the "mirror-output-to-console" argument has no effect. |
| 157 | + mirrorOutputToConsole: # optional |
| 158 | + # How to handle changelog property expressions where a value is not set. For example, a string "${address}" when no "address" property was defined. Values can be: "preserve" which leaves the string as-is, "empty" which replaces it with an empty string, or "error" which stops processing with an error. |
| 159 | + missingPropertyMode: # optional |
| 160 | + # Enable performance tracking. Set to "false" to disable. If set to "true", data is stored to a `liquibase-TIMESTAMP.jfr` file in your working directory. Any other value will enable tracking and be used as the name of the file to write the data to. |
| 161 | + monitorPerformance: # optional |
| 162 | + # [PRO]Flag to enable composite primary key for newly added DBCL tables. Disabled by default |
| 163 | + mysqlEnableDbclPrimaryKey: # optional |
| 164 | + # Custom executor that can specified |
| 165 | + nativeExecutor: # optional |
| 166 | + # If set to WARN, then liquibase will not throw exception on missing changelog file, instead will show a warning message. |
| 167 | + onMissingIncludeChangelog: # optional |
| 168 | + # If set to WARN, then Liquibase will not throw exception on missing sqlFile inside a sqlFile change type, instead will show a warning message |
| 169 | + onMissingSqlFile: # optional |
| 170 | + # |
| 171 | + outputFile: # optional |
| 172 | + # Encoding to use when writing files |
| 173 | + outputFileEncoding: # optional |
| 174 | + # Line separator for output |
| 175 | + outputLineSeparator: # optional |
| 176 | + # If true "classpath:" prefix will be preserved in normalized paths, allowing to resolve hierarchical resources under a classpath-based root. |
| 177 | + preserveClasspathPrefixInNormalizedPaths: # optional |
| 178 | + # If true, Liquibase treats schema and catalog names as case sensitive |
| 179 | + preserveSchemaCase: # optional |
| 180 | + # If true, rollback execution will be forced when having partial changes that needs to be rolled back. Defaults to false. |
| 181 | + proForceOnPartialChanges: # optional |
| 182 | + # [PRO]The default end delimiter to use for all change sets |
| 183 | + proGlobalEndDelimiter: # optional |
| 184 | + # [PRO]If true, the global end delimiter overrides all other settings |
| 185 | + proGlobalEndDelimiterPrioritized: # optional |
| 186 | + # [PRO]The default strip comments to use for all change sets |
| 187 | + proGlobalStripComments: # optional |
| 188 | + # [PRO]If true, the global strip comments overrides all other settings |
| 189 | + proGlobalStripCommentsPrioritized: # optional |
| 190 | + # DEPRECATED: Liquibase Pro license key used to unlock paid capabilities. Get a free trial at https://www.liquibase.com/protrial and use in CLI or add liquibase.pro.licenseKey=<yourKey> into your defaults file. |
| 191 | + proLicenseKey: # optional |
| 192 | + # If a column would be dropped in a diffChangeLog, call markUnused instead if set to true |
| 193 | + proMarkUnusedNotDrop: # optional |
| 194 | + # If true, generate changeSets with SQL-based changes inlined instead of saving them to an external file |
| 195 | + proSqlInline: # optional |
| 196 | + # If false, do not drop public synonyms in diffChangeLog/dropAll |
| 197 | + proSynonymsDropPublic: # optional |
| 198 | + # [PRO]If true, the Liquibase operations will fail when specified paths to Pro resource files (flow files, checks settings files, native executor conf files, etc) or rollback scripts are missing or empty. |
| 199 | + proStrict: # optional |
| 200 | + # Should Liquibase prompt if a non-local database is being accessed |
| 201 | + promptForNonLocalDatabase: # optional |
| 202 | + # Implementation of Properties class to provide additional driver properties |
| 203 | + propertyProviderClass: # optional |
| 204 | + # [PRO]Enable or disable reporting. |
| 205 | + reportsEnabled: # optional |
| 206 | + # [PRO]The format of the report. Currently, can only be set to "html". |
| 207 | + reportsFormat: # optional |
| 208 | + # [PRO]The name of the reports. |
| 209 | + reportsName: # optional |
| 210 | + # [PRO]Open the newly generated report in your default browser. |
| 211 | + reportsOpen: # optional |
| 212 | + # [PRO]The path to the directory to generate the reports. |
| 213 | + reportsPath: # optional |
| 214 | + # [PRO]Minimize the amount of logging when generating reports. |
| 215 | + reportsQuiet: # optional |
| 216 | + # [PRO]Global setting to prevent the display of exceptions in operation reports. |
| 217 | + reportsSuppressException: # optional |
| 218 | + # [PRO]Global setting to prevent the display of changeset SQL in operation reports. |
| 219 | + reportsSuppressSql: # optional |
| 220 | + # Path to a Python executable associated with a virtual environment |
| 221 | + scriptPythonExecutablePath: # optional |
| 222 | + # Complete list of Location(s) to search for files such as changelog files in. Multiple paths can be specified by separating them with commas. |
| 223 | + searchPath: # optional |
| 224 | + # If true, remove functionality from file parsers which could be used insecurely. Examples include (but not limited to) disabling remote XML entity support. |
| 225 | + secureParsing: # optional |
| 226 | + # Should Liquibase commands execute |
| 227 | + shouldRun: # optional |
| 228 | + # Should Liquibase snapshot data by default? |
| 229 | + shouldSnapshotData: # optional |
| 230 | + # If true, show a Liquibase banner on startup. |
| 231 | + showBanner: # optional |
| 232 | + # If true, all command arguments marked as hidden will be shown in the help output, ignoring the hidden flag. NOTE, due to the order of value provider loading at such an early point in Liquibase startup, you MUST set this as a environment variable. Command line parameters will not be recognized. |
| 233 | + showHiddenArgs: # optional |
| 234 | + # [PRO]Path to private key used for PKI Authentication type. Usually requires "snowflake-auth-type" property configured. |
| 235 | + snowflakeAuthPrivateKeyPassphrase: # optional |
| 236 | + # [PRO]Path to private key used for PKI Authentication type. Usually requires "snowflake-auth-type" property configured. |
| 237 | + snowflakeAuthPrivateKeyPath: # optional |
| 238 | + # [PRO]Value of the token used for specified Authentication type. Usually requires "snowflake-auth-type" property configured. |
| 239 | + snowflakeAuthToken: # optional |
| 240 | + # [PRO]The type or mechanism of Snowflake database authentication |
| 241 | + snowflakeAuthType: # optional |
| 242 | + # If true, all queries will have their fetch size set to the fetch size defined in their database implementation. This has the effect of informing the driver how many rows should be fetched when processing the result set. This is not guaranteed to be respected by the driver, but if respected, should improve query performance significantly. |
| 243 | + sqlAlwaysSetFetchSize: # optional |
| 244 | + # Level to log SQL statements to |
| 245 | + sqlLogLevel: # optional |
| 246 | + # Show SQLWarning messages |
| 247 | + sqlShowSqlWarnings: # optional |
| 248 | + # If true, Liquibase enforces certain best practices and proactively looks for common errors |
| 249 | + strict: # optional |
| 250 | + # Support escaping changelog parameters using a colon. Example: ${:user.name} |
| 251 | + supportPropertyEscaping: # optional |
| 252 | + # Controls the level of validation performed on the supports method of Change classes. Options are OFF, WARN, FAIL. |
| 253 | + supportsMethodValidationLevel: # optional |
| 254 | + # When set to true, this global property prevents DBCL and DBCLH sql from being present in console and logs during *-sql commands, such as update-sql, rollback-sql, etc. |
| 255 | + suppressLiquibaseSql: # optional |
| 256 | + # If true column headers will be trimmed in case they were specified with spaces in the file. |
| 257 | + trimLoadDataFileHeader: # optional |
| 258 | + # Changes the default UI Service Logger used by Liquibase. Options are CONSOLE or LOGGER. |
| 259 | + uiService: # optional |
| 260 | + # If set to true (default value), createProcedure tags with a set schemaName will modify the procedure body with the given schema name. |
| 261 | + useProcedureSchema: # optional |
| 262 | + # Will perform XSD validation of XML changelog files. When many XML changelog files are included, this validation may impact Liquibase performance. Defaults to true. |
| 263 | + validateXmlChangelogFiles: # optional |
| 264 | + # If true, long strings in Oracle will be chunked at 4000 characters when an insert statement is run, to avoid running afoul of Oracle"s 4000 character limit for insert statements to clob type columns (which appears as "ORA-01704: string literal too long.") |
| 265 | + workaroundOracleClobCharacterLimit: # optional |
| 266 | + |
| 267 | +name: Test site for publicly known js vulnerabilities |
| 268 | + |
| 269 | +on: push |
| 270 | +jobs: |
| 271 | + security: |
| 272 | + runs-on: ubuntu-latest |
| 273 | + steps: |
| 274 | + - name: Test for public javascript library vulnerabilities |
| 275 | + uses: lirantal/is-website-vulnerable@main |
| 276 | + with: |
| 277 | + scan-url: "https://*.*.com" |
| 278 | + |
| 279 | + |
0 commit comments