This is Part 3 of our tutorial series on implementing automated database masking using GitHub Actions:
- Part 1: Semantic Type and Global Masking Rule
- Part 2: Column Masking and Masking Exemption
- Part 3: Data Classification (this one)
Overview
In this tutorial, you’ll learn how to automate data classification using GitHub Actions and the Bytebase API. This integration allows you to:- Manage data classification and global masking policy as code
- Automatically apply masking policies when PRs are merged
Data Classification
Data Classification allows you to manage masking policy for many columns by controlling only a small number of classifications.In Bytebase Console
Go to Data Access > Data Classification, you can upload the classification file.
In GitHub Workflow
Find the stepApply classification
, which will apply the classification to the database via API. All the classifications should be defined in one file in the root directory as masking/classification.json
. The code it calls Bytebase API is as follows:
masking/data-classification.json
, creating a PR and merging, you can apply the classification. Go to Bytebase console, click Data Access > Data Classification, you can see the classification is applied.
Here in the github workflow, we also apply global masking rule and column masking with classification with files masking/global-masking-rule-classification.json
and masking/databases/test-sample-instance/hr_test/database-catalog-classification.json
.