Thread: Greenmask v0.1.7 Release

Greenmask v0.1.7 Release

From
"Greenmask.io via PostgreSQL Announce"
Date:
 

Greenmask v0.1.7 Release

Greenmask v0.1.7 Release

PostgreSQL Dump and Obfuscation Tool

This release introduces a new Greenmask command, improvements, bug fixes, and documentation updates.

Greenmask Overview

Key Features

  • Cross-platform — can be easily built and executed on any platform, thanks to its Go-based architecture, which eliminates platform dependencies.
  • Interactive - allows to check the transformation result and show problems if any using the single command validate
  • Schema difference check - validate your current database with the previous dump in storage and show diff
  • Database type safe — ensures data integrity by validating data and utilizing the database driver for encoding and decoding operations. This approach guarantees the preservation of data formats.
  • Transformation validation and easy maintainable — during obfuscation development, Greenmask provides validation warnings and a transformation diff feature, allowing you to monitor and maintain transformations effectively throughout the software lifecycle.
  • Partitioned tables transformation inheritance — define transformation configurations once and apply them to all partitions within partitioned tables, simplifying the obfuscation process.
  • Stateless — Greenmask operates as a logical dump and does not impact your existing database schema.
  • Backward compatible — it fully supports the same features and protocols as existing vanilla PostgreSQL utilities. Dumps created by Greenmask can be successfully restored using the pg_restore utility.
  • Extensible — users have the flexibility to implement domain-based transformations in any programming language or use predefined templates.
  • Declarative — Greenmask allows you to define configurations in a structured, easily parsed, and recognizable format.
  • Integrable — integrate Greenmask seamlessly into your CI/CD system for automated database obfuscation and restoration.
  • Parallel execution — take advantage of parallel dumping and restoration, significantly reducing the time required to deliver results.
  • Provide a variety of storage — Greenmask offers a variety of storage options for local and remote data storage, including directories and S3-like storage solutions.

Greenmask is ideally suited for:

  • Routine backup and restoration tasks, ensuring data integrity and availability.
  • Anonymization and data masking for staging environments and analytics, protecting sensitive information while maintaining data utility.

Release Notes

v0.1.7

New features
  • Added restoration filtering by --table, --schema and --exclude-schema parameters
  • Validate command without parameters validates only the configuration file
  • Added the --schema parameter, which allows to make a schema diff between the previous dump and the current. This is useful when you want to check if the schema has changed after the migration. By controlling it we can exclude data leakage after migration
  • Validate command divided by many stages that can be controlled using parameters
    • Configuration validation
    • Transformer validation
    • Constraint violation check
    • Data difference check
    • Schema difference check
Improvements
  • Improved Hash transformer
    • Added salt parameter that can be set via config or via GREENMASK_GLOBAL_SALT
    • Added sha3 functions support in different modes (sha3-224, sha3-256, sha3-384, sha3-512)
  • Refactored Cmd transformer logic
    • Json API: Now it allows to use of column names instead of column indexes in JSON format
    • Csv API: Now it can use the column order from config via column remapping
  • The validate command was rewritten almost from scratch.
    • New option --transformed-only - displays only columns that are transformed with a primary key (if exists). This allows to reduce the output data and make it more readable
    • Implemented json format for output
    • Added the --table-format parameter which is responsible for the vertical and horizontal table orientation. This works only when --format=text
    • Added the --warnings parameter, if it is specified then not only fatal-warnings will be displayed, but also those with a lower severity
Fixes
  • Fixed --use-list option - now it applies to entries according to the order in the list file
  • Fixed --use-list option behavior together with --list-format option (json or text). Now it generates a temporal list file in text format for providing it to the pg_restore call
  • Updated documentation according to the latest changes

v0.1.2 - v0.1.6

  • Fixed uncontrolled buffer growth in the restore command
  • The Hash transformer has been completely remastered and now has the function parameter to choose from several hash algorithm options and the max_length parameter to truncate the hash tail.
  • Split information about transformers between the list-transformers and new show-transformer CLI commands, which allows for more comprehensible and useful outputs for both commands
  • Added error severity for the Cmd parameter validator
  • Significantly refactored the structure and content of documentation
  • Fixed metadata enrichment for validation warnings caused by RawValueValidator
  • Fixed a typo in the credit_card value for the type parameter of the Masking transformer
  • Fixed Greenmask Playground environment variables and the cleanup command
  • Fixed list-dump, list-transformers, and restore commands exit code on error
  • Fixed database connection parameters behavior fields
  • Fixed Json transformer: now it correctly parses operations field
  • Fixed bug when raw COPY lines were parsed incorrectly
  • Fixed --version parameter behavior

Useful Links

Change log greenmask.io

Explore detailed Documentation

Access the Latest Release on GitHub

Contact us for support at Email Support