介绍

Yearning MYSQL 是一个SQL语句审核平台。提供查询审计，SQL审核等多种功能，支持Mysql，可以在一定程度上解决运维与开发之间的那一环，功能丰富，代码开源，安装部署容易！

开源地址

https://gitee.com/cookieYe/Yearning

功能介绍

SQL查询查询导出查询自动补全
SQL审核流程化工单SQL语句检测SQL语句执行SQL回滚
历史审核记录
查询审计
推送E-mail工单推送钉钉webhook机器人工单推送
其他LDAP登陆用户权限及管理拼图式细粒度权限划分(共12项独立权限,可随意组合)

模块介绍

Dashboard

dashboard主要展示Yearning各项数据包括用户数/数据源数/工单数/查询数以及其他图表，个人信息栏内用户可以修改密码/邮箱/真实姓名，同时可以查看该用户权限以及申请权限

我的工单

展示用户提交的工单信息.，对于执行失败/驳回的工单点击详细信息后可以重新修改sql并提交

对于执行成功的工单可以查看回滚语句并且快速提交SQL

工单DLL

DDL相关SQL提交审核，查看表结构/索引，SQL语法高亮/自动补全

DML审核

DML相关SQL提交审核，SQL语法高亮/自动补全

查询

查询/导出数据 SQL语法高亮/自动补全快速DML语句提交

工单审核

DDL/DML管理员审核并执行

查询审核

用户查询审核

权限审核

用户权限审核

用户管理

创建/修改/删除用户

数据库管理

添加/编辑/删除数据源

用户权限

用户权限修改/清空

基础设置和进阶设置

设置消息推送相关信息包括钉钉机器人/email，设置LDAP相关信息，全局配置信息，全局配置开关

审核规则

设置SQL检测规则

审核流程

Yearning采用二级/多级的审核模式,可根据实际需求变更相关使用流程，执行人角色必须在开启多级审核之后才可指定(开启请前往设置页面)，如果需要将多级审核改为二级审核,请先确保所有多级审核的工单都已确认执行。否则未执行工单将无法找回。当多级审核关闭后系统并不会自动将角色为执行人的用户重置角色，请自行重置相应用户角色

二级审核流程：

1.使用人根据自己拥有的权限向对应的工单提交单元(DDL,DML)提交工单
2.管理员收到消息后在审核工单页面审核该工单请求并执行/驳回对应工单
3.执行记录将会记录在该管理员用户下

多级审核流程：

1.使用人根据自己拥有的权限向对应的工单提交单元(DDL,DML)提交工单，
2.管理员收到消息后在审核工单页面审核该工单请求并同意/驳回对应工单并选择对应执行人（执行人必须是角色为执行人的用户）
3.执行人收到工单后执行/驳回该工单
4.执行记录将会记录在该执行人用户下

普通安装

Yearning 不依赖于任何第三方SQL审核工具作为审核引擎,内部已自己实现审核/回滚相关逻辑。仅依赖Mysql数据库。mysql版本必须5.7及以上版本，请事先自行安装完毕且创建Yearning库,字符集应为UTF-8/UTF8mb4 (仅Yearning所需mysql版本)Yearning日志仅输出error级别,没有日志即可认为无运行错误！Yearning 基于1080p分辨率开发仅支持1080p及以上显示器访问（可到官网下载二进制文件）

[root@iZbp143t3oxhfc3ar7jey0Z ~]# ll
total 814104
-rw-r--r-- 1 root  root         39 Mar 16 17:58 aaa.text
-rw-r--r-- 1 root  root          0 Mar 16 21:12 b
-rw------- 1 root  root  500336640 Feb 21 22:15 elasticsearch.tar
-rw-r--r-- 1 root  root         25 Mar 16 21:25 file.txt
drwxr-xr-x 4 root  root       4096 Mar  3 13:57 littleTools
drwxr-xr-x 2 root  root       4096 Feb 17 21:39 mysql-5.6.35-linux-glibc2.5-x86_64
-rw-r--r-- 1 root  root  314581668 Feb 17 21:38 mysql-5.6.35-linux-glibc2.5-x86_64.tar.gz
-rw-r--r-- 1 root  root     398872 Mar 16 00:29 netcat-0.7.1.tar.gz
drwxrwxr-x 5 test1 test1      4096 Feb 21 19:41 ngx_openresty-1.9.7.1
-rw-r--r-- 1 root  root    3548444 Dec 25  2015 ngx_openresty-1.9.7.1.tar.gz
-rw-r--r-- 1 root  root       1062 Mar  6 00:07 passwd
drwxrwxr-x 6 root  root       4096 Mar 17 18:42 redis-4.0.12
-rw-r--r-- 1 root  root    1740544 Dec 12  2018 redis-4.0.12.tar.gz
-rw-r--r-- 1 root  root   12981868 Mar 17 19:22 Yearning-2.2.0-fix2.linux-amd64.zip
drwxr-xr-x 3 root  root       4096 Mar 16 10:07 Yearning-go
[root@iZbp143t3oxhfc3ar7jey0Z ~]# cd Yearning-go
[root@iZbp143t3oxhfc3ar7jey0Z Yearning-go]# ll
total 8404
-rw-r--r-- 1 root root     127 Aug  2  2019 conf.toml
drwxr-xr-x 6 root root    4096 Mar 17 09:57 dist
-rw-r--r-- 1 root root     620 Jan  9 10:06 docker-compose.yml
-rw-r--r-- 1 root root     597 Aug 21  2019 Dockerfile
-rw-r--r-- 1 root root     177 Aug 23  2019 # README
-rwxr--r-- 1 root root 8579816 Mar 17 09:58 Yearning
-rw-r--r-- 1 root root     283 Jan 15 16:55 yearning.service
[root@iZbp143t3oxhfc3ar7jey0Z Yearning-go]# vim conf.toml
[root@iZbp143t3oxhfc3ar7jey0Z Yearning-go]# ll
total 8404
-rw-r--r-- 1 root root     171 Mar 17 19:25 conf.toml
drwxr-xr-x 6 root root    4096 Mar 17 09:57 dist
-rw-r--r-- 1 root root     620 Jan  9 10:06 docker-compose.yml
-rw-r--r-- 1 root root     597 Aug 21  2019 Dockerfile
-rw-r--r-- 1 root root     177 Aug 23  2019 # README
-rwxr--r-- 1 root root 8579816 Mar 17 09:58 Yearning
-rw-r--r-- 1 root root     283 Jan 15 16:55 yearning.service
[root@iZbp143t3oxhfc3ar7jey0Z Yearning-go]# ./Yearning -h
version: Yearning/2.2.0 author: HenryYee
Usage: Yearning [-m migrate] [-p port] [-s start] [-b web-bind] [-h help] [-c config file]Options:-s  启动Yearning-m  数据初始化(第一次安装时执行)-p  端口-b  钉钉/邮件推送时显示的平台地址-x  表结构修复,升级时可以操作。如出现错误可直接忽略。-h  帮助-c  配置文件路径-k  用户权限变更为权限组(2.1.7以下升级至2.1.7及以上使用)-f  初始化Admin用户密码
[root@iZbp143t3oxhfc3ar7jey0Z Yearning-go]# ./Yearning -m

(/var/jenkins_home/workspace/Yearning-go/src/service/migrate.go:31)
[2020-03-17 19:25:53]  [8.97ms]  INSERT  INTO `core_accounts` (`username`,`password`,`rule`,`department`,`real_name`,`email`) VALUES ('admin','pbkdf2_sha256$120000$cHnTX55niNFu$b9peQgq7+P85E4Qb8q30SeOnxJPPiKryj5VK9foAR7U=','admin','DBA','超级管理员','')
[1 rows affected or returned ](/var/jenkins_home/workspace/Yearning-go/src/service/migrate.go:39)
[2020-03-17 19:25:53]  [22.81ms]  INSERT  INTO `core_global_configurations` (`authorization`,`ldap`,`message`,`other`,`stmt`,`audit_role`,`board`) VALUES ('global','{"url":"","user":"","password":"","type":1,"sc":"","ldaps":false}','{"web_hook":"","host":"","port":25,"user":"","password":"","to_user":"","mail":false,"ding":false,"ssl":false}','{"limit":"1000","idc":["Aliyun","AWS"],"multi":false,"query":false,"exclude_db_list":[],"insulate_word_list":[],"register":false,"export":false,"per_order":2,"ex_query_time":60,"query_timeout":0}',0,'{"DMLInsertColumns":false,"DMLMaxInsertRows":10,"DMLWhere":false,"DMLOrder":false,"DMLSelect":false,"DDLCheckTableComment":false,"DDlCheckColumnComment":false,"DDLCheckColumnNullable":false,"DDLCheckColumnDefault":false,"DDLTimeFieldDefault":false,"DDLEnableAcrossDBRename":false,"DDLEnableAutoincrementInit":false,"DDLEnableAutoIncrement":false,"DDLEnableAutoincrementUnsigned":false,"DDLEnableDropTable":false,"DDLEnableDropDatabase":false,"DDLEnableNullIndexName":false,"DDLIndexNameSpec":false,"DDLMaxKeyParts":5,"DDLMaxKey":5,"DDLMaxCharLength":10,"MaxTableNameLen":10,"MaxAffectRows":1000,"MaxDDLAffectRows":0,"EnableSetCollation":false,"EnableSetCharset":false,"SupportCharset":"","SupportCollation":"","CheckIdentifier":false,"MustHaveColumns":"","DDLMultiToSubmit":false,"DDLPrimaryKeyMust":false,"DDLAllowColumnType":false,"DDLImplicitTypeConversion":false,"DMLMinimalRollback":false,"DDLAllowPRINotInt":false,"IsOSC":false,"OscBinDir":"","OscDropNewTable":false,"OscDropOldTable":false,"OscCheckReplicationFilters":false,"OscCheckAlter":false,"OscAlterForeignKeysMethod":"rebuild_constraints","OscMaxLag":1,"OscRecursionMethod":"processlist","OscCheckInterval":1,"OscMaxThreadConnected":25,"OscMaxThreadRunning":25,"OscCriticalThreadConnected":20,"OscCriticalThreadRunning":20,"OscPrintSql":false,"OscChunkTime":0.5,"OscSize":0,"AllowCreateView":false,"AllowCreatePartition":false,"AllowSpecialType":false}','')
[1 rows affected or returned ](/var/jenkins_home/workspace/Yearning-go/src/service/migrate.go:46)
[2020-03-17 19:25:53]  [5.59ms]  INSERT  INTO `core_graineds` (`username`,`rule`,`permissions`,`group`) VALUES ('admin','','{"ddl":"1","ddl_source":[],"dml":"1","dml_source":[],"user":"1","base":"1","auditor":[],"query":"1","query_source":[]}',NULL)
[1 rows affected or returned ]
初始化成功!用户名: admin
密码:Yearning_admin
[root@iZbp143t3oxhfc3ar7jey0Z Yearning-go]# ./Yearning -s
检查更新.......
数据已更新!__    __  _____       ___   _____    __   _   _   __   _   _____
\ \  / / | ____|     /   | |  _  \  |  \ | | | | |  \ | | /  ___|\ \/ /  | |__      / /| | | |_| |  |   \| | | | |   \| | | |\  /   |  __|    / / | | |  _  /  | |\   | | | | |\   | | |  _/ /    | |___   / /  | | | | \ \  | | \  | | | | | \  | | |_| |/_/     |_____| /_/   |_| |_|  \_\ |_|  \_| |_| |_|  \_| \_____/  vgolang.verWelcome to Yearning
https://yearning.io
____________________________________O/_______O\
⇨ http server started on [::]:8000
{"time":"2020-03-17T19:29:24.38804852+08:00","level":"ERROR","prefix":"echo","fi                                                                                        le":"dbmanage.go","line":"173","message":"Error 1045: Access denied for user 'ro                                                                                        ot'@'47.111.232.99' (using password: YES)"}
{"time":"2020-03-17T19:56:05.800777325+08:00","level":"ERROR","prefix":"echo","f                                                                                        ile":"group.go","line":"100","message":"code=400, message=Unmarshal type error:                                                                                         expected=[]string, got=bool, field=Permission.ddl_source, offset=124"}

Docker 方式安装

[root@iZ1la3d1xbmukrZ Yearning-go]# docker build  -t yearning .
Sending build context to Docker daemon  25.39MB
Step 1/15 : FROM alpine:latest
latest: Pulling from library/alpine
c9b1b535fdd9: Pull complete
Digest: sha256:ab00606a42621fb68f2ed6ad3c88be54397f981a7b70a79db3d1172b11c4367d
Status: Downloaded newer image for alpine:latest---> e7d92cdc71fe
Step 2/15 : LABEL maintainer="HenryYee-2019/08/13"---> Running in 4aade2c7d662
Removing intermediate container 4aade2c7d662---> 93d53642bc8b
Step 3/15 : EXPOSE 8000---> Running in 6d8d737e5f56
Removing intermediate container 6d8d737e5f56---> 70c9617c2085
Step 4/15 : COPY Yearning  /opt/Yearning---> fa38bfbc447f
Step 5/15 : COPY dist /opt/dist---> 99524d79fef4
Step 6/15 : COPY conf.toml /opt/conf.toml---> f9c1912a709c
Step 7/15 : RUN mkdir /lib64 && ln -s /lib/libc.musl-x86_64.so.1 /lib64/ld-linux-x86-64.so.2---> Running in 4347dc7c2530
Removing intermediate container 4347dc7c2530---> a172c01b05ab
Step 8/15 : RUN echo "http://mirrors.ustc.edu.cn/alpine/v3.3/main/" > /etc/apk/repositories---> Running in d46ffc850734
Removing intermediate container d46ffc850734---> 2b952b857705
Step 9/15 : RUN apk add --no-cache tzdata---> Running in 84b172beade5
fetch http://mirrors.ustc.edu.cn/alpine/v3.3/main/x86_64/APKINDEX.tar.gz
(1/1) Installing tzdata (2015g-r0)
Executing busybox-1.31.1-r9.trigger
OK: 9 MiB in 15 packages
Removing intermediate container 84b172beade5---> 6829de9be4c8
Step 10/15 : RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime---> Running in f92a5657e2d5
Removing intermediate container f92a5657e2d5---> e315e0269def
Step 11/15 : RUN echo "Asia/Shanghai" >> /etc/timezone---> Running in a8c6316b5b57
Removing intermediate container a8c6316b5b57---> dc6ba5a8ec35
Step 12/15 : RUN echo 'hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4' >> /etc/nsswitch.conf---> Running in d74577729bad
Removing intermediate container d74577729bad---> 7f1d92ace6fb
Step 13/15 : WORKDIR /opt---> Running in f18d0dff2864
Removing intermediate container f18d0dff2864---> 9395ce234ec9
Step 14/15 : ENTRYPOINT  ["/opt/Yearning"]---> Running in cd718743cc95
Removing intermediate container cd718743cc95---> 2d4ae2f00b84
Step 15/15 : CMD ["-m", "-s"]---> Running in b20f152e339d
Removing intermediate container b20f152e339d---> 093cd1b642a3
Successfully built 093cd1b642a3
Successfully tagged yearning:latest
[root@iZ1la3d1xbmukrZ Yearning-go]# docker images
REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
yearning                        latest              093cd1b642a3        7 seconds ago       32.2MB
sonatype/nexus3                 latest              7e6931b4cdf2        3 weeks ago         640MB
wojiushixiaobai/jms_guacamole   1.5.6               af71674d07a4        6 weeks ago         659MB
wojiushixiaobai/jms_koko        1.5.6               2561f1397767        6 weeks ago         357MB
alpine                          latest              e7d92cdc71fe        8 weeks ago         5.59MB
sonatype/nexus                  pro-2.14.16         f27405473ed3        8 weeks ago         482MB
sonatype/nexus                  oss                 8027e6db5d67        8 weeks ago         452MB
jpetazzo/nsenter                latest              4167ddcfcec6        13 months ago       375MB
[root@iZ1la3d1xbmukrZ Yearning-go]# docker run -d -it -p 8000:8000 -e MYSQL_USER=root -e MYSQL_ADDR=rm-bp1y5jh712124eh9clo.mysql.rds.aliyuncs.com:3306 -e MYSQL_PASSWORD=1qaz@WSX -e MYSQL_DB=sqlcheck yearning
e84f849d7742545b2af488e84aac5092f9ebb44e2d14fa1f2c7b4bf4285474df
[root@iZ1la3d1xbmukrZ Yearning-go]# docker ps -l
CONTAINER ID        IMAGE               COMMAND                 CREATED             STATUS              PORTS                    NAMES
e84f849d7742        yearning            "/opt/Yearning -m -s"   5 seconds ago       Up 3 seconds        0.0.0.0:8000->8000/tcp   affectionate_jepsen
[root@iZ1la3d1xbmukrZ Yearning-go]# lsof -i:8000
-bash: lsof: command not found
[root@iZ1la3d1xbmukrZ Yearning-go]# netstat -nltp |grep 8000
tcp6       0      0 :::8000                 :::*                    LISTEN      30400/docker-proxy
[root@iZ1la3d1xbmukrZ Yearning-go]#

docker-compose安装

version: '3'services:yearning:image: yearningdepends_on:- mysqlenvironment:MYSQL_USER: yearningMYSQL_PASSWORD: ukC2ZkcG_ZTebMYSQL_ADDR: mysqlMYSQL_DB: yearningports:- 8000:8000mysql:image: mysql:5.7environment:MYSQL_ROOT_PASSWORD: ukC2ZkcG_ZTebMYSQL_DATABASE: yearningMYSQL_USER: yearningMYSQL_PASSWORD: ukC2ZkcG_ZTebcommand:- --character-set-server=utf8mb4- --collation-server=utf8mb4_unicode_ci

注意：虽然我的第一个应用依赖mysql，但是第一次的时候，还是会显示连不上，需要再执行一次

Yearning介绍及三种方式安装相关推荐

centos7.4安装mysql5.7_centos7.4三种方式安装mysql5.7
三种方式安装 mysql 二进制 rpm 安装 mysql5.7.21 下载 yum repository [root@apenglinux-002 yum.repos.d]# yum -y inst ...
vue.js 三种方式安装--npm安装
Vue.js是一个构建数据驱动的 web 界面的渐进式框架. Vue.js 的目标是通过简单的 API 实现响应的数据绑定和组合的视图组件.它不仅易上手,便于与第三方库或既有项目整合. ...
vue.js 三种方式安装
Vue.js(读音 /vjuː/, 类似于 view)是一个构建数据驱动的 web 界面的渐进式框架.Vue.js 的目标是通过尽可能简单的 API 实现响应的数据绑定和组合的视图组件.它不仅易于上手 ...
vue.js 三种方式安装(vue-cli)
Vue.js(读音 /vjuː/, 类似于 view)是一个构建数据驱动的 web 界面的渐进式框架.Vue.js 的目标是通过尽可能简单的 API 实现响应的数据绑定和组合的视图组件.它不仅易于上手 ...
【CSDN软件工程师能力认证学习精选】vue.js 三种方式安装(vue-cli)
CSDN软件工程师能力认证(以下简称C系列认证)是由中国软件开发者网CSDN制定并推出的一个能力认证标准.C系列认证历经近一年的实际线下调研.考察.迭代.测试,并梳理出软件工程师开发过程中所需的各项技 ...
用三种方式安装Nginx
一准备工作 1 安装centos7.9环境 2 安装nginx必备软件 (1).GCC编译器与G++编译器 GCC(GNU Compiler Collection)可用来编译C语言程序. #yum ...
Eclipse插件安装的三种方式
Eclipse插件安装总结通过个人的学习体会,将目前Eclipse插件安装的三种方式,总结如下: 第一种方法很简单,在Eclipse的主目录(%ECLIPSE_HOME%)下有一个plugins目录和 ...
Qt三种方式实现FTP上传功能
FTP协议 FTP的中文名称是"文件传输协议",是File Transfer Protocol三个英文单词的缩写.FTP协议是TCP/IP协议组中的协议之一,其传输效率非常高,在网 ...
ES6 中三种方式定义对象属性
ES6 中三种方式定义对象属性重复样本代码让开发者很不爽,代码混乱掩盖了重要业务代码.ES6关注并解决一些重复的代码方式,使代码简洁.逻辑清晰,如数组解构.对象解构.箭头函数等.本文我们主要介绍利用 ...

Yearning介绍及三种方式安装

介绍