added tests and ci for a test run.

viragtripathi · viragtripathi · commit 45ed1b4a8342 · 2025-05-17T10:21:00.000-04:00
diff --git a/.github/workflows/python-ci.yml b/.github/workflows/python-ci.yml
@@ -28,3 +28,7 @@ jobs:
 
       - name: Build package
         run: python -m build
+
+      - name: Run test suite
+        run: |
+          python tests/test_runner.py
diff --git a/README.md b/README.md
@@ -1,6 +1,7 @@
 [![PyPI version](https://img.shields.io/pypi/v/crdb-sql-audit)](https://pypi.org/project/crdb-sql-audit/)
 [![Python version](https://img.shields.io/pypi/pyversions/crdb-sql-audit)](https://pypi.org/project/crdb-sql-audit/)
 [![License](https://img.shields.io/pypi/l/crdb-sql-audit)](https://pypi.org/project/crdb-sql-audit/)
+[![Build status](https://github.com/viragtripathi/crdb-sql-audit/actions/workflows/python-ci.yml/badge.svg)](https://github.com/viragtripathi/crdb-sql-audit/actions)
 
 # crdb-sql-audit
 
@@ -169,3 +170,25 @@ You can use basic Unix commands to check for patterns like pg_ functions directl
 | Unique function names              | `grep -oE '\bpg_[a-zA-Z0-9_]+\(' chunks/* \| sort \| uniq`                |
 | Count occurrences of each function | `grep -oE '\bpg_[a-zA-Z0-9_]+\(' chunks/* \| sort \| uniq -c \| sort -nr` |
 | Full SQL lines containing pg\_\*   | `grep -E '\bpg_[a-zA-Z0-9_]+\(' chunks/*`                                 |
+
+
+---
+
+## 🧪 Running Tests
+
+This project includes a test suite using sample logs and rules to validate behavior.
+
+### 🔧 To run locally:
+
+```bash
+python tests/test_runner.py
+```
+
+### 🧪 What it does:
+
+* Runs `crdb-sql-audit` on a small sample of PostgreSQL-style logs
+* Uses `tests/rules/test_rules.yaml`
+* Verifies that a CSV report is created with expected issues
+
+✅ This runs automatically in GitHub Actions on every commit to `main`.
+
diff --git a/tests/rules/test_rules.yaml b/tests/rules/test_rules.yaml
@@ -0,0 +1,17 @@
+- id: malformed_dml
+  match: '^(SELECT|DELETE FROM)\s*$'
+  message: "Too short"
+  level: warning
+  tags: [syntax]
+
+- id: hash_table
+  match: '"[^"]*#\w*"'
+  message: "Has # in table name"
+  level: error
+  tags: [identifier]
+
+- id: pg_func
+  match: '^.*\bpg_\w+\s*\(.*$'
+  message: "PostgreSQL built-in function"
+  level: error
+  tags: [function]
diff --git a/tests/sample_logs/basic_pg_chunk.log b/tests/sample_logs/basic_pg_chunk.log
@@ -0,0 +1,4 @@
+2025-05-15 12:00:00 CEST [123456]: [1-1] user=testusr,db=testdb LOG:  execute <unnamed>: SELECT * FROM "ACCOUNTS#NAU"
+2025-05-15 12:00:01 CEST [123456]: [2-1] user=testusr,db=testdb LOG:  execute <unnamed>: DELETE FROM
+2025-05-15 12:00:02 CEST [123456]: [3-1] user=testusr,db=testdb LOG:  execute <unnamed>: SELECT pg_backend_pid()
+2025-05-15 12:00:03 CEST [123456]: [4-1] user=testusr,db=testdb LOG:  execute <unnamed>: SELECT
diff --git a/tests/test_runner.py b/tests/test_runner.py
@@ -0,0 +1,23 @@
+import os
+import subprocess
+
+def run_test():
+    print("🧪 Running crdb-sql-audit on test logs...")
+    test_output = "tests/output/test_report"
+    os.makedirs("tests/output", exist_ok=True)
+
+    subprocess.run([
+        "crdb-sql-audit",
+        "--dir", "tests/sample_logs",
+        "--terms", "execute,pg_",
+        "--rules", "tests/rules/test_rules.yaml",
+        "--out", test_output
+    ], check=True)
+
+    if os.path.exists(test_output + ".csv"):
+        print("✅ CSV report generated successfully")
+    else:
+        print("❌ CSV report not found")
+
+if __name__ == "__main__":
+    run_test()
