diff --git a/dblinter.cfg b/dblinter.cfg index 8596477..760fe08 100644 --- a/dblinter.cfg +++ b/dblinter.cfg @@ -73,7 +73,7 @@ table: fixes: - create a primary key. - name: TableWithRedundantIndex - ruleid: T003 + ruleid: T002 enabled: True context: desc: table without duplicated index. @@ -81,25 +81,25 @@ table: fixes: - remove duplicated index - name: TableWithFkNotIndexed - ruleid: T004 + ruleid: T003 enabled: True context: desc: table without index on fk. - message: "unindexed fk {0}.{1}.{2} ddl:{3}." + message: "Unindexed fk {0}.{1}.{2} ddl:{3}." fixes: - index foreign key. - - name: TableWithPotentialMissingIdx - ruleid: T005 + - name: TableWithUnusedIndex + ruleid: T004 enabled: True params: - - threshold: 1000000 + - size_mo: 25 context: - desc: table with high level of seq scan vs idx scan, base on pg_stat_user_tables. - message: "{0} table with seq scan exceed the threshold: {1}." + desc: Table unused index, base on pg_stat_user_indexes, indexes associated to unique constraints are discard. + message: "Index {0} on {1} size {2} Mo seems to be unused (idx_scan=0)." fixes: - - ask a dba. + - remove unused index or change warning/error threshold. - name: TableWithFkOutsideSchema - ruleid: T006 + ruleid: T007 enabled: True context: desc: table with fk outside its schema @@ -107,16 +107,6 @@ table: fixes: - consider rewrite your model. - ask a dba. - - name: TableWithUnusedIndex - ruleid: T007 - enabled: True - params: - - size_mo: 25 - context: - desc: Table unused index, base on pg_stat_user_indexes, indexes associated to unique constraints are discard. - message: "Index {0} on {1} size {2} Mo seems to be unused (idx_scan=0)." - fixes: - - remove unused index or change warning/error threshold. - name: TableWithFkMismatch ruleid: T008 enabled: True @@ -142,6 +132,16 @@ table: message: "{0} {1}.{2}.{3}.{4} violate retricted keyword rule." fixes: - Rename the object to use a non reserved keyword. + - name: TableWithPotentialMissingIdx + ruleid: T011 + enabled: True + params: + - threshold: 1000000 + context: + desc: table with high level of seq scan vs idx scan, base on pg_stat_user_tables. + message: "{0} table with seq scan exceed the threshold: {1}." + fixes: + - ask a dba. schema: - name: SchemaWithDefaultRoleNotGranted ruleid: S001 diff --git a/dblinter/default_config.yaml b/dblinter/default_config.yaml index 7699af3..124cfdd 100644 --- a/dblinter/default_config.yaml +++ b/dblinter/default_config.yaml @@ -104,7 +104,7 @@ table: fixes: - create a primary key. - name: TableWithRedundantIndex - ruleid: T003 + ruleid: T002 enabled: True context: desc: table without duplicated index. @@ -112,42 +112,40 @@ table: fixes: - remove duplicated index - name: TableWithFkNotIndexed - ruleid: T004 + ruleid: T003 enabled: True context: desc: table without index on fk. - message: "unindexed fk {0}.{1}.{2}." + message: "Unindexed fk {0}.{1}.{2}." fixes: - "{3}." - - name: TableWithPotentialMissingIdx - ruleid: T005 + - name: TableWithUnusedIndex + ruleid: T004 enabled: True params: - - threshold: 1000000 + - size_mo: 25 context: - desc: table with high level of seq scan vs idx scan, base on pg_stat_user_tables. - message: "{0} table with seq scan exceed the threshold: {1}." + desc: Table unused index, base on pg_stat_user_indexes, indexes associated to unique constraints are discard. + message: "Index {0} on {1} size {2} Mo seems to be unused (idx_scan=0)." fixes: - - ask a dba. - - name: TableWithFkOutsideSchema + - remove unused index or change warning/error threshold. + - name: TableWithUppercase ruleid: T006 enabled: True context: - desc: table with fk outside its schema - message: "fk {0} on {1} is in schema {2}." + desc: Table with uppercase in name or in columns. + message: "Uppercase used on table {0}.{1}.{2}." fixes: - - consider rewrite your model. - - ask a dba. - - name: TableWithUnusedIndex + - Do not use uppercase for any database objects + - name: TableWithFkOutsideSchema ruleid: T007 enabled: True - params: - - size_mo: 25 context: - desc: Table unused index, base on pg_stat_user_indexes, indexes associated to unique constraints are discard. - message: "Index {0} on {1} size {2} Mo seems to be unused (idx_scan=0)." + desc: table with fk outside its schema + message: "fk {0} on {1} is in schema {2}." fixes: - - remove unused index or change warning/error threshold. + - consider rewrite your model. + - ask a dba. - name: TableWithFkMismatch ruleid: T008 enabled: True @@ -173,14 +171,16 @@ table: message: "{0} {1}.{2}.{3}.{4} violate retricted keyword rule." fixes: - Rename the object to use a non reserved keyword. - - name: TableWithUppercase + - name: TableWithPotentialMissingIdx ruleid: T011 enabled: True + params: + - threshold: 1000000 context: - desc: Table with uppercase in name or in columns. - message: "Uppercase used on table {0}.{1}.{2}." + desc: table with high level of seq scan vs idx scan, base on pg_stat_user_tables. + message: "{0} table with seq scan exceed the threshold: {1}." fixes: - - Do not use uppercase for any database objects + - ask a dba. - name: TableWithSensibleColumn ruleid: T012 enabled: True diff --git a/dblinter/rules/T003/TableWithRedundantIndex.py b/dblinter/rules/T002/TableWithRedundantIndex.py similarity index 100% rename from dblinter/rules/T003/TableWithRedundantIndex.py rename to dblinter/rules/T002/TableWithRedundantIndex.py diff --git a/dblinter/rules/T004/TableWithFkNotIndexed.py b/dblinter/rules/T003/TableWithFkNotIndexed.py similarity index 100% rename from dblinter/rules/T004/TableWithFkNotIndexed.py rename to dblinter/rules/T003/TableWithFkNotIndexed.py diff --git a/dblinter/rules/T007/TableWithUnusedIndex.py b/dblinter/rules/T004/TableWithUnusedIndex.py similarity index 100% rename from dblinter/rules/T007/TableWithUnusedIndex.py rename to dblinter/rules/T004/TableWithUnusedIndex.py diff --git a/dblinter/rules/T011/TableWithUppercase.py b/dblinter/rules/T006/TableWithUppercase.py similarity index 100% rename from dblinter/rules/T011/TableWithUppercase.py rename to dblinter/rules/T006/TableWithUppercase.py diff --git a/dblinter/rules/T006/TableWithFkOutsideSchema.py b/dblinter/rules/T007/TableWithFkOutsideSchema.py similarity index 100% rename from dblinter/rules/T006/TableWithFkOutsideSchema.py rename to dblinter/rules/T007/TableWithFkOutsideSchema.py diff --git a/tests/data/good_config.yaml b/tests/data/good_config.yaml index 4e6c5fe..ed87730 100644 --- a/tests/data/good_config.yaml +++ b/tests/data/good_config.yaml @@ -71,52 +71,50 @@ table: desc: table without primary key. message: "No primary key on table {0}.{1}.{2}." fixes: - - create a primary key. + - create a primary key. - name: TableWithRedundantIndex - ruleid: T003 + ruleid: T002 enabled: True context: desc: table without duplicated index. message: "{0} redundant(s) index found on {1}.{2} idx {3} column {4}." fixes: - - remove duplicated index + - remove duplicated index - name: TableWithFkNotIndexed - ruleid: T004 + ruleid: T003 enabled: True context: desc: table without index on fk. - message: "unindexed fk {0}.{1}.{2} ddl:{3}." + message: "Unindexed fk {0}.{1}.{2}." fixes: - - index foreign key. - - name: TableWithPotentialMissingIdx - ruleid: T005 + - "{3}." + - name: TableWithUnusedIndex + ruleid: T004 enabled: True params: - - threshold: 1000000 + - size_mo: 25 context: - desc: table with high level of seq scan vs idx scan, base on pg_stat_user_tables. - message: "{0} table with seq scan exceed the threshold: {1}." + desc: Table unused index, base on pg_stat_user_indexes, indexes associated to unique constraints are discard. + message: "Index {0} on {1} size {2} Mo seems to be unused (idx_scan=0)." fixes: - - ask a dba. - - name: TableWithFkOutsideSchema + - remove unused index or change warning/error threshold. + - name: TableWithUppercase ruleid: T006 enabled: True context: - desc: table with fk outside its schema - message: "fk {0} on {1} is in schema {2}." + desc: Table with uppercase in name or in columns. + message: "Uppercase used on table {0}.{1}.{2}." fixes: - - consider rewrite your model. - - ask a dba. - - name: TableWithUnusedIndex + - Do not use uppercase for any database objects + - name: TableWithFkOutsideSchema ruleid: T007 enabled: True - params: - - size_mo: 25 context: - desc: Table unused index, base on pg_stat_user_indexes, indexes associated to unique constraints are discard. - message: "Index {0} on {1} size {2} Mo seems to be unused (idx_scan=0)." + desc: table with fk outside its schema + message: "fk {0} on {1} is in schema {2}." fixes: - - remove unused index or change warning/error threshold. + - consider rewrite your model. + - ask a dba. - name: TableWithFkMismatch ruleid: T008 enabled: True @@ -124,8 +122,8 @@ table: desc: table with fk mismatch, ex smallint refer to a bigint message: "Type constraint mismatch: {0} on {1} column {2} (type {3}/{4}) ref {5} column {6} type ({7}/{8})." fixes: - - consider rewrite your model. - - ask a dba. + - consider rewrite your model. + - ask a dba. - name: TableWithRoleNotGranted ruleid: T009 enabled: True @@ -133,7 +131,7 @@ table: desc: Table has no roles grantee. Meaning that users will need direct access on it (not through a role). message: "No role grantee on table {0}.{1}.{2}. It means that except owner. Others will need a direct grant on this table, not through a role (unusual at dkt)." fixes: - - create roles (myschema_ro & myschema_rw) and grant it on table with appropriate privileges. + - create roles (myschema_ro & myschema_rw) and grant it on table with appropriate privileges. - name: ReservedKeyWord ruleid: T010 enabled: True @@ -141,7 +139,25 @@ table: desc: A table, his column or indexes use reserved keywords. message: "{0} {1}.{2}.{3}.{4} violate retricted keyword rule." fixes: - - Rename the object to use a non reserved keyword. + - Rename the object to use a non reserved keyword. + - name: TableWithPotentialMissingIdx + ruleid: T011 + enabled: True + params: + - threshold: 1000000 + context: + desc: table with high level of seq scan vs idx scan, base on pg_stat_user_tables. + message: "{0} table with seq scan exceed the threshold: {1}." + fixes: + - ask a dba. + - name: TableWithSensibleColumn + ruleid: T012 + enabled: True + context: + desc: Base on the extension anon (https://postgresql-anonymizer.readthedocs.io/en/stable/detection), show sensitive column. + message: "{0} have column {1} (category {2}) that can be consider has sensitive. It should be masked for non data-operator users." + fixes: + - Install extension anon, and create some masking rules on. schema: - name: SchemaWithDefaultRoleNotGranted ruleid: S001 diff --git a/tests/rules/T003/test_TableWithRedundantIndex.py b/tests/rules/T002/test_TableWithRedundantIndex.py similarity index 100% rename from tests/rules/T003/test_TableWithRedundantIndex.py rename to tests/rules/T002/test_TableWithRedundantIndex.py diff --git a/tests/rules/T004/test_TableWithFkNotIndexed.py b/tests/rules/T003/test_TableWithFkNotIndexed.py similarity index 100% rename from tests/rules/T004/test_TableWithFkNotIndexed.py rename to tests/rules/T003/test_TableWithFkNotIndexed.py diff --git a/tests/rules/T007/test_TableWithUnusedIndex.py b/tests/rules/T004/test_TableWithUnusedIndex.py similarity index 100% rename from tests/rules/T007/test_TableWithUnusedIndex.py rename to tests/rules/T004/test_TableWithUnusedIndex.py diff --git a/tests/rules/T011/test_TableWithUppercase.py b/tests/rules/T006/test_TableWithUppercase.py similarity index 100% rename from tests/rules/T011/test_TableWithUppercase.py rename to tests/rules/T006/test_TableWithUppercase.py diff --git a/tests/rules/T006/test_TableWithFkOutsideSchema.py b/tests/rules/T007/test_TableWithFkOutsideSchema.py similarity index 100% rename from tests/rules/T006/test_TableWithFkOutsideSchema.py rename to tests/rules/T007/test_TableWithFkOutsideSchema.py diff --git a/tests/rules/T005/test_TableWithPotentialMissingIdx.py b/tests/rules/T011/test_TableWithPotentialMissingIdx.py similarity index 100% rename from tests/rules/T005/test_TableWithPotentialMissingIdx.py rename to tests/rules/T011/test_TableWithPotentialMissingIdx.py