chore: support configure the payload for sql review rules (#42)

* feat: support policy data source

* chore: support CRUD policy resource

* chore: support config sql review rules

Author: ecmadao

api/policy.go

@@ -12,9 +12,6 @@ type ApprovalGroup string
 // BackupPlanSchedule is schedule for backup plan policy.
 type BackupPlanSchedule string
 
-// SQLReviewRuleLevel is the error level for SQL review rule.
-type SQLReviewRuleLevel string
-
 // SensitiveDataMaskType is the mask type for sensitive data.
 type SensitiveDataMaskType string
 
@@ -50,13 +47,6 @@ const (
 	// SensitiveDataMaskTypeDefault is the sensitive data type to hide data with a default method.
 	// The default method is subject to change.
 	SensitiveDataMaskTypeDefault SensitiveDataMaskType = "DEFAULT"
-
-	// SQLReviewRuleLevelError is the error level for SQL review rule.
-	SQLReviewRuleLevelError SQLReviewRuleLevel = "ERROR"
-	// SQLReviewRuleLevelWarning is the warning level for SQL review rule.
-	SQLReviewRuleLevelWarning SQLReviewRuleLevel = "WARNING"
-	// SQLReviewRuleLevelDisabled is the disabled level for SQL review rule.
-	SQLReviewRuleLevelDisabled SQLReviewRuleLevel = "DISABLED"
 )
 
 // DeploymentApprovalPolicy is the policy configuration for deployment approval.
@@ -104,15 +94,8 @@ type AccessControlRule struct {
 
 // SQLReviewPolicy is the API message for SQL review policy.
 type SQLReviewPolicy struct {
-	Title string           `type:"title"`
-	Rules []*SQLReviewRule `type:"rules"`
-}
-
-// SQLReviewRule is the API message for SQL review rule.
-type SQLReviewRule struct {
-	Type    string             `json:"type"`
-	Level   SQLReviewRuleLevel `json:"level"`
-	Payload string             `json:"payload"`
+	Title string           `json:"title"`
+	Rules []*SQLReviewRule `json:"rules"`
 }
 
 // PolicyFindMessage is the API message for finding policies.

api/sql_review.go

@@ -0,0 +1,160 @@
+package api
+
+// SQLReviewRuleType is the type of schema rule.
+type SQLReviewRuleType string
+
+// SQLReviewRuleLevel is the error level for SQL review rule.
+type SQLReviewRuleLevel string
+
+const (
+	// SchemaRuleTableNaming enforce the table name format.
+	SchemaRuleTableNaming SQLReviewRuleType = "naming.table"
+	// SchemaRuleColumnNaming enforce the column name format.
+	SchemaRuleColumnNaming SQLReviewRuleType = "naming.column"
+	// SchemaRulePKNaming enforce the primary key name format.
+	SchemaRulePKNaming SQLReviewRuleType = "naming.index.pk"
+	// SchemaRuleUKNaming enforce the unique key name format.
+	SchemaRuleUKNaming SQLReviewRuleType = "naming.index.uk"
+	// SchemaRuleFKNaming enforce the foreign key name format.
+	SchemaRuleFKNaming SQLReviewRuleType = "naming.index.fk"
+	// SchemaRuleIDXNaming enforce the index name format.
+	SchemaRuleIDXNaming SQLReviewRuleType = "naming.index.idx"
+	// SchemaRuleAutoIncrementColumnNaming enforce the auto_increment column name format.
+	SchemaRuleAutoIncrementColumnNaming SQLReviewRuleType = "naming.column.auto-increment"
+
+	// SchemaRuleStatementNoSelectAll disallow 'SELECT *'.
+	SchemaRuleStatementNoSelectAll SQLReviewRuleType = "statement.select.no-select-all"
+	// SchemaRuleStatementRequireWhere require 'WHERE' clause.
+	SchemaRuleStatementRequireWhere SQLReviewRuleType = "statement.where.require"
+	// SchemaRuleStatementNoLeadingWildcardLike disallow leading '%' in LIKE, e.g. LIKE foo = '%x' is not allowed.
+	SchemaRuleStatementNoLeadingWildcardLike SQLReviewRuleType = "statement.where.no-leading-wildcard-like"
+	// SchemaRuleStatementDisallowCommit disallow using commit in the issue.
+	SchemaRuleStatementDisallowCommit SQLReviewRuleType = "statement.disallow-commit"
+	// SchemaRuleStatementDisallowLimit disallow the LIMIT clause in INSERT, DELETE and UPDATE statements.
+	SchemaRuleStatementDisallowLimit SQLReviewRuleType = "statement.disallow-limit"
+	// SchemaRuleStatementDisallowOrderBy disallow the ORDER BY clause in DELETE and UPDATE statements.
+	SchemaRuleStatementDisallowOrderBy SQLReviewRuleType = "statement.disallow-order-by"
+	// SchemaRuleStatementMergeAlterTable disallow redundant ALTER TABLE statements.
+	SchemaRuleStatementMergeAlterTable SQLReviewRuleType = "statement.merge-alter-table"
+	// SchemaRuleStatementInsertRowLimit enforce the insert row limit.
+	SchemaRuleStatementInsertRowLimit SQLReviewRuleType = "statement.insert.row-limit"
+	// SchemaRuleStatementInsertMustSpecifyColumn enforce the insert column specified.
+	SchemaRuleStatementInsertMustSpecifyColumn SQLReviewRuleType = "statement.insert.must-specify-column"
+	// SchemaRuleStatementInsertDisallowOrderByRand disallow the order by rand in the INSERT statement.
+	SchemaRuleStatementInsertDisallowOrderByRand SQLReviewRuleType = "statement.insert.disallow-order-by-rand"
+	// SchemaRuleStatementAffectedRowLimit enforce the UPDATE/DELETE affected row limit.
+	SchemaRuleStatementAffectedRowLimit SQLReviewRuleType = "statement.affected-row-limit"
+	// SchemaRuleStatementDMLDryRun dry run the dml.
+	SchemaRuleStatementDMLDryRun SQLReviewRuleType = "statement.dml-dry-run"
+
+	// SchemaRuleTableRequirePK require the table to have a primary key.
+	SchemaRuleTableRequirePK SQLReviewRuleType = "table.require-pk"
+	// SchemaRuleTableNoFK require the table disallow the foreign key.
+	SchemaRuleTableNoFK SQLReviewRuleType = "table.no-foreign-key"
+	// SchemaRuleTableDropNamingConvention require only the table following the naming convention can be deleted.
+	SchemaRuleTableDropNamingConvention SQLReviewRuleType = "table.drop-naming-convention"
+	// SchemaRuleTableCommentConvention enforce the table comment convention.
+	SchemaRuleTableCommentConvention SQLReviewRuleType = "table.comment"
+	// SchemaRuleTableDisallowPartition disallow the table partition.
+	SchemaRuleTableDisallowPartition SQLReviewRuleType = "table.disallow-partition"
+
+	// SchemaRuleRequiredColumn enforce the required columns in each table.
+	SchemaRuleRequiredColumn SQLReviewRuleType = "column.required"
+	// SchemaRuleColumnNotNull enforce the columns cannot have NULL value.
+	SchemaRuleColumnNotNull SQLReviewRuleType = "column.no-null"
+	// SchemaRuleColumnDisallowChangeType disallow change column type.
+	SchemaRuleColumnDisallowChangeType SQLReviewRuleType = "column.disallow-change-type"
+	// SchemaRuleColumnSetDefaultForNotNull require the not null column to set default value.
+	SchemaRuleColumnSetDefaultForNotNull SQLReviewRuleType = "column.set-default-for-not-null"
+	// SchemaRuleColumnDisallowChange disallow CHANGE COLUMN statement.
+	SchemaRuleColumnDisallowChange SQLReviewRuleType = "column.disallow-change"
+	// SchemaRuleColumnDisallowChangingOrder disallow changing column order.
+	SchemaRuleColumnDisallowChangingOrder SQLReviewRuleType = "column.disallow-changing-order"
+	// SchemaRuleColumnCommentConvention enforce the column comment convention.
+	SchemaRuleColumnCommentConvention SQLReviewRuleType = "column.comment"
+	// SchemaRuleColumnAutoIncrementMustInteger require the auto-increment column to be integer.
+	SchemaRuleColumnAutoIncrementMustInteger SQLReviewRuleType = "column.auto-increment-must-integer"
+	// SchemaRuleColumnTypeDisallowList enforce the column type disallow list.
+	SchemaRuleColumnTypeDisallowList SQLReviewRuleType = "column.type-disallow-list"
+	// SchemaRuleColumnDisallowSetCharset disallow set column charset.
+	SchemaRuleColumnDisallowSetCharset SQLReviewRuleType = "column.disallow-set-charset"
+	// SchemaRuleColumnMaximumCharacterLength enforce the maximum character length.
+	SchemaRuleColumnMaximumCharacterLength SQLReviewRuleType = "column.maximum-character-length"
+	// SchemaRuleColumnAutoIncrementInitialValue enforce the initial auto-increment value.
+	SchemaRuleColumnAutoIncrementInitialValue SQLReviewRuleType = "column.auto-increment-initial-value"
+	// SchemaRuleColumnAutoIncrementMustUnsigned enforce the auto-increment column to be unsigned.
+	SchemaRuleColumnAutoIncrementMustUnsigned SQLReviewRuleType = "column.auto-increment-must-unsigned"
+	// SchemaRuleCurrentTimeColumnCountLimit enforce the current column count limit.
+	SchemaRuleCurrentTimeColumnCountLimit SQLReviewRuleType = "column.current-time-count-limit"
+	// SchemaRuleColumnRequireDefault enforce the column default.
+	SchemaRuleColumnRequireDefault SQLReviewRuleType = "column.require-default"
+
+	// SchemaRuleSchemaBackwardCompatibility enforce the MySQL and TiDB support check whether the schema change is backward compatible.
+	SchemaRuleSchemaBackwardCompatibility SQLReviewRuleType = "schema.backward-compatibility"
+
+	// SchemaRuleDropEmptyDatabase enforce the MySQL and TiDB support check if the database is empty before users drop it.
+	SchemaRuleDropEmptyDatabase SQLReviewRuleType = "database.drop-empty-database"
+
+	// SchemaRuleIndexNoDuplicateColumn require the index no duplicate column.
+	SchemaRuleIndexNoDuplicateColumn SQLReviewRuleType = "index.no-duplicate-column"
+	// SchemaRuleIndexKeyNumberLimit enforce the index key number limit.
+	SchemaRuleIndexKeyNumberLimit SQLReviewRuleType = "index.key-number-limit"
+	// SchemaRuleIndexPKTypeLimit enforce the type restriction of columns in primary key.
+	SchemaRuleIndexPKTypeLimit SQLReviewRuleType = "index.pk-type-limit"
+	// SchemaRuleIndexTypeNoBlob enforce the type restriction of columns in index.
+	SchemaRuleIndexTypeNoBlob SQLReviewRuleType = "index.type-no-blob"
+	// SchemaRuleIndexTotalNumberLimit enforce the index total number limit.
+	SchemaRuleIndexTotalNumberLimit SQLReviewRuleType = "index.total-number-limit"
+	// SchemaRuleIndexPrimaryKeyTypeAllowlist enforce the primary key type allowlist.
+	SchemaRuleIndexPrimaryKeyTypeAllowlist SQLReviewRuleType = "index.primary-key-type-allowlist"
+
+	// SchemaRuleCharsetAllowlist enforce the charset allowlist.
+	SchemaRuleCharsetAllowlist SQLReviewRuleType = "system.charset.allowlist"
+
+	// SchemaRuleCollationAllowlist enforce the collation allowlist.
+	SchemaRuleCollationAllowlist SQLReviewRuleType = "system.collation.allowlist"
+
+	// SchemaRuleCommentLength limit comment length.
+	SchemaRuleCommentLength SQLReviewRuleType = "comment.length"
+
+	// SQLReviewRuleLevelError is the error level for SQL review rule.
+	SQLReviewRuleLevelError SQLReviewRuleLevel = "ERROR"
+	// SQLReviewRuleLevelWarning is the warning level for SQL review rule.
+	SQLReviewRuleLevelWarning SQLReviewRuleLevel = "WARNING"
+	// SQLReviewRuleLevelDisabled is the disabled level for SQL review rule.
+	SQLReviewRuleLevelDisabled SQLReviewRuleLevel = "DISABLED"
+)
+
+// NamingRulePayload is the payload for naming rule.
+type NamingRulePayload struct {
+	MaxLength int    `json:"maxLength"`
+	Format    string `json:"format"`
+}
+
+// StringArrayTypeRulePayload is the payload for rules with string array value.
+type StringArrayTypeRulePayload struct {
+	List []string `json:"list"`
+}
+
+// RequiredColumnRulePayload is the payload for required column rule.
+type RequiredColumnRulePayload struct {
+	ColumnList []string `json:"columnList"`
+}
+
+// CommentConventionRulePayload is the payload for comment convention rule.
+type CommentConventionRulePayload struct {
+	Required  bool `json:"required"`
+	MaxLength int  `json:"maxLength"`
+}
+
+// NumberTypeRulePayload is the number type payload.
+type NumberTypeRulePayload struct {
+	Number int `json:"number"`
+}
+
+// SQLReviewRule is the API message for SQL review rule.
+type SQLReviewRule struct {
+	Type    SQLReviewRuleType  `json:"type"`
+	Level   SQLReviewRuleLevel `json:"level"`
+	Payload string             `json:"payload"`
+}

examples/policies/main.tf

@@ -32,6 +32,16 @@ output "deployment_approval_policy" {
   value = data.bytebase_policy.deployment_approval
 }
 
+# Find SQL review policy in test environment.
+data "bytebase_policy" "sql_review" {
+  environment = local.environment_id_test
+  type        = "SQL_REVIEW"
+}
+
+output "sql_review_policy" {
+  value = data.bytebase_policy.sql_review
+}
+
 # List policies in test environment.
 data "bytebase_policy_list" "test_env_policies" {
   environment = local.environment_id_test

examples/setup/main.tf

@@ -140,3 +140,35 @@ resource "bytebase_policy" "backup_plan" {
     retention_duration = 86400
   }
 }
+
+# Create SQL review policy for test env.
+resource "bytebase_policy" "sql_review" {
+  environment = bytebase_instance.test.environment
+  type        = "SQL_REVIEW"
+
+  sql_review_policy {
+    title = "SQL Review Policy for Test environment"
+    rules {
+      type  = "naming.table"
+      level = "ERROR"
+      payload {
+        max_length = 99
+        format     = "^[a-z]+$"
+      }
+    }
+    rules {
+      type  = "column.required"
+      level = "WARNING"
+      payload {
+        list = ["id", "created_ts", "updated_ts"]
+      }
+    }
+    rules {
+      type  = "column.auto-increment-initial-value"
+      level = "DISABLED"
+      payload {
+        number = 1
+      }
+    }
+  }
+}