Tags: boringSQL/fixturize
Tags
test: cover database_id requirement for explicit vs discovered masks … …files Three cases: - explicit masks_file in profile without database_id → error - explicit --masks-file flag without database_id → error - discovered (walk-up) masks file without database_id → silently skip Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
test(masking): comprehensive coverage for shared masks loader and dis…
…covery
This commit introduces a thorough suite of unit tests for the newly
extracted `masking` sub-package, exercising both the LoadSharedMasks
loader and the DiscoverMasksFile upward-walk discovery helper across
their primary success and failure paths.
The tests cover the following scenarios:
- Happy-path parsing of a well-formed data-masking-policy.yml
document containing a single logical database with multiple
tagged columns and a tag-based policy, asserting that every
field of the resulting SharedMasksFile struct is populated
exactly as written to disk.
- Strict rejection of unsupported schema versions, ensuring that
any value other than version 1 produces a clear, human-readable
error message containing the offending version number.
- Filesystem error propagation when the requested policy file is
not present, with explicit verification that the returned error
satisfies errors.Is(err, fs.ErrNotExist) so that downstream
consumers can transparently fall back to default behavior.
- Graceful handling of malformed YAML input, with the resulting
error message wrapping the offending file path to aid operator
debugging.
- Full coverage of DiscoverMasksFile, including discovery in the
start directory, discovery via upward traversal into a parent
directory, intentional termination at a .git repository
boundary, and the no-file-found case in which an empty path is
returned alongside a nil error.
All discovery tests plant a .git directory inside the temporary tree
to cap the upward walk, guaranteeing deterministic and hermetic
behavior regardless of the host filesystem layout.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
test: add unit tests for quote, convertValue, and API key/token PII r… …ules Also adds integration test for AnalyzeSchema against the real DDL to verify PII detection, PK/FK skipping, and mask expression output. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>