tests: custom tables - core formats and column/table blocks (#392)

* test: add core format tests and test data files - Add test data files for CSV, Grok nested patterns, plugin logs, and JSONL metrics - Add core format tests for regex, delimited, grok, and jsonl formats - Include test cases for null values and nested patterns
* ci: add core_formats to acceptance test matrix
* test: add column block tests

Author: pskrbasu

.github/workflows/11-test-acceptance.yaml

@@ -95,6 +95,8 @@ jobs:
           - "partition_tests"
           - "file_source"
           - "partition_delete"
+          - "core_formats"
+          - "table_block"
     runs-on: ${{ matrix.platform }}
     steps:
       - name: Checkout

internal/parse/decode.go

@@ -215,11 +215,6 @@ func handleUnknownHcl(block *hcl.Block, parseCtx *ConfigParseContext, unknownAtt
 	var diags hcl.Diagnostics
 	unknown := &config.HclBytes{}
 
-	// First, include the block's own range
-	hclBytes := parseCtx.FileData[block.DefRange.Filename]
-	blockRange := hclhelpers.BlockRangeWithLabels(block)
-	unknown.Merge(config.HclBytesForLines(hclBytes, blockRange))
-
 	for _, attr := range unknownAttrs {
 		//	get the hcl bytes for the file
 		hclBytes := parseCtx.FileData[block.DefRange.Filename]

tests/acceptance/test_data/source_files/custom_logs/access_log.csv

@@ -0,0 +1,4 @@
+timestamp,ip_address,user_agent,status_code
+2024-05-01T10:30:45Z,192.168.1.1,"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7)",200
+2024-05-01T10:31:00Z,192.168.1.2,"Mozilla/5.0 (Windows NT 10.0; Win64; x64)",404
+2024-05-01T10:32:15Z,192.168.1.3,"Mozilla/5.0 (Linux; Android 10)",200

tests/acceptance/test_data/source_files/custom_logs/nested_patterns.log

@@ -0,0 +1,3 @@
+2024-05-01T10:30:45Z [INFO] [AWS] RequestID: req-1234, Service: s3, Operation: ListBuckets, Duration: 150ms
+2024-05-01T10:31:00Z [ERROR] [AWS] RequestID: req-5678, Service: ec2, Operation: DescribeInstances, Error: {"code": "InvalidInstanceID", "message": "The instance ID 'i-1234567890abcdef0' does not exist"}
+2024-05-01T10:32:15Z [DEBUG] [AWS] RequestID: req-9012, Service: lambda, Operation: Invoke, Duration: 45ms 

tests/acceptance/test_data/source_files/custom_logs/null_if_data.csv

@@ -0,0 +1,6 @@
+id,status,value,description
+1,active,42,normal value
+2,inactive,0,zero value
+3,active,-1,negative value
+4,active,2,empty value
+5,active,999,special value 

tests/acceptance/test_data/source_files/custom_logs/plugin-2025-05-01.log

@@ -0,0 +1,13 @@
+2025-04-28 15:16:35.733 UTC [DEBUG] steampipe-plugin-aws.plugin: [DEBUG] 1744125262935: retrying request Lambda/ListFunctions, attempt 8
+2025-04-28 15:16:35.733 UTC [INFO]  steampipe-plugin-aws.plugin: [INFO]  1744125273258: BackoffDelay: attempt=8, retryTime=2m55.50675s, err=https response error StatusCode: 0, RequestID: , request send failed, Get "https://lambda.ap-northeast-1.amazonaws.com/2015-03-31/functions?MaxItems=10000": lookup lambda.ap-northeast-1.amazonaws.com on 192.168.1.254:53: read udp 192.168.1.204:57677->192.168.1.254:53: i/o timeout
+2025-04-28 15:16:36.033 UTC [DEBUG] steampipe-plugin-aws.plugin: [DEBUG] 1744125262935: retrying request Lambda/ListFunctions, attempt 8
+2025-04-28 15:16:36.033 UTC [INFO]  steampipe-plugin-aws.plugin: [INFO]  1744125273258: BackoffDelay: attempt=8, retryTime=2m16.14075s, err=https response error StatusCode: 0, RequestID: , request send failed, Get "https://lambda.ap-southeast-2.amazonaws.com/2015-03-31/functions?MaxItems=10000": lookup lambda.ap-southeast-2.amazonaws.com on 192.168.1.254:53: read udp 192.168.1.204:54718->192.168.1.254:53: i/o timeout
+2025-04-28 15:16:38.463 UTC [DEBUG] steampipe-plugin-aws.plugin: [DEBUG] 1744125262935: retrying request Lambda/ListFunctions, attempt 8
+2025-04-28 15:16:38.464 UTC [INFO]  steampipe-plugin-aws.plugin: [INFO]  1744125273258: BackoffDelay: attempt=8, retryTime=2m44.025s, err=https response error StatusCode: 0, RequestID: , request send failed, Get "https://lambda.ap-northeast-3.amazonaws.com/2015-03-31/functions?MaxItems=10000": lookup lambda.ap-northeast-3.amazonaws.com on 192.168.1.254:53: read udp 192.168.1.204:55845->192.168.1.254:53: i/o timeout
+2025-04-28 15:16:58.442 UTC [INFO]  PluginManager Shutdown
+2025-04-28 15:16:58.442 UTC [INFO]  PluginManager closing pool
+2025-04-28 15:16:58.442 UTC [INFO]  Kill plugin hub.steampipe.io/plugins/turbot/terraform@latest (0xc00092e100)
+2025-04-28 15:16:58.442 UTC [DEBUG] PluginManager killPlugin start
+2025-04-28 15:16:58.442 UTC [INFO]  PluginManager killing plugin hub.steampipe.io/plugins/turbot/terraform@latest (81771)
+2025-04-28 15:16:58.456 UTC [DEBUG] stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
+2025-04-28 15:16:58.460 UTC [INFO]  plugin process exited: plugin=/Users/jsmyth/.steampipe/plugins/hub.steampipe.io/plugins/turbot/terraform@latest/steampipe-plugin-terraform.plugin id=81771

tests/acceptance/test_data/source_files/custom_logs/server_metrics.jsonl

@@ -0,0 +1,3 @@
+{"timestamp": "2024-05-01T10:30:45Z", "server_id": "srv-001", "cpu_usage": 75.5, "memory_used": 8192, "is_healthy": true}
+{"timestamp": "2024-05-01T10:31:00Z", "server_id": "srv-002", "cpu_usage": 90.2, "memory_used": 16384, "is_healthy": false}
+{"timestamp": "2024-05-01T10:32:15Z", "server_id": "srv-003", "cpu_usage": 45.8, "memory_used": 4096, "is_healthy": true} 

tests/acceptance/test_data/source_files/custom_logs/transform_data.csv

@@ -0,0 +1,4 @@
+timestamp,raw_value,status_code,user_agent,ip_address,custom_time
+2024-05-01T10:00:00Z,42,200,Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36,192.168.1.1,2024-05-01 10:00:00
+2024-05-01T10:01:00Z,99,404,Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7),10.0.0.1,2024-05-01 10:01:00
+2024-05-01T10:02:00Z,150,500,curl/7.68.0,172.16.0.1,2024-05-01 10:02:00 

tests/acceptance/test_files/core_formats.bats

@@ -0,0 +1,266 @@
+load "$LIB_BATS_ASSERT/load.bash"
+load "$LIB_BATS_SUPPORT/load.bash"
+
+@test "verify grok format definition" {
+  cat << EOF > $TAILPIPE_INSTALL_DIR/config/format_grok.tpc
+format "grok" "steampipe_plugin" {
+  layout = \`%{TIMESTAMP_ISO8601:timestamp} %{WORD:timezone} \[%{LOGLEVEL:severity}\]\s+(?:%{NOTSPACE:plugin_name}: \[%{LOGLEVEL:plugin_severity}\]\s+%{NUMBER:plugin_timestamp}:\s+)?%{GREEDYDATA:message}\`
+}
+
+table "steampipe_plugin" {
+  format = format.grok.steampipe_plugin
+
+  column "tp_timestamp" {
+    source = "timestamp"
+  }
+
+  column "plugin_timestamp" {
+    type = "timestamp"
+  }
+}
+
+partition "steampipe_plugin" "local" {
+  source "file" {
+    format = format.grok.steampipe_plugin
+    paths = ["$SOURCE_FILES_DIR/custom_logs/"]
+    file_layout = \`plugin-%{YEAR:year}-%{MONTHNUM:month}-%{MONTHDAY:day}.log\`
+  }
+}
+EOF
+
+  # Run collection and verify
+  tailpipe collect steampipe_plugin --progress=false --from=2025-04-26
+
+  # Verify data was collected correctly
+  run tailpipe query "select plugin_name, tp_timestamp from steampipe_plugin limit 1" --output csv
+  echo $output
+
+  assert_equal "$output" "plugin_name,tp_timestamp
+steampipe-plugin-aws.plugin,2025-04-28 15:16:35"
+
+  # Cleanup
+  rm -rf $TAILPIPE_INSTALL_DIR/config/format_grok.tpc
+}
+
+@test "verify delimited format definition" {
+  cat << EOF > $TAILPIPE_INSTALL_DIR/config/format_delimited.tpc
+format "delimited" "access_log" {
+  delimiter = ","
+  header = true
+}
+
+table "access_log" {
+  format = format.delimited.access_log
+
+  column "tp_timestamp" {
+    source = "timestamp"
+  }
+
+  column "ip_address" {
+    type = "varchar"
+  }
+
+  column "user_agent" {
+    type = "varchar"
+  }
+
+  column "status_code" {
+    type = "integer"
+  }
+}
+
+partition "access_log" "local" {
+  source "file" {
+    format = format.delimited.access_log
+    paths = ["$SOURCE_FILES_DIR/custom_logs/"]
+    file_layout = "access_log.csv"
+  }
+}
+EOF
+
+  # Run collection and verify
+  tailpipe collect access_log --progress=false --from=2024-04-30
+
+  # Verify data was collected correctly
+  run tailpipe query "select ip_address, status_code from access_log limit 1" --output csv
+  echo $output
+
+  assert_equal "$output" "ip_address,status_code
+192.168.1.1,200"
+
+  # Cleanup
+  rm -rf $TAILPIPE_INSTALL_DIR/config/format_delimited.tpc
+}
+
+@test "verify jsonl format definition" {
+  cat << EOF > $TAILPIPE_INSTALL_DIR/config/format_jsonl.tpc
+format "jsonl" "server_metrics" {
+  description = "Server metrics in JSON Lines format"
+}
+
+table "server_metrics" {
+  format = format.jsonl.server_metrics
+
+  column "tp_timestamp" {
+    source = "timestamp"
+  }
+
+  column "server_id" {
+    type = "varchar"
+  }
+
+  column "cpu_usage" {
+    type = "float"
+  }
+
+  column "memory_used" {
+    type = "integer"
+  }
+
+  column "is_healthy" {
+    type = "boolean"
+  }
+}
+
+partition "server_metrics" "local" {
+  source "file" {
+    format = format.jsonl.server_metrics
+    paths = ["$SOURCE_FILES_DIR/custom_logs/"]
+    file_layout = "server_metrics.jsonl"
+  }
+}
+EOF
+
+  # Run collection and verify
+  tailpipe collect server_metrics --progress=false --from=2024-04-30
+
+  # Verify data was collected correctly
+  run tailpipe query "select server_id, cpu_usage, memory_used, is_healthy from server_metrics limit 1" --output csv
+  echo $output
+
+  assert_equal "$output" "server_id,cpu_usage,memory_used,is_healthy
+srv-001,75.5,8192,true"
+
+  # Cleanup
+  rm -rf $TAILPIPE_INSTALL_DIR/config/format_jsonl.tpc
+}
+
+@test "verify regex format definition" {
+  cat << EOF > $TAILPIPE_INSTALL_DIR/config/format_regex.tpc
+format "regex" "plugin_log" {
+  layout = \`^(?P<timestamp>\d{4}-\d{2}-\d{2}\s+\d{2}:\d{2}:\d{2}\.\d{3})\s+(?P<timezone>\w+)\s+\[(?P<log_level>\w+)\]\s+(?P<plugin_name>[\w.-]+)?(?:\s*:\s*\[(?P<plugin_log_level>\w+)\]\s+(?P<plugin_timestamp>\d+):\s+)?(?P<message>.*)\`
+}
+
+table "plugin_log" {
+  format = format.regex.plugin_log
+
+  column "tp_timestamp" {
+    source = "timestamp"
+  }
+
+  column "log_level" {
+    type = "varchar"
+  }
+
+  column "plugin_name" {
+    type = "varchar"
+  }
+
+  column "plugin_log_level" {
+    type = "varchar"
+  }
+
+  column "message" {
+    type = "varchar"
+  }
+}
+
+partition "plugin_log" "local" {
+  source "file" {
+    format = format.regex.plugin_log
+    paths = ["$SOURCE_FILES_DIR/custom_logs/"]
+    file_layout = \`plugin-%{YEAR:year}-%{MONTHNUM:month}-%{MONTHDAY:day}.log\`
+  }
+}
+EOF
+
+  # Run collection and verify
+  tailpipe collect plugin_log --progress=false --from=2025-04-28
+
+  # Verify data was collected correctly
+  run tailpipe query "select log_level, plugin_name, message from plugin_log limit 1" --output csv
+  echo $output
+
+  assert_equal "$output" "log_level,plugin_name,message
+DEBUG,steampipe-plugin-aws.plugin,\"retrying request Lambda/ListFunctions, attempt 8\""
+
+  # Cleanup
+  rm -rf $TAILPIPE_INSTALL_DIR/config/format_regex.tpc
+}
+
+@test "verify grok format with nested patterns" {
+  cat << EOF > $TAILPIPE_INSTALL_DIR/config/format_grok_nested.tpc
+format "grok" "aws_log" {
+  layout = \`%{TIMESTAMP_ISO8601:timestamp} \[%{LOGLEVEL:log_level}\] \[AWS\] RequestID: %{NOTSPACE:request_id}, Service: %{WORD:service}, Operation: %{WORD:operation}(?:, Duration: %{NUMBER:duration}ms)?(?:, Error: %{GREEDYDATA:error})?\`
+}
+
+table "aws_log" {
+  format = format.grok.aws_log
+
+  column "tp_timestamp" {
+    source = "timestamp"
+  }
+
+  column "log_level" {
+    type = "varchar"
+  }
+
+  column "request_id" {
+    type = "varchar"
+  }
+
+  column "service" {
+    type = "varchar"
+  }
+
+  column "operation" {
+    type = "varchar"
+  }
+
+  column "duration" {
+    type = "integer"
+  }
+
+  column "error" {
+    type = "varchar"
+  }
+}
+
+partition "aws_log" "local" {
+  source "file" {
+    format = format.grok.aws_log
+    paths = ["$SOURCE_FILES_DIR/custom_logs/"]
+    file_layout = "nested_patterns.log"
+  }
+}
+EOF
+
+  # Run collection and verify
+  tailpipe collect aws_log --progress=false --from=2024-04-30
+
+  # Verify data was collected correctly
+  run tailpipe query "select log_level, service, operation, duration from aws_log order by request_id" --output csv
+  echo $output
+
+  assert_equal "$output" "log_level,service,operation,duration
+INFO,s3,ListBuckets,150
+ERROR,ec2,DescribeInstances,
+DEBUG,lambda,Invoke,45"
+
+  # Cleanup
+  rm -rf $TAILPIPE_INSTALL_DIR/config/format_grok_nested.tpc
+}
+
+function teardown() {
+  rm -rf $TAILPIPE_INSTALL_DIR/data
+}