Skip to content

feat(ingest/bigquery): improve profiler to support multiple partition columns and support external table profiling#12825

Open
acrylJonny wants to merge 173 commits intomasterfrom
bq-multi-partition-profiling
Open

feat(ingest/bigquery): improve profiler to support multiple partition columns and support external table profiling#12825
acrylJonny wants to merge 173 commits intomasterfrom
bq-multi-partition-profiling

Conversation

@acrylJonny
Copy link
Collaborator

@acrylJonny acrylJonny commented Mar 10, 2025

Checklist

  • The PR conforms to DataHub's Contributing Guideline (particularly Commit Message Format)
  • Links to related issues (if applicable)
  • Tests for the changes have been added/updated (if applicable)
  • Docs related to the changes have been added/updated (if applicable). If a new feature has been added a Usage Guide has been added for the same.
  • For any breaking change/potential downtime/deprecation/big changes an entry has been made in Updating DataHub

@github-actions github-actions bot added the ingestion PR or Issue related to the ingestion of metadata label Mar 10, 2025
@codecov
Copy link

codecov bot commented Mar 10, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 69.83446% with 492 lines in your changes missing coverage. Please review.
✅ All tests successful. No failed tests found.

Files with missing lines Patch % Lines
...uery_v2/profiling/partition_discovery/discovery.py 63.81% 233 Missing ⚠️
...ingestion/source/bigquery_v2/profiling/profiler.py 70.45% 104 Missing ⚠️
...ry_v2/profiling/partition_discovery/info_schema.py 54.54% 70 Missing ⚠️
...ion/source/bigquery_v2/profiling/query_executor.py 75.52% 35 Missing ⚠️
...ingestion/source/bigquery_v2/profiling/security.py 72.50% 33 Missing ⚠️
...bigquery_v2/profiling/partition_discovery/types.py 76.92% 6 Missing ⚠️
...v2/profiling/partition_discovery/filter_builder.py 94.66% 4 Missing ⚠️
.../ingestion/source/bigquery_v2/queries_extractor.py 88.57% 4 Missing ⚠️
...ngestion/source/bigquery_v2/bigquery_schema_gen.py 50.00% 3 Missing ⚠️

📢 Thoughts on this report? Let us know!

@datahub-cyborg datahub-cyborg bot added the needs-review Label for PRs that need review from a maintainer. label Mar 10, 2025
@acrylJonny acrylJonny marked this pull request as draft March 11, 2025 11:51
@acrylJonny
Merge remote-tracking branch 'origin/master' into bq-multi-partition-…
8f77cc9 
…profiling

# Conflicts:
#	metadata-ingestion/src/datahub/ingestion/source/bigquery_v2/bigquery_config.py
@acrylJonny
comments clean up
fcd50b4
@datahub-cyborg datahub-cyborg bot added needs-review Label for PRs that need review from a maintainer. and removed pending-submitter-response Issue/request has been reviewed but requires a response from the submitter labels Jan 13, 2026
aikido-pr-checks[bot]
aikido-pr-checks bot reviewed Jan 22, 2026
View reviewed changes
...ngestion/src/datahub/ingestion/source/bigquery_v2/profiling/partition_discovery/discovery.py
try:
# Query for actual values of this column using the date filters
discover_query = f"""
SELECT DISTINCT `{col_name}` as col_value, COUNT(*) as row_count
Copy link
Contributor

@aikido-pr-checks aikido-pr-checks bot Jan 22, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Potential SQL injection via string-based query concatenation - critical severity
SQL injection might be possible in these locations, especially if the strings being concatenated are controlled via user input.

Remediation: If possible, rebuild the query to use prepared statements or an ORM. If that is not possible, make sure the user input is verified or sanitized. As an added layer of protection, we also recommend installing a WAF that blocks SQL injection attacks.
View details in Aikido Security

aikido-pr-checks[bot]
aikido-pr-checks bot reviewed Feb 17, 2026
View reviewed changes
metadata-ingestion/src/datahub/ingestion/source/bigquery_v2/profiling/profiler.py
# Non-partitioned table - apply row limit or safety limit
if self.config.profiling.profiling_row_limit > 0:
row_limit = max(1, int(self.config.profiling.profiling_row_limit))
custom_sql = f"SELECT * FROM {safe_table_ref} LIMIT {row_limit}"
Copy link
Contributor

@aikido-pr-checks aikido-pr-checks bot Feb 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Potential SQL injection via string-based query concatenation - critical severity
SQL injection might be possible in these locations, especially if the strings being concatenated are controlled via user input.

Remediation: If possible, rebuild the query to use prepared statements or an ORM. If that is not possible, make sure the user input is verified or sanitized. As an added layer of protection, we also recommend installing a WAF that blocks SQL injection attacks.
View details in Aikido Security

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@treff7es treff7es treff7es requested changes

+1 more reviewer

@aikido-pr-checks aikido-pr-checks[bot] aikido-pr-checks[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

ingestion PR or Issue related to the ingestion of metadata needs-review Label for PRs that need review from a maintainer.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@acrylJonny @treff7es