MINOR: migrate rest of the integration tests

[IceS2]

Migrate non-database service integration tests to pytest

Migrates service and workflow integration tests from unittest.TestCase to pytest style with fixture-based setup and teardown.

Changes (35 files)

Services covered:

• Data quality (3), Datalake (5), Profiler (3), ORM Profiler (1)
• Kafka (2), S3 (2), SFTP (2)
• MLflow (2), Delta Lake (1)
• SDK (3), Workflow (2)
• Automations (2), Connections (2)
• Auto-classification (1)
• New: Table metric computers for Postgres, MySQL, SQL Server, CockroachDB (4)

Migration pattern:

• TestCase → pytest: Remove class inheritance, convert setUp/tearDown to fixtures
• UUID-based naming: Replace hardcoded names with generate_name() for test isolation
• Proper cleanup: Use yield fixtures with _safe_delete() for reliable teardown
• Removed Python 3.9 guards (minimum is now 3.10)

Benefits

• Better test isolation (fixtures clean up even on failure)
• Parallel-safe with pytest-xdist grouping
• Easier to debug (clearer test structure)
• Reduced flakiness from name collisions

[gitar-bot]

💡 Quality: Inconsistent uniqueness strategy: time-based vs UUID

The PR's goal is to improve test isolation via UUID-based naming (using uuid.uuid4().hex[:8] or generate_name()), but the sdk_test_data fixture and test_table_name fixture still use timestamp-based uniqueness (int(time.time()) and int(time.time() * 1000)).

While this was pre-existing behavior carried over from the setUpClass method, it's worth aligning with the UUID pattern used everywhere else in this PR for consistency and to fully achieve the stated parallel-safety goal.

• int(time.time()) has second granularity — if two xdist workers create SDK test data in the same second, names will collide.
• int(time.time() * 1000) has millisecond granularity — better but still vulnerable under fast test scheduling.

Since sdk_test_data is module-scoped (called once per module), the practical collision risk is very low. This is a "nice to have" consistency improvement.

Suggested fix:

@pytest.fixture(scope="function")
def test_table_name():
    return f"test_table_{uuid.uuid4().hex[:8]}"

_{Was this helpful? React with 👍 / 👎}

[gitar-bot]

Code Review 👍 Approved with suggestions 0 resolved / 1 findings

Clean, well-structured test migration from unittest.TestCase to pytest fixtures across 35 files. The changes are consistent, improve test isolation with UUID-based naming, and add proper fixture-based cleanup. One minor inconsistency noted where SDK tests still use timestamp-based names instead of UUIDs.

💡 Quality: Inconsistent uniqueness strategy: time-based vs UUID

📄 ingestion/tests/integration/sdk/test_sdk_integration.py:124 📄 ingestion/tests/integration/sdk/test_sdk_integration.py:267-268

The PR's goal is to improve test isolation via UUID-based naming (using uuid.uuid4().hex[:8] or generate_name()), but the sdk_test_data fixture and test_table_name fixture still use timestamp-based uniqueness (int(time.time()) and int(time.time() * 1000)).

While this was pre-existing behavior carried over from the setUpClass method, it's worth aligning with the UUID pattern used everywhere else in this PR for consistency and to fully achieve the stated parallel-safety goal.

• int(time.time()) has second granularity — if two xdist workers create SDK test data in the same second, names will collide.
• int(time.time() * 1000) has millisecond granularity — better but still vulnerable under fast test scheduling.

Since sdk_test_data is module-scoped (called once per module), the practical collision risk is very low. This is a "nice to have" consistency improvement.

Suggested fix

@pytest.fixture(scope="function")
def test_table_name():
    return f"test_table_{uuid.uuid4().hex[:8]}"

Options

Auto-apply is off → Gitar will not commit updates to this branch.
Display: compact → Showing less information.

Comment with these commands to change:

Auto-apply	Compact
gitar auto-apply:on	gitar display:verbose

_{Was this helpful? React with 👍 / 👎 | Gitar}

[github-actions]

🛡️ TRIVY SCAN RESULT 🛡️

Target: openmetadata-ingestion:trivy (debian 12.12)

Vulnerabilities (4)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version
libpam-modules	CVE-2025-6020	🚨 HIGH	1.5.2-6+deb12u1	1.5.2-6+deb12u2
libpam-modules-bin	CVE-2025-6020	🚨 HIGH	1.5.2-6+deb12u1	1.5.2-6+deb12u2
libpam-runtime	CVE-2025-6020	🚨 HIGH	1.5.2-6+deb12u1	1.5.2-6+deb12u2
libpam0g	CVE-2025-6020	🚨 HIGH	1.5.2-6+deb12u1	1.5.2-6+deb12u2

🛡️ TRIVY SCAN RESULT 🛡️

Target: Java

Vulnerabilities (33)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version
com.fasterxml.jackson.core:jackson-core	CVE-2025-52999	🚨 HIGH	2.12.7	2.15.0
com.fasterxml.jackson.core:jackson-core	CVE-2025-52999	🚨 HIGH	2.13.4	2.15.0
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42003	🚨 HIGH	2.12.7	2.12.7.1, 2.13.4.2
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42004	🚨 HIGH	2.12.7	2.12.7.1, 2.13.4
com.google.code.gson:gson	CVE-2022-25647	🚨 HIGH	2.2.4	2.8.9
com.google.protobuf:protobuf-java	CVE-2021-22569	🚨 HIGH	3.3.0	3.16.1, 3.18.2, 3.19.2
com.google.protobuf:protobuf-java	CVE-2022-3509	🚨 HIGH	3.3.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2022-3510	🚨 HIGH	3.3.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2024-7254	🚨 HIGH	3.3.0	3.25.5, 4.27.5, 4.28.2
com.google.protobuf:protobuf-java	CVE-2021-22569	🚨 HIGH	3.7.1	3.16.1, 3.18.2, 3.19.2
com.google.protobuf:protobuf-java	CVE-2022-3509	🚨 HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2022-3510	🚨 HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2024-7254	🚨 HIGH	3.7.1	3.25.5, 4.27.5, 4.28.2
com.nimbusds:nimbus-jose-jwt	CVE-2023-52428	🚨 HIGH	9.8.1	9.37.2
com.squareup.okhttp3:okhttp	CVE-2021-0341	🚨 HIGH	3.12.12	4.9.2
commons-beanutils:commons-beanutils	CVE-2025-48734	🚨 HIGH	1.9.4	1.11.0
commons-io:commons-io	CVE-2024-47554	🚨 HIGH	2.8.0	2.14.0
dnsjava:dnsjava	CVE-2024-25638	🚨 HIGH	2.1.7	3.6.0
io.netty:netty-codec-http2	CVE-2025-55163	🚨 HIGH	4.1.96.Final	4.2.4.Final, 4.1.124.Final
io.netty:netty-codec-http2	GHSA-xpw8-rcwv-8f8p	🚨 HIGH	4.1.96.Final	4.1.100.Final
io.netty:netty-handler	CVE-2025-24970	🚨 HIGH	4.1.96.Final	4.1.118.Final
net.minidev:json-smart	CVE-2021-31684	🚨 HIGH	1.3.2	1.3.3, 2.4.4
net.minidev:json-smart	CVE-2023-1370	🚨 HIGH	1.3.2	2.4.9
org.apache.avro:avro	CVE-2024-47561	🔥 CRITICAL	1.7.7	1.11.4
org.apache.avro:avro	CVE-2023-39410	🚨 HIGH	1.7.7	1.11.3
org.apache.derby:derby	CVE-2022-46337	🔥 CRITICAL	10.14.2.0	10.14.3, 10.15.2.1, 10.16.1.2, 10.17.1.0
org.apache.ivy:ivy	CVE-2022-46751	🚨 HIGH	2.5.1	2.5.2
org.apache.mesos:mesos	CVE-2018-1330	🚨 HIGH	1.4.3	1.6.0
org.apache.thrift:libthrift	CVE-2019-0205	🚨 HIGH	0.12.0	0.13.0
org.apache.thrift:libthrift	CVE-2020-13949	🚨 HIGH	0.12.0	0.14.0
org.apache.zookeeper:zookeeper	CVE-2023-44981	🔥 CRITICAL	3.6.3	3.7.2, 3.8.3, 3.9.1
org.eclipse.jetty:jetty-server	CVE-2024-13009	🚨 HIGH	9.4.56.v20240826	9.4.57.v20241219
org.lz4:lz4-java	CVE-2025-12183	🚨 HIGH	1.8.0	1.8.1

🛡️ TRIVY SCAN RESULT 🛡️

Target: Node.js

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: Python

Vulnerabilities (19)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version
Werkzeug	CVE-2024-34069	🚨 HIGH	2.2.3	3.0.3
aiohttp	CVE-2025-69223	🚨 HIGH	3.12.12	3.13.3
aiohttp	CVE-2025-69223	🚨 HIGH	3.13.2	3.13.3
apache-airflow	CVE-2025-68438	🚨 HIGH	3.1.5	3.1.6
apache-airflow	CVE-2025-68675	🚨 HIGH	3.1.5	3.1.6
azure-core	CVE-2026-21226	🚨 HIGH	1.37.0	1.38.0
cryptography	CVE-2026-26007	🚨 HIGH	42.0.8	46.0.5
jaraco.context	CVE-2026-23949	🚨 HIGH	5.3.0	6.1.0
jaraco.context	CVE-2026-23949	🚨 HIGH	6.0.1	6.1.0
protobuf	CVE-2026-0994	🚨 HIGH	4.25.8	6.33.5, 5.29.6
pyasn1	CVE-2026-23490	🚨 HIGH	0.6.1	0.6.2
python-multipart	CVE-2026-24486	🚨 HIGH	0.0.20	0.0.22
ray	CVE-2025-62593	🔥 CRITICAL	2.47.1	2.52.0
starlette	CVE-2025-62727	🚨 HIGH	0.48.0	0.49.1
urllib3	CVE-2025-66418	🚨 HIGH	1.26.20	2.6.0
urllib3	CVE-2025-66471	🚨 HIGH	1.26.20	2.6.0
urllib3	CVE-2026-21441	🚨 HIGH	1.26.20	2.6.3
wheel	CVE-2026-24049	🚨 HIGH	0.45.1	0.46.2
wheel	CVE-2026-24049	🚨 HIGH	0.45.1	0.46.2

🛡️ TRIVY SCAN RESULT 🛡️

Target: usr/bin/docker

Vulnerabilities (4)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version
stdlib	CVE-2025-68121	🔥 CRITICAL	v1.25.5	1.24.13, 1.25.7, 1.26.0-rc.3
stdlib	CVE-2025-61726	🚨 HIGH	v1.25.5	1.24.12, 1.25.6
stdlib	CVE-2025-61728	🚨 HIGH	v1.25.5	1.24.12, 1.25.6
stdlib	CVE-2025-61730	🚨 HIGH	v1.25.5	1.24.12, 1.25.6

🛡️ TRIVY SCAN RESULT 🛡️

Target: /etc/ssl/private/ssl-cert-snakeoil.key

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /home/airflow/openmetadata-airflow-apis/openmetadata_managed_apis.egg-info/PKG-INFO

No Vulnerabilities Found

[github-actions]

🛡️ TRIVY SCAN RESULT 🛡️

Target: openmetadata-ingestion-base-slim:trivy (debian 12.13)

Vulnerabilities (42)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version
libpng-dev	CVE-2026-22695	🚨 HIGH	1.6.39-2+deb12u1	1.6.39-2+deb12u2
libpng-dev	CVE-2026-22801	🚨 HIGH	1.6.39-2+deb12u1	1.6.39-2+deb12u2
libpng-dev	CVE-2026-25646	🚨 HIGH	1.6.39-2+deb12u1	1.6.39-2+deb12u3
libpng16-16	CVE-2026-22695	🚨 HIGH	1.6.39-2+deb12u1	1.6.39-2+deb12u2
libpng16-16	CVE-2026-22801	🚨 HIGH	1.6.39-2+deb12u1	1.6.39-2+deb12u2
libpng16-16	CVE-2026-25646	🚨 HIGH	1.6.39-2+deb12u1	1.6.39-2+deb12u3
linux-libc-dev	CVE-2024-46786	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2025-21946	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2025-22022	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2025-22083	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2025-22107	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2025-22121	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2025-37926	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2025-38022	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2025-38129	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2025-38361	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2025-38718	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2025-39871	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2025-68340	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2025-68349	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2025-68800	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2025-71085	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2025-71116	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2026-22984	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2026-22990	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2026-23001	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2026-23010	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2026-23054	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2026-23074	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2026-23097	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2026-23120	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2026-23121	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2026-23124	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2026-23125	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2026-23126	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2026-23128	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2026-23133	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2026-23139	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2026-23140	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2026-23142	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2026-23144	🚨 HIGH	6.1.159-1	6.1.162-1
linux-libc-dev	CVE-2026-23156	🚨 HIGH	6.1.159-1	6.1.162-1

🛡️ TRIVY SCAN RESULT 🛡️

Target: Java

Vulnerabilities (33)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version
com.fasterxml.jackson.core:jackson-core	CVE-2025-52999	🚨 HIGH	2.12.7	2.15.0
com.fasterxml.jackson.core:jackson-core	CVE-2025-52999	🚨 HIGH	2.13.4	2.15.0
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42003	🚨 HIGH	2.12.7	2.12.7.1, 2.13.4.2
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42004	🚨 HIGH	2.12.7	2.12.7.1, 2.13.4
com.google.code.gson:gson	CVE-2022-25647	🚨 HIGH	2.2.4	2.8.9
com.google.protobuf:protobuf-java	CVE-2021-22569	🚨 HIGH	3.3.0	3.16.1, 3.18.2, 3.19.2
com.google.protobuf:protobuf-java	CVE-2022-3509	🚨 HIGH	3.3.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2022-3510	🚨 HIGH	3.3.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2024-7254	🚨 HIGH	3.3.0	3.25.5, 4.27.5, 4.28.2
com.google.protobuf:protobuf-java	CVE-2021-22569	🚨 HIGH	3.7.1	3.16.1, 3.18.2, 3.19.2
com.google.protobuf:protobuf-java	CVE-2022-3509	🚨 HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2022-3510	🚨 HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2024-7254	🚨 HIGH	3.7.1	3.25.5, 4.27.5, 4.28.2
com.nimbusds:nimbus-jose-jwt	CVE-2023-52428	🚨 HIGH	9.8.1	9.37.2
com.squareup.okhttp3:okhttp	CVE-2021-0341	🚨 HIGH	3.12.12	4.9.2
commons-beanutils:commons-beanutils	CVE-2025-48734	🚨 HIGH	1.9.4	1.11.0
commons-io:commons-io	CVE-2024-47554	🚨 HIGH	2.8.0	2.14.0
dnsjava:dnsjava	CVE-2024-25638	🚨 HIGH	2.1.7	3.6.0
io.netty:netty-codec-http2	CVE-2025-55163	🚨 HIGH	4.1.96.Final	4.2.4.Final, 4.1.124.Final
io.netty:netty-codec-http2	GHSA-xpw8-rcwv-8f8p	🚨 HIGH	4.1.96.Final	4.1.100.Final
io.netty:netty-handler	CVE-2025-24970	🚨 HIGH	4.1.96.Final	4.1.118.Final
net.minidev:json-smart	CVE-2021-31684	🚨 HIGH	1.3.2	1.3.3, 2.4.4
net.minidev:json-smart	CVE-2023-1370	🚨 HIGH	1.3.2	2.4.9
org.apache.avro:avro	CVE-2024-47561	🔥 CRITICAL	1.7.7	1.11.4
org.apache.avro:avro	CVE-2023-39410	🚨 HIGH	1.7.7	1.11.3
org.apache.derby:derby	CVE-2022-46337	🔥 CRITICAL	10.14.2.0	10.14.3, 10.15.2.1, 10.16.1.2, 10.17.1.0
org.apache.ivy:ivy	CVE-2022-46751	🚨 HIGH	2.5.1	2.5.2
org.apache.mesos:mesos	CVE-2018-1330	🚨 HIGH	1.4.3	1.6.0
org.apache.thrift:libthrift	CVE-2019-0205	🚨 HIGH	0.12.0	0.13.0
org.apache.thrift:libthrift	CVE-2020-13949	🚨 HIGH	0.12.0	0.14.0
org.apache.zookeeper:zookeeper	CVE-2023-44981	🔥 CRITICAL	3.6.3	3.7.2, 3.8.3, 3.9.1
org.eclipse.jetty:jetty-server	CVE-2024-13009	🚨 HIGH	9.4.56.v20240826	9.4.57.v20241219
org.lz4:lz4-java	CVE-2025-12183	🚨 HIGH	1.8.0	1.8.1

🛡️ TRIVY SCAN RESULT 🛡️

Target: Node.js

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: Python

Vulnerabilities (9)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version
apache-airflow	CVE-2025-68438	🚨 HIGH	3.1.5	3.1.6
apache-airflow	CVE-2025-68675	🚨 HIGH	3.1.5	3.1.6
cryptography	CVE-2026-26007	🚨 HIGH	42.0.8	46.0.5
jaraco.context	CVE-2026-23949	🚨 HIGH	6.0.1	6.1.0
starlette	CVE-2025-62727	🚨 HIGH	0.48.0	0.49.1
urllib3	CVE-2025-66418	🚨 HIGH	1.26.20	2.6.0
urllib3	CVE-2025-66471	🚨 HIGH	1.26.20	2.6.0
urllib3	CVE-2026-21441	🚨 HIGH	1.26.20	2.6.3
wheel	CVE-2026-24049	🚨 HIGH	0.45.1	0.46.2

🛡️ TRIVY SCAN RESULT 🛡️

Target: /etc/ssl/private/ssl-cert-snakeoil.key

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/extended_sample_data.yaml

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/lineage.yaml

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/sample_data.json

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/sample_data.yaml

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/sample_data_aut.yaml

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/sample_usage.json

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/sample_usage.yaml

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/sample_usage_aut.yaml

No Vulnerabilities Found

[sonarqubecloud]

Quality Gate passed for 'open-metadata-ingestion'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud