Skip to content

Examples

Below are common scenarios to help you integrate SQLImpact into your workflow.

Single File Detail Report

This example demonstrates how to generate a detailed report for a single SQL file.

1
2
3
4
java -jar gudu-sqlimpact.jar \
  --dialect mysql \
  --in orders.sql \
  --out detail.json

1
2
3
4
java -jar gudu-sqlimpact.jar ^
  --dialect mysql ^
  --in orders.sql ^
  --out detail.json

Directory Summary Report (Recursive)

1
2
3
4
5
java -jar gudu-sqlimpact.jar \
  --dialect oracle \
  --in ./scripts/**/*.sql \
  --summary \
  --out summary.json

1
2
3
4
5
java -jar gudu-sqlimpact.jar ^
  --dialect oracle ^
  --in .\scripts\**\*.sql ^
  --summary ^
  --out summary.json

Sensitive Column Scan

1
2
3
4
5
6
java -jar gudu-sqlimpact.jar \
  --dialect sqlserver \
  --in prod/*.sql \
  --pii
  --pii-list pii.csv \
  --out pii_report.json

1
2
3
4
5
6
java -jar gudu-sqlimpact.jar ^
  --dialect sqlserver ^
  --in prod/*.sql ^
  --pii
  --pii-list pii.csv ^
  --out pii_report.json

The pii.csv file should contain a list of sensitive column names or patterns to scan for. Each line represents a sensitive data category, with common examples including: 

1
ssn,password,card_no,email

Dynamic SQL Warning

1
java -jar gudu-sqlimpact.jar --dialect oracle --dynamic --in simply.sql --out detail.json

CI Pipeline Integration (GitHub Actions)

For GitHub Actions, the run command syntax depends on the shell used by the runner. Most commonly, it's bash-like on Linux runners and PowerShell or CMD on Windows runners.

1
2
3
4
5
6
7
8
- name: SQLImpact Scan
  run: |
    java -jar gudu-sqlimpact.jar --dialect postgres --in sql/ --summary --out report.json
- name: Upload Report Artifact
  uses: actions/upload-artifact@v3
  with:
    name: sqlimpact-report
    path: report.json

1
2
3
4
5
6
7
8
9
- name: SQLImpact Scan
  shell: cmd
  run: |
    java -jar gudu-sqlimpact.jar --dialect postgres --in sql/ --summary --out report.json
- name: Upload Report Artifact
  uses: actions/upload-artifact@v3
  with:
    name: sqlimpact-report
    path: report.json

Note: For multi-line commands in cmd within GitHub Actions YAML, each line in the run block is typically executed as a separate command. For a single logical command spread across lines like the java command, you might not need explicit line continuation characters if shell: cmd interprets it correctly, or you might use ^ if it's processed strictly as a batch script block. The example above assumes direct execution or a context where | handles multiline for cmd similarly. A safer single-line approach for cmd in GitHub Actions run would be: obstructions 

1
2
3
- name: SQLImpact Scan
  shell: cmd
  run: java -jar gudu-sqlimpact.jar --dialect postgres --in sql/ --summary --out report.json

Custom Memory Settings

1
2
export SQLIMPACT_MAX_MEMORY=4G
java -Xmx$SQLIMPACT_MAX_MEMORY -jar gudu-sqlimpact.jar --dialect hive --in bigdata.sql --out detail.json

1
2
set SQLIMPACT_MAX_MEMORY=4G
java -Xmx%SQLIMPACT_MAX_MEMORY% -jar gudu-sqlimpact.jar --dialect hive --in bigdata.sql --out detail.json

See the full list of options in the CLI Reference.