Automating SQL Quality Control with SQLE OpenAPI and a Custom Go Tool

SQLE is an open‑source project initiated by the ActionTech community that offers a complete SQL lifecycle—development, testing, and deployment—along with fine‑grained resource and permission management, aiming to provide a secure, self‑controlled SQL quality‑control solution.

The platform’s intelligent scanning tasks can ingest database schema definitions, slow‑query logs, or MyBatis mappings via its OpenAPI, allowing automatic analysis of various SQL sources.

To use the OpenAPI, first deploy SQLE following the official documentation and access the Swagger UI at http://${your address}:10000/swagger/index.html , where two relevant API endpoints are listed.

Creating a scan task involves defining the target database type (e.g., MySQL), setting an execution schedule, and obtaining an access token. The token is then used in the request header along with Content-Type: application/json .

The request body follows this JSON structure:

{
  "audit_plan_sql_list": [
    {
      "audit_plan_sql_counter": "1",
      "audit_plan_sql_fingerprint": "select * from users where id = ?",
      "audit_plan_sql_last_receive_text": "select * from users where id = 1",
      "audit_plan_sql_last_receive_timestamp": "2022-08-23T19:30:46.00Z",
      "audit_plan_sql_schema": "db1"
    }
  ]
}

After sending the POST request (using tools such as Postman), the SQL appears in the task’s detail page, and the platform automatically audits it at the scheduled time, returning results.

To further automate the workflow, the author provides a Go‑based command‑line tool that reads SQL files or directories, builds the appropriate OpenAPI payload, and posts it to SQLE. The tool uses a YAML‑style configuration file (e.g., host, path, audit‑name, type, token) with command‑line arguments taking precedence.

Key code snippets include the HTTP request construction:

client := http.Client{}
req, err := http.NewRequest("POST", fmt.Sprintf("http://%s/v1/audit_plans/%s/sqls/%s", cmd.Host, cmd.AuditName, cmd.Type), body)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", cmd.Token)
res, err := client.Do(req)
// handle response and errors

The tool can be compiled and executed to upload multiple SQL statements in one click, supporting both full and incremental synchronization modes.

Additional business scenarios such as TopSQL, slow‑log, and MyBatis scanning are also supported, with documentation links provided.

In summary, SQLE’s highly customizable intelligent scanning tasks enable automated SQL auditing in daily development and operations, and the accompanying Go utility demonstrates how to integrate this capability into CI/CD pipelines.