MINOR: Implement stats metrics for all SQA sources

[TeddyCr]

Fixes

I worked on ... because ...

---

Summary by Gitar

• Performance optimization:
  • Removed MySQL COUNT(*) patching logic that executed expensive full table scans after retrieving stats
• New metric computers:
  • Added 10 database-specific implementations: PostgresTableMetricComputer, MSSQLTableMetricComputer, CockroachTableMetricComputer, DB2TableMetricComputer, VerticaTableMetricComputer, SAPHanaTableMetricComputer
  • Reused MySQLTableMetricComputer for MariaDB, SingleStore, StarRocks, Doris (MySQL-compatible dialects)
• System statistics integration:
  • Query native system tables (pg_catalog, sys DMVs, SYSCAT, v_monitor, SYS.M_TABLES) for instant metrics instead of COUNT(*)
• Test coverage:
  • 291 lines of unit tests with mocking for all 6 new computers
  • Integration tests using testcontainers for MySQL, PostgreSQL, MSSQL, CockroachDB

_{This will update automatically on new commits.}

---

Type of change:

• Bug fix
• Improvement
• New feature
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation

Checklist:

• I have read the CONTRIBUTING document.
• My PR title is Fixes <issue-number>: <short explanation>
• I have commented on my code, particularly in hard-to-understand areas.
• For JSON Schema changes: I updated the migration scripts or explained why it is not needed.

[github-actions]

🛡️ TRIVY SCAN RESULT 🛡️

Target: openmetadata-ingestion-base-slim:trivy (debian 12.13)

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: Java

Vulnerabilities (33)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version
com.fasterxml.jackson.core:jackson-core	CVE-2025-52999	🚨 HIGH	2.12.7	2.15.0
com.fasterxml.jackson.core:jackson-core	CVE-2025-52999	🚨 HIGH	2.13.4	2.15.0
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42003	🚨 HIGH	2.12.7	2.12.7.1, 2.13.4.2
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42004	🚨 HIGH	2.12.7	2.12.7.1, 2.13.4
com.google.code.gson:gson	CVE-2022-25647	🚨 HIGH	2.2.4	2.8.9
com.google.protobuf:protobuf-java	CVE-2021-22569	🚨 HIGH	3.3.0	3.16.1, 3.18.2, 3.19.2
com.google.protobuf:protobuf-java	CVE-2022-3509	🚨 HIGH	3.3.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2022-3510	🚨 HIGH	3.3.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2024-7254	🚨 HIGH	3.3.0	3.25.5, 4.27.5, 4.28.2
com.google.protobuf:protobuf-java	CVE-2021-22569	🚨 HIGH	3.7.1	3.16.1, 3.18.2, 3.19.2
com.google.protobuf:protobuf-java	CVE-2022-3509	🚨 HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2022-3510	🚨 HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2024-7254	🚨 HIGH	3.7.1	3.25.5, 4.27.5, 4.28.2
com.nimbusds:nimbus-jose-jwt	CVE-2023-52428	🚨 HIGH	9.8.1	9.37.2
com.squareup.okhttp3:okhttp	CVE-2021-0341	🚨 HIGH	3.12.12	4.9.2
commons-beanutils:commons-beanutils	CVE-2025-48734	🚨 HIGH	1.9.4	1.11.0
commons-io:commons-io	CVE-2024-47554	🚨 HIGH	2.8.0	2.14.0
dnsjava:dnsjava	CVE-2024-25638	🚨 HIGH	2.1.7	3.6.0
io.netty:netty-codec-http2	CVE-2025-55163	🚨 HIGH	4.1.96.Final	4.2.4.Final, 4.1.124.Final
io.netty:netty-codec-http2	GHSA-xpw8-rcwv-8f8p	🚨 HIGH	4.1.96.Final	4.1.100.Final
io.netty:netty-handler	CVE-2025-24970	🚨 HIGH	4.1.96.Final	4.1.118.Final
net.minidev:json-smart	CVE-2021-31684	🚨 HIGH	1.3.2	1.3.3, 2.4.4
net.minidev:json-smart	CVE-2023-1370	🚨 HIGH	1.3.2	2.4.9
org.apache.avro:avro	CVE-2024-47561	🔥 CRITICAL	1.7.7	1.11.4
org.apache.avro:avro	CVE-2023-39410	🚨 HIGH	1.7.7	1.11.3
org.apache.derby:derby	CVE-2022-46337	🔥 CRITICAL	10.14.2.0	10.14.3, 10.15.2.1, 10.16.1.2, 10.17.1.0
org.apache.ivy:ivy	CVE-2022-46751	🚨 HIGH	2.5.1	2.5.2
org.apache.mesos:mesos	CVE-2018-1330	🚨 HIGH	1.4.3	1.6.0
org.apache.thrift:libthrift	CVE-2019-0205	🚨 HIGH	0.12.0	0.13.0
org.apache.thrift:libthrift	CVE-2020-13949	🚨 HIGH	0.12.0	0.14.0
org.apache.zookeeper:zookeeper	CVE-2023-44981	🔥 CRITICAL	3.6.3	3.7.2, 3.8.3, 3.9.1
org.eclipse.jetty:jetty-server	CVE-2024-13009	🚨 HIGH	9.4.56.v20240826	9.4.57.v20241219
org.lz4:lz4-java	CVE-2025-12183	🚨 HIGH	1.8.0	1.8.1

🛡️ TRIVY SCAN RESULT 🛡️

Target: Node.js

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: Python

Vulnerabilities (10)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version
apache-airflow	CVE-2025-68438	🚨 HIGH	3.1.5	3.1.6
apache-airflow	CVE-2025-68675	🚨 HIGH	3.1.5	3.1.6
jaraco.context	CVE-2026-23949	🚨 HIGH	5.3.0	6.1.0
jaraco.context	CVE-2026-23949	🚨 HIGH	6.0.1	6.1.0
starlette	CVE-2025-62727	🚨 HIGH	0.48.0	0.49.1
urllib3	CVE-2025-66418	🚨 HIGH	1.26.20	2.6.0
urllib3	CVE-2025-66471	🚨 HIGH	1.26.20	2.6.0
urllib3	CVE-2026-21441	🚨 HIGH	1.26.20	2.6.3
wheel	CVE-2026-24049	🚨 HIGH	0.45.1	0.46.2
wheel	CVE-2026-24049	🚨 HIGH	0.45.1	0.46.2

🛡️ TRIVY SCAN RESULT 🛡️

Target: /etc/ssl/private/ssl-cert-snakeoil.key

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/extended_sample_data.yaml

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/lineage.yaml

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/sample_data.json

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/sample_data.yaml

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/sample_data_aut.yaml

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/sample_usage.json

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/sample_usage.yaml

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/sample_usage_aut.yaml

No Vulnerabilities Found

[github-actions]

🛡️ TRIVY SCAN RESULT 🛡️

Target: openmetadata-ingestion:trivy (debian 12.12)

Vulnerabilities (4)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version
libpam-modules	CVE-2025-6020	🚨 HIGH	1.5.2-6+deb12u1	1.5.2-6+deb12u2
libpam-modules-bin	CVE-2025-6020	🚨 HIGH	1.5.2-6+deb12u1	1.5.2-6+deb12u2
libpam-runtime	CVE-2025-6020	🚨 HIGH	1.5.2-6+deb12u1	1.5.2-6+deb12u2
libpam0g	CVE-2025-6020	🚨 HIGH	1.5.2-6+deb12u1	1.5.2-6+deb12u2

🛡️ TRIVY SCAN RESULT 🛡️

Target: Java

Vulnerabilities (33)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version
com.fasterxml.jackson.core:jackson-core	CVE-2025-52999	🚨 HIGH	2.12.7	2.15.0
com.fasterxml.jackson.core:jackson-core	CVE-2025-52999	🚨 HIGH	2.13.4	2.15.0
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42003	🚨 HIGH	2.12.7	2.12.7.1, 2.13.4.2
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42004	🚨 HIGH	2.12.7	2.12.7.1, 2.13.4
com.google.code.gson:gson	CVE-2022-25647	🚨 HIGH	2.2.4	2.8.9
com.google.protobuf:protobuf-java	CVE-2021-22569	🚨 HIGH	3.3.0	3.16.1, 3.18.2, 3.19.2
com.google.protobuf:protobuf-java	CVE-2022-3509	🚨 HIGH	3.3.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2022-3510	🚨 HIGH	3.3.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2024-7254	🚨 HIGH	3.3.0	3.25.5, 4.27.5, 4.28.2
com.google.protobuf:protobuf-java	CVE-2021-22569	🚨 HIGH	3.7.1	3.16.1, 3.18.2, 3.19.2
com.google.protobuf:protobuf-java	CVE-2022-3509	🚨 HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2022-3510	🚨 HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2024-7254	🚨 HIGH	3.7.1	3.25.5, 4.27.5, 4.28.2
com.nimbusds:nimbus-jose-jwt	CVE-2023-52428	🚨 HIGH	9.8.1	9.37.2
com.squareup.okhttp3:okhttp	CVE-2021-0341	🚨 HIGH	3.12.12	4.9.2
commons-beanutils:commons-beanutils	CVE-2025-48734	🚨 HIGH	1.9.4	1.11.0
commons-io:commons-io	CVE-2024-47554	🚨 HIGH	2.8.0	2.14.0
dnsjava:dnsjava	CVE-2024-25638	🚨 HIGH	2.1.7	3.6.0
io.netty:netty-codec-http2	CVE-2025-55163	🚨 HIGH	4.1.96.Final	4.2.4.Final, 4.1.124.Final
io.netty:netty-codec-http2	GHSA-xpw8-rcwv-8f8p	🚨 HIGH	4.1.96.Final	4.1.100.Final
io.netty:netty-handler	CVE-2025-24970	🚨 HIGH	4.1.96.Final	4.1.118.Final
net.minidev:json-smart	CVE-2021-31684	🚨 HIGH	1.3.2	1.3.3, 2.4.4
net.minidev:json-smart	CVE-2023-1370	🚨 HIGH	1.3.2	2.4.9
org.apache.avro:avro	CVE-2024-47561	🔥 CRITICAL	1.7.7	1.11.4
org.apache.avro:avro	CVE-2023-39410	🚨 HIGH	1.7.7	1.11.3
org.apache.derby:derby	CVE-2022-46337	🔥 CRITICAL	10.14.2.0	10.14.3, 10.15.2.1, 10.16.1.2, 10.17.1.0
org.apache.ivy:ivy	CVE-2022-46751	🚨 HIGH	2.5.1	2.5.2
org.apache.mesos:mesos	CVE-2018-1330	🚨 HIGH	1.4.3	1.6.0
org.apache.thrift:libthrift	CVE-2019-0205	🚨 HIGH	0.12.0	0.13.0
org.apache.thrift:libthrift	CVE-2020-13949	🚨 HIGH	0.12.0	0.14.0
org.apache.zookeeper:zookeeper	CVE-2023-44981	🔥 CRITICAL	3.6.3	3.7.2, 3.8.3, 3.9.1
org.eclipse.jetty:jetty-server	CVE-2024-13009	🚨 HIGH	9.4.56.v20240826	9.4.57.v20241219
org.lz4:lz4-java	CVE-2025-12183	🚨 HIGH	1.8.0	1.8.1

🛡️ TRIVY SCAN RESULT 🛡️

Target: Node.js

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: Python

Vulnerabilities (20)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version
Werkzeug	CVE-2024-34069	🚨 HIGH	2.2.3	3.0.3
aiohttp	CVE-2025-69223	🚨 HIGH	3.12.12	3.13.3
aiohttp	CVE-2025-69223	🚨 HIGH	3.13.2	3.13.3
apache-airflow	CVE-2025-68438	🚨 HIGH	3.1.5	3.1.6
apache-airflow	CVE-2025-68675	🚨 HIGH	3.1.5	3.1.6
azure-core	CVE-2026-21226	🚨 HIGH	1.37.0	1.38.0
jaraco.context	CVE-2026-23949	🚨 HIGH	5.3.0	6.1.0
jaraco.context	CVE-2026-23949	🚨 HIGH	5.3.0	6.1.0
jaraco.context	CVE-2026-23949	🚨 HIGH	6.0.1	6.1.0
protobuf	CVE-2026-0994	🚨 HIGH	4.25.8	6.33.5, 5.29.6
pyasn1	CVE-2026-23490	🚨 HIGH	0.6.1	0.6.2
python-multipart	CVE-2026-24486	🚨 HIGH	0.0.20	0.0.22
ray	CVE-2025-62593	🔥 CRITICAL	2.47.1	2.52.0
starlette	CVE-2025-62727	🚨 HIGH	0.48.0	0.49.1
urllib3	CVE-2025-66418	🚨 HIGH	1.26.20	2.6.0
urllib3	CVE-2025-66471	🚨 HIGH	1.26.20	2.6.0
urllib3	CVE-2026-21441	🚨 HIGH	1.26.20	2.6.3
wheel	CVE-2026-24049	🚨 HIGH	0.45.1	0.46.2
wheel	CVE-2026-24049	🚨 HIGH	0.45.1	0.46.2
wheel	CVE-2026-24049	🚨 HIGH	0.45.1	0.46.2

🛡️ TRIVY SCAN RESULT 🛡️

Target: /etc/ssl/private/ssl-cert-snakeoil.key

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /home/airflow/openmetadata-airflow-apis/openmetadata_managed_apis.egg-info/PKG-INFO

No Vulnerabilities Found

[Copilot]

Pull request overview

This pull request implements a significant performance optimization for table profiling by adding database-specific metric computers that query native system tables instead of executing expensive COUNT(*) operations. The PR adds support for 10 database systems (PostgreSQL, MSSQL, CockroachDB, DB2, Vertica, SAP HANA, and reuses MySQL implementation for MariaDB, SingleStore, StarRocks, and Doris).

Changes:

• Removed expensive MySQL COUNT(*) patching logic that performed full table scans after retrieving statistics
• Added 6 new TableMetricComputer classes that query database-specific system catalogs for instant metrics
• Registered MySQL-compatible metric computer for 4 additional dialects (MariaDB, SingleStore, StarRocks, Doris)
• Added comprehensive unit tests with mocking for databases without testcontainer support
• Added integration tests using testcontainers for MySQL, PostgreSQL, MSSQL, and CockroachDB

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
ingestion/src/metadata/profiler/orm/functions/table_metric_computer.py	Core implementation: removed MySQL COUNT(*) patch, added 6 new database-specific metric computers, registered 10 new dialect mappings
ingestion/tests/unit/profiler/test_table_metric_computer.py	Unit tests for DB2, Vertica, and SAP HANA with mocked sessions, plus factory registration verification
ingestion/tests/integration/profiler/test_table_metric_computer_postgres.py	Integration tests for PostgreSQL using testcontainers
ingestion/tests/integration/profiler/test_table_metric_computer_mysql.py	Integration tests for MySQL using testcontainers
ingestion/tests/integration/profiler/test_table_metric_computer_mssql.py	Integration tests for MSSQL using testcontainers
ingestion/tests/integration/profiler/test_table_metric_computer_cockroach.py	Integration tests for CockroachDB using testcontainers

[gitar-bot]

🔍 CI failure analysis for 458805c: 7 Python integration test failures in new CockroachDB/MSSQL table metric computers - SQLAlchemy InvalidRequestError in fallback query construction. Bug directly related to PR changes. Plus 1 unrelated Playwright KPI Widget failure (environment issue).

Issue

Two distinct CI job failures detected:

1. Python Integration Tests (NEW) - 7 test failures in newly added table metric computer integration tests
2. Playwright E2E Test (Previously Reported) - 1 KPI Widget test failure with browser context closure

Root Causes

1. Python Integration Tests - Table Metric Computers (DIRECTLY RELATED TO PR)

Failed tests (all with same error):

• test_table_metric_computer_cockroach.py (3 failures):
  • test_compute_returns_row_count
  • test_compute_does_not_return_size
  • test_compute_returns_column_metadata
• test_table_metric_computer_mssql.py (4 failures):
  • test_compute_returns_row_count_and_size
  • test_compute_returns_column_metadata
  • test_compute_returns_create_datetime
  • test_compute_nonexistent_table_returns_none

Error pattern (identical for all 7 tests):

sqlalchemy.exc.InvalidRequestError: Query contains no columns with which to SELECT from.

Stack trace analysis:

• Error occurs in the fallback path: table_metric_computer.py:594: return super().compute()
• When the database-specific query returns None or triggers fallback conditions, it calls BaseTableMetricComputer.compute()
• The base class attempts to execute a COUNT(*) query at line 169
• SQLAlchemy compilation fails with "Query contains no columns"

Root cause:
The BaseTableMetricComputer.compute() fallback method is constructing an invalid query when called from CockroachDB and MSSQL metric computers. The query builder is likely not properly handling the table structure or is creating a SELECT with an empty column list.

Why this is happening:

• Integration tests use actual database containers (CockroachDB v24.3.2, MSSQL 2022)
• Tests create a test_metrics.metric_computer_test table with 100 rows
• When the specialized metric computer's query executes, something triggers the fallback to base compute()
• The base compute() method constructs a malformed query

Possible causes:

1. Table metadata not properly loaded/reflected in SQLAlchemy ORM
2. Schema name handling issue ("test_metrics" schema)
3. Query builder in base class expects columns to be defined differently
4. Dialect-specific quirk in how Snowflake SQLAlchemy compiler interacts with Cockroach/MSSQL

Note: Stack trace shows SnowflakeORMSelectCompileState being used, which is unusual for CockroachDB/MSSQL tests - suggests potential SQLAlchemy dialect confusion or global state pollution from earlier tests.

2. Playwright E2E Test - KPI Widget (Previously Reported)

Failed test:

• Flow › CustomizeWidgets › KPI Widget @ingestion

Error: Browser context closed while waiting for API responses

Root cause: CI environment resource exhaustion after running 280+ tests (unrelated to PR changes)

Details

Python test failures ARE DIRECTLY RELATED to this PR:

• PR adds new CockroachTableMetricComputer and MSSQLTableMetricComputer classes
• PR adds new integration tests for these computers
• Failures are in these exact new tests
• Error occurs in the fallback logic path of the new implementations

Impact:

• 98.7% test success rate (539 passed / 7 failed / 21 skipped)
• Only the new integration tests for CockroachDB and MSSQL are failing
• MySQL and PostgreSQL integration tests pass successfully
• All unit tests pass

Playwright test failure remains UNRELATED to PR changes:

• Frontend E2E test vs backend profiler code
• Environmental issue, not code defect

Fix

The Python test failures indicate a bug in the new table metric computer implementations or their fallback logic. The issue needs investigation:

1. Check why fallback is being triggered (are CockroachDB/MSSQL queries returning None?)
2. Fix the BaseTableMetricComputer.compute() query construction
3. Investigate the Snowflake SQLAlchemy compiler appearing in CockroachDB/MSSQL tests
4. Verify table metadata reflection is working correctly in integration test setup

Code Review 👍 Approved with suggestions 0 resolved / 2 findings

Well-structured addition of 6 database-specific metric computers with good test coverage. The two previously identified issues (MSSQL sys.tables excluding views, DB2 case sensitivity concern) remain unaddressed in this iteration.

⚠️ Bug: MSSQL query won't return results for Views

📄 ingestion/src/metadata/profiler/orm/functions/table_metric_computer.py:490-498

The MSSQLTableMetricComputer.compute() method queries sys.tables which only contains tables, not views. Since Views are stored in sys.views in SQL Server, this implementation will always return None for Views and fall through to the base implementation's COUNT(*) logic silently.

While this doesn't break functionality (it falls back gracefully), the docstring claims it computes metrics for MSSQL but it only works for tables. If View support is intended, the query should use sys.objects instead with appropriate type filtering, or query sys.views separately.

Consider either:

1. Documenting this limitation in the docstring: "compute table metrics for MSSQL tables only (views fall back to COUNT(*))"
2. Or extending to support views if needed

💡 Bug: DB2 schema/table name case handling may not match

📄 ingestion/src/metadata/profiler/orm/functions/table_metric_computer.py:610-613

The DB2 implementation uses self.schema_name.upper() and self.table_name.upper() on the Python side while applying func.upper() on the database columns. However, if self.schema_name or self.table_name is None, calling .upper() on them will raise an AttributeError.

The other implementations (PostgreSQL, MSSQL, etc.) compare values directly without case transformation, which suggests these values are expected to be non-None at this point. However, defensive programming would suggest adding a None check or using a safer pattern:

func.upper(Column("TABSCHEMA")) == func.upper(literal(self.schema_name)),
func.upper(Column("TABNAME")) == func.upper(literal(self.table_name)),

This would handle the case transformation entirely in SQL and avoid potential None dereferences.

Tip

Comment Gitar fix CI or enable auto-apply: gitar auto-apply:on

Options

Auto-apply is off → Gitar will not commit updates to this branch.
Display: compact → Showing less information.

Comment with these commands to change:

Auto-apply	Compact
gitar auto-apply:on	gitar display:verbose

_{Was this helpful? React with 👍 / 👎 | Gitar}