secure-log2test 1.0.0__tar.gz

secure_log2test-1.0.0/.gitignore

@@ -0,0 +1,39 @@
+# Python
+__pycache__/
+*.py[cod]
+*$py.class
+*.so
+.Python
+build/
+dist/
+*.egg-info/
+*.egg
+
+# Virtual environments
+.venv/
+venv/
+env/
+ENV/
+
+# Testing
+.pytest_cache/
+.coverage
+htmlcov/
+.tox/
+
+# IDE
+.idea/
+.vscode/
+*.swp
+*.swo
+
+# OS
+.DS_Store
+Thumbs.db
+
+# Generated output
+generated_tests/
+tests_generated.py
+
+# Local release runbooks (not for public repo)
+PUBLISH_*.md

secure_log2test-1.0.0/CHANGELOG.md

@@ -0,0 +1,42 @@
+# Changelog
+
+All notable changes to this project will be documented here. Format is loosely based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), and the project follows [Semantic Versioning](https://semver.org/).
+
+## [Unreleased]
+
+## [1.0.0] - 2026-05-10
+
+First stable release. Public API surface (CLI flags, JSON input shape, generated test layout) is now considered stable. Future minor versions will add features without breaking existing usage.
+
+### Added
+- `pyproject.toml` with PEP 621 metadata, hatchling build backend, console-script entry point.
+- `secure-log2test` console command available after `pip install -e .` or `pip install secure-log2test` (post-PyPI publish).
+- `python -m secure_log2test` invocation via `__main__.py`.
+- Python 3.12 added to CI matrix.
+- CONTRIBUTING guide for issue reports and pull requests.
+- MIT license file.
+- This changelog.
+- README badges for CI status, supported Python versions, and licence.
+- Self-roadmap GitHub issues for v1.1 (response body assertions, schema match) and v1.2 (custom redaction rules via config file).
+
+### Changed
+- Repackaged into `secure_log2test/` Python package. `core/` moved to `secure_log2test/core/`. `templates/` moved to `secure_log2test/templates/`.
+- `main.py` removed at top level; CLI entry now lives in `secure_log2test/cli.py`.
+- CI workflow installs the project as a package (`pip install -e ".[dev]"`) and exercises the installed CLI.
+- Test imports updated to reference `secure_log2test.core.parser`.
+- `secure_log2test.__version__` now reads from installed package metadata via `importlib.metadata`, so it always matches the wheel version. Previously hardcoded.
+
+## [0.2.0] - 2026-05-05
+
+### Added
+- GitHub Actions CI workflow with a Python 3.10 and 3.11 matrix.
+- CLI smoke test inside CI: generate a suite from `data/sample_kibana_export.json` and run `ast.parse` on the output.
+- Edge-case tests covering auth headers, empty request bodies, and 5xx responses.
+
+## [0.1.0] - 2026-05-03
+
+### Added
+- Pytest test generator and CLI entry point (`python main.py <kibana_export.json>`).
+- Parser unit tests and a sample Kibana fixture under `data/`.
+- Core parser that turns Kibana request logs into pytest test cases.
+- Initial project scaffold and README.

secure_log2test-1.0.0/CONTRIBUTING.md

@@ -0,0 +1,38 @@
+# Contributing
+
+Thanks for your interest in secure-log2test. This is a small project, so the contribution flow is simple.
+
+## Reporting a bug
+
+Open an issue with:
+
+- What you ran (command + Python version)
+- What you expected
+- What happened instead
+- A minimal Kibana export sample if the bug is parser-related (strip secrets first)
+
+## Suggesting a feature
+
+Open an issue first so we can talk through the use case before you write code. Keeps both of us from wasting time.
+
+## Submitting a pull request
+
+1. Fork the repo and create a branch from `main`.
+2. Make your changes. Keep the diff focused on one thing.
+3. Add or update tests in `tests/`. The CI runs `pytest -v` on Python 3.10 and 3.11.
+4. Run the tests locally before pushing:
+   ```bash
+   pip install -r requirements.txt
+   pytest -v
+   ```
+5. Open the PR with a short description of what changed and why.
+
+## Code style
+
+- Plain Python, no extra dependencies unless there's a real reason.
+- Function and variable names in English, lowercase with underscores.
+- One responsibility per function. If a function grows past 30-40 lines, split it.
+
+## Security
+
+If you find something that could leak secrets from a real log file, please email me directly instead of opening a public issue. Address is on my GitHub profile.

secure_log2test-1.0.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Mikhail Golikov
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

secure_log2test-1.0.0/PKG-INFO

@@ -0,0 +1,177 @@
+Metadata-Version: 2.4
+Name: secure-log2test
+Version: 1.0.0
+Summary: Convert Kibana API log exports into runnable pytest suites with auth header redaction.
+Project-URL: Homepage, https://github.com/golikovichev/secure-log2test
+Project-URL: Repository, https://github.com/golikovichev/secure-log2test
+Project-URL: Issues, https://github.com/golikovichev/secure-log2test/issues
+Project-URL: Changelog, https://github.com/golikovichev/secure-log2test/blob/main/CHANGELOG.md
+Author-email: Mikhail Golikov <golikovichev@gmail.com>
+Maintainer-email: Mikhail Golikov <golikovichev@gmail.com>
+License: MIT License
+        
+        Copyright (c) 2026 Mikhail Golikov
+        
+        Permission is hereby granted, free of charge, to any person obtaining a copy
+        of this software and associated documentation files (the "Software"), to deal
+        in the Software without restriction, including without limitation the rights
+        to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+        copies of the Software, and to permit persons to whom the Software is
+        furnished to do so, subject to the following conditions:
+        
+        The above copyright notice and this permission notice shall be included in all
+        copies or substantial portions of the Software.
+        
+        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+        SOFTWARE.
+License-File: LICENSE
+Keywords: api-testing,kibana,log-parsing,pytest,qa,test-generation
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Software Development :: Quality Assurance
+Classifier: Topic :: Software Development :: Testing
+Requires-Python: >=3.10
+Requires-Dist: jinja2>=3.1
+Requires-Dist: pydantic>=2.0
+Requires-Dist: requests>=2.31
+Provides-Extra: dev
+Requires-Dist: build>=1.0; extra == 'dev'
+Requires-Dist: pytest>=7.0; extra == 'dev'
+Requires-Dist: twine>=4.0; extra == 'dev'
+Description-Content-Type: text/markdown
+
+# secure-log2test
+
+[![CI](https://github.com/golikovichev/secure-log2test/actions/workflows/ci.yml/badge.svg)](https://github.com/golikovichev/secure-log2test/actions/workflows/ci.yml)
+[![Python](https://img.shields.io/badge/python-3.10%20%7C%203.11%20%7C%203.12-blue)](https://pypi.org/project/secure-log2test/)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+
+Turn a Kibana API log export into an executable pytest suite. Auth headers redacted by default.
+
+Status: alpha. v1.0.0 lands May 2026.
+
+## Why
+
+You have Kibana logs from staging or production. Each entry is a real request: method, URL, status, duration, headers, body. That's a regression suite waiting to happen. Most teams either ignore it, screenshot interesting failures into Jira, or hand-write pytest cases from log entries one at a time.
+
+I needed a faster path. `secure-log2test` reads a Kibana JSON export and writes a pytest module you can run and commit. Auth values get replaced with `***REDACTED***` before they ever touch the output, so a generated suite is safe to push to a public repo.
+
+The tool exists because at Лента I kept doing the same five steps by hand for every production incident: open Kibana, scroll, copy the failing request, paste into a new test, repeat. Five minutes per request times ten requests means an hour gone before any actual debugging starts.
+
+## Quickstart
+
+```bash
+git clone https://github.com/golikovichev/secure-log2test
+cd secure-log2test
+python -m venv .venv && source .venv/bin/activate  # or .venv\Scripts\activate on Windows
+pip install -r requirements.txt
+
+python main.py data/sample_kibana_export.json --output tests_generated.py
+pytest tests_generated.py -v
+```
+
+The sample export ships with the repo (`data/sample_kibana_export.json`), so you can see real output without setting up a Kibana instance first.
+
+PyPI install (`pip install secure-log2test`) lands with v1.0.0.
+
+## How it works
+
+Two stages, kept separate.
+
+**Parse** (`core/parser.py`). Reads the Kibana JSON and validates each entry through Pydantic v2. Sensitive headers are redacted before any further processing. The redaction list lives in `SENSITIVE_HEADERS`: `authorization`, `proxy-authorization`, `cookie`, `set-cookie`, `x-api-key`, `x-auth-token`, `authentication`. Match is case-insensitive. Header values get replaced with `***REDACTED***`. The original input dict is not mutated.
+
+**Generate** (`core/generator.py`). Takes the cleaned entries and renders a Jinja2 template (`templates/test_module.py.j2`) into a pytest module. Each log entry becomes one `test_*` function. The slug filter turns `/api/v1/users/42` into a stable function name. A `--base-url` flag lets you target staging vs production at runtime.
+
+The split lets you reuse the parser for other formats. If you want to generate Locust scripts, k6 scenarios, or an OpenAPI spec from the same logs, the parser stays. Only the template changes.
+
+## Sample output
+
+Given this Kibana log entry:
+
+```json
+{
+  "method": "POST",
+  "url": "/api/v1/users",
+  "status": 201,
+  "headers": {"Authorization": "Bearer abc.xyz", "Content-Type": "application/json"},
+  "body": {"name": "Test", "email": "test@example.com"}
+}
+```
+
+The generator emits something like:
+
+```python
+def test_post_api_v1_users():
+    response = requests.post(
+        f"{BASE_URL}/api/v1/users",
+        headers={"Authorization": "***REDACTED***", "Content-Type": "application/json"},
+        json={"name": "Test", "email": "test@example.com"},
+    )
+    assert response.status_code == 201, (
+        f"Expected 201, got {response.status_code}: {response.text[:200]}"
+    )
+```
+
+The `Authorization` value never leaves the parser intact. You set the real token in your environment at run time.
+
+## Limitations
+
+This is what v0.2.0 does **not** handle. Calling them out so the tool stays trustworthy.
+
+- OAuth flows. Only static `Authorization` headers, redacted to a placeholder.
+- Multipart bodies and file uploads.
+- Streaming responses or chunked transfer.
+- Kibana exports older than the schema in `data/sample_kibana_export.json`. Fixture-driven; if your export looks different, open an issue with a redacted sample.
+- Response body assertions. Status code only for now.
+- Pre-request scripts or test scripts (the project takes only what is in the log entry).
+
+If something on this list blocks you, open an issue. v1.0 stays small on purpose; the roadmap below is where new scope goes.
+
+## Roadmap
+
+| Version | Adds |
+| --- | --- |
+| 0.3 | Response body assertions, optional schema match. |
+| 0.4 | Custom redaction rules via config file. |
+| 0.5 | Multiple output formats (k6, Locust). |
+| 1.0 | First stable API, PyPI release, full docs site. |
+
+Target dates live in `CHANGELOG.md` once the work is in flight.
+
+## Tests
+
+```bash
+pytest tests/ -v
+```
+
+Coverage as of 0.2.0:
+- Parser unit tests for valid input, malformed input, header redaction, empty bodies.
+- Edge cases for 5xx responses and missing fields.
+- CI smoke test that runs the CLI end-to-end on the sample export and parses the generated Python with `ast.parse`.
+
+CI runs on Python 3.10 and 3.11 via GitHub Actions.
+
+## Security note
+
+The default redaction list is conservative. If your team uses a custom auth header (`X-Company-Token`, anything not in the standard list), add it to `SENSITIVE_HEADERS` in `core/parser.py` before generating output. PRs welcome.
+
+Never commit a generated suite that includes real production tokens. The redaction is a safety net, not a substitute for review.
+
+## Contributing
+
+Issue templates and PR guidance live in [CONTRIBUTING.md](CONTRIBUTING.md). Bug reports with a redacted sample log are the most useful kind.
+
+## Licence
+
+MIT. See [LICENSE](LICENSE).

secure_log2test-1.0.0/README.md

@@ -0,0 +1,124 @@
+# secure-log2test
+
+[![CI](https://github.com/golikovichev/secure-log2test/actions/workflows/ci.yml/badge.svg)](https://github.com/golikovichev/secure-log2test/actions/workflows/ci.yml)
+[![Python](https://img.shields.io/badge/python-3.10%20%7C%203.11%20%7C%203.12-blue)](https://pypi.org/project/secure-log2test/)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+
+Turn a Kibana API log export into an executable pytest suite. Auth headers redacted by default.
+
+Status: alpha. v1.0.0 lands May 2026.
+
+## Why
+
+You have Kibana logs from staging or production. Each entry is a real request: method, URL, status, duration, headers, body. That's a regression suite waiting to happen. Most teams either ignore it, screenshot interesting failures into Jira, or hand-write pytest cases from log entries one at a time.
+
+I needed a faster path. `secure-log2test` reads a Kibana JSON export and writes a pytest module you can run and commit. Auth values get replaced with `***REDACTED***` before they ever touch the output, so a generated suite is safe to push to a public repo.
+
+The tool exists because at Лента I kept doing the same five steps by hand for every production incident: open Kibana, scroll, copy the failing request, paste into a new test, repeat. Five minutes per request times ten requests means an hour gone before any actual debugging starts.
+
+## Quickstart
+
+```bash
+git clone https://github.com/golikovichev/secure-log2test
+cd secure-log2test
+python -m venv .venv && source .venv/bin/activate  # or .venv\Scripts\activate on Windows
+pip install -r requirements.txt
+
+python main.py data/sample_kibana_export.json --output tests_generated.py
+pytest tests_generated.py -v
+```
+
+The sample export ships with the repo (`data/sample_kibana_export.json`), so you can see real output without setting up a Kibana instance first.
+
+PyPI install (`pip install secure-log2test`) lands with v1.0.0.
+
+## How it works
+
+Two stages, kept separate.
+
+**Parse** (`core/parser.py`). Reads the Kibana JSON and validates each entry through Pydantic v2. Sensitive headers are redacted before any further processing. The redaction list lives in `SENSITIVE_HEADERS`: `authorization`, `proxy-authorization`, `cookie`, `set-cookie`, `x-api-key`, `x-auth-token`, `authentication`. Match is case-insensitive. Header values get replaced with `***REDACTED***`. The original input dict is not mutated.
+
+**Generate** (`core/generator.py`). Takes the cleaned entries and renders a Jinja2 template (`templates/test_module.py.j2`) into a pytest module. Each log entry becomes one `test_*` function. The slug filter turns `/api/v1/users/42` into a stable function name. A `--base-url` flag lets you target staging vs production at runtime.
+
+The split lets you reuse the parser for other formats. If you want to generate Locust scripts, k6 scenarios, or an OpenAPI spec from the same logs, the parser stays. Only the template changes.
+
+## Sample output
+
+Given this Kibana log entry:
+
+```json
+{
+  "method": "POST",
+  "url": "/api/v1/users",
+  "status": 201,
+  "headers": {"Authorization": "Bearer abc.xyz", "Content-Type": "application/json"},
+  "body": {"name": "Test", "email": "test@example.com"}
+}
+```
+
+The generator emits something like:
+
+```python
+def test_post_api_v1_users():
+    response = requests.post(
+        f"{BASE_URL}/api/v1/users",
+        headers={"Authorization": "***REDACTED***", "Content-Type": "application/json"},
+        json={"name": "Test", "email": "test@example.com"},
+    )
+    assert response.status_code == 201, (
+        f"Expected 201, got {response.status_code}: {response.text[:200]}"
+    )
+```
+
+The `Authorization` value never leaves the parser intact. You set the real token in your environment at run time.
+
+## Limitations
+
+This is what v0.2.0 does **not** handle. Calling them out so the tool stays trustworthy.
+
+- OAuth flows. Only static `Authorization` headers, redacted to a placeholder.
+- Multipart bodies and file uploads.
+- Streaming responses or chunked transfer.
+- Kibana exports older than the schema in `data/sample_kibana_export.json`. Fixture-driven; if your export looks different, open an issue with a redacted sample.
+- Response body assertions. Status code only for now.
+- Pre-request scripts or test scripts (the project takes only what is in the log entry).
+
+If something on this list blocks you, open an issue. v1.0 stays small on purpose; the roadmap below is where new scope goes.
+
+## Roadmap
+
+| Version | Adds |
+| --- | --- |
+| 0.3 | Response body assertions, optional schema match. |
+| 0.4 | Custom redaction rules via config file. |
+| 0.5 | Multiple output formats (k6, Locust). |
+| 1.0 | First stable API, PyPI release, full docs site. |
+
+Target dates live in `CHANGELOG.md` once the work is in flight.
+
+## Tests
+
+```bash
+pytest tests/ -v
+```
+
+Coverage as of 0.2.0:
+- Parser unit tests for valid input, malformed input, header redaction, empty bodies.
+- Edge cases for 5xx responses and missing fields.
+- CI smoke test that runs the CLI end-to-end on the sample export and parses the generated Python with `ast.parse`.
+
+CI runs on Python 3.10 and 3.11 via GitHub Actions.
+
+## Security note
+
+The default redaction list is conservative. If your team uses a custom auth header (`X-Company-Token`, anything not in the standard list), add it to `SENSITIVE_HEADERS` in `core/parser.py` before generating output. PRs welcome.
+
+Never commit a generated suite that includes real production tokens. The redaction is a safety net, not a substitute for review.
+
+## Contributing
+
+Issue templates and PR guidance live in [CONTRIBUTING.md](CONTRIBUTING.md). Bug reports with a redacted sample log are the most useful kind.
+
+## Licence
+
+MIT. See [LICENSE](LICENSE).

secure_log2test-1.0.0/data/sample_kibana_export.json

@@ -0,0 +1,39 @@
+{
+  "hits": {
+    "total": {"value": 4, "relation": "eq"},
+    "hits": [
+      {
+        "_source": {
+          "method": "GET",
+          "url": "/api/v1/users",
+          "status": 200,
+          "duration": 42
+        }
+      },
+      {
+        "_source": {
+          "method": "POST",
+          "url": "/api/v1/users",
+          "status": 201,
+          "duration": 110
+        }
+      },
+      {
+        "_source": {
+          "method": "PUT",
+          "url": "/api/v1/users/42",
+          "status": 204,
+          "duration": 87
+        }
+      },
+      {
+        "_source": {
+          "method": "DELETE",
+          "url": "/api/v1/users/99",
+          "status": 404,
+          "duration": 21
+        }
+      }
+    ]
+  }
+}

secure_log2test-1.0.0/pyproject.toml

@@ -0,0 +1,77 @@
+[build-system]
+requires = ["hatchling>=1.21"]
+build-backend = "hatchling.build"
+
+[project]
+name = "secure-log2test"
+version = "1.0.0"
+description = "Convert Kibana API log exports into runnable pytest suites with auth header redaction."
+readme = "README.md"
+license = { file = "LICENSE" }
+requires-python = ">=3.10"
+authors = [
+    { name = "Mikhail Golikov", email = "golikovichev@gmail.com" },
+]
+maintainers = [
+    { name = "Mikhail Golikov", email = "golikovichev@gmail.com" },
+]
+keywords = [
+    "kibana",
+    "pytest",
+    "test-generation",
+    "api-testing",
+    "log-parsing",
+    "qa",
+]
+classifiers = [
+    "Development Status :: 4 - Beta",
+    "Intended Audience :: Developers",
+    "License :: OSI Approved :: MIT License",
+    "Operating System :: OS Independent",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.10",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+    "Topic :: Software Development :: Testing",
+    "Topic :: Software Development :: Quality Assurance",
+]
+dependencies = [
+    "pydantic>=2.0",
+    "jinja2>=3.1",
+    "requests>=2.31",
+]
+
+[project.optional-dependencies]
+dev = [
+    "pytest>=7.0",
+    "build>=1.0",
+    "twine>=4.0",
+]
+
+[project.scripts]
+secure-log2test = "secure_log2test.cli:main"
+
+[project.urls]
+Homepage = "https://github.com/golikovichev/secure-log2test"
+Repository = "https://github.com/golikovichev/secure-log2test"
+Issues = "https://github.com/golikovichev/secure-log2test/issues"
+Changelog = "https://github.com/golikovichev/secure-log2test/blob/main/CHANGELOG.md"
+
+[tool.hatch.build.targets.wheel]
+packages = ["secure_log2test"]
+
+[tool.hatch.build.targets.sdist]
+include = [
+    "secure_log2test/",
+    "tests/",
+    "data/sample_kibana_export.json",
+    "README.md",
+    "LICENSE",
+    "CHANGELOG.md",
+    "CONTRIBUTING.md",
+    "pyproject.toml",
+]
+
+[tool.pytest.ini_options]
+testpaths = ["tests"]
+addopts = "-ra"

secure_log2test-1.0.0/secure_log2test/__init__.py

@@ -0,0 +1,9 @@
+"""secure-log2test: convert Kibana API log exports into runnable pytest suites."""
+
+from importlib.metadata import PackageNotFoundError, version as _pkg_version
+
+try:
+    __version__ = _pkg_version("secure-log2test")
+except PackageNotFoundError:
+    # Running from a source checkout without an installed distribution.
+    __version__ = "0.0.0+unknown"

secure_log2test-1.0.0/secure_log2test/__main__.py

@@ -0,0 +1,6 @@
+"""Allow `python -m secure_log2test` invocation."""
+
+from .cli import main
+
+if __name__ == "__main__":
+    raise SystemExit(main())

secure_log2test-1.0.0/secure_log2test/cli.py

@@ -0,0 +1,66 @@
+"""CLI entry for secure-log2test.
+
+Wired through `console_scripts` entry в pyproject.toml so installs expose
+a `secure-log2test` command. Also runnable via `python -m secure_log2test`.
+"""
+
+from __future__ import annotations
+
+import argparse
+import logging
+import sys
+from pathlib import Path
+
+from .core.generator import KibanaTestGenerator
+from .core.parser import KibanaLogParser
+
+
+def main(argv: list[str] | None = None) -> int:
+    parser = argparse.ArgumentParser(
+        prog="secure-log2test",
+        description="Convert Kibana API log export to executable pytest suite",
+    )
+    parser.add_argument("input", type=Path, help="Path to Kibana JSON export")
+    parser.add_argument(
+        "--output",
+        type=Path,
+        default=Path("tests_generated.py"),
+        help="Output pytest module (default: tests_generated.py)",
+    )
+    parser.add_argument(
+        "--base-url",
+        default="",
+        help="Base URL prefix for generated requests (default: empty)",
+    )
+    parser.add_argument(
+        "--templates",
+        type=Path,
+        default=Path(__file__).parent / "templates",
+        help="Templates directory (default: bundled package templates)",
+    )
+    parser.add_argument("--verbose", action="store_true")
+    args = parser.parse_args(argv)
+
+    logging.basicConfig(
+        level=logging.DEBUG if args.verbose else logging.INFO,
+        format="%(levelname)s %(message)s",
+    )
+
+    if not args.input.exists():
+        print(f"Input file not found: {args.input}", file=sys.stderr)
+        return 1
+
+    log_parser = KibanaLogParser(args.input)
+    entries = log_parser.parse()
+    if not entries:
+        print("No entries parsed from input log.", file=sys.stderr)
+        return 1
+
+    generator = KibanaTestGenerator(args.templates)
+    generator.write(entries, args.output, base_url=args.base_url)
+    print(f"Generated {len(entries)} tests -> {args.output}")
+    return 0
+
+
+if __name__ == "__main__":
+    sys.exit(main())

secure_log2test-1.0.0/secure_log2test/core/generator.py

@@ -0,0 +1,46 @@
+import logging
+import re
+from pathlib import Path
+
+from jinja2 import Environment, FileSystemLoader, select_autoescape
+
+from .parser import KibanaLogEntry
+
+
+logger = logging.getLogger(__name__)
+
+
+def _slugify(value):
+    value = value.lower()
+    value = re.sub(r"[^a-z0-9]+", "_", value)
+    value = value.strip("_")
+    return value or "endpoint"
+
+
+class KibanaTestGenerator:
+    def __init__(self, templates_dir):
+        self.env = Environment(
+            loader=FileSystemLoader(str(templates_dir)),
+            autoescape=select_autoescape([]),
+            trim_blocks=True,
+            lstrip_blocks=True,
+        )
+        self.env.filters["slug"] = _slugify
+
+    def render(self, entries, base_url=""):
+        template = self.env.get_template("test_module.py.j2")
+        cleaned = []
+        for e in entries:
+            if isinstance(e, KibanaLogEntry):
+                cleaned.append(e)
+            else:
+                cleaned.append(KibanaLogEntry(**e))
+        return template.render(entries=cleaned, base_url=base_url)
+
+    def write(self, entries, output_path, base_url=""):
+        output_path = Path(output_path)
+        output_path.parent.mkdir(parents=True, exist_ok=True)
+        rendered = self.render(entries, base_url=base_url)
+        output_path.write_text(rendered, encoding="utf-8")
+        logger.info("Wrote %d entries to %s", len(entries), output_path)
+        return output_path

secure_log2test-1.0.0/secure_log2test/core/parser.py

@@ -0,0 +1,73 @@
+import json
+import logging
+from pathlib import Path
+from typing import Any
+
+from pydantic import BaseModel, Field, field_validator
+
+
+logger = logging.getLogger(__name__)
+
+
+SENSITIVE_HEADERS = frozenset({
+    "authorization",
+    "proxy-authorization",
+    "cookie",
+    "set-cookie",
+    "x-api-key",
+    "x-auth-token",
+    "authentication",
+})
+
+REDACTED = "***REDACTED***"
+
+
+def redact_headers(headers):
+    """Replace sensitive header values with a fixed redaction marker.
+
+    Header name match is case-insensitive. Returns a new dict; the input
+    is not mutated.
+    """
+    if not headers:
+        return {}
+    return {
+        name: (REDACTED if name.lower() in SENSITIVE_HEADERS else value)
+        for name, value in headers.items()
+    }
+
+
+class KibanaLogEntry(BaseModel):
+    method: str
+    url: str
+    status: int
+    duration: int = 0
+    headers: dict[str, str] = Field(default_factory=dict)
+    body: Any = None
+
+    @field_validator("method")
+    @classmethod
+    def normalize_method(cls, v):
+        return v.upper()
+
+    @field_validator("headers")
+    @classmethod
+    def redact_sensitive_headers(cls, v):
+        return redact_headers(v)
+
+
+class KibanaLogParser:
+    def __init__(self, path):
+        self.path = Path(path)
+
+    def parse(self):
+        with open(self.path) as f:
+            data = json.load(f)
+
+        entries = []
+        for hit in data.get("hits", {}).get("hits", []):
+            try:
+                entries.append(KibanaLogEntry(**hit["_source"]))
+            except Exception as e:
+                logger.warning(f"Skipping bad entry: {e}")
+
+        return entries

secure_log2test-1.0.0/secure_log2test/templates/test_module.py.j2

@@ -0,0 +1,20 @@
+"""Auto-generated regression suite. Do not edit by hand."""
+
+import pytest
+import requests
+
+
+BASE_URL = "{{ base_url }}"
+
+
+{% for entry in entries %}
+def test_{{ entry.method | lower }}_{{ entry.url | slug }}_{{ loop.index }}():
+    response = requests.request(
+        method="{{ entry.method }}",
+        url=BASE_URL + "{{ entry.url }}",
+        timeout=10,
+    )
+    assert response.status_code == {{ entry.status }}
+
+
+{% endfor %}

secure_log2test-1.0.0/tests/test_edge_cases.py

@@ -0,0 +1,152 @@
+"""Edge cases: header redaction, empty bodies, server error codes."""
+
+import json
+
+import pytest
+
+from secure_log2test.core.parser import (
+    KibanaLogEntry,
+    KibanaLogParser,
+    REDACTED,
+    redact_headers,
+)
+
+
+# ---------------------------------------------------------------------------
+# Header redaction
+# ---------------------------------------------------------------------------
+
+def test_authorization_header_redacted():
+    cleaned = redact_headers({"Authorization": "Bearer secret-token-xyz"})
+    assert cleaned == {"Authorization": REDACTED}
+
+
+def test_cookie_header_redacted():
+    cleaned = redact_headers({"Cookie": "session=abc123"})
+    assert cleaned["Cookie"] == REDACTED
+
+
+def test_redaction_is_case_insensitive():
+    cleaned = redact_headers({
+        "AUTHORIZATION": "Bearer x",
+        "x-api-key": "k1",
+        "X-Auth-Token": "t1",
+    })
+    assert cleaned["AUTHORIZATION"] == REDACTED
+    assert cleaned["x-api-key"] == REDACTED
+    assert cleaned["X-Auth-Token"] == REDACTED
+
+
+def test_safe_headers_preserved():
+    headers = {
+        "Content-Type": "application/json",
+        "Accept": "*/*",
+        "User-Agent": "pytest/7",
+    }
+    assert redact_headers(headers) == headers
+
+
+def test_redaction_does_not_mutate_input():
+    original = {"Authorization": "Bearer x", "Accept": "*/*"}
+    snapshot = dict(original)
+    redact_headers(original)
+    assert original == snapshot
+
+
+def test_empty_headers_return_empty_dict():
+    assert redact_headers({}) == {}
+    assert redact_headers(None) == {}
+
+
+def test_entry_redacts_headers_at_construction():
+    entry = KibanaLogEntry(
+        method="GET",
+        url="/api/v1/users",
+        status=200,
+        headers={"Authorization": "Bearer leaky", "Accept": "json"},
+    )
+    assert entry.headers["Authorization"] == REDACTED
+    assert entry.headers["Accept"] == "json"
+
+
+def test_entry_redaction_on_parser_output(tmp_path):
+    payload = {
+        "hits": {
+            "hits": [
+                {"_source": {
+                    "method": "POST",
+                    "url": "/api/v1/login",
+                    "status": 200,
+                    "headers": {"Authorization": "Bearer leaked"},
+                }},
+            ]
+        }
+    }
+    src = tmp_path / "with_auth.json"
+    src.write_text(json.dumps(payload))
+    entries = KibanaLogParser(src).parse()
+    assert len(entries) == 1
+    assert entries[0].headers["Authorization"] == REDACTED
+
+
+# ---------------------------------------------------------------------------
+# Empty / missing body
+# ---------------------------------------------------------------------------
+
+def test_body_defaults_to_none():
+    entry = KibanaLogEntry(method="GET", url="/", status=200)
+    assert entry.body is None
+
+
+def test_empty_string_body_preserved():
+    entry = KibanaLogEntry(method="POST", url="/api/echo", status=200, body="")
+    assert entry.body == ""
+
+
+def test_empty_dict_body_preserved():
+    entry = KibanaLogEntry(method="POST", url="/api/echo", status=200, body={})
+    assert entry.body == {}
+
+
+def test_parser_handles_entries_without_body(tmp_path):
+    payload = {
+        "hits": {
+            "hits": [
+                {"_source": {"method": "GET", "url": "/a", "status": 200}},
+                {"_source": {"method": "GET", "url": "/b", "status": 200, "body": ""}},
+                {"_source": {"method": "GET", "url": "/c", "status": 200, "body": None}},
+            ]
+        }
+    }
+    src = tmp_path / "no_body.json"
+    src.write_text(json.dumps(payload))
+    entries = KibanaLogParser(src).parse()
+    assert len(entries) == 3
+    assert [e.body for e in entries] == [None, "", None]
+
+
+# ---------------------------------------------------------------------------
+# Server-error status codes (5xx)
+# ---------------------------------------------------------------------------
+
+@pytest.mark.parametrize("code", [500, 502, 503, 504, 599])
+def test_5xx_codes_accepted(code):
+    entry = KibanaLogEntry(method="GET", url="/api/health", status=code)
+    assert entry.status == code
+
+
+def test_parser_preserves_5xx_codes(tmp_path):
+    payload = {
+        "hits": {
+            "hits": [
+                {"_source": {"method": "GET", "url": "/x", "status": 500}},
+                {"_source": {"method": "GET", "url": "/y", "status": 503}},
+                {"_source": {"method": "GET", "url": "/z", "status": 504}},
+            ]
+        }
+    }
+    src = tmp_path / "errors.json"
+    src.write_text(json.dumps(payload))
+    entries = KibanaLogParser(src).parse()
+    statuses = sorted(e.status for e in entries)
+    assert statuses == [500, 503, 504]

secure_log2test-1.0.0/tests/test_parser.py

@@ -0,0 +1,62 @@
+import json
+from pathlib import Path
+
+import pytest
+
+from secure_log2test.core.parser import KibanaLogEntry, KibanaLogParser
+
+
+SAMPLE = Path(__file__).parent.parent / "data" / "sample_kibana_export.json"
+
+
+def test_parser_reads_sample():
+    parser = KibanaLogParser(SAMPLE)
+    entries = parser.parse()
+    assert len(entries) == 4
+
+
+def test_method_normalised_to_upper():
+    parser = KibanaLogParser(SAMPLE)
+    entries = parser.parse()
+    methods = {e.method for e in entries}
+    assert methods == {"GET", "POST", "PUT", "DELETE"}
+
+
+def test_status_codes_preserved():
+    parser = KibanaLogParser(SAMPLE)
+    entries = parser.parse()
+    statuses = sorted(e.status for e in entries)
+    assert statuses == [200, 201, 204, 404]
+
+
+def test_skips_malformed_entry(tmp_path):
+    bad = tmp_path / "bad.json"
+    bad.write_text(json.dumps({
+        "hits": {
+            "hits": [
+                {"_source": {"method": "GET", "url": "/ok", "status": 200}},
+                {"_source": {"url": "/missing-method", "status": 200}},
+            ]
+        }
+    }))
+    parser = KibanaLogParser(bad)
+    entries = parser.parse()
+    assert len(entries) == 1
+    assert entries[0].url == "/ok"
+
+
+def test_empty_hits(tmp_path):
+    empty = tmp_path / "empty.json"
+    empty.write_text(json.dumps({"hits": {"hits": []}}))
+    parser = KibanaLogParser(empty)
+    assert parser.parse() == []
+
+
+def test_invalid_method_still_normalised():
+    entry = KibanaLogEntry(method="get", url="/", status=200)
+    assert entry.method == "GET"
+
+
+def test_default_duration_zero():
+    entry = KibanaLogEntry(method="GET", url="/", status=200)
+    assert entry.duration == 0