Not ready yet:

• Needs the SDK PR
• docs need to be updated

Also, not sure if:

• we should add way to skip certain tables and to set that in spec
• modifying the default output of obfuscate_columns is ok, or if this should have it's own logic to do the obfuscation

One question remaining:
If there's a JSON column, the current obfuscate transformation behavior is that it won't obfuscate the entire column- it requires a json path: failed to transform schema: column tags is not a string column

So 2 options:

• if we want this capability, I'll probably split the logic between obfuscate and auto_obfuscate, and add handling (or adjust the obfuscate behavior if we want to keep sharing)
• if we don't want to be able to obfuscate entire json columns, I'll adjust the validation in SDK

I assume we do want it, just putting the question out for confirmation @murarustefaan

I've added handling for obfuscating entire JSON columns.

Drawback of the current solution - to not have to unmarshal every value for each handled column, we're calculating hash of the entire value, which results in JSON output, but without preserving the internal structure:
{"redacted_by_cloudquery": "81f2a9ddc7ae49a...hash_value"}

Additionally, the output of the obfuscate transformation has changed, now the hashes values in would be preceded by Redacted by CloudQuery |