Add replace command with Calcite

[manasvinibs]

Description

Implement the replace command in PPL to replace text patterns in specified fields. This PR includes the grammar implementation and basic replacement functionality. This implementation reuses the existing replace functionality. Missing/new features for regex support is added in a separate PR.

Syntax

<source> | replace '<pattern>' WITH '<replacement>' IN field_list

pattern: The text pattern to search for (case-sensitive)
replacement: The text to replace matches with
field_list: Comma-separated list of fields to perform replacement in
Replace creates new fields with prefix 'new_' containing the replaced text, while preserving original fields.

Semantics

Expected Behavior:

• Action: Creates new fields with replaced text values
• Scope: Operates only on specified fields
• Data Preservation: Original fields remain unchanged
• Case Sensitivity: Text literal matching is case-sensitive
• Pattern Type: Only supports literal string patterns (wildcards or regex will be added in a separate PR)

Implementation Approach:

• Creates new fields with 'new_' prefix for each specified field
• Performs literal string replacement in the specified fields
• Maintains original field values
• Validates field existence and pattern/replacement values

Example Queries

-- Replace in single field
source=logs | replace 'error' WITH 'ERROR' IN message

-- Replace in multiple fields 
source=logs | replace 'USA' WITH 'United States' IN country, state

-- Replace with other commands
source=logs | where level='error' | replace 'error' WITH 'ERROR' IN message | sort @timestamp

-- Replace and select specific fields
source=logs | replace 'error' WITH 'ERROR' IN message | fields message, new_message

Output Schema

For each field specified in IN clause, a new field is created:

• Original field: remains unchanged
• New field: prefixed with 'new_' containing replaced text

Example:

Input fields: message="error occurred", level="error"
After replace 'error' WITH 'ERROR' IN message, level:

• message: "error occurred"
• new_message: "ERROR occurred"
• level: "error"
• new_level: "ERROR"

Related Issues

#3975

Check List

• New functionality includes testing.
• New functionality has been documented.
• New functionality has javadoc added.
• New functionality has a user manual doc added.
• New PPL command checklist all confirmed.
• API changes companion pull request created.
• Commits are signed per the DCO using --signoff or -s.
• Public documentation issue/PR created.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[Swiddis]

There's a util for this nowadays:

sql/core/src/main/java/org/opensearch/sql/calcite/utils/CalciteUtils.java

Line 15 in c186686

public static UnsupportedOperationException getOnlyForCalciteException(String feature) {

[Swiddis]

A little confused by this logic, we don't allow strings that contain these characters? Or if we're trying to forbid any expressions at all, I'm not sure just the 4 arithmetic operators will be sufficient (e.g. if someone tries to boolean and or something).

If we don't want an expression, the grammar should specify a stringLiteral or something along those lines, instead of expression.

[RyanL1997]

+1 for @Swiddis 's question, and I also left a comment in this validation method in general.

[manasvinibs]

Thanks for pointing this! Yes the idea was to avoid any non-string literals for pattern text. I have updated the grammar token itself to string literal to handle this use case.

[RyanL1997]

Hi @manasvinibs , thanks for taking this on. And I just left some comments.

[RyanL1997]

The validation logic for the pattern expression hardcodes checks for mathematical operators (+, -, *, /) on L44-47. This is may miss other invalid expressions in my opinion. Maybe consider validating that pattern is a string literal by checking its type (e.g., Literal with DataType.STRING)?

Something like this:

if (!(pattern instanceof Literal && ((Literal) pattern).getType() == DataType.STRING)) {
    throw new IllegalArgumentException("Replace pattern must be a string literal.");
}

[manasvinibs]

Good call! Updated in the next revision.

[RyanL1997]

+1 for @Swiddis 's question, and I also left a comment in this validation method in general.

[ykmr1224]

Wild card support for rename command is implemented in #4019
Let's utilize the logic when we implement wild card support for replace.

[ykmr1224]

Is it our intended behavior to introduce new attribute?

[manasvinibs]

Currently with this implementation I'm reusing existing eval replace function which also exposes the replaced values into new fields. I'm mimicking the same behavior with direct command. But, if we think instead of adding new field, we should replace on the original one I'm open to explore that option. Let me know your thoughts.

[ykmr1224]

Let's clarify that we currently support only plain text pattern. (pattern could indicate wildcard/regex/etc.)

[ykmr1224]

nit: I see broken table format.

[ykmr1224]

What happens if new_xxx already exist?

[manasvinibs]

I tested this behavior and I see system is automatically handling the field name collision by appending a number ("new_country0") and resolving field name conflicts gracefully. I have documented this behavior.

[ykmr1224]

Looks it does not check existing field and add suffix number as written in the doc.

[manasvinibs]

Yes every replace command adds a new_ column and do not conflict with existing column names. Let me know if you think we should change the behavior.

[ykmr1224]

I was wondering the following doc description is right since this logic doesn't check existence of the field. (Is it something automatically done?)

* If a field with *new_* prefix already exists (e.g., 'new_country'), a number will be appended to create a unique field name (e.g., 'new_country0')

[opensearch-trigger-bot]

This PR is stalled because it has been open for 2 weeks with no activity.