move SECRET_PLACEHOLDER to avoid circular deps

dbt-labs · Apr 23, 2024 · 7792253 · 7792253
1 parent 83021fc
commit 7792253
Show file tree

Hide file tree

Showing 5 changed files with 9 additions and 12 deletions.
diff --git a/core/dbt/config/renderer.py b/core/dbt/config/renderer.py
@@ -4,9 +4,9 @@
 
 from dbt.clients.jinja import get_rendered
 from dbt_common.clients.jinja import catch_jinja
-from dbt.constants import SECRET_ENV_PREFIX, DEPENDENCIES_FILE_NAME
+from dbt.constants import SECRET_ENV_PREFIX, DEPENDENCIES_FILE_NAME, SECRET_PLACEHOLDER
 from dbt.context.target import TargetContext
-from dbt.context.secret import SecretContext, SECRET_PLACEHOLDER
+from dbt.context.secret import SecretContext
 from dbt.context.base import BaseContext
 from dbt.adapters.contracts.connection import HasCredentials
 from dbt.exceptions import DbtProjectError

diff --git a/core/dbt/constants.py b/core/dbt/constants.py
@@ -2,6 +2,8 @@
 SECRET_ENV_PREFIX = "DBT_ENV_SECRET_"
 DEFAULT_ENV_PLACEHOLDER = "DBT_DEFAULT_PLACEHOLDER"
 
+SECRET_PLACEHOLDER = "$$$DBT_SECRET_START$$${}$$$DBT_SECRET_END$$$"
+
 MAXIMUM_SEED_SIZE = 1 * 1024 * 1024
 MAXIMUM_SEED_SIZE_NAME = "1MB"
 

diff --git a/core/dbt/context/base.py b/core/dbt/context/base.py
@@ -11,7 +11,7 @@
 from dbt import utils
 from dbt.clients.jinja import get_rendered
 from dbt.clients.yaml_helper import yaml, safe_load, SafeLoader, Loader, Dumper  # noqa: F401
-from dbt.constants import SECRET_ENV_PREFIX, DEFAULT_ENV_PLACEHOLDER
+from dbt.constants import SECRET_ENV_PREFIX, DEFAULT_ENV_PLACEHOLDER, SECRET_PLACEHOLDER
 from dbt.contracts.graph.nodes import Resource
 from dbt.exceptions import (
     SecretEnvVarLocationError,
@@ -561,12 +561,10 @@ def log(msg: str, info: bool = False) -> str:
               {{ log("Running some_macro: " ~ arg1 ~ ", " ~ arg2) }}
             {% endmacro %}"
         """
-        # Now, detect instances of the placeholder value ($$$DBT_SECRET_START...DBT_SECRET_END$$$)
-        # and replace them with the standard mask '*****'
+        # Detect instances of the placeholder value ($$$DBT_SECRET_START...DBT_SECRET_END$$$)
+        # and replace it with the standard mask '*****'
         if "DBT_SECRET_START" in str(msg):
             search_group = f"({SECRET_ENV_PREFIX}(.*))"
-            from dbt.context.secret import SECRET_PLACEHOLDER
-
             pattern = SECRET_PLACEHOLDER.format(search_group).replace("$", r"\$")
             m = re.search(
                 pattern,

diff --git a/core/dbt/context/secret.py b/core/dbt/context/secret.py
@@ -4,13 +4,10 @@
 
 from .base import BaseContext, contextmember
 
-from dbt.constants import SECRET_ENV_PREFIX, DEFAULT_ENV_PLACEHOLDER
+from dbt.constants import SECRET_ENV_PREFIX, DEFAULT_ENV_PLACEHOLDER, SECRET_PLACEHOLDER
 from dbt.exceptions import EnvVarMissingError
 
 
-SECRET_PLACEHOLDER = "$$$DBT_SECRET_START$$${}$$$DBT_SECRET_END$$$"
-
-
 class SecretContext(BaseContext):
     """This context is used in profiles.yml + packages.yml. It can render secret
     env vars that aren't usable elsewhere"""

diff --git a/tests/functional/dependencies/test_dependency_secrets.py b/tests/functional/dependencies/test_dependency_secrets.py
@@ -25,7 +25,7 @@ def packages(self):
 
     def test_allow_secrets(self, project):
         _, log_output = run_dbt_and_capture(["deps"])
-        # this will not be written to logs or lock file
+        # this will not be written to logs
         assert not ("super secret" in log_output)
         assert "*****" in log_output
         assert not ("DBT_ENV_SECRET_FOR_LOGGING" in log_output)