Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[CT-3411] [Regression] env_var file enforcement not correct for projects with subpackages that contain env_vars #9127

Closed
2 tasks done
nachimehta opened this issue Nov 21, 2023 · 1 comment · Fixed by #9147
Assignees
Labels
backport 1.7.latest bug Something isn't working High Severity bug with significant impact that should be resolved in a reasonable timeframe regression

Comments

@nachimehta
Copy link

Is this a regression in a recent version of dbt-core?

  • I believe this is a regression in dbt-core functionality
  • I have searched the existing issues, and I could not find an existing issue for this regression

Current Behavior

I have a project, that imports private repos in packages.yml, that in turn import more private repos. We manage this with an env_var. We now encounter this error:

Secret env vars are allowed only in profiles.yml or packages.yml. Found <REDACTED> referenced elsewhere.

Expected/Previous Behavior

Dependencies to install without issue.

Steps To Reproduce

  1. have a project with packages.yml that imports a private repo, which also imports a private repo
  2. run dbt deps

Relevant log output

No response

Environment

- OS: linux/amd64
- Python: 3.11
- dbt (working version): 1.6.9
- dbt (regression version): 1.7.2 (1.7.1 also, didn't check 1.7.0)

Which database adapter are you using with dbt?

snowflake, bigquery

Additional Context

No response

@nachimehta nachimehta added bug Something isn't working regression triage labels Nov 21, 2023
@github-actions github-actions bot changed the title [Regression] env_var file enforcement not correct for projects with subpackages that contain env_vars [CT-3411] [Regression] env_var file enforcement not correct for projects with subpackages that contain env_vars Nov 21, 2023
@graciegoheen graciegoheen added High Severity bug with significant impact that should be resolved in a reasonable timeframe backport 1.7.latest and removed triage labels Nov 21, 2023
@jtcohen6
Copy link
Contributor

jtcohen6 commented Nov 21, 2023

@nachimehta Thanks for opening! I was able to reproduce this.

Here's what I did:

  • Added packages.yml to private_repo_A
    • Includes a git dependency containing a "secret" env var (DBT_ENV_SECRET_GIT_CREDENTIAL) pointing to private_repo_B
  • In another project, I added packages.yml with a git dependency on private_repo_A

I run:

$ DBT_ENV_SECRET_GIT_CREDENTIAL=<PAT> dbt deps
16:49:21  Running with dbt=1.7.2
16:49:25  WARNING: The git package "https://*****@github.com/dbt-labs/private_repo_B.git"
	is None.
	This can introduce breaking changes into your project without warning!

See https://docs.getdbt.com/docs/package-management#section-specifying-package-versions
16:49:30  WARNING: The git package "https://*****@github.com/dbt-labs/private_repo_B.git"
	is None.
	This can introduce breaking changes into your project without warning!

See https://docs.getdbt.com/docs/package-management#section-specifying-package-versions
16:49:31  Updating lock file in file path: /Users/jerco/dev/scratch/testy/package-lock.yml
16:49:31  Installing git@github.com:dbt-labs/private_repo_A.git
16:49:33  Encountered an error:
Parsing Error
  Secret env vars are allowed only in profiles.yml or packages.yml. Found 'DBT_ENV_SECRET_GIT_CREDENTIAL' referenced elsewhere.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport 1.7.latest bug Something isn't working High Severity bug with significant impact that should be resolved in a reasonable timeframe regression
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants