You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We should stop dumping secrets in traces altogether. Currently we hide them when trace is converted into dict so secrets are not loaded, but they indeed will appear in strings
deployment scripts use dumps to generate deployment instructions. we need to update them to take secrets from configs (via dlt.secrets.get() accessor). if not available - we should show error message but not raise
some implementation detials:
there's util method is_secret_hint that tells if given hint contains secret or not
SerializableResolvedValueTrace contains value and default_value. those should be set to empty strings when is_secret_hint is True
fixing the deployment flow is the most tricky because you'll need to test it. find _echo_secrets we are displaying value. try to get this value from dlt.secrets getter (using the stored sections`) if not found display a red info to the user tha s/he needs to do it themselves
dlt version
0.5.2
Describe the problem
Running
dlt pipeline -v <pipeline> trace
the source password is not redacted listing the resolved config and secret values.Expected behavior
I expect the source password to be redacted.
Steps to reproduce
Create the pipeline
sql_database
using MariaDB as source and Postgres as destination.Operating system
Linux
Runtime environment
Docker, Docker Compose
Python version
3.11
dlt data source
No response
dlt destination
Postgres
Other deployment details
No response
Additional information
I'm using Python 3.12. The Bug Report doesn't list it.
The text was updated successfully, but these errors were encountered: