🔧 dbt + Makoto Integration Concept

Transform attestations per model run — emitted from post-hook macros.

Note: This page explores how Makoto Levels could be implemented on dbt. It is a conceptual integration proposal — illustrative, not a shipped library. The patterns shown use real dbt APIs; the Makoto pieces are sketches you (or we) could build out.

What is dbt?

dbt is the de-facto standard for SQL-driven transformations in the modern warehouse. Every `dbt run` materializes models from sources; every model has manifest metadata describing inputs, columns, tests, and lineage. That manifest is already 90% of a Transform attestation.

Manifest as DBOM Seed`target/manifest.json` carries lineage + column-level deps
Post-hook MacrosRun-results hook signs and persists the attestation
Model VersioningModel versions map cleanly to attestation subjects
Test Resultsdbt test outcomes become quality predicates in the DBOM

Integration Approach

Primary pattern: post-hook macro + on-run-end. Below are the integration options ordered by lift required.

How Makoto attaches to dbt

  • makoto-dbt package — `packages.yml` reference. Provides macros `attest_origin()`, `attest_transform()`, and an `on-run-end` hook that publishes the run-level DBOM.
  • Manifest exporter — Standalone CLI: reads `manifest.json` + `run_results.json`, emits Makoto attestations. Zero changes to dbt project.
  • Source freshness as origin — `dbt source freshness` already proves sources existed — map it to Origin attestations.
  • dbt Cloud webhook — If you use dbt Cloud, the run-completed webhook drops an attestation into your DBOM store.

Conceptual Code Example

Concept: post-hook attestation in a dbt model

The macro signs the row count, column set, and upstream source digests

-- models/marts/sales/dim_customers.sql
{{ config(
    materialized='table',
    post_hook=[
        "{{ makoto.attest_transform(
            this,
            level=2,
            signing_key=env_var('MAKOTO_KEY_ID')
        ) }}"
    ]
) }}

with source as (
    select * from {{ ref('stg_customers') }}
),

hashed as (
    select
        customer_id,
        {{ makoto.sha256('email') }} as email_hash,
        first_seen_at,
        last_seen_at
    from source
)

select * from hashed

-- dbt_project.yml
-- on-run-end:
--   - "{{ makoto.publish_run_dbom() }}"

Potential Use Cases

Marketplace Models

Sell or share dbt models with cryptographic proof of which sources fed them.

Regulated Reporting

SOX, HIPAA, GDPR — every reporting model carries a signed lineage record.

Cross-warehouse Audit

Snowflake → BigQuery migration? DBOMs prove the destination model matches the source.

Failed Test Visibility

Models that ship with failing tests are flagged in the DBOM, not silently used.

Interested in dbt + Makoto?

This is a conceptual integration. If you're shipping dbt pipelines and want to add Makoto attestations, open an issue or reach out — we'd love to scope a real implementation.

Learn about dbt Read Makoto Spec All Integrations