secret usage not working within backend.ts amplify gen2

[cookiejest]

Environment information

When defining a custom function it is likely required to use secrets within environment variables. It is suggested these must be assigned like this:

cfnFn.addPropertyOverride("Environment.Variables", {
  // @ts-expect-error
  ...((cfnFn.environment?.variables || {}) as Record<string, string>),
  GRAPHQL_ENDPOINT: backend.data.graphqlUrl,
  USER_DATA_DRIVE_BUCKET_NAME: secret('user-data-drive-bucket-name'),
})

Describe the bug

1. The secret will not resolve correctly using this approach.

2. Trying to reference a backend resource property like backend.storage.resources.bucket.bucketName will result in a circular dependency. How are you meant to use a secret with a custom function, one that uses both storage and data but you are only allowed one resourceGroupName?

Reproduction steps

create an amplify gen2 app with a storage bucket and a custom python function.

Try and assign an environment variable using a secret.

Try and assign the bucket name backend.storage.resources.bucket.bucketName as an environment variable

Try and assign backend.data.graphqlUrl as an environment variable