Skip to content

Commit

Permalink
Merge pull request juju#18154 from ycliuhw/merge-secret-update
Browse files Browse the repository at this point in the history
juju#18154

On the uniter side, all relation-set calls are merged if they are made within the same context. However, secret-set currently overwrites previous calls. This PR updates secret-set to follow the same merging logic as relation-set.

## Checklist

- [x] Code style: imports ordered, good names, simple structure, etc
- [x] Comments saying why design decisions were made
- [x] Go unit tests, with comments saying what you're testing
- [ ] ~[Integration tests](https://github.com/juju/juju/tree/main/tests), with comments saying what you're testing~
- [ ] ~[doc.go](https://discourse.charmhub.io/t/readme-in-packages/451) added or updated in changed packages~

## QA steps

```
juju exec -u snappass-test/0 -- secret-add token=1
secret://f00ef518-9c1e-4411-889c-f4f37ca4c6f7/crt2hh7mp25c782slkh0

juju show-secret crt2hh7mp25c782slkh0 --reveal
crt2hh7mp25c782slkh0:
 revision: 1
 owner: snappass-test
 created: 2024-09-30T04:27:49Z
 updated: 2024-09-30T04:27:49Z
 content:
 token: "1"

juju exec -u snappass-test/0 -- "secret-set crt2hh7mp25c782slkh0 --label=ll;secret-set crt2hh7mp25c782slkh0 --description lll"

juju show-secret crt2hh7mp25c782slkh0 --reveal
crt2hh7mp25c782slkh0:
 revision: 2
 owner: snappass-test
 description: lll
 label: ll
 created: 2024-09-30T04:27:49Z
 updated: 2024-09-30T04:28:24Z
 content:
 token: "1"
```


## Documentation changes

No

## Links

**Launchpad bug:** https://bugs.launchpad.net/bugs/2081034

**Jira card:** [JUJU-6804](https://warthogs.atlassian.net/browse/JUJU-6804)



[JUJU-6804]: https://warthogs.atlassian.net/browse/JUJU-6804?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ
  • Loading branch information
jujubot authored Sep 30, 2024
2 parents 1a0fa33 + ae54108 commit ab94320
Show file tree
Hide file tree
Showing 2 changed files with 44 additions and 13 deletions.
35 changes: 23 additions & 12 deletions worker/uniter/runner/context/context_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -1581,32 +1581,43 @@ func (s *mockHookContextSuite) TestSecretUpdate(c *gc.C) {
defer s.setupMocks(c).Finish()

uri := coresecrets.NewURI()
data := map[string]string{"foo": "bar"}
value := coresecrets.NewSecretValue(data)
expiry := time.Now()
s.mockLeadership.EXPECT().IsLeader().Return(true, nil)
s.mockLeadership.EXPECT().IsLeader().Return(true, nil).Times(2)
hookContext := context.NewMockUnitHookContext(s.mockUnit, model.IAAS, s.mockLeadership)
context.SetEnvironmentHookContextSecret(hookContext, uri.String(), map[string]jujuc.SecretMetadata{
uri.ID: {Description: "a secret", LatestRevision: 666, Owner: names.NewApplicationTag("mariadb")},
}, nil, nil)

data := map[string]string{"foo": "bar"}
value := coresecrets.NewSecretValue(data)
err := hookContext.UpdateSecret(uri, &jujuc.SecretUpdateArgs{
Value: value,
RotatePolicy: ptr(coresecrets.RotateDaily),
ExpireTime: ptr(expiry),
Description: ptr("my secret"),
Label: ptr("foo"),
Value: value, // will be overwritten by the new value.
RotatePolicy: ptr(coresecrets.RotateDaily), // will be kept.
Description: ptr("my secret"), // will be overwritten by the new value.
Label: ptr("label1"), // will be overwritten by the new value.
})
c.Assert(err, jc.ErrorIsNil)

// update again, nerge with existing.
newData := map[string]string{"bar": "baz"}
newValue := coresecrets.NewSecretValue(newData)
expiry := time.Now()
err = hookContext.UpdateSecret(uri, &jujuc.SecretUpdateArgs{
ExpireTime: ptr(expiry), // will be merged.
Value: newValue, // will be the new value.
Description: ptr("my new secret"), // will be the new value.
Label: ptr("label2"), // will be the new value.
})
c.Assert(err, jc.ErrorIsNil)
c.Assert(hookContext.PendingSecretUpdates(), jc.DeepEquals, map[string]uniter.SecretUpdateArg{
uri.ID: {
CurrentRevision: 666,
SecretUpsertArg: uniter.SecretUpsertArg{
URI: uri,
Value: value,
Value: newValue,
RotatePolicy: ptr(coresecrets.RotateDaily),
ExpireTime: ptr(expiry),
Description: ptr("my secret"),
Label: ptr("foo"),
Description: ptr("my new secret"),
Label: ptr("label2"),
},
}})
}
Expand Down
22 changes: 21 additions & 1 deletion worker/uniter/runner/context/secrets.go
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,27 @@ func (s *secretsChangeRecorder) update(arg uniter.SecretUpdateArg) {
s.pendingCreates[arg.URI.ID] = c
return
}
s.pendingUpdates[arg.URI.ID] = arg
previous, ok := s.pendingUpdates[arg.URI.ID]
if !ok {
s.pendingUpdates[arg.URI.ID] = arg
return
}
if arg.Label != nil {
previous.Label = arg.Label
}
if arg.Description != nil {
previous.Description = arg.Description
}
if arg.Value != nil && !arg.Value.IsEmpty() {
previous.Value = arg.Value
}
if arg.RotatePolicy != nil {
previous.RotatePolicy = arg.RotatePolicy
}
if arg.ExpireTime != nil {
previous.ExpireTime = arg.ExpireTime
}
s.pendingUpdates[arg.URI.ID] = previous
}

func (s *secretsChangeRecorder) remove(uri *secrets.URI, revision *int) {
Expand Down

0 comments on commit ab94320

Please sign in to comment.