[juju secrets] Secret created with existing label does not throw an error
See original GitHub issueCreated 2 secrets with the same label. Ops returned ID’s for both. But juju secrets shows only one secret
Sample code:
def _test_secrets_action(self, event: ActionEvent) -> None:
if not self.unit.is_leader():
event.fail("Please run action on lead unit.")
return
logger.warning("test-secrets action event triggered")
secret = self.model.app.add_secret(
{'test': 'test'},
label="test-key",
)
logger.warning(f"Test Secret created: {secret.id}")
secret1 = self.model.app.add_secret(
{'test1': 'test1'},
label="test-key",
)
logger.warning(f"Test Secret1 created: {secret1.id}")
"""
secret_ = self.model.get_secret(id=secret.id)
data = secret_.get_content()
logger.warning(f"Test secret retrieved {secret_}")
"""
data = None
event.set_results({"secret": data})
Action result:
$ juju run keystone/0 -- test-secrets
Running operation 7 with 1 task
- task 8 on unit-keystone-0
Waiting for task 8...
secret: None
Logs:
unit-keystone-0: 09:08:41 WARNING unit.keystone/0.juju-log test-secrets action event triggered
unit-keystone-0: 09:08:41 WARNING unit.keystone/0.juju-log Test Secret created: secret:cdupbgfopaas7rqbqi9g
unit-keystone-0: 09:08:41 WARNING unit.keystone/0.juju-log Test Secret1 created: secret:cdupbgfopaas7rqbqia0
Juju secrets:
$ juju secrets
ID Owner Rotation Revision Last updated
cdup3t7opaas7rqbqhr0 keystone never 1 16 minutes ago
cdup3tnopaas7rqbqhrg keystone hourly 1 16 minutes ago
cdup4efopaas7rqbqhvg keystone never 1 15 minutes ago
cdupbgfopaas7rqbqi9g keystone never 1 13 seconds ago
Juju secret didnt show secret:cdupbgfopaas7rqbqia0
Environment details:
juju 3.0/edge + microk8s
ops framework - secrets branch
Issue Analytics
- State:
- Created 10 months ago
- Comments:5
Top Results From Across the Web
How to manage secrets - Juju
This document demonstrates how to interact with them as a Juju administrator. Contents: List all secrets; Show details about a secret. List all...
Read more >Secret not found error when optional with webhook · Issue #619
Describe the bug: When an optional secret doesn't exists in secrets, there is an error thrown. Error creating: Internal error occurred: failed ...
Read more >Resolve Secrets Manager secret access errors after updating ...
I attempted to retrieve or access an AWS Secrets Manager secret, and received an error similar to one of the following: "You can't...
Read more >Bug #1871981 “barbican-vault is failing in hook failed
The charm is failing in the hook hook failed: "secrets-storage-relation-changed". Logging on the unit show's it's having problems with: ...
Read more >Secret store fails to start with Label must match regex ...
One of the following errors is shown in the debug logs when the secret store fails to start: Could not load some secret...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
If the hook fails for any reason it will be re-executed.
The preliminary check will be useful because we cache on the hook context the secrets owned by the unit/app so it should be able to do the right thing. Either way, the OF needs to handle the hook failure.
Fixed in https://github.com/juju/juju/pull/14923 – thanks @wallyworld.