From 137a950fb3ad4aeeb393e2b9f194a35ffd0099fb Mon Sep 17 00:00:00 2001
From: Dragomir Penev <6687393+dragomirp@users.noreply.github.com>
Date: Mon, 10 Jun 2024 15:15:09 +0300
Subject: [PATCH] Secret tweaks (#298)

---
 .../data_platform_libs/v0/data_interfaces.py       | 14 +++++++++-----
 src/charm.py                                       | 10 +++-------
 src/relations/peers.py                             |  1 -
 3 files changed, 12 insertions(+), 13 deletions(-)

diff --git a/lib/charms/data_platform_libs/v0/data_interfaces.py b/lib/charms/data_platform_libs/v0/data_interfaces.py
index 5cb309b1f..59a97226a 100644
--- a/lib/charms/data_platform_libs/v0/data_interfaces.py
+++ b/lib/charms/data_platform_libs/v0/data_interfaces.py
@@ -331,7 +331,7 @@ def _on_topic_requested(self, event: TopicRequestedEvent):
 
 # Increment this PATCH version before using `charmcraft publish-lib` or reset
 # to 0 if you are raising the major API version
-LIBPATCH = 35
+LIBPATCH = 37
 
 PYDEPS = ["ops>=2.0.0"]
 
@@ -642,8 +642,8 @@ def _move_to_new_label_if_needed(self):
             return
 
         # Create a new secret with the new label
-        old_meta = self._secret_meta
         content = self._secret_meta.get_content()
+        self._secret_uri = None
 
         # I wish we could just check if we are the owners of the secret...
         try:
@@ -651,13 +651,17 @@ def _move_to_new_label_if_needed(self):
         except ModelError as err:
             if "this unit is not the leader" not in str(err):
                 raise
-        old_meta.remove_all_revisions()
+        self.current_label = None
 
     def set_content(self, content: Dict[str, str]) -> None:
         """Setting cached secret content."""
         if not self.meta:
             return
 
+        # DPE-4182: do not create new revision if the content stay the same
+        if content == self.get_content():
+            return
+
         if content:
             self._move_to_new_label_if_needed()
             self.meta.set_content(content)
@@ -1586,7 +1590,7 @@ def _register_secret_to_relation(
         """
         label = self._generate_secret_label(relation_name, relation_id, group)
 
-        # Fetchin the Secret's meta information ensuring that it's locally getting registered with
+        # Fetching the Secret's meta information ensuring that it's locally getting registered with
         CachedSecret(self._model, self.component, label, secret_id).meta
 
     def _register_secrets_to_relation(self, relation: Relation, params_name_list: List[str]):
@@ -2309,7 +2313,7 @@ def _secrets(self) -> dict:
         return self._cached_secrets
 
     def _get_secret(self, group) -> Optional[Dict[str, str]]:
-        """Retrieveing secrets."""
+        """Retrieving secrets."""
         if not self.app:
             return
         if not self._secrets.get(group):
diff --git a/src/charm.py b/src/charm.py
index 8e8f7599f..14ed7c323 100755
--- a/src/charm.py
+++ b/src/charm.py
@@ -580,11 +580,10 @@ def get_secret(self, scope: Scopes, key: str) -> Optional[str]:
         peers = self.model.get_relation(PEER_RELATION_NAME)
         if not peers:
             return None
+
         secret_key = self._translate_field_to_secret_key(key)
         # Old translation in databag is to be taken
-        if key != secret_key and (
-            result := self.peer_relation_data(scope).fetch_my_relation_field(peers.id, key)
-        ):
+        if result := self.peer_relation_data(scope).fetch_my_relation_field(peers.id, key):
             return result
 
         return self.peer_relation_data(scope).get_secret(peers.id, secret_key)
@@ -600,10 +599,7 @@ def set_secret(self, scope: Scopes, key: str, value: Optional[str]) -> Optional[
         peers = self.model.get_relation(PEER_RELATION_NAME)
         secret_key = self._translate_field_to_secret_key(key)
         # Old translation in databag is to be deleted
-        if key != secret_key and self.peer_relation_data(scope).fetch_my_relation_field(
-            peers.id, key
-        ):
-            self.peer_relation_data(scope).delete_relation_data(peers.id, [key])
+        self.peer_relation_data(scope).delete_relation_data(peers.id, [key])
         self.peer_relation_data(scope).set_secret(peers.id, secret_key, value)
 
     def remove_secret(self, scope: Scopes, key: str) -> None:
diff --git a/src/relations/peers.py b/src/relations/peers.py
index 808132bec..f939ebf07 100644
--- a/src/relations/peers.py
+++ b/src/relations/peers.py
@@ -65,7 +65,6 @@ def __init__(self, charm: CharmBase):
         self.framework.observe(charm.on[PEER_RELATION_NAME].relation_joined, self._on_joined)
         self.framework.observe(charm.on[PEER_RELATION_NAME].relation_changed, self._on_changed)
         self.framework.observe(charm.on.secret_changed, self._on_changed)
-        self.framework.observe(charm.on.secret_remove, self._on_changed)
         self.framework.observe(charm.on[PEER_RELATION_NAME].relation_departed, self._on_departed)
         self.framework.observe(charm.on.leader_elected, self._on_leader_elected)