Open
Description
With this charm:
class DifferentSecretRefreshesCharm(ops.CharmBase):
def __init__(self, framework: ops.Framework):
super().__init__(framework)
framework.observe(self.on.start, self._on_start)
framework.observe(self.on.run_action, self._on_run)
def _on_start(self, event: ops.StartEvent):
try:
self.model.get_secret(label="my-secret")
except ops.SecretNotFoundError:
self.unit.add_secret({"foo": "bar"}, label="my-secret")
self.unit.status = ops.ActiveStatus()
def _on_run(self, event: ops.ActionEvent):
secret1 = self.model.get_secret(label="my-secret")
secret1.set_content({"foo": "baz"})
secret2 = self.model.get_secret(label="my-secret")
content1 = secret1.get_content(refresh=True)
content2 = secret2.get_content()
event.set_results({"content1": content1, "content2": content2})What is the expect output?
Answer 1: the two Secret objects are distinct, and should have the same content unless I call get_content(refresh=True) on that specific object.
Answer 2: the two Secret objects are wrappers on the same Juju secret, and get_content() should give me the content that the Juju secret-get command provides.
At the moment, ops gives the former:
$ juju run different-secret-refreshes/0 run
Running operation 472 with 1 task
- task 473 on unit-different-secret-refreshes-0
Waiting for task 473...
content1:
foo: baz
content2:
foo: bar
I have some sympathy for the idea that the content is part of the Python Secret object and so shouldn't change between get_content() calls if that specific object hasn't told it to. However, I think this is confusing, because charmers don't think of these as Python object, they think of them as the Juju secret, and that has changed.