From 581a87f2104927828107d06be79738d10345338c Mon Sep 17 00:00:00 2001
From: Niels Robin-Aubertin <git@niels.fr>
Date: Fri, 29 Nov 2024 10:12:43 -0500
Subject: [PATCH] Update dns_record interface to remove service_account

---
 docs/json_schemas/dns_record/v0/provider.json | 3 +--
 docs/json_schemas/dns_record/v0/requirer.json | 8 --------
 interfaces/dns_record/v0/README.md            | 5 +----
 interfaces/dns_record/v0/schema.py            | 9 +--------
 4 files changed, 3 insertions(+), 22 deletions(-)

diff --git a/docs/json_schemas/dns_record/v0/provider.json b/docs/json_schemas/dns_record/v0/provider.json
index 4e979c17..63019f50 100644
--- a/docs/json_schemas/dns_record/v0/provider.json
+++ b/docs/json_schemas/dns_record/v0/provider.json
@@ -39,7 +39,7 @@
           "description": "Status for the domain request.",
           "examples": [
             "approved",
-            "invalid_credentials"
+            "permission_denied"
           ],
           "name": "Status"
         },
@@ -65,7 +65,6 @@
       "description": "Represent the status values.",
       "enum": [
         "approved",
-        "invalid_credentials",
         "permission_denied",
         "conflict",
         "invalid_data",
diff --git a/docs/json_schemas/dns_record/v0/requirer.json b/docs/json_schemas/dns_record/v0/requirer.json
index 6e7b913a..9b44e561 100644
--- a/docs/json_schemas/dns_record/v0/requirer.json
+++ b/docs/json_schemas/dns_record/v0/requirer.json
@@ -8,13 +8,6 @@
     "DNSRecordRequirer": {
       "description": "List of domains for the provider to manage.",
       "properties": {
-        "service_account": {
-          "description": "Service account for authentication.",
-          "examples": "secret:123213123123123123123",
-          "name": "Service account",
-          "title": "Service Account",
-          "type": "string"
-        },
         "dns_entries": {
           "description": "List of DNS records for the provider to manage.",
           "items": {
@@ -26,7 +19,6 @@
         }
       },
       "required": [
-        "service_account",
         "dns_entries"
       ],
       "title": "DNSRecordRequirer",
diff --git a/interfaces/dns_record/v0/README.md b/interfaces/dns_record/v0/README.md
index acf715e2..19d1a546 100644
--- a/interfaces/dns_record/v0/README.md
+++ b/interfaces/dns_record/v0/README.md
@@ -9,7 +9,7 @@ This relation interface describes the expected behavior of any charm claiming to
 The `dns_record` interface implements a provider/requirer pattern. The requirer is a charm that wishes to create a set of DNS records, and the provider is the charm managing those.
 ```mermaid
 flowchart TD
-  Requirer -- service_account, dns_entries --> Provider
+  Requirer -- dns_entries --> Provider
   Provider -- dns_entries --> Requirer
 ```
 
@@ -20,11 +20,9 @@ The following is the criteria that a Provider and Requirer need to adhere to be
 ### Provider
 
 - Is expected to provide a list of dns_entries in the relation databag, each containing the domain, the status and optionally the description corresponding to the dns_entries requirested by the requirer.
-- Is expected to authenticate requests for dns_entries based on internal business rules/processes at the organisation where this charm is deployed.
 
 ### Requirer
 
-- Is expected to provide a service_account for the provider to authenticate the requests.
 - Is expected to provide a list of dns_entries mains in the relation databag, containing at least the dns-domain, the host-label and record-data. The dns-domain must be present in the list of dns_domains for authentication.
 
 
@@ -64,7 +62,6 @@ Requirer request the details of one or more DNS records. It should be placed in
 
 ```json
   "application-data": {
-    "service_account": "secret:123213123123123123123",
     "dns_entries": [
       {
         "uuid": "550e8400-e29b-41d4-a716-446655440002",
diff --git a/interfaces/dns_record/v0/schema.py b/interfaces/dns_record/v0/schema.py
index 113bad2c..41242e0e 100644
--- a/interfaces/dns_record/v0/schema.py
+++ b/interfaces/dns_record/v0/schema.py
@@ -9,7 +9,6 @@
     RequirerSchema:
         unit: <empty>
         app: {
-          "service_account": "secret:123213123123123123123",
           "dns_entries": [
             {
               "uuid": "550e8400-e29b-41d4-a716-446655440002",
@@ -59,7 +58,6 @@ class Status(str, Enum):
     """Represent the status values."""
 
     APPROVED = "approved"
-    INVALID_CREDENTIALS = "invalid_credentials"
     PERMISSION_DENIED = "permission_denied"
     CONFLICT = "conflict"
     INVALID_DATA = "invalid_data"
@@ -104,7 +102,7 @@ class DnsProviderData(BaseModel):
     status: Status = Field(
         name="Status",
         description="Status for the domain request.",
-        examples=[Status.APPROVED, Status.INVALID_CREDENTIALS]
+        examples=[Status.APPROVED, Status.PERMISSION_DENIED]
     )
     description: str = Field(
         default=None,
@@ -167,11 +165,6 @@ class RequirerEntries(BaseModel):
 
 class DNSRecordRequirer(BaseModel):
     """List of domains for the provider to manage."""
-    service_account: str = Field(
-        name="Service account",
-        description="Service account for authentication.",
-        examples="secret:123213123123123123123"
-    )
     dns_entries: List[RequirerEntries] = Field(
         name="DNS entries",
         description="List of DNS records for the provider to manage."