[DPE-4416] URI exists while re-creating secret with modified label

.github/workflows/ci.yaml

@@ -71,10 +71,30 @@ jobs:
             juju-snap-channel: "3.1/stable"
             libjuju-version: "3.2.2"
         include:
-          - {tox-environments: integration-upgrades,
+          - {tox-environments: integration-interfaces-upgrade-from-version-1-earlier,
               juju-version:
               {juju-snap-channel: "3.1/stable",
-                juju-bootstrap-option: "3.1.6",
+                juju-bootstrap-option: "3.1.7",
+                libjuju-version: "3.2.2"}}
+          - {tox-environments: integration-interfaces-upgrade-from-version-2-earlier,
+              juju-version:
+              {juju-snap-channel: "3.1/stable",
+                juju-bootstrap-option: "3.1.7",
+                libjuju-version: "3.2.2"}}
+          - {tox-environments: integration-interfaces-upgrade-from-version-3-earlier,
+              juju-version:
+              {juju-snap-channel: "3.1/stable",
+                juju-bootstrap-option: "3.1.7",
+                libjuju-version: "3.2.2"}}
+          - {tox-environments: integration-interfaces-upgrade-from-version-4-earlier,
+              juju-version:
+              {juju-snap-channel: "3.1/stable",
+                juju-bootstrap-option: "3.1.7",
+                libjuju-version: "3.2.2"}}
+          - {tox-environments: integration-upgrades-databag-to-secrets,
+              juju-version:
+              {juju-snap-channel: "3.1/stable",
+                juju-bootstrap-option: "3.1.7",
                 libjuju-version: "3.2.2"}}
           - {tox-environments: integration-secrets,
               juju-version:

lib/charms/data_platform_libs/v0/data_interfaces.py

@@ -331,7 +331,7 @@ def _on_topic_requested(self, event: TopicRequestedEvent):
 
 # Increment this PATCH version before using `charmcraft publish-lib` or reset
 # to 0 if you are raising the major API version
-LIBPATCH = 35
+LIBPATCH = 36
 
 PYDEPS = ["ops>=2.0.0"]
 
@@ -642,16 +642,16 @@ def _move_to_new_label_if_needed(self):
             return
 
         # Create a new secret with the new label
-        old_meta = self._secret_meta
         content = self._secret_meta.get_content()
+        self._secret_uri = None
 
         # I wish we could just check if we are the owners of the secret...
         try:
             self._secret_meta = self.add_secret(content, label=self.label)
         except ModelError as err:
             if "this unit is not the leader" not in str(err):
                 raise
-        old_meta.remove_all_revisions()
+        self.current_label = None
 
     def set_content(self, content: Dict[str, str]) -> None:
         """Setting cached secret content."""
@@ -1586,7 +1586,7 @@ def _register_secret_to_relation(
         """
         label = self._generate_secret_label(relation_name, relation_id, group)
 
-        # Fetchin the Secret's meta information ensuring that it's locally getting registered with
+        # Fetching the Secret's meta information ensuring that it's locally getting registered with
         CachedSecret(self._model, self.component, label, secret_id).meta
 
     def _register_secrets_to_relation(self, relation: Relation, params_name_list: List[str]):
@@ -2309,7 +2309,7 @@ def _secrets(self) -> dict:
         return self._cached_secrets
 
     def _get_secret(self, group) -> Optional[Dict[str, str]]:
-        """Retrieveing secrets."""
+        """Retrieving secrets."""
         if not self.app:
             return
         if not self._secrets.get(group):

tests/__init__.py

@@ -0,0 +1,2 @@
+# Copyright 2023 Canonical Ltd.
+# See LICENSE file for licensing details.

tests/integration/conftest.py

@@ -7,6 +7,7 @@
 import shutil
 from datetime import datetime
 from pathlib import Path
+from subprocess import check_call, check_output
 
 import pytest
 from pytest_operator.plugin import OpsTest
@@ -153,3 +154,39 @@ async def without_errors(ops_test: OpsTest, request):
             continue
         if logitems[2] == "ERROR":
             assert any(white in line for white in whitelist)
+
+
+@pytest.fixture(scope="session")
+def fetch_old_versions():
+    """Fetching the previous 4 versions of the lib for upgrade tests."""
+    cwd = os.getcwd()
+    src_path = "lib/charms/data_platform_libs/v0/data_interfaces.py"
+    data_path = f"{cwd}/tests/integration/data/data_interfaces.py"
+    tmp_path = "./tmp_repo_checkout"
+
+    os.mkdir(tmp_path)
+    os.chdir(tmp_path)
+    check_call("git clone https://github.com/canonical/data-platform-libs.git", shell=True)
+    os.chdir("data-platform-libs")
+    last_commits = check_output(
+        "git show --pretty=format:'%h' --no-patch -15", shell=True, universal_newlines=True
+    ).split()
+
+    versions = []
+    for commit in last_commits:
+        check_call(f"git checkout {commit}", shell=True)
+        version = check_output(
+            "grep LIBPATCH lib/charms/data_platform_libs/v0/data_interfaces.py | cut -d ' ' -f 3",
+            shell=True,
+            universal_newlines=True,
+        )
+        version = version.strip()
+        if version not in versions:
+            shutil.copyfile(src_path, f"{data_path}.v{version}")
+            versions.append(version)
+
+        if len(versions) == 4:
+            break
+
+    os.chdir(cwd)
+    shutil.rmtree(tmp_path)

tests/integration/database-charm/actions.yaml

@@ -79,6 +79,23 @@ set-peer-relation-field:
       type: string
       description: Value of the field to set
 
+set-peer-relation-field-multiple:
+  description: Set fields from the second-database relation multiple times
+  params:
+    component:
+      type: string
+      description: app/unit
+    field:
+      type: string
+      description: Relation field
+    value:
+      type: string
+      description: Value of the field to set
+    count:
+      type: integer
+      description: Number of iterations
+      default: 3
+
 set-peer-secret:
   description: Set fields from the second-database relation
   params:

tests/integration/database-charm/src/charm.py

@@ -104,6 +104,10 @@ def __init__(self, *args):
         self.framework.observe(
             self.on.set_peer_relation_field_action, self._on_set_peer_relation_field
         )
+        self.framework.observe(
+            self.on.set_peer_relation_field_multiple_action,
+            self._on_set_peer_relation_field_multiple,
+        )
         self.framework.observe(self.on.set_peer_secret_action, self._on_set_peer_secret)
         self.framework.observe(
             self.on.delete_peer_relation_field_action, self._on_delete_peer_relation_field
@@ -341,6 +345,33 @@ def _on_set_peer_relation_field(self, event: ActionEvent):
                 relation.id, {event.params["field"]: event.params["value"]}
             )
 
+    def _on_set_peer_relation_field_multiple(self, event: ActionEvent):
+        """Set requested relation field."""
+        component = event.params["component"]
+        count = event.params["count"]
+
+        # Charms should be compatible with old vesrions, to simulate rolling upgrade
+        for cnt in range(count):
+            value = event.params["value"] + f"{cnt}"
+            if DATA_INTERFACES_VERSION <= 17:
+                relation = self.model.get_relation(PEER)
+                if component == "app":
+                    relation.data[self.app][event.params["field"]] = value
+                else:
+                    relation.data[self.unit][event.params["field"]] = value
+                return
+
+            if component == "app":
+                relation = self.peer_relation_app.relations[0]
+                self.peer_relation_app.update_relation_data(
+                    relation.id, {event.params["field"]: value}
+                )
+            else:
+                relation = self.peer_relation_unit.relations[0]
+                self.peer_relation_unit.update_relation_data(
+                    relation.id, {event.params["field"]: value}
+                )
+
     def _on_set_peer_secret(self, event: ActionEvent):
         """Set requested relation field."""
         component = event.params["component"]