Event 'secret-remove'

Event > List of events > Secret events > secret-remove

This feature is scheduled for release in ops 2.0, and is only available when using Juju 3.0.2 or greater.

The secret-remove event is fired on the owner of a secret when either:

  • All observers tracking a now-outdated revision have updated to tracking a newer one, so the old revision can be removed.
  • No observer is tracking an intermediate revision, and a newer one has already been created. So there is a orphaned revision which no observer will ever be able to peek or update to, because there is already a newer one the observer would get instead.

In short, the purpose of this event is to notify the owner of a secret that a specific revision of it is safe to remove: no charm is presently observing it or ever will be able to in the future.

Emission sequence

Like all secret events, secret-remove is automatically triggered by Juju. It is up to the secret owner to create a new revision.

Scenario Example Code Resulting Events
Observers update to a newer revision (on all observers) secret.get_content(refresh=True) (owner) secret-remove

Observing this event in ops

In the Python Operator Framework, you can observe the event like you would any other:

self.framework.observe(charm.on.secret_remove, self._on_secret_remove)

The SecretRemoveEvent exposes the attributes it inherits from SecretEvent as well as a revision attribute which specifies which revision this event refers to.

A typical implementation of _on_secret_remove might look like this:

def _on_secret_remove(self, event: SecretRemoveEvent):
    secret = event.secret

    # remove the unused revision
    secret.remove_revision(event.revision)

Updated with the latest terminology and API changes, as well as various style tweaks.