Add remove-secret

Author: cderici

juju/model.py

@@ -2693,6 +2693,28 @@ async def list_secrets(self, filter="", show_secrets=False):
         })
         return results.results
 
+    async def remove_secret(self, secret_name, revision=-1):
+        """Remove an existing secret.
+
+        :param secret_name str: ID|name of the secret to remove.
+        :param revision int: remove the specified revision.
+        """
+        if client.SecretsFacade.best_facade_version(self.connection()) < 2:
+            raise JujuNotSupportedError("user secrets")
+        remove_secret_arg = {
+            'label': secret_name,
+        }
+        if revision >= 0:
+            remove_secret_arg['revisions'] = [revision]
+
+        secretsFacade = client.SecretsFacade.from_connection(self.connection())
+        results = await secretsFacade.RemoveSecrets([remove_secret_arg])
+        if len(results.results) != 1:
+            raise JujuAPIError(f"expected 1 result, got {len(results.results)}")
+        result_error = results.results[0]
+        if result_error.error is not None:
+            raise JujuAPIError(result_error.error)
+
     async def _get_source_api(self, url, controller_name=None):
         controller = Controller()
         if url.has_empty_source():

tests/integration/test_secrets.py

@@ -50,3 +50,16 @@ async def test_update_secret(event_loop):
         secrets = await model.list_secrets()
         assert len(secrets) == 1
         assert secrets[0].label == 'new-token'
+
+
+@base.bootstrapped
+@pytest.mark.bundle
+async def test_remove_secret(event_loop):
+    async with base.CleanModel() as model:
+        secret = await model.add_secret(name='my-apitoken', data_args=['token=34ae35facd4'])
+        assert secret.startswith('secret:')
+
+        await model.remove_secret('my-apitoken')
+
+        secrets = await model.list_secrets()
+        assert len(secrets) == 0