Retrieving app data on a non-leader seems to cause a hook error

[gnuoy]

I have a charm that contains the following:

    @property
    def admin_password(self):
        logging.info("Retrieving admin password")
        password = self.peer_rel.data[self.peer_rel.app].get(self.PASSWORD_KEY)
        logging.info("Password: {}".format(password))
        return password

The error in the charm logs is:

2020-02-28 09:29:51 ERROR juju.worker.uniter.context context.go:830 could not write settings from "ceph-client-relation-changed" to relation 0: permission denied
2020-02-28 09:29:51 ERROR juju.worker.uniter.operation runhook.go:132 hook "ceph-client-relation-changed" failed: could not write settings from "ceph-client-relation-changed" to relation 0: permission denied

On the non-leaders this causes a failure. Some more context:

• Failure only occurs on non-leader
• The method successfully retrieves the password
• In a debug-hooks session the hook returns a return code of 0 and the error is not in the logs. The error appears immediately after the debug-hook session is exited
• It is a 100% reproducible
• Switching the method to return a hard-coded password 'fixes' the issue to I am confident it is the data retrieval that is somehow causing the error.

[jameinel]

I would guess that the framework is seeing that we have data in a bucket and then trying to call 'relation-set --app' at some point, even though you are only reading the data. That is what I get from:

2020-02-28 09:29:51 ERROR juju.worker.uniter.context context.go:830 could not write settings from "ceph-client-relation-changed" to relation 0: permission denied

It sounds like Juju is probably allowing the relation-get to succeed (hence "The method successfully retrieves the password") but something about the framework is seeing that as wanting to mutate the relation data. John =:->

On Fri, Feb 28, 2020 at 10:42 AM Liam Young notifications@github.com wrote:

I have a charm that contains the following:

@property
def admin_password(self):
    logging.info("Retrieving admin password")
    password = self.peer_rel.data[self.peer_rel.app].get(self.PASSWORD_KEY)
    logging.info("Password: {}".format(password))
    return password

The error in the charm logs is:

2020-02-28 09:29:51 ERROR juju.worker.uniter.context context.go:830 could not write settings from "ceph-client-relation-changed" to relation 0: permission denied 2020-02-28 09:29:51 ERROR juju.worker.uniter.operation runhook.go:132 hook "ceph-client-relation-changed" failed: could not write settings from "ceph-client-relation-changed" to relation 0: permission denied

On the non-leaders this causes a failure. Some more context:

• Failure only occurs on non-leader
• The method successfully retrieves the password
• In a debug-hooks session the hook returns a return code of 0 and the error is not in the logs. The error appears immediately after the debug-hook session is exited
• It is a 100% reproducible
• Switching the method to return a hard-coded password 'fixes' the issue to I am confident it is the data retrieval that is somehow causing the error.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/canonical/operator/issues/148?email_source=notifications&email_token=AABRQ7OQTBOMEM3HX74B6FTRFDMCBA5CNFSM4K5MUD72YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4IRBZVNA, or unsubscribe https://github.com/notifications/unsubscribe-auth/AABRQ7MHZ5GEB2XATB5GBZDRFDMCBANCNFSM4K5MUD7Q .

[gnuoy]

This bug has just been raised which is probably the root cause: https://bugs.launchpad.net/juju/+bug/1865229

[dshcherb]

@gnuoy It is a Juju bug as discussed, this should be fixed in Juju as of 2.7.5.