Prevent updating matrix-auth data more than once

[amandahla]

Overview

This PR changes the way that matrix-auth library updates relation data by preventing to do it more than once. This way, relation-change events are not emitted for no reason and the encryption key secret is not changed.

Rationale

Prevent changes in relation data.

Juju Events Changes

Module Changes

Library Changes

Checklist

• The charm style guide was applied
• The contributing guide was applied
• The changes are compliant with ISD054 - Manging Charm Complexity
• The documentation is generated using src-docs
• The documentation for charmhub is updated.
• The PR is tagged with appropriate label (urgent, trivial, complex)
• The changelog is updated with changes that affect the users of the charm.

[github-actions]

Test coverage for 690d295

Name                                    Stmts   Miss Branch BrPart  Cover   Missing
-----------------------------------------------------------------------------------
src/auth/__init__.py                        0      0      0      0   100%
src/auth/mas.py                            64      0      2      1    98%   113->115
src/backup.py                             175      5     20      2    96%   353-354, 423-424, 481->483, 484
src/backup_observer.py                    134     16     12      0    89%   132-135, 140-143, 179-182, 211-214
src/charm.py                              273     18     64     10    92%   140->142, 145, 270, 274-275, 281-282, 303-304, 328, 335, 410-414, 417-418, 446-448, 468
src/charm_types.py                         30      0      0      0   100%
src/database_client.py                     57      1      8      4    92%   35, 47->exit, 69->exit, 88->98
src/database_observer.py                   49      4      2      0    92%   61-64
src/exceptions.py                           3      0      0      0   100%
src/matrix_auth_observer.py                59      5      6      0    92%   133-137
src/media_observer.py                      45      4      2      1    89%   60-62, 81
src/observability.py                       13      0      0      0   100%
src/pebble.py                             194     23     44     11    86%   157->exit, 168-172, 216-217, 237-238, 256-259, 320->325, 330-331, 343-344, 346-347, 378, 380, 382, 384, 386, 417
src/redis_observer.py                      39      3      4      0    93%   63-66
src/s3_parameters.py                       22      0      4      0   100%
src/smtp_observer.py                       61      1     14      2    96%   89, 108->113
src/state/__init__.py                       0      0      0      0   100%
src/state/charm_state.py                  127      9     32      7    90%   164, 168, 189, 214, 220, 226, 230-231, 314
src/state/mas.py                           78      8      6      3    87%   152, 158-159, 183-185, 200, 220
src/state/validation.py                    36      3      2      0    92%   108-110
src/synapse/__init__.py                     3      0      0      0   100%
src/synapse/api.py                        129      6     18      4    93%   111-112, 161, 172, 174, 314
src/synapse/workload.py                   118      4     24      0    94%   365-368
src/synapse/workload_configuration.py     149     26     34     12    79%   90->exit, 94-95, 143-144, 173, 193-194, 226-227, 260, 269-270, 285, 290-291, 312-313, 332->337, 338, 356->358, 368-369, 397, 405->407, 407->409, 414-415, 435->442, 445, 465-466
src/user.py                                23      0      2      0   100%
-----------------------------------------------------------------------------------
TOTAL                                    1881    136    300     57    91%

Static code analysis report

Working... ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100% 0:00:00
Run started:2025-02-03 13:15:58.346312

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 9704
  Total lines skipped (#nosec): 3
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

[javierdelapuente]

Out of curiosity, why was it emitted several times?

[amandahla]

Out of curiosity, why was it emitted several times?

The update_matrix_auth_integration is called during the reconcile here.

There was a method in the charm for checking if homeserver or registration changed but by mistake was checking for the key "shared_secret" which doesn't exist so it was updating every time.

Since these values are not supposed to be changed during a Synapse instance lifetime I moved the check to the library. The relation data is only updated if there is an ValueError (relation empty or invalid) now.