Add base64 encoding co Create and change Read fucntion to get value with

decode.

Add base64 encoding for values in Update

internal/juju/secrets.go

@@ -4,6 +4,7 @@
 package juju
 
 import (
+	"encoding/base64"
 	"errors"
 	"fmt"
 
@@ -90,7 +91,14 @@ func (c *secretsClient) CreateSecret(input *CreateSecretInput) (CreateSecretOutp
 	defer func() { _ = conn.Close() }()
 
 	secretAPIClient := c.getSecretAPIClient(conn)
-	secretId, err := secretAPIClient.CreateSecret(input.Name, input.Info, input.Value)
+
+	// Encode the secret values as base64
+	encodedValue := make(map[string]string, len(input.Value))
+	for k, v := range input.Value {
+		encodedValue[k] = base64.StdEncoding.EncodeToString([]byte(v))
+	}
+
+	secretId, err := secretAPIClient.CreateSecret(input.Name, input.Info, encodedValue)
 	if err != nil {
 		return CreateSecretOutput{}, typedError(err)
 	}
@@ -135,10 +143,16 @@ func (c *secretsClient) ReadSecret(input *ReadSecretInput) (ReadSecretOutput, er
 		return ReadSecretOutput{}, errors.New(results[0].Error)
 	}
 
+	// Decode the secret values from base64
+	decodedValue, err := results[0].Value.Values()
+	if err != nil {
+		return ReadSecretOutput{}, err
+	}
+
 	return ReadSecretOutput{
 		SecretId: results[0].Metadata.URI.String(),
 		Name:     results[0].Metadata.Label,
-		Value:    results[0].Value.EncodedValues(),
+		Value:    decodedValue,
 		Info:     results[0].Metadata.Description,
 	}, nil
 }
@@ -167,7 +181,13 @@ func (c *secretsClient) UpdateSecret(input *UpdateSecretInput) error {
 	}
 	var value map[string]string
 	if input.Value != nil {
-		value = *input.Value
+		// Encode the secret values as base64
+		encodedValue := make(map[string]string, len(*input.Value))
+		for k, v := range *input.Value {
+			encodedValue[k] = base64.StdEncoding.EncodeToString([]byte(v))
+		}
+
+		value = encodedValue
 	} else {
 		value = map[string]string{}
 	}

internal/juju/secrets_test.go

@@ -48,15 +48,18 @@ func (s *SecretSuite) TestCreateSecret() {
 	ctlr := s.setupMocks(s.T())
 	defer ctlr.Finish()
 
+	decodedValue := map[string]string{"key": "value"}
+	encodedValue := map[string]string{"key": base64.StdEncoding.EncodeToString([]byte("value"))}
+
 	s.mockSecretClient.EXPECT().CreateSecret(
-		"test-secret", "test info", map[string]string{"key": "value"},
+		"test-secret", "test info", encodedValue,
 	).Return("secret-id", nil).AnyTimes()
 
 	client := s.getSecretsClient()
 	output, err := client.CreateSecret(&CreateSecretInput{
 		ModelName: s.testModelName,
 		Name:      "test-secret",
-		Value:     map[string]string{"key": "value"},
+		Value:     decodedValue,
 		Info:      "test info",
 	})
 	s.Require().NoError(err)
@@ -71,15 +74,18 @@ func (s *SecretSuite) TestCreateSecretError() {
 
 	errBoom := errors.New("boom")
 
+	decodedValue := map[string]string{"key": "value"}
+	encodedValue := map[string]string{"key": base64.StdEncoding.EncodeToString([]byte("value"))}
+
 	s.mockSecretClient.EXPECT().CreateSecret(
-		"test-secret", "test info", map[string]string{"key": "value"},
+		"test-secret", "test info", encodedValue,
 	).Return("", errBoom).AnyTimes()
 
 	client := s.getSecretsClient()
 	output, err := client.CreateSecret(&CreateSecretInput{
 		ModelName: s.testModelName,
 		Name:      "test-secret",
-		Value:     map[string]string{"key": "value"},
+		Value:     decodedValue,
 		Info:      "test info",
 	})
 	s.Require().Error(err)
@@ -130,6 +136,7 @@ func (s *SecretSuite) TestReadSecret() {
 	s.Require().NoError(err)
 
 	s.Assert().NotNil(output)
+	s.Assert().Equal("value", output.Value["key"])
 }
 
 func (s *SecretSuite) TestReadSecretError() {
@@ -171,21 +178,22 @@ func (s *SecretSuite) TestUpdateSecretWithRenaming() {
 	secretInfo := "secret info"
 	autoPrune := true
 
-	// update secret with value2
-	value2 := base64.StdEncoding.EncodeToString([]byte("value2"))
+	decodedValue := map[string]string{"key": "value"}
+	encodedValue := map[string]string{"key": base64.StdEncoding.EncodeToString([]byte("value"))}
+
 	secretURI, err := coresecrets.ParseURI(secretId)
 	s.Require().NoError(err)
 
 	s.mockSecretClient.EXPECT().UpdateSecret(
-		secretURI, "", &autoPrune, newSecretName, "secret info", map[string]string{"key": value2},
+		secretURI, "", &autoPrune, newSecretName, "secret info", encodedValue,
 	).Return(nil).AnyTimes()
 
 	client := s.getSecretsClient()
 	err = client.UpdateSecret(&UpdateSecretInput{
 		SecretId:  secretId,
 		ModelName: s.testModelName,
 		Name:      &newSecretName,
-		Value:     &map[string]string{"key": value2},
+		Value:     &decodedValue,
 		AutoPrune: &autoPrune,
 		Info:      &secretInfo,
 	})
@@ -203,7 +211,7 @@ func (s *SecretSuite) TestUpdateSecretWithRenaming() {
 					Revision: 1,
 				},
 			},
-			Value: coresecrets.NewSecretValue(map[string]string{"key": value2}),
+			Value: coresecrets.NewSecretValue(encodedValue),
 			Error: "",
 		},
 	}, nil).Times(1)
@@ -226,20 +234,21 @@ func (s *SecretSuite) TestUpdateSecret() {
 	secretInfo := "secret info"
 	autoPrune := true
 
-	// update secret with value2
-	value2 := base64.StdEncoding.EncodeToString([]byte("value2"))
+	decodedValue := map[string]string{"key": "value"}
+	encodedValue := map[string]string{"key": base64.StdEncoding.EncodeToString([]byte("value"))}
+
 	secretURI, err := coresecrets.ParseURI(secretId)
 	s.Require().NoError(err)
 
 	s.mockSecretClient.EXPECT().UpdateSecret(
-		secretURI, "", &autoPrune, "", "secret info", map[string]string{"key": value2},
+		secretURI, "", &autoPrune, "", secretInfo, encodedValue,
 	).Return(nil).AnyTimes()
 
 	client := s.getSecretsClient()
 	err = client.UpdateSecret(&UpdateSecretInput{
 		SecretId:  secretId,
 		ModelName: s.testModelName,
-		Value:     &map[string]string{"key": value2},
+		Value:     &decodedValue,
 		AutoPrune: &autoPrune,
 		Info:      &secretInfo,
 	})
@@ -258,7 +267,7 @@ func (s *SecretSuite) TestUpdateSecret() {
 					Revision: 1,
 				},
 			},
-			Value: coresecrets.NewSecretValue(map[string]string{"key": value2}),
+			Value: coresecrets.NewSecretValue(encodedValue),
 			Error: "",
 		},
 	}, nil).Times(1)