sanctuary: secret version already destroyed
@rjw57 I haven't had time to try and look at what is causing this, but it has happened a couple of times now. When I update a document-type secret in 1Password and then run sanctuary sync
I get the following error. If I re-run the command after a few seconds it works with no issue.
> sanctuary sync
/Users/ryan/.virtualenvs/logan/lib/python3.11/site-packages/google/auth/_default.py:78: UserWarning: Your application has authenticated using end user credentials from Google Cloud SDK without a quota project. You might receive a "quota exceeded" or "API not enabled" error. See the following page for troubleshooting: https://cloud.google.com/docs/authentication/adc-troubleshooting/user-creds.
warnings.warn(_CLOUD_SDK_CREDENTIALS_WARNING)
Traceback (most recent call last):
File "/Users/ryan/.virtualenvs/logan/lib/python3.11/site-packages/google/api_core/grpc_helpers.py", line 65, in error_remapped_callable
return callable_(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/ryan/.virtualenvs/logan/lib/python3.11/site-packages/grpc/_channel.py", line 946, in __call__
return _end_unary_response_blocking(state, call, False, None)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/ryan/.virtualenvs/logan/lib/python3.11/site-packages/grpc/_channel.py", line 849, in _end_unary_response_blocking
raise _InactiveRpcError(state)
grpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with:
status = StatusCode.FAILED_PRECONDITION
details = "SecretVersion.state is already DESTROYED."
debug_error_string = "UNKNOWN:Error received from peer ipv4:142.250.179.234:443 {created_time:"2023-08-10T19:18:36.973311+01:00", grpc_status:9, grpc_message:"SecretVersion.state is already DESTROYED."}"
>
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "/Users/ryan/.virtualenvs/logan/bin/sanctuary", line 8, in <module>
sys.exit(main())
^^^^^^
File "/Users/ryan/.virtualenvs/logan/lib/python3.11/site-packages/logan/sanctuary/tool.py", line 57, in main
settings.synchronise(dry_run=dry_run)
File "/Users/ryan/.virtualenvs/logan/lib/python3.11/site-packages/logan/sanctuary/settings.py", line 105, in synchronise
secret_spec.synchronise(self, dry_run=dry_run)
File "/Users/ryan/.virtualenvs/logan/lib/python3.11/site-packages/logan/sanctuary/settings.py", line 85, in synchronise
self.to_secret.update(settings, from_value)
File "/Users/ryan/.virtualenvs/logan/lib/python3.11/site-packages/logan/sanctuary/settings.py", line 55, in update
field_value.update(settings, value)
File "/Users/ryan/.virtualenvs/logan/lib/python3.11/site-packages/logan/sanctuary/google.py", line 108, in update
self._destroy_all_but_latest_version(settings)
File "/Users/ryan/.virtualenvs/logan/lib/python3.11/site-packages/logan/sanctuary/google.py", line 118, in _destroy_all_but_latest_version
client.destroy_secret_version(
File "/Users/ryan/.virtualenvs/logan/lib/python3.11/site-packages/google/cloud/secretmanager_v1/services/secret_manager_service/client.py", line 1852, in destroy_secret_version
response = rpc(
^^^^
File "/Users/ryan/.virtualenvs/logan/lib/python3.11/site-packages/google/api_core/gapic_v1/method.py", line 113, in __call__
return wrapped_func(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/ryan/.virtualenvs/logan/lib/python3.11/site-packages/google/api_core/timeout.py", line 120, in func_with_timeout
return func(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^
File "/Users/ryan/.virtualenvs/logan/lib/python3.11/site-packages/google/api_core/grpc_helpers.py", line 67, in error_remapped_callable
raise exceptions.from_grpc_error(exc) from exc
google.api_core.exceptions.FailedPrecondition: 400 SecretVersion.state is already DESTROYED.