InsecureSecrets callback does not work for removed secrets

[ajcasagrande]

🐞 Bug Report

Affected Services [REQUIRED]

Any service that uses secret update callback (device-onvif-camera)

Is this a regression?

No?

Description and Minimal Reproduction [REQUIRED]

• Run EdgeX 3.x in non-secure mode
• Run device-onvif-camera with at least 1 insecure secret "credentials001"
• Set logging to DEBUG mode
• Go to consul and modify the values of "credentials001"
• Verify in the logs that the secret callback WAS called
• Go to consul and delete the whole folder for "credentials001"
• Verify in the logs that the secret callback was NOT called

🔥 Exception or Error

🌍 Your Environment

Deployment Environment:
Docker + Dev Hybrid

EdgeX Version [REQUIRED]:
main 3.x

Anything else relevant?

Here is what I believe is happening:

This is due to the common config. The way that MergeMaps works for the InsecureSecrets causes fields that are no longer present to not be deleted. This is because the software does not keep track of where the secret came from, so it is impossible to know whether or not it should be deleted from the map.

Right now the workaround is to restart the service so that way it never receives the deleted InsecureSecret.

[lenny-goodell]

Note that this applies to any maps in the Writable section. Current code only handles values that changed or map items added.