fix: deleting the whole secret when it is empty

[Skarlso]

Problem Statement

Basically, the SDK was not returning when the key was not found and the connect service looks like can have an empty item in it which is weird, but it is what it is.

Related Issue

Fixes #5753

Proposed Changes

How do you like to solve the issue and why?

Format

Please ensure that your PR follows the following format for the title:

feat(scope): add new feature
fix(scope): fix bug
docs(scope): update documentation
chore(scope): update build tool or dependencies
ref(scope): refactor code
clean(scope): provider cleanup
test(scope): add tests
perf(scope): improve performance
desig(scope): improve design

Where scope is optionally one of:

• charts
• release
• testing
• security
• templating

Checklist

• I have read the contribution guidelines
• All commits are signed with git commit --signoff
• My changes have reasonable test coverage
• All tests pass with make test
• I ensured my PR is ready for review with make reviewable

Fix deletion of empty 1Password secrets

Addresses hanging deletion operations when using PushSecret with multiple keys against 1Password Connect Server. The fix implements three key changes:

1. Empty section handling: When a 1Password item contains only an empty placeholder section (with empty ID and Label), the section is now cleared to allow the item to be deleted.

2. Non-existent key handling: Treats deletion of non-existent keys as a no-op by returning success instead of an error, preventing deletion loops from failing.

3. Test coverage: Adds tests for deleting items with empty sections and for deleting multiple fields from the same item in sequence.

These changes ensure that 1Password items are properly removed when they become empty after field deletions, resolving indefinite hangs in the deletion process.

[coderabbitai]

Walkthrough

The PR enhances 1Password provider's DeleteSecret functionality by clearing empty section placeholders to enable proper deletion and treating non-existent key lookups as successful no-ops, allowing graceful handling of items with only placeholder sections and already-deleted items.

Changes

Cohort / File(s)	Summary
1Password Provider Layer providers/v1/onepassword/onepassword.go, providers/v1/onepassword/onepassword_test.go	Adds safeguard to clear empty sections (with no ID/Label) to nil in DeleteSecret, enabling deletion when only placeholder sections exist. New test validates deletion with empty sections and missing items.
1Password SDK Client Layer providers/v1/onepasswordsdk/client.go, providers/v1/onepasswordsdk/client_test.go	Treats ErrKeyNotFound as successful no-op in DeleteSecret instead of propagating error. Introduces stateful fake lister for testing multi-field deletion sequences across sequential operations with state tracking.

Possibly related PRs

• fix: push secret delete was removing the wrong key #5799: Modifies DeleteSecret behavior for 1Password provider with similar handling of missing keys and deletion condition adjustments.

🚥 Pre-merge checks | ✅ 2

✅ Passed checks (2 passed)

Check name	Status	Explanation
Linked Issues check	✅ Passed	Changes address issue #5753 by handling non-existent keys and empty sections to enable proper deletion of 1Password items, aligning with the requirement to complete deletion of PushSecrets with multiple fields.
Out of Scope Changes check	✅ Passed	All changes are directly related to fixing the deletion behavior for 1Password items, with no out-of-scope modifications detected.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud