fix: merge provider credentials instead of overwriting (#163)

## Summary

- The `writeCredentials` method in `internal/juju/juju.go` was replacing
the entire `credentials["credentials"]` map on each loop iteration,
rather than merging into it.
- When multiple providers had credentials, only the last provider's
credentials survived in the resulting `credentials.yaml`.
- This fix retrieves the existing inner map via a type assertion and
sets each provider's credentials as a new key, preserving all providers'
credentials.

Somewhat academic with only Google credentials right now, but a bug
lying in wait, so might as well fix it.

🤖 Generated with [Claude Code](https://claude.com/claude-code) but owned
by me.

---------

Co-authored-by: Claude Code <noreply@anthropic.com>

Author: tonyandrewmeyer

internal/juju/juju.go

@@ -127,7 +127,8 @@ func (j *JujuHandler) install() error {
 // writeCredentials iterates over any provided cloud credentials and authors Juju's
 // credentials.yaml
 func (j *JujuHandler) writeCredentials() error {
-	credentials := map[string]any{"credentials": map[string]any{}}
+	credMap := map[string]any{}
+	credentials := map[string]any{"credentials": credMap}
 	addedCredentials := false
 
 	// Iterate over the providers
@@ -138,10 +139,8 @@ func (j *JujuHandler) writeCredentials() error {
 		}
 
 		// Set the credentials for the provider, under the credential name "concierge".
-		credentials["credentials"] = map[string]any{
-			p.CloudName(): map[string]any{
-				"concierge": p.Credentials(),
-			},
+		credMap[p.CloudName()] = map[string]any{
+			"concierge": p.Credentials(),
 		}
 		addedCredentials = true
 	}

internal/juju/juju_test.go

@@ -13,6 +13,7 @@ import (
 	"github.com/canonical/concierge/internal/config"
 	"github.com/canonical/concierge/internal/providers"
 	"github.com/canonical/concierge/internal/system"
+	"gopkg.in/yaml.v3"
 )
 
 var fakeGoogleCreds = []byte(`auth-type: oauth2
@@ -152,6 +153,23 @@ func TestJujuHandlerCommandsPresets(t *testing.T) {
 	}
 }
 
+// mockProvider is a minimal Provider implementation for testing credential merging.
+type mockProvider struct {
+	name        string
+	cloudName   string
+	credentials map[string]any
+}
+
+func (m *mockProvider) Prepare() error                          { return nil }
+func (m *mockProvider) Restore() error                          { return nil }
+func (m *mockProvider) Name() string                            { return m.name }
+func (m *mockProvider) Bootstrap() bool                         { return false }
+func (m *mockProvider) CloudName() string                       { return m.cloudName }
+func (m *mockProvider) GroupName() string                       { return "" }
+func (m *mockProvider) Credentials() map[string]any             { return m.credentials }
+func (m *mockProvider) ModelDefaults() map[string]string        { return nil }
+func (m *mockProvider) BootstrapConstraints() map[string]string { return nil }
+
 func TestJujuHandlerWithCredentialedProvider(t *testing.T) {
 	expectedCredsFileContent := []byte(`credentials:
     google:
@@ -183,6 +201,73 @@ func TestJujuHandlerWithCredentialedProvider(t *testing.T) {
 	}
 }
 
+func TestJujuHandlerMergesMultipleCredentialedProviders(t *testing.T) {
+	cfg := &config.Config{}
+
+	sys := system.NewMockSystem()
+
+	providerA := &mockProvider{
+		name:      "cloud-a",
+		cloudName: "cloud-a",
+		credentials: map[string]any{
+			"auth-type": "userpass",
+			"username":  "alice",
+			"password":  "secret-a",
+		},
+	}
+	providerB := &mockProvider{
+		name:      "cloud-b",
+		cloudName: "cloud-b",
+		credentials: map[string]any{
+			"auth-type": "userpass",
+			"username":  "bob",
+			"password":  "secret-b",
+		},
+	}
+
+	handler := NewJujuHandler(cfg, sys, []providers.Provider{providerA, providerB})
+
+	err := handler.Prepare()
+	if err != nil {
+		t.Fatal(err.Error())
+	}
+
+	credsFile := path.Join(os.TempDir(), ".local", "share", "juju", "credentials.yaml")
+	content, ok := sys.CreatedFiles[credsFile]
+	if !ok {
+		t.Fatal("credentials.yaml was not created")
+	}
+
+	// Parse the written YAML and verify both clouds are present.
+	var parsed map[string]any
+	if err := yaml.Unmarshal([]byte(content), &parsed); err != nil {
+		t.Fatalf("failed to parse credentials.yaml: %v", err)
+	}
+
+	credMap, ok := parsed["credentials"].(map[string]any)
+	if !ok {
+		t.Fatal("missing or invalid top-level 'credentials' key")
+	}
+
+	if len(credMap) != 2 {
+		t.Fatalf("expected 2 clouds in credentials, got %d: %v", len(credMap), credMap)
+	}
+
+	for _, cloud := range []string{"cloud-a", "cloud-b"} {
+		entry, ok := credMap[cloud]
+		if !ok {
+			t.Fatalf("credentials for %q missing — merge overwrote earlier entries", cloud)
+		}
+		cloudMap, ok := entry.(map[string]any)
+		if !ok {
+			t.Fatalf("credentials for %q is not a map", cloud)
+		}
+		if _, ok := cloudMap["concierge"]; !ok {
+			t.Fatalf("credentials for %q missing 'concierge' key", cloud)
+		}
+	}
+}
+
 func TestJujuRestoreNoKillController(t *testing.T) {
 	system, handler, err := setupHandlerWithPreset("machine")
 	if err != nil {