search

sous-chefs / users

Development repository for the users cookbook
https://supermarket.chef.io/cookbooks/users
Apache License 2.0
138 stars 217 forks source link

action :remove throws errors if user doesn't exist on node #393

Closed jamescorkran closed 7 years ago

jamescorkran commented 7 years ago

Cookbook version

0.3.1

Chef-client version

12.8.1

Platform Details

Ubuntu 14.04

Scenario:

Whenever our company has someone leave and we need to remove their access to our machines, there is a manual process about it.

The problem is if there are changes between setting the action to remove and manually deleting the user from each role, uploading the new roles, and re-running chef-client; it will error out.

Steps to Reproduce:

  1. Change action to "remove" on a user
  2. Wait till chef-client runs on all affected nodes (or force run)
  3. Run chef-client again It should error out with _Error executing action 'remove' on resource 'useraccount[USER]'

Expected Result:

Resource skipped or ignored: User does not exist and action set to 'remove' for this particular node, should be smart enough to realize the resource is not needed. (ignore_failure user property could be implemented for this issue)

Actual Result:

_Error executing action 'remove' on resource 'useraccount[USER]'

tas50 commented 7 years ago

@jamescorkran Can you test this on the latest version of the cookbook? You appear to be using a cookbook from many many years ago.

tas50 commented 7 years ago

@jamescorkran I'm not able to reproduce this one on the 5.0 cookbook and I've added an integration test to make sure we can always remove a user that never existed. I suggest you update to the latest cookbook and reopen this if you're still having issues.