Ensuring absent user_permissions with missing (or absent) user / missing (or absent) vhost #857
Description
Affected Puppet, Ruby, OS and module versions/distributions
- Puppet: 6.12.1-1bionic (agent: 6.18.0-1focal)
- Ruby: 2.5.8
- Distribution: Ubuntu
- Module version: 10.1.1
- Rabbitmq-Server: 3.8.2 / 3.8.6
How to reproduce (e.g Puppet code you use)
class { 'rabbitmq':
service_manage => false,
port => '5672',
delete_guest_user => true,
}
rabbitmq_vhost { 'vhost':
ensure => 'absent',
}
rabbitmq_user { 'user':
ensure => 'absent',
password => 'change-me',
}
rabbitmq_user_permissions { 'user@vhost':
ensure => 'absent',
}What are you seeing
Some combinations of ensures in the above code will give errors (or loops in execution). This mainly happens when the user is absent (and vhost / user_permissions is either present / absent).
What behavior did you expect instead
I would expect the rabbitmq puppet module to detect the missing user and either error if the user_permissions is present or continue if user_permissions are absent (same for the vhost combination)
Output log
- if the vhost does not exist (but the user does)
Error: Execution of '/usr/sbin/rabbitmqctl set_permissions -p vhost user '' '' ''' returned 65: Setting permissions for user "user" in vhost "vhost" ...
Virtual host 'vhost' does not exist
Error: /Stage[main]/Rabbitmq_user_permissions[user@vhost]/ensure: change from 'absent' to 'present' failed: Execution of '/usr/sbin/rabbitmqctl set_permissions -p vhost user '' '' ''' returned 65: Setting permissions for user "user" in vhost "vhost" ...
Virtual host 'vhost' does not exist
Executing the command manually
Setting permissions for user "user" in vhost "vhost" ...
Error:
{:no_such_user, "user"}
Possible fix: read the error response
- The following will be repeated until a timeout
Debug: Executing: '/usr/sbin/rabbitmqctl -q status'
Debug: Executing: '/usr/sbin/rabbitmqctl list_user_permissions -q --no-table-headers user'
Debug: Command failed, retrying
Executing the command manually
# /usr/sbin/rabbitmqctl list_user_permissions -q --no-table-headers user
Error:
{:no_such_user, "user"}
Possible fix: read the error response
Any additional information you'd like to impart
Please see my test matrix below referencing reports above
Results:
vhost: present, user: present, user_permissions: present [OK]
vhost: present, user: present, user_permissions: absent [OK]
vhost: absent, user: present, user_permissions: present [FAILED] (1)
vhost: absent, user: present, user_permissions: absent [OK]
vhost: present, user: absent, user_permissions: present [FAILED] (2)
vhost: present, user: absent, user_permissions: absent [FAILED] (2)
vhost: absent, user: absent, user_permissions: present [FAILED] (2)
vhost: absent, user: absent, user_permissions: absent [FAILED] (2)