cheffish icon indicating copy to clipboard operation
cheffish copied to clipboard
verified publisher icon chef

chef_user hits 400 errors whenever you try to update any user fields (email, display_name, etc.)

Open poliva83 opened this issue 9 years ago • 7 comments

Discovered that when you try to update an email of a existing user the chef_user blows up with 400 "Bad Request" error. Tried other fields like display_name and hit similar results.

Discovered using combination of cheffish 2.0.2 and chef-client 12.5.1.

 * chef_user[admin-helm] action create

 ["update user admin-helm at https://127.0.0.1/users", "  update email from \"[email protected]\" to \"[email protected]\""]
 {"name"=>"admin-helm", "username"=>"admin-helm", "display_name"=>"Admin Shared User for HELM Org", "admin"=>false, "json_class"=>"Chef::WebUIUser", "chef_type"=>"webui_user", "salt"=>nil, "password"=>nil, "openid"=>nil, "email"=>"[email protected]", "public_key"=>"-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNKOarIC4dUS2SUdOuOZ\n0ACVepwMeoHuzQYdUtwVA1+fDXjLqfZy63b4KObCIPx8m4bdrWXw15Fr9eMrjw36\nBf4tPHxU4Jq+CivD1pW3QVAV4Z2cZ89mruOD4xwLfjycQ7/LWydhmGs59hC7l6Fk\nxxmDSoWVs3pmNs2Ug9ZRmN6OsAltb0JbMpLqFrleg2j4RalfLls24rOQqkKC5n8K\nAmef0zt3F5HaufxXbuBWBG1wmNCxAzQswTzpFUd1ZSSdXxPg3KOkNiZdY6GEt1AY\nJW4ReFWo5MISnv7JyNSEZWr0eGOJqzTEURGPrbJUWS6UbkioFdwLtBC+AsLk3Cvo\nBQIDAQAB\n-----END PUBLIC KEY-----\n"}


     ================================================================================
     Error executing action `create` on resource 'chef_user[admin-helm]'
     ================================================================================

     Net::HTTPServerException
     ------------------------
     400 "Bad Request"

     Resource Declaration:
     ---------------------
     # In /var/chef/cache/cookbooks/bb_chef_server_cluster/recipes/manage_rbac.rb

      92:   chef_user user do
      93:     display_name values['display_name']
      94:     email values['email']
      95:     password lazy { determine_user_password(chef_server_url, user, values['password']) }
      96:     source_key values['source_key']
      97:     chef_server url_root
      98:     action :create
      99:     not_if { values['source_key'].nil? }
     100:     only_if { node.run_state['check_ha_status'] }
     101:   end
     102: end

     Compiled Resource:
     ------------------
     # Declared in /var/chef/cache/cookbooks/bb_chef_server_cluster/recipes/manage_rbac.rb:92:in `block in from_file'

     chef_user("admin-helm") do
       action [:create]
       retries 0
       retry_delay 2
       default_guard_interpreter :default
       chef_server {:chef_server_url=>"https://127.0.0.1:443", :options=>{:client_name=>"pivotal", :signing_key_filename=>"/etc/opscode/pivotal.pem", :api_version=>"0"}}
       declared_type :chef_user
       cookbook_name "bb_chef_server_cluster"
       recipe_name "manage_rbac"
       display_name "Admin Shared User for HELM Org"
       email "[email protected]"
       password #<ChefCompat::CopiedFromChef::Chef::DelayedEvaluator:0x0000000584e770@/var/chef/cache/cookbooks/bb_chef_server_cluster/recipes/manage_rbac.rb:95>
       source_key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCo0o5qsgLh1RLZJR0645nQAJV6nAx6ge7NBh1S3BUDX58NeMup9nLrdvgo5sIg/Hybht2tZfDXkWv14yuPDfoF/i08fFTgmr4KK8PWlbdBUBXhnZxnz2au44PjHAt+PJxDv8tbJ2GYazn2ELuXoWTHGYNKhZWzemY2zZSD1lGY3o6wCW1vQlsykuoWuV6DaPhFqV8uWzbis5CqQoLmfwoCZ5/TO3cXkdq5/Fdu4FYEbXCY0LEDNCzBPOkVR3VlJJ1fE+Dco6Q2Jl1joYS3UBglbhF4VajkwhKe/snI1IRlavR4Y4mrNMRREY+tslRZLpRuSKgV3Au0EL4CwuTcK+gF"
       not_if { #code block }
       only_if { #code block }
     end

Here is the complete stack trace:

Generated at 2016-05-12 14:01:32 +0000
Net::HTTPServerException: chef_user[admin-helm] (bb_chef_server_cluster::manage_rbac line 92) had an error: Net::HTTPServerException: 400 "Bad Request"
/opt/chef/embedded/lib/ruby/2.1.0/net/http/response.rb:119:in `error!'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/http.rb:145:in `request'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/http.rb:118:in `put'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/cheffish-2.0.2/lib/cheffish/chef_actor_base.rb:21:in `block in create_actor'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/mixin/why_run.rb:52:in `call'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/mixin/why_run.rb:52:in `add_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/provider.rb:175:in `converge_by'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/cheffish-2.0.2/lib/cheffish/chef_actor_base.rb:20:in `create_actor'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/cheffish-2.0.2/lib/chef/resource/chef_user.rb:42:in `block in <class:ChefUser>'
(eval):2:in `block in action_create'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/compat_resource-12.9.1/files/lib/chef_compat/copied_from_chef/chef/provider.rb:122:in `instance_eval'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/compat_resource-12.9.1/files/lib/chef_compat/copied_from_chef/chef/provider.rb:122:in `compile_and_converge_action'
(eval):2:in `action_create'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/provider.rb:144:in `run_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/resource.rb:585:in `run_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/runner.rb:49:in `run_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/runner.rb:81:in `block (2 levels) in converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/runner.rb:81:in `each'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/runner.rb:81:in `block in converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/resource_collection/resource_list.rb:83:in `block in execute_each_resource'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/resource_collection/stepable_iterator.rb:116:in `call'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/resource_collection/stepable_iterator.rb:116:in `call_iterator_block'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/resource_collection/stepable_iterator.rb:85:in `step'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/resource_collection/stepable_iterator.rb:104:in `iterate'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/resource_collection/stepable_iterator.rb:55:in `each_with_index'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/resource_collection/resource_list.rb:81:in `execute_each_resource'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/runner.rb:80:in `converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/client.rb:653:in `block in converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/client.rb:648:in `catch'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/client.rb:648:in `converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/client.rb:687:in `converge_and_save'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/client.rb:269:in `run'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application.rb:270:in `block in fork_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application.rb:258:in `fork'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application.rb:258:in `fork_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application.rb:224:in `block in run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/local_mode.rb:44:in `with_server_connectivity'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application.rb:212:in `run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application/client.rb:408:in `block in interval_run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application/client.rb:398:in `loop'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application/client.rb:398:in `interval_run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application/client.rb:388:in `run_application'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application.rb:60:in `run'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/bin/chef-client:26:in `<top (required)>'
/usr/bin/chef-client:54:in `load'
/usr/bin/chef-client:54:in `<main>'

poliva83 avatar May 12 '16 14:05 poliva83

Still hit issue with cheffish 2.0.4 and chef-client 12.9.41 (latest versions)

Net::HTTPServerException: chef_user[admin-helm] (bb_chef_server_cluster::manage_rbac line 92) had an error: Net::HTTPServerException: 400 "Bad Request"
/opt/chef/embedded/lib/ruby/2.1.0/net/http/response.rb:119:in `error!'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/http.rb:146:in `request'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/http.rb:119:in `put'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/cheffish-2.0.4/lib/cheffish/chef_actor_base.rb:21:in `block in create_actor'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/mixin/why_run.rb:52:in `add_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/provider.rb:175:in `converge_by'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/cheffish-2.0.4/lib/cheffish/chef_actor_base.rb:20:in `create_actor'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/cheffish-2.0.4/lib/chef/resource/chef_user.rb:42:in `block in <class:ChefUser>'
(eval):2:in `block in action_create'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/compat_resource-12.9.1/files/lib/chef_compat/copied_from_chef/chef/provider.rb:122:in `instance_eval'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/compat_resource-12.9.1/files/lib/chef_compat/copied_from_chef/chef/provider.rb:122:in `compile_and_converge_action'
(eval):2:in `action_create'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/provider.rb:144:in `run_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/resource.rb:596:in `run_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/runner.rb:69:in `run_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/runner.rb:97:in `block (2 levels) in converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/runner.rb:97:in `each'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/runner.rb:97:in `block in converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/resource_collection/resource_list.rb:84:in `block in execute_each_resource'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/resource_collection/stepable_iterator.rb:116:in `call'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/resource_collection/stepable_iterator.rb:116:in `call_iterator_block'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/resource_collection/stepable_iterator.rb:85:in `step'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/resource_collection/stepable_iterator.rb:104:in `iterate'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/resource_collection/stepable_iterator.rb:55:in `each_with_index'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/resource_collection/resource_list.rb:82:in `execute_each_resource'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/runner.rb:96:in `converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/client.rb:667:in `block in converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/client.rb:662:in `catch'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/client.rb:662:in `converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/client.rb:701:in `converge_and_save'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/client.rb:281:in `run'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application.rb:285:in `block in fork_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application.rb:273:in `fork'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application.rb:273:in `fork_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application.rb:238:in `block in run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/local_mode.rb:44:in `with_server_connectivity'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application.rb:226:in `run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application/client.rb:456:in `sleep_then_run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application/client.rb:443:in `block in interval_run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application/client.rb:442:in `loop'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application/client.rb:442:in `interval_run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application/client.rb:426:in `run_application'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application.rb:58:in `run'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/bin/chef-client:26:in `<top (required)>'
/usr/bin/chef-client:51:in `load'

poliva83 avatar May 12 '16 14:05 poliva83

This appears to be fixed with chef-client v12.9.41 and chef-server-core v12.6

andy-dufour avatar May 16 '16 18:05 andy-dufour

I don't think this is fix in latest chef-client v12.11.18 and chef-server-core v12.7.

sudo dpkg -l | egrep "opscode|chef" ii chef 12.11.18-1 amd64 The full stack of chef ii chef-ha 0.0.1~bbry+20151223173646-1 amd64 The full stack of chef-ha ii chef-server-core 12.7.0-1 amd64 The full stack of chef-server ii chef-sync 1.0.0~rc.7-1 amd64 The full stack of chef-sync ii opscode-reporting 1.6.0-1 amd64 The full stack of opscode-reporting

Generated at 2016-06-29 14:26:09 +0000
Net::HTTPServerException: chef_user[guest-helm] (bb_chef_server_cluster::manage_rbac line 92) had an error: Net::HTTPServerException: 400 "
Bad Request"
/opt/chef/embedded/lib/ruby/2.1.0/net/http/response.rb:119:in `error!'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/http.rb:146:in `request'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/http.rb:119:in `put'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/cheffish-2.0.4/lib/cheffish/chef_actor_base.rb:21:in `block in create_actor'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/mixin/why_run.rb:52:in `add_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/provider.rb:176:in `converge_by'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/cheffish-2.0.4/lib/cheffish/chef_actor_base.rb:20:in `create_actor'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/cheffish-2.0.4/lib/chef/resource/chef_user.rb:42:in `block in <class:ChefUser>'
(eval):2:in `block in action_create'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/compat_resource-12.10.4/files/lib/chef_compat/copied_from_chef/chef/provider.rb:124:in `instanc
e_eval'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/compat_resource-12.10.4/files/lib/chef_compat/copied_from_chef/chef/provider.rb:124:in `compile
_and_converge_action'
(eval):2:in `action_create'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/provider.rb:145:in `run_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/resource.rb:591:in `run_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/compat_resource-12.10.4/files/lib/chef_compat/monkeypatches/chef/runner.rb:41:in `run_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/runner.rb:97:in `block (2 levels) in converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/runner.rb:97:in `each'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/runner.rb:97:in `block in converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/resource_collection/resource_list.rb:94:in `block in execute_each_resour
ce'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/resource_collection/stepable_iterator.rb:116:in `call'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/resource_collection/stepable_iterator.rb:116:in `call_iterator_block'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/resource_collection/stepable_iterator.rb:85:in `step'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/resource_collection/stepable_iterator.rb:104:in `iterate'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/resource_collection/stepable_iterator.rb:55:in `each_with_index'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/resource_collection/resource_list.rb:92:in `execute_each_resource'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/runner.rb:96:in `converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/client.rb:669:in `block in converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/client.rb:664:in `catch'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/client.rb:664:in `converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/client.rb:703:in `converge_and_save'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/client.rb:283:in `run'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application.rb:286:in `block in fork_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application.rb:274:in `fork'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application.rb:274:in `fork_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application.rb:239:in `block in run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/local_mode.rb:44:in `with_server_connectivity'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application.rb:227:in `run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application/client.rb:456:in `sleep_then_run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application/client.rb:443:in `block in interval_run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application/client.rb:442:in `loop'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application/client.rb:442:in `interval_run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application/client.rb:426:in `run_application'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application.rb:59:in `run'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/bin/chef-client:26:in `<top (required)>'
/usr/bin/chef-client:52:in `load'
/usr/bin/chef-client:52:in `<main>'

nlam79 avatar Jun 29 '16 14:06 nlam79

This seems very bad if its not fixed.

lamont-granquist avatar Dec 07 '16 18:12 lamont-granquist

@lamont-granquist I did workaround this issue. The problem is you can not update email, display_name, and/or source_key without passing in the password attribute to chef_user resource. So basically I needed to make some postgres db calls and save hashed_password information of users in opscode_chef table, set the password attribute to passw0rd when using chef_user resource and then restore the old hashed_password for user with postgres db calls. I put guards to ensure chef_user resource didn't trigger unless update email, display_name, and/or source_key has changed.

# create users
node['bb_chef_server_cluster']['manage_rbac']['users'].each do |user, values|
  next if user.eql?('ec_sync_user') || values == false
  ruby_block "save #{user} password info" do
    block do
      rest = setup_rest(url_root)
      if user_exist?(rest, user)
        node.run_state["#{user}_diff"] = diff_user(rest, user, values)
        node.run_state["#{user}_password"] = get_user_password_info(user)
      else
        node.run_state["#{user}_diff"] = true
        node.run_state["#{user}_password"] = nil
      end
    end
    only_if { node.run_state['check_ha_status'] }
  end
  chef_user user do # ~FC022
    display_name values['display_name']
    email values['email']
    password 'passw0rd'
    source_key values['source_key']
    chef_server url_root
    action :create
    only_if { node.run_state["#{user}_diff"] }
    only_if { node.run_state['check_ha_status'] }
    notifies :run, "ruby_block[restore #{user} password info]", :immediately
  end
  ruby_block "restore #{user} password info" do
    block do
      update_user_password(node.run_state["#{user}_password"])
      restored = Chef::Resource::Log.new("restored #{user} password successfully!", run_context)
      restored.level :info
      restored.run_action :write
    end
    action :nothing
    only_if { node.run_state["#{user}_password"] }
    only_if { node.run_state['check_ha_status'] }
  end
end

poliva83 avatar Dec 07 '16 19:12 poliva83

I guess this issue is related to https://github.com/chef/cheffish/issues/83

poliva83 avatar Dec 07 '16 19:12 poliva83

Okay I think I understand it clearer now.

The RESTfulness of the API is getting into a fight with password hashing. It wants everything updated, but the passwords have been one-way hashed so that you can't GET, , POST.

this is probably the better written ticket than #83

lamont-granquist avatar Dec 07 '16 19:12 lamont-granquist