Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ssl_certificate resource fires notifications when resource is not executed #37

Open
jayhendren opened this issue Feb 21, 2018 · 0 comments
Open

ssl_certificate resource fires notifications when resource is not executed #37

jayhendren opened this issue Feb 21, 2018 · 0 comments
Labels
Priority: Medium Type: Bug

Comments

@jayhendren
Copy link

ssl_certificate 2.1.0 running on Chef 12.21.20.

Minimum verifiable example:

node.default['example.com']['ssl_cert']['source'] = 'self-signed'
node.default['example.com']['ssl_key']['source'] = 'self-signed'

ssl_certificate 'example.com' do
  common_name 'example.com'
  namespace node['example.com']
  notifies :run, 'ruby_block[foo]', :delayed
  not_if { true }
end

ruby_block 'foo' do
  block { nil }
  action :nothing
end

In theory, the ruby_block should never execute. It has action :nothing, and although it's triggered via notification from ssl_certificate, ssl_certificate has not_if { true }. However, we can see from a chef-client run that ssl_certificate does not run (skipped due to not_if) but the notification is fired off anyway and the ruby_block is executed:

       Compiling Cookbooks...
       [2018-02-21T12:00:22-07:00] INFO: HTTP Request Returned 404 Not Found: Object not found: 
       Converging 2 resources
       Recipe: ssl_certificate_test::default
         * ssl_certificate[example.com] action create[2018-02-21T12:00:22-07:00] INFO: Processing ssl_certificate[example.com] action create (ssl_certificate_test::default line 4)
        (skipped due to not_if)
         * ruby_block[foo] action nothing[2018-02-21T12:00:22-07:00] INFO: Processing ruby_block[foo] action nothing (ssl_certificate_test::default line 11)
        (skipped due to action :nothing)
       [2018-02-21T12:00:22-07:00] INFO: ssl_certificate[example.com] sending run action to ruby_block[foo] (delayed)
         * ruby_block[foo] action run[2018-02-21T12:00:22-07:00] INFO: Processing ruby_block[foo] action run (ssl_certificate_test::default line 11)
       [2018-02-21T12:00:22-07:00] INFO: ruby_block[foo] called
       
           - execute the ruby block foo
       [2018-02-21T12:00:22-07:00] INFO: Chef Run complete in 21.660891891 seconds
       
       Running handlers:
       [2018-02-21T12:00:23-07:00] INFO: Running report handlers
       Running handlers complete
       [2018-02-21T12:00:23-07:00] INFO: Report handlers complete
       Chef Client finished, 1/3 resources updated in 23 seconds

Using action :nothing instead of not_if { true } displays similar erroneous behavior:

       Compiling Cookbooks...
       [2018-02-21T12:08:05-07:00] INFO: HTTP Request Returned 404 Not Found: Object not found: 
       Converging 2 resources
       Recipe: ssl_certificate_test::default
         * ssl_certificate[example.com] action nothing[2018-02-21T12:08:05-07:00] INFO: Processing ssl_certificate[example.com] action nothing (ssl_certificate_test::default line 4)
        (skipped due to action :nothing)
         * ruby_block[foo] action nothing[2018-02-21T12:08:05-07:00] INFO: Processing ruby_block[foo] action nothing (ssl_certificate_test::default line 11)
        (skipped due to action :nothing)
       [2018-02-21T12:08:05-07:00] INFO: ssl_certificate[example.com] sending run action to ruby_block[foo] (delayed)
         * ruby_block[foo] action run[2018-02-21T12:08:05-07:00] INFO: Processing ruby_block[foo] action run (ssl_certificate_test::default line 11)
       [2018-02-21T12:08:05-07:00] INFO: ruby_block[foo] called
       
           - execute the ruby block foo
       [2018-02-21T12:08:05-07:00] INFO: Chef Run complete in 1.59575882 seconds
       
       Running handlers:
       [2018-02-21T12:08:05-07:00] INFO: Running report handlers
       Running handlers complete
       [2018-02-21T12:08:05-07:00] INFO: Report handlers complete
       Chef Client finished, 1/3 resources updated in 03 seconds
       Finished converging <default-cub-rh7> (0m6.62s).

Compare this to the following similar recipe that uses a second ruby_block instead of ssl_certificate, where the notification is well-behaved, and no notification is fired and neither resource executes:

ruby_block 'bar' do
  block { nil }
  notifies :run, 'ruby_block[foo]', :delayed
  not_if { true }
end

ruby_block 'foo' do
  block { nil }
  action :nothing
end

       Compiling Cookbooks...
       [2018-02-21T12:05:18-07:00] INFO: HTTP Request Returned 404 Not Found: Object not found: 
       Converging 2 resources
       Recipe: ssl_certificate_test::default
         * ruby_block[bar] action run[2018-02-21T12:05:18-07:00] INFO: Processing ruby_block[bar] action run (ssl_certificate_test::default line 1)
        (skipped due to not_if)
         * ruby_block[foo] action nothing[2018-02-21T12:05:18-07:00] INFO: Processing ruby_block[foo] action nothing (ssl_certificate_test::default line 7)
        (skipped due to action :nothing)
       [2018-02-21T12:05:18-07:00] INFO: Chef Run complete in 21.50287029 seconds
       
       Running handlers:
       [2018-02-21T12:05:18-07:00] INFO: Running report handlers
       Running handlers complete
       [2018-02-21T12:05:18-07:00] INFO: Report handlers complete
       Chef Client finished, 0/2 resources updated in 23 seconds
       Finished converging <default-cub-rh7> (0m26.52s).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Priority: Medium Type: Bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@zuazo @jayhendren