Skip to content


No way to idempotently remove a user #13

jaylevitt opened this Issue · 2 comments

3 participants


If I add

"action": "remove"

to a user's data bag item, the first chef-client run will remove the user--but the second will raise an exception:

ArgumentError: user_account[notanymore] (user::data_bag line 27) had an error: ArgumentError: can't find user for notanymore

Shouldn't remove handle the case where the user's already been removed? Or is there a better way?


Aha! I was able to remove users idempotently using ignore_failure, which is one of the common attribute that can be set on any resource. I do still see an error such as this in stdout, but it's ignored and the chef-solo run continues:

ERROR: user_account[deleteme] (blueprint::default line 42) had an error: can't find user for deleteme

Example recipe code from my own blueprint cookbook, which depends on the user cookbook, so that I can use the user_account resource:

# Search data_bags/accounts/*.json for users to remove
remove_accounts = search(:users, "(action:remove)")

remove_accounts.each do |u|
  username = u['username'] || u['id']
  user_account username do
    action :remove
    # Idempotent in case the user is already removed.
    ignore_failure true

Looks like @atz had a great solution in #16 so that should close this out, woo!

@fnichol fnichol closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.