fix for resource cloning deprecation

[chasebolt]

moving the call for setting up the .ssh folder to a single location

Cloning resource attributes for directory[/home/myuser/.ssh] from prior resource
Previous directory[/home/myuser/.ssh]: /var/chef/cache/cookbooks/user/providers/account.rb:159:in `home_ssh_dir_resource'
Current  directory[/home/myuser/.ssh]: /var/chef/cache/cookbooks/user/providers/account.rb:159:in `home_ssh_dir_resource' at 1 location:
    - /var/chef/cache/cookbooks/user/providers/account.rb:159:in `home_ssh_dir_resource'
   See https://docs.chef.io/deprecations_resource_cloning.html for further details.

[EugenMayer]

Also really looking forward to this, with chef12 and chef13 client things become very verbose about those issues. Thanks!

[theckman]

I'll take a look at / test this this week. :)

[EugenMayer]

great @theckman , thank you for the effort

[theckman]

I went ahead and tried to test these changes locally using test-kitchen. This change causes a convergence failure for all of the lwrp tests (chef exec kitchen test lwrp). I've not started to dive-in to the error yet, but I'll quickly see if I can grok the failure mode:

       Converging 9 resources
       Recipe: user_test::lwrp
         * user_account[hsolo] action create
           * directory[/opt/hoth/hsolo parent directory] action create
             - create new directory /opt/hoth
           * user[hsolo] action create
             - create user hsolo
           * directory[/opt/hoth/hsolo] action create
             - change mode from '0755' to '02755'
           * template[/opt/hoth/hsolo/.ssh/authorized_keys] action create
             * Parent directory /opt/hoth/hsolo/.ssh does not exist.
             ================================================================================
             Error executing action `create` on resource 'template[/opt/hoth/hsolo/.ssh/authorized_keys]'
             ================================================================================

             Chef::Exceptions::EnclosingDirectoryDoesNotExist
             ------------------------------------------------
             Parent directory /opt/hoth/hsolo/.ssh does not exist.

             Cookbook Trace:
             ---------------
             /tmp/kitchen/cache/cookbooks/user/providers/account.rb:193:in `authorized_keys_resource'
             /tmp/kitchen/cache/cookbooks/user/providers/account.rb:44:in `block in class_from_file'

             Resource Declaration:
             ---------------------
             # In /tmp/kitchen/cache/cookbooks/user/providers/account.rb

             181:     r = template "#{@my_home}/.ssh/authorized_keys" do
             182:       cookbook    'user'
             183:       source      'authorized_keys.erb'
             184:       owner       new_resource.username
             185:       group       resource_gid
             186:       mode        '0600'
             187:       variables   :user     => new_resource.username,
             188:         :ssh_keys => ssh_keys,
             189:         :fqdn     => node['fqdn']
             190:       action      :nothing
             191:     end
             192:

             Compiled Resource:
             ------------------
             # Declared in /tmp/kitchen/cache/cookbooks/user/providers/account.rb:181:in `authorized_keys_resource'

             template("/opt/hoth/hsolo/.ssh/authorized_keys") do
        action [:nothing]
        retries 0
        retry_delay 2
        default_guard_interpreter :default
        path "/opt/hoth/hsolo/.ssh/authorized_keys"
        backup 5
        atomic_update true
        source "authorized_keys.erb"
        cookbook "user"
        variables {:user=>"hsolo", :ssh_keys=>["key111...", "key222..."], :fqdn=>"lwrp-ubuntu-1604"}
        declared_type :template
        cookbook_name "user_test"
        owner "hsolo"
        group 1000
        mode "0600"
             end

           ================================================================================
           Error executing action `create` on resource 'user_account[hsolo]'
           ================================================================================

           Chef::Exceptions::EnclosingDirectoryDoesNotExist
           ------------------------------------------------
           template[/opt/hoth/hsolo/.ssh/authorized_keys] (/tmp/kitchen/cache/cookbooks/user/providers/account.rb line 181) had an error: Chef::Exceptions::EnclosingDirectoryDoesNotExist: Parent directory /opt/hoth/hsolo/.ssh does not exist.

           Cookbook Trace:
           ---------------
           /tmp/kitchen/cache/cookbooks/user/providers/account.rb:193:in `authorized_keys_resource'
           /tmp/kitchen/cache/cookbooks/user/providers/account.rb:44:in `block in class_from_file'

           Resource Declaration:
           ---------------------
           # In /tmp/kitchen/cache/cookbooks/user_test/recipes/lwrp.rb

             3: user_account 'hsolo' do
             4:   comment   'Han Solo'
             5:   ssh_keys  ['key111...', 'key222...']
             6:   home      '/opt/hoth/hsolo'
             7: end
             8:

           Compiled Resource:
           ------------------
           # Declared in /tmp/kitchen/cache/cookbooks/user_test/recipes/lwrp.rb:3:in `from_file'

           user_account("hsolo") do
             action :create
             updated true
             updated_by_last_action true
             retries 0
             retry_delay 2
             default_guard_interpreter :default
             declared_type :user_account
             cookbook_name "user_test"
             recipe_name "lwrp"
             comment "Han Solo"
             ssh_keys ["key111...", "key222..."]
             home "/opt/hoth/hsolo"
             username "hsolo"
           end

[theckman]

Okay. I think I figured out why the above converge failed. There's a bit of a logic issue with this unless statement: https://github.com/chasebolt/chef-user/blob/c475c40025d2b9b5ed91e8afabf6b9e0aa843989/providers/account.rb#L43

Specifically, if !ssh_keys.empty? && ssh_keygen == true that line will not be executed causing the $HOME/.ssh directory to not be created. It might be more clear / correct to have the logic read as:

if @ssh_keygen || !new_resource.ssh_keys.empty?

[chasebolt]

ahh good catch. thanks!

[theckman]

       chef-user-test::default
         User "lando"
           should exist
         User "darth.vader"
           should exist
         User "askywalker"
           should exist
         User "leia"
           should exist
         User "obiwan"
           should not exist
         User "darth.vader"
           should have uid "4042"
         User "askywalker"
           should have uid "4042"
         User "hsolo"
           should have home directory "/opt/hoth/hsolo"
         File "/opt/hoth/hsolo/.ssh"
           should be directory
         File "/opt/hoth/hsolo/.ssh/authorized_keys"
           content
             should match /key111\.\.\./
           content
             should match /key222\.\.\./
         User "leia"
           should have home directory "/home/leia"
         File "/home/leia/.ssh"
           should be directory
         File "/home/leia/.ssh/id_dsa"
           content
             should match /bogus/

       Finished in 0.18987 seconds (files took 0.38277 seconds to load)
       14 examples, 0 failures

       Finished verifying <lwrp-ubuntu-1604> (0m7.41s).

[theckman]

@chasebolt thank you so much for this contribution as well as being so responsive during the review. 👍

[chasebolt]

np thanks for taking the PR 🥇

[theckman]

@chasebolt Of course! So you know, v0.7.0 is out on the Supermarket and includes your enhancements!

[EugenMayer]

great stuff @theckman , thank you for your effort!