Disabling a source results in an endless loop of 'corrective' changes

[slamble]

Describe the Bug

I am writing code to manage a licensed Chocolatey install for a customer that has their systems locked down and unable to access the general Internet. As a result, we want to disable the Chocolatey licensed source.

When I use the code:

chocolateysource {'chocolatey.licensed':
  ensure => disabled,
}

I get a constant stream of 'corrective' changes where Puppet tries to change the user for this source to the empty string, and its priority to 0 (originally 'customer' and 10, respectively). Obviously, these changes aren't persisting, so Puppet tries to do them every time, without success.

Adding the parameters:

  user     => 'customer',
  password => 'nopass',
  priority => 10,

within the chocolateysource code block results in the proper idempotent behaviour. (Which has then led to the security team questioning the plain text password in the code - though after I explained the reason, they were fine with it.)

Expected Behavior

Disabling a source should not result in a constant stream of corrective changes. (Note that I have not tried disabling any other source; the issue may be specific to the chocolatey.licensed source.)

Steps to Reproduce

See above.

Environment

• Puppet Labs chocolatey provider 5.2.1 (the problematic code appears to still be present in 6.2.0)
• PE version 2019.8.7
• Windows Server 2019
• Chocolatey version 1.1.0

Additional Context

Add any other context about the problem here.

[github-actions]

Hello! 👋

This issue has been open for a while and has had no recent activity. We've labelled it with attention-needed so that we can get a clear view of which issues need our attention.

If you are waiting on a response from us we will try and address your comments on a future Community Day.

Alternatively, if it is no longer relevant to you please close the issue with a comment.

[slamble]

Still waiting for a response, and/or somebody to request further information or work on the problem...

[LukasAud]

Hi @slamble, thanks for reporting this issue and sorry for the long delay in reply. We are aware of this error and have added it to our backlog. However, we don't any any estimates of when will we be able to address it. Our codebase, however, is open-source, so we always encourage our community members to participate and send us PRs that they think might improve our modules.

[slamble]

@LukasAud, I had a quick look at the code and I have a reasonable idea of where the problem is and how to address it. The problem I have is that I don't have an environment that I can test a fix on - the customer in question isn't going to let me test modified code in their production environment, even if I could get the code in there; and I don't have a licensed Chocolatey installation (which may or may not be necessary to reproduce the problem.)

As usual, time is the problem more than anything else. Raising the issue is as much about making sure it doesn't slip through the cracks as anything else. If I do have the opportunity and time, I'll see what I can do. I just can't make any promises, unfortunately.

[LukasAud]

Hey @slamble. We are happy enough to keep this issue open and visible as far as it keeps being a potential problem to our users.

[shaun-rutherford]

@slamble I'm running into this same issue and noticed if you set the source to disabled but also set the priority to 2 puppet stops trying to correct the source (the source continues to say disabled after this change).