Regression in valid cloud-init "users" configuration

Thanks for reporting this, Candler. Could you please share your logs: https://cloudinit.readthedocs.io/en/latest/topics/bugs.html ?

cloud-init.tar.gz attached

My correction: this is 20.04 (not 22.04), with cloud-init 22.2-0ubuntu1~20.04.3

If I look at
/usr/lib/python3/dist-packages/cloudinit/config/schemas/schema-cloud-config-v1.json
on the system itself, I find:

        "groups": {
          "description": "Optional comma-separated string of groups to add the user to.",
          "type": "string"
        },

So I think the problem is that I was looking at current cloud-init source and documentation, rather than as they were in 2020.

Sorry for the noise :-(

Spoke too soon: I see the same with 22.04.

root@noc:/home/sysadm# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=22.04
DISTRIB_CODENAME=jammy
DISTRIB_DESCRIPTION="Ubuntu 22.04.1 LTS"
root@noc:/home/sysadm# cloud-init schema --system
Error:
Cloud config schema errors: users.0: {'name': 'sysadm', 'gecos': 'System Administrator', 'groups': ['adm', 'audio', 'cdrom', 'dialout', 'dip', 'floppy', 'lxd', 'netdev', 'plugdev', 'sudo', 'video'], 'lock_passwd': False, 'passwd': '$6$XqBb4pf3$rTN75u32r30VDbY252DwLLJ0rAuxIMvZceX02YFXK/WjAJ0FVjrUCQSkdPWA7nW0DoSNJrdu9w.PGOLbZmWlb/', 'shell': '/bin/bash'} is not valid under any of the given schemas

22.04 has cloud-init 22.2-0ubuntu1~22.04.3, and still has:

        "groups": {
          "description": "Optional comma-separated string of groups to add the user to.",
          "type": "string"
        },

in its schema. Looking in cloud-init git logs, the change to

        "groups": {
          "description": "Optional comma-separated string of groups to add the user to.",
          "oneOf": [
            {"type": "string"},
            {
              "type": "array",
              "items": {
                "type": ["string"]
              },
              "minItems": 1
            },
            {
              "type": "object", ... etc

was in commit ccea0d44 from Jul 11 2022, so this is a very recent change.

FWIW: I have been using this cloud-init config since 18.04; and whilst the schema validation errors are noisy, they don't actually stop it working.

Actually, even 18.04 now has 22.2-0ubuntu1~18.04.3 back-ported to it.

Therefore to summarize:
- the documentation is correct, in that a string or a list are both valid
- it does still work if groups is a list, so this is not a functional regression
- the schema validation error is spurious, but that problem has already been fixed in git
- hence in the next release of cloud-init the validation error should go away

Thank you for this triage work here Brian. You are correct in your summary above in comment #6:
- currently: any schema validation "failures" are treated as warnings in cloud-init and don't affect functionality
- this was a bug introduced when we added initial schema definitions for the user's module in https://github.com/canonical/cloud-init/commit/a63f45f7
- this bug was fixed in https://github.com/canonical/cloud-init/commit/ccea0d44
- It is already fixed in cloud-init package version 22.2-74 or later and exists currently in Ubuntu Kinetic 22.10 which has cloud-init version 22.3.

This issue exists in Bionic Focal and Jammy as an "invalid" warning and the warning no longer be issued on cloud-init's next stable update release which should be published by next week to Bionic, Focal and Jammy.

We will mark this bug as Fix Released once a fixed version of cloud-init publishes to 18.04, 20.04 and 22.04

This bug is believed to be fix released in cloud-init version 22.3. If it it still a problem, please re-open this bug.