When LDAP group is deleted script stops

[jsiegers]

So I have this scenario. I've had a LDAP group with users in them. ldap-sync will create these users and group. Then I've deleted those users and the group from LDAP. When ldap-sync runs it will mark those users as external and will try to remove every user from the group. This is not possible since Gitlab needs at least one user to be owner of the group. The script however will stop when running into this. I get this error:

[notice] Deleting extra group members...
[info] Deleting user #2 "some-user-name" from group #32 "some-group-name" [some-group-name].
[error] Gitlab failure: 403 Forbidden

I understand that this is not possible but what I expect is that the script reports the error but continues with the rest.

Another question is: if I have deleteExtraGroups set to true. Will this also delete gitlab groups with the same names in groupNamesToIgnore?

[Adambean]

That sounds like a problem with Gitlab or its API. Perhaps this can be worked around by transferring the group owner to the root user if there's only 1 member left prior to removing that member from it. (Otherwise the group would have to be deleted when attempting to delete the last member.)

deleteExtraGroups will not cause groups in groupNamesToIgnore to be deleted. This is checked on line 1338:

if ($this->in_array_i($gitlabGroupName, $config["gitlab"]["options"]["groupNamesToIgnore"])) {
    $this->logger->info(sprintf("Group \"%s\" in ignore list.", $gitlabGroupName));
    continue;
}