Closed sst-yde closed 8 months ago
The debug output has significantly improved, but the LDAP log output doesn't contain a lot of useful information:
For example, the following excerpt from the output above doesn't show the actual request:
LDAP log output: Modify Request: (Application, Constructed, 0x06) Len=406 "<nil>"
Maybe there's a way to output the actual LDIFs?
The LDIFs should be there for the actual changes. I've added them separately. The "LDAP log output" is just the debug output of the LDAP package piped through.
So are they only shown when the change already succeeded?
Currently, they are shown after the import, before adding it and after they've been read from the directory.
I'm thinking to also generate an output of the modification entries when updating an entry.
Current behaviour:
If you set
TF_LOG="DEBUG"
you can see more details during the deployment to debug your code. For the LDAP provider, the debug log level misses a lot of important information.Example logfile:
``` ... 2023-08-08T09:40:23.079Z [INFO] Starting apply for ldap_object.ldap_write ldap_object.ldap_write: Modifying... [id=uid=9999999,ou=example,o=example,c=net] 2023-08-08T09:40:23.080Z [DEBUG] ldap_object.ldap_write: applying the planned Update change 2023-08-08T09:40:23.082Z [DEBUG] provider.terraform-provider-ldap_v0.3.0: Calling provider defined Resource Configure: @module=sdk.framework tf_rpc=ApplyResourceChange @caller=github.com/hashicorp/terraform-plugin-framework@v1.3.1/internal/fwserver/server_updateresource.go:55 tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=352c1dff-c49a-19df-52b7-b92f459832ac tf_resource_type=ldap_object timestamp=2023-08-08T09:40:23.082Z 2023-08-08T09:40:23.082Z [DEBUG] provider.terraform-provider-ldap_v0.3.0: Called provider defined Resource Configure: tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=352c1dff-c49a-19df-52b7-b92f459832ac @caller=github.com/hashicorp/terraform-plugin-framework@v1.3.1/internal/fwserver/server_updateresource.go:57 @module=sdk.framework tf_resource_type=ldap_object tf_rpc=ApplyResourceChange timestamp=2023-08-08T09:40:23.082Z 2023-08-08T09:40:23.082Z [DEBUG] provider.terraform-provider-ldap_v0.3.0: Calling provider defined Resource Update: @caller=github.com/hashicorp/terraform-plugin-framework@v1.3.1/internal/fwserver/server_updateresource.go:121 tf_resource_type=ldap_object @module=sdk.framework tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=352c1dff-c49a-19df-52b7-b92f459832ac tf_rpc=ApplyResourceChange timestamp=2023-08-08T09:40:23.082Z 2023-08-08T09:40:23.087Z [DEBUG] provider.terraform-provider-ldap_v0.3.0: Called provider defined Resource Update: tf_provider_addr=registry.terraform.io/dodevops/ldap tf_resource_type=ldap_object tf_rpc=ApplyResourceChange @module=sdk.framework @caller=github.com/hashicorp/terraform-plugin-framework@v1.3.1/internal/fwserver/server_updateresource.go:123 tf_req_id=352c1dff-c49a-19df-52b7-b92f459832ac timestamp=2023-08-08T09:40:23.086Z 2023-08-08T09:40:23.087Z [ERROR] provider.terraform-provider-ldap_v0.3.0: Response contains error diagnostic: tf_rpc=ApplyResourceChange diagnostic_summary="Can not modify entry" tf_proto_version=6.3 @caller=github.com/hashicorp/terraform-plugin-go@v0.16.0/tfprotov6/internal/diag/diagnostics.go:58 @module=sdk.proto diagnostic_detail="LDAP server reported: LDAP Result Code 50 "Insufficient Access Rights": " diagnostic_severity=ERROR tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=352c1dff-c49a-19df-52b7-b92f459832ac tf_resource_type=ldap_object timestamp=2023-08-08T09:40:23.087Z 2023-08-08T09:40:23.088Z [DEBUG] State storage *remote.State declined to persist a state snapshot 2023-08-08T09:40:23.088Z [ERROR] vertex "ldap_object.ldap_write" error: Can not modify entry 2023-08-08T09:40:23.088Z [DEBUG] states/remote: state read serial is: 6; serial is: 6 2023-08-08T09:40:23.088Z [DEBUG] states/remote: state read lineage is: 6cecbd08-dfde-8740-7385-4a1970ac35c3; lineage is: 6cecbd08-dfde-8740-7385-4a1970ac35c3 ╷ │ Error: Can not modify entry │ │ with ldap_object.ldap_write, │ on main.tf line 22, in resource "ldap_object" "ldap_write": │ 22: resource "ldap_object" "ldap_write" { │ │ LDAP server reported: LDAP Result Code 50 "Insufficient Access Rights": ╵ 2023-08-08T09:40:23.090Z [DEBUG] DELETE ***REDACTED LOCKFILE*** 2023-08-08T09:40:23.457Z [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF" 2023-08-08T09:40:23.459Z [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/dodevops/ldap/0.3.0/linux_amd64/terraform-provider-ldap_v0.3.0 pid=69 2023-08-08T09:40:23.460Z [DEBUG] provider: plugin exited ```Proposed change:
The provider should print additional information on the DEBUG level, for example:
Some of them could just be forwarded from the LDAP library.