search

dodevops / terraform-provider-ldap

Terraform provider to manage an LDAP directory
https://registry.terraform.io/providers/dodevops/ldap/latest
MIT License
3 stars 3 forks source link

Show LDIF, request and response in DEBUG output #38

Closed sst-yde closed 8 months ago

sst-yde commented 1 year ago

Current behaviour:

If you set TF_LOG="DEBUG" you can see more details during the deployment to debug your code. For the LDAP provider, the debug log level misses a lot of important information.

Example logfile: ``` ... 2023-08-08T09:40:23.079Z [INFO] Starting apply for ldap_object.ldap_write ldap_object.ldap_write: Modifying... [id=uid=9999999,ou=example,o=example,c=net] 2023-08-08T09:40:23.080Z [DEBUG] ldap_object.ldap_write: applying the planned Update change 2023-08-08T09:40:23.082Z [DEBUG] provider.terraform-provider-ldap_v0.3.0: Calling provider defined Resource Configure: @module=sdk.framework tf_rpc=ApplyResourceChange @caller=github.com/hashicorp/terraform-plugin-framework@v1.3.1/internal/fwserver/server_updateresource.go:55 tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=352c1dff-c49a-19df-52b7-b92f459832ac tf_resource_type=ldap_object timestamp=2023-08-08T09:40:23.082Z 2023-08-08T09:40:23.082Z [DEBUG] provider.terraform-provider-ldap_v0.3.0: Called provider defined Resource Configure: tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=352c1dff-c49a-19df-52b7-b92f459832ac @caller=github.com/hashicorp/terraform-plugin-framework@v1.3.1/internal/fwserver/server_updateresource.go:57 @module=sdk.framework tf_resource_type=ldap_object tf_rpc=ApplyResourceChange timestamp=2023-08-08T09:40:23.082Z 2023-08-08T09:40:23.082Z [DEBUG] provider.terraform-provider-ldap_v0.3.0: Calling provider defined Resource Update: @caller=github.com/hashicorp/terraform-plugin-framework@v1.3.1/internal/fwserver/server_updateresource.go:121 tf_resource_type=ldap_object @module=sdk.framework tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=352c1dff-c49a-19df-52b7-b92f459832ac tf_rpc=ApplyResourceChange timestamp=2023-08-08T09:40:23.082Z 2023-08-08T09:40:23.087Z [DEBUG] provider.terraform-provider-ldap_v0.3.0: Called provider defined Resource Update: tf_provider_addr=registry.terraform.io/dodevops/ldap tf_resource_type=ldap_object tf_rpc=ApplyResourceChange @module=sdk.framework @caller=github.com/hashicorp/terraform-plugin-framework@v1.3.1/internal/fwserver/server_updateresource.go:123 tf_req_id=352c1dff-c49a-19df-52b7-b92f459832ac timestamp=2023-08-08T09:40:23.086Z 2023-08-08T09:40:23.087Z [ERROR] provider.terraform-provider-ldap_v0.3.0: Response contains error diagnostic: tf_rpc=ApplyResourceChange diagnostic_summary="Can not modify entry" tf_proto_version=6.3 @caller=github.com/hashicorp/terraform-plugin-go@v0.16.0/tfprotov6/internal/diag/diagnostics.go:58 @module=sdk.proto diagnostic_detail="LDAP server reported: LDAP Result Code 50 "Insufficient Access Rights": " diagnostic_severity=ERROR tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=352c1dff-c49a-19df-52b7-b92f459832ac tf_resource_type=ldap_object timestamp=2023-08-08T09:40:23.087Z 2023-08-08T09:40:23.088Z [DEBUG] State storage *remote.State declined to persist a state snapshot 2023-08-08T09:40:23.088Z [ERROR] vertex "ldap_object.ldap_write" error: Can not modify entry 2023-08-08T09:40:23.088Z [DEBUG] states/remote: state read serial is: 6; serial is: 6 2023-08-08T09:40:23.088Z [DEBUG] states/remote: state read lineage is: 6cecbd08-dfde-8740-7385-4a1970ac35c3; lineage is: 6cecbd08-dfde-8740-7385-4a1970ac35c3 ╷ │ Error: Can not modify entry │ │ with ldap_object.ldap_write, │ on main.tf line 22, in resource "ldap_object" "ldap_write": │ 22: resource "ldap_object" "ldap_write" { │ │ LDAP server reported: LDAP Result Code 50 "Insufficient Access Rights": ╵ 2023-08-08T09:40:23.090Z [DEBUG] DELETE ***REDACTED LOCKFILE*** 2023-08-08T09:40:23.457Z [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF" 2023-08-08T09:40:23.459Z [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/dodevops/ldap/0.3.0/linux_amd64/terraform-provider-ldap_v0.3.0 pid=69 2023-08-08T09:40:23.460Z [DEBUG] provider: plugin exited ```

Proposed change:

The provider should print additional information on the DEBUG level, for example:

Some of them could just be forwarded from the LDAP library.

sst-yde commented 1 year ago

The debug output has significantly improved, but the LDAP log output doesn't contain a lot of useful information:

Output example: ``` 2023-08-22T13:54:41.428Z [DEBUG] provider.terraform-provider-ldap_0.4.0-alpha: LDAP log output: LDAP Request: (Universal, Constructed, Sequence and Sequence of) Len=413 "" : @caller=/go/internal/provider/logger_adapter.go:16 @module=ldap tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=4e56e1b4-39d1-ffb3-4404-c5bee079cec0 tf_rpc=ConfigureProvider timestamp=2023-08-22T13:54:41.428Z 2023-08-22T13:54:41.428Z [DEBUG] provider.terraform-provider-ldap_0.4.0-alpha: LDAP log output: MessageID: (Universal, Primitive, Integer) Len=1 "2" : @module=ldap tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=4e56e1b4-39d1-ffb3-4404-c5bee079cec0 tf_rpc=ConfigureProvider @caller=/go/internal/provider/logger_adapter.go:16 timestamp=2023-08-22T13:54:41.428Z 2023-08-22T13:54:41.429Z [DEBUG] provider.terraform-provider-ldap_0.4.0-alpha: LDAP log output: Modify Request: (Application, Constructed, 0x06) Len=406 "" : @module=ldap tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=4e56e1b4-39d1-ffb3-4404-c5bee079cec0 tf_rpc=ConfigureProvider @caller=/go/internal/provider/logger_adapter.go:16 timestamp=2023-08-22T13:54:41.428Z 2023-08-22T13:54:41.429Z [DEBUG] provider.terraform-provider-ldap_0.4.0-alpha: LDAP log output: DN: (Universal, Primitive, Octet String) Len=69 "uid=5000000,ou=domains,ou=openstack,ou=services,o=stepping-stone,c=ch" : tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=4e56e1b4-39d1-ffb3-4404-c5bee079cec0 tf_rpc=ConfigureProvider @caller=/go/internal/provider/logger_adapter.go:16 @module=ldap timestamp=2023-08-22T13:54:41.428Z 2023-08-22T13:54:41.429Z [DEBUG] provider.terraform-provider-ldap_0.4.0-alpha: LDAP log output: Changes: (Universal, Constructed, Sequence and Sequence of) Len=331 "" : tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=4e56e1b4-39d1-ffb3-4404-c5bee079cec0 tf_rpc=ConfigureProvider @caller=/go/internal/provider/logger_adapter.go:16 @module=ldap timestamp=2023-08-22T13:54:41.428Z 2023-08-22T13:54:41.429Z [DEBUG] provider.terraform-provider-ldap_0.4.0-alpha: LDAP log output: Change: (Universal, Constructed, Sequence and Sequence of) Len=29 "" : tf_req_id=4e56e1b4-39d1-ffb3-4404-c5bee079cec0 tf_rpc=ConfigureProvider @caller=/go/internal/provider/logger_adapter.go:16 @module=ldap tf_provider_addr=registry.terraform.io/dodevops/ldap timestamp=2023-08-22T13:54:41.429Z 2023-08-22T13:54:41.429Z [DEBUG] provider.terraform-provider-ldap_0.4.0-alpha: LDAP log output: Operation: (Universal, Primitive, Enumerated) Len=1 "1" : @module=ldap tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=4e56e1b4-39d1-ffb3-4404-c5bee079cec0 tf_rpc=ConfigureProvider @caller=/go/internal/provider/logger_adapter.go:16 timestamp=2023-08-22T13:54:41.429Z 2023-08-22T13:54:41.429Z [DEBUG] provider.terraform-provider-ldap_0.4.0-alpha: LDAP log output: PartialAttribute: (Universal, Constructed, Sequence and Sequence of) Len=24 "" : @module=ldap tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=4e56e1b4-39d1-ffb3-4404-c5bee079cec0 tf_rpc=ConfigureProvider @caller=/go/internal/provider/logger_adapter.go:16 timestamp=2023-08-22T13:54:41.429Z 2023-08-22T13:54:41.429Z [DEBUG] provider.terraform-provider-ldap_0.4.0-alpha: LDAP log output: Type: (Universal, Primitive, Octet String) Len=20 "sstProvisioningState" : tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=4e56e1b4-39d1-ffb3-4404-c5bee079cec0 tf_rpc=ConfigureProvider @caller=/go/internal/provider/logger_adapter.go:16 @module=ldap timestamp=2023-08-22T13:54:41.429Z 2023-08-22T13:54:41.429Z [DEBUG] provider.terraform-provider-ldap_0.4.0-alpha: LDAP log output: AttributeValue: (Universal, Constructed, Set and Set OF) Len=0 "" : tf_req_id=4e56e1b4-39d1-ffb3-4404-c5bee079cec0 tf_rpc=ConfigureProvider @caller=/go/internal/provider/logger_adapter.go:16 @module=ldap tf_provider_addr=registry.terraform.io/dodevops/ldap timestamp=2023-08-22T13:54:41.429Z 2023-08-22T13:54:41.429Z [DEBUG] provider.terraform-provider-ldap_0.4.0-alpha: LDAP log output: Change: (Universal, Constructed, Sequence and Sequence of) Len=32 "" : tf_rpc=ConfigureProvider @caller=/go/internal/provider/logger_adapter.go:16 @module=ldap tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=4e56e1b4-39d1-ffb3-4404-c5bee079cec0 timestamp=2023-08-22T13:54:41.429Z 2023-08-22T13:54:41.429Z [DEBUG] provider.terraform-provider-ldap_0.4.0-alpha: LDAP log output: Operation: (Universal, Primitive, Enumerated) Len=1 "1" : tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=4e56e1b4-39d1-ffb3-4404-c5bee079cec0 tf_rpc=ConfigureProvider @caller=/go/internal/provider/logger_adapter.go:16 @module=ldap timestamp=2023-08-22T13:54:41.429Z 2023-08-22T13:54:41.429Z [DEBUG] provider.terraform-provider-ldap_0.4.0-alpha: LDAP log output: PartialAttribute: (Universal, Constructed, Sequence and Sequence of) Len=27 "" : tf_rpc=ConfigureProvider @caller=/go/internal/provider/logger_adapter.go:16 @module=ldap tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=4e56e1b4-39d1-ffb3-4404-c5bee079cec0 timestamp=2023-08-22T13:54:41.429Z 2023-08-22T13:54:41.429Z [DEBUG] provider.terraform-provider-ldap_0.4.0-alpha: LDAP log output: Type: (Universal, Primitive, Octet String) Len=23 "sstBelongsToResellerUID" : tf_rpc=ConfigureProvider @caller=/go/internal/provider/logger_adapter.go:16 @module=ldap tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=4e56e1b4-39d1-ffb3-4404-c5bee079cec0 timestamp=2023-08-22T13:54:41.429Z 2023-08-22T13:54:41.429Z [DEBUG] provider.terraform-provider-ldap_0.4.0-alpha: LDAP log output: AttributeValue: (Universal, Constructed, Set and Set OF) Len=0 "" : tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=4e56e1b4-39d1-ffb3-4404-c5bee079cec0 tf_rpc=ConfigureProvider @caller=/go/internal/provider/logger_adapter.go:16 @module=ldap timestamp=2023-08-22T13:54:41.429Z 2023-08-22T13:54:41.429Z [DEBUG] provider.terraform-provider-ldap_0.4.0-alpha: LDAP log output: Change: (Universal, Constructed, Sequence and Sequence of) Len=20 "" : tf_provider_addr=registry.terraform.io/dodevops/ldap tf_req_id=4e56e1b4-39d1-ffb3-4404-c5bee079cec0 tf_rpc=ConfigureProvider @caller=/go/internal/provider/logger_adapter.go:16 @module=ldap timestamp=2023-08-22T13:54:41.429Z 2023-08-22T13:54:41.429Z [DEBUG] provider.terraform-provider-ldap_0.4.0-alpha: LDAP log output: Operation: (Universal, Primitive, Enumerated) Len=1 "1" ```

For example, the following excerpt from the output above doesn't show the actual request:

LDAP log output:  Modify Request: (Application, Constructed, 0x06) Len=406 "<nil>"

Maybe there's a way to output the actual LDIFs?

dploeger commented 1 year ago

The LDIFs should be there for the actual changes. I've added them separately. The "LDAP log output" is just the debug output of the LDAP package piped through.

x4e-jonas commented 1 year ago

So are they only shown when the change already succeeded?

dploeger commented 8 months ago

Currently, they are shown after the import, before adding it and after they've been read from the directory.

I'm thinking to also generate an output of the modification entries when updating an entry.