Open Dr-Irv opened 2 years ago
Some additional information to replicate:
I took the project https://github.com/googleapis/java-logging-logback/issues
I changed the file samples/snippets/pom.xml
so I could run it from the command line using the following pom.xml
:
Then did
cd samples
mvn package
cd snippets/target
java -cp lib/ -jar logging-logback-snippets-1.2.0.jar
Then got the following:
SLF4J: A number (99) of logging calls during the initialization phase have been intercepted and are
SLF4J: now being replayed. These are subject to the filtering rules of the underlying logging system.
SLF4J: See also http://www.slf4j.org/codes.html#replay
ERROR: onFailure exception: com.google.cloud.logging.LoggingException: io.grpc.StatusRuntimeException: PERMISSION_DENIED: The caller does not have permission
ERROR: onFailure exception: com.google.cloud.logging.LoggingException: io.grpc.StatusRuntimeException: PERMISSION_DENIED: The caller does not have permission
In the same directory (snippets/target
), ran this python program:
# Imports the Cloud Logging client library
import google.cloud.logging
from google.cloud.logging.handlers import CloudLoggingHandler, setup_logging
# # Instantiates a client
client = google.cloud.logging.Client()
google_handler = CloudLoggingHandler(client)
# Retrieves a Cloud Logging handler based on the environment
# you're running in and integrates the handler with the
# Python logging module. By default this captures all logs
# at INFO level and higher
client.setup_logging()
# Imports Python standard library logging
import logging
logger = logging.getLogger(__name__)
# The data to log
text = "This is a test"
# Emits the data using the standard logging module
It had output that went to the google cloud logging with no problem:
Program shutting down, attempting to send 1 queued log entries to Cloud Logging...
Waiting up to 5 seconds.
Sent all pending logs.
Waiting up to 5 seconds.
Sent all pending logs.
So I know that my permissions are correct - it works with python. Something is wrong with the Java library.
Thinking about this overnight, you would need to test this with a service account that only has the LogWriter permission. It may also be the case that my work account that I'm using does not have that permission, so maybe the Java code is mixing up what I personally am allowed to do (not write a log) versus what the service account is allowed to do.
@Dr-Irv , thanks a lot for filing this issue and sorry it took a while to get ti it. Can you please confirm that you use project which has appropriate permissions?
@Dr-Irv , thanks a lot for filing this issue and sorry it took a while to get ti it. Can you please confirm that you use project which has appropriate permissions?
I've moved on to other things, and project permissions were changed by administrators since then.
The bottom line is if you follow the instructions in my comment above at https://github.com/googleapis/java-logging/issues/986#issuecomment-1172826315 and create a service account with LogWriter
permissions, the Java code doesn't work, and the python code does work.
Hi @Dr-Irv , are you still running into this issue? If so, do you mind sharing some details with a latest repro?
Hi @Dr-Irv , are you still running into this issue? If so, do you mind sharing some details with a latest repro?
As mentioned here, , I have moved on to other things, and we found some workaround at some point by changing permissions, so it's no longer an issue for me, but I would bet the bug still exists.
Thanks. I will try to get a repro from https://github.com/googleapis/java-logging/issues/986#issuecomment-1172826315 and investigate from there.
I am getting this message when using the Java client library:
I am using a service account that has the "Logs Writer" permission. I know it works because a simple python app successfully writes to the Google cloud logging project. I am using the
GOOGLE_APPLICATION_CREDENTIALS
environment variable to point to the JSON file that has the token.If I change the environment variable to point to a non-sensical filename, I get this message
This confirms that the Java library is reading the right file.
Why would things work in python and not work in Java with respect to permissions? How can I find out which permission it thinks I am missing?