search

hashicorp / terraform-provider-google

Terraform Provider for Google Cloud Platform
https://registry.terraform.io/providers/hashicorp/google/latest/docs
Mozilla Public License 2.0
2.29k stars 1.72k forks source link

log_config can't be disabled #6260

Open awasilyev opened 4 years ago

awasilyev commented 4 years ago

Affected Resource(s)

(based on https://github.com/terraform-google-modules/terraform-google-lb-http/issues/92)

I'm tryng to create a load balancer and set:

log_config { enable = false sample_rate = null } The configuration doesn't work correctly as it is always set to enable->true sample_rate->1

I can see this in the logs

2020-03-18T12:45:50.787+0100 [DEBUG] plugin.terraform-provider-google-beta_v3.13.0_x5: }, 2020-03-18T12:45:50.787+0100 [DEBUG] plugin.terraform-provider-google-beta_v3.13.0_x5: "logConfig": { 2020-03-18T12:45:50.787+0100 [DEBUG] plugin.terraform-provider-google-beta_v3.13.0_x5: "enable": true, 2020-03-18T12:45:50.787+0100 [DEBUG] plugin.terraform-provider-google-beta_v3.13.0_x5: "sampleRate": 1 2020-03-18T12:45:50.787+0100 [DEBUG] plugin.terraform-provider-google-beta_v3.13.0_x5: }, 2020/03/18 12:45:50 [WARN] Provider "registry.terraform.io/-/google-beta" produced an unexpected new value for module.app_lb.google_compute_backend_service.default["default"], but we are tolerating it because it is using the legacy plugin SDK. The following problems may be the cause of any confusing errors from downstream operations:

same results with 3.18.0 and 4.xx

venkykuberan commented 4 years ago

Can your share your config or full debug log to see what's going on ?

joscabmar commented 4 years ago

I am having the same issue. I always get suggested changes like:

      + log_config {
          + enable      = false
          + sample_rate = 0
        }

or:

      + log_config {}

In my TF code I used:

      log_config = {
        enable      = false
        sample_rate = 0
      }
stolendog commented 4 years ago

the same here, I cannot disable logging on existing google_compute_backend_service

artazar commented 4 years ago

Don't want to file a new issue, as the cause seems to be the same. Provider version 3.38.0. When I have log_config section as follows:

log_config
  enable      = false
  sample_rate = null
}

for backend_service resource and

logging             = false

for health checks, terraform always suggests adding these to resources, while it finds it empty querying API:

  # module.global-loadbalancer.google_compute_health_check.default["sb2integration"] will be updated in-place
  ~ resource "google_compute_health_check" "default" {
        check_interval_sec  = 5
        ...
        http_health_check {
            port         = 8080
            proxy_header = "NONE"
            request_path = "/hc"
        }

      + log_config {
          + enable = false
        }
    }

and inside terraform provider log:

2020-09-15T10:37:53.323+0700 [DEBUG] plugin.terraform-provider-google-beta_v3.38.0_x5: {
2020-09-15T10:37:53.323+0700 [DEBUG] plugin.terraform-provider-google-beta_v3.38.0_x5:   "id": "6970670192020790769",
2020-09-15T10:37:53.323+0700 [DEBUG] plugin.terraform-provider-google-beta_v3.38.0_x5:   "creationTimestamp": "2020-09-14T19:12:46.246-07:00",
2020-09-15T10:37:53.323+0700 [DEBUG] plugin.terraform-provider-google-beta_v3.38.0_x5:   "name": "global-loadbalancer-hc-sb2integration",
2020-09-15T10:37:53.324+0700 [DEBUG] plugin.terraform-provider-google-beta_v3.38.0_x5:   "checkIntervalSec": 5,
2020-09-15T10:37:53.324+0700 [DEBUG] plugin.terraform-provider-google-beta_v3.38.0_x5:   "timeoutSec": 5,
2020-09-15T10:37:53.324+0700 [DEBUG] plugin.terraform-provider-google-beta_v3.38.0_x5:   "unhealthyThreshold": 2,
2020-09-15T10:37:53.324+0700 [DEBUG] plugin.terraform-provider-google-beta_v3.38.0_x5:   "healthyThreshold": 2,
2020-09-15T10:37:53.324+0700 [DEBUG] plugin.terraform-provider-google-beta_v3.38.0_x5:   "type": "HTTP",
2020-09-15T10:37:53.324+0700 [DEBUG] plugin.terraform-provider-google-beta_v3.38.0_x5:   "httpHealthCheck": {
2020-09-15T10:37:53.324+0700 [DEBUG] plugin.terraform-provider-google-beta_v3.38.0_x5:     "port": 8080,
2020-09-15T10:37:53.324+0700 [DEBUG] plugin.terraform-provider-google-beta_v3.38.0_x5:     "requestPath": "/hc",
2020-09-15T10:37:53.324+0700 [DEBUG] plugin.terraform-provider-google-beta_v3.38.0_x5:     "proxyHeader": "NONE"
2020-09-15T10:37:53.324+0700 [DEBUG] plugin.terraform-provider-google-beta_v3.38.0_x5:   },
...
2020-09-15T10:37:53.324+0700 [DEBUG] plugin.terraform-provider-google-beta_v3.38.0_x5:   "logConfig": {},
2020-09-15T10:37:53.324+0700 [DEBUG] plugin.terraform-provider-google-beta_v3.38.0_x5:   "kind": "compute#healthCheck"
2020-09-15T10:37:53.324+0700 [DEBUG] plugin.terraform-provider-google-beta_v3.38.0_x5: }

we can see

"logConfig": {},

which is not treated well.

rantoniuk commented 3 years ago

Same problem with 3.43.0. I would even ask, why do I have to define logging in the first place instead of using the default values.

yegle commented 3 years ago

Still have the same problem with 3.51.0

diasjorge commented 3 years ago

Dear maintainers, any possibility to get this fixed, or at least some guidance where to try to fix it please?

Nicarim commented 2 years ago

Problem still persists. (lb-http/serverless_neg 6.1.0 here)

gabriuspa commented 2 years ago

Hey guys, I faced the same problem with the GCP module about firewall rules (source="terraform-google-modules/network/google//modules/firewall-rules") with the "log_config {}" property.

I SOLVED it simply putting it to null and, in my case, the firewall's rule logging was disabled (On GCP Dashboard, Logging is set to Off).

Put here the code for clarity:

module "firewall_rules" { source = "terraform-google-modules/network/google//modules/firewall-rules" project_id = var.gcp_project network_name = module.vpc.network_name

rules = [{ name = "terraform-allow-internal" description = null direction = "INGRESS" priority = 1000 ranges = ["10.0.0.0/24"]

source_tags             = null
source_service_accounts = null
target_tags             = null
target_service_accounts = null
allow = [{
  protocol = "all"
  ports    = []
}]
deny = []
log_config = null

#ATTENTION: to disable logging from here, "log_config" have to be null

}] }

Hoping this can help you

Nicarim commented 2 years ago

Module that I use (from terraform-google-modules) doesn't support setting it to null. (lb-http/serverless_neg 6.1.0 here)

franck-ornikar commented 1 year ago

Still have the same problem with 4.54.0

NickElliot commented 1 year ago

@franck-ornikar can you provide the details of your config? While there was a change since your comment it shouldn't have affected the core issue of being unable to disable log_config, which I have been unable to reproduce.