search

hashicorp / terraform

Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
https://www.terraform.io/
Other
42.71k stars 9.55k forks source link

When backend misconfigured, -reconfigure command should offer more helpful information #26067

Open jsoref opened 4 years ago

jsoref commented 4 years ago

Terraform Version

Terraform version: 0.12.26
Go runtime version: go1.13.12

Terraform Configuration Files

declare -x TF_FORK="0"
declare -x TF_LOG="TRACE"

Debug Output

... this is the bug

Crash Output

Expected Behavior

per https://github.com/hashicorp/terraform/issues/23532#issuecomment-583134575:

One issue we found is that Terraform does not log anything to its log file when this happens (i.e. if TF_LOG and TF_LOG_PATH environment variables are set). The error is output to the console but not recorded in the log, and crucially it does not log the name of the bucket it is trying to use - which would obviously be very useful in identifying that an invalid name was being used. Nothing is logged for this error even when TF_LOG=TRACE.

Actual Behavior

o:
Successfully configured the backend "gcs"! Terraform will automatically
use this backend unless the backend configuration changes.
e:
Error: Failed to get existing workspaces: querying Cloud Storage failed: googleapi: Error 403: terraform@something.iam.gserviceaccount.com does not have storage.objects.list access to the Google Cloud Storage bucket., forbidden

Steps to Reproduce

  1. Have a terraforms state in a gcs bucket
  2. Have some stuff designed to use that
  3. somehow have them not quite right
  4. terraform init -reconfigure

Additional Context

References

pselle commented 4 years ago

Hi @jsoref, I'm unclear what you are reporting here -- are you linking to the closed issue requesting it be reopened? Or are you reporting that -reconfigure did not help you in reconfiguring your backend? More details would be helpful for us to recreate this issue:

Thanks!

jsoref commented 4 years ago

I don't have a testcase handy, maybe this issue is to the wrong repository, but, it's clearly a problem. I appreciate that you want a testcase, I don't have one.

I'm not asking the closed issue be reopened, the original issue is about S3, the comment was about GCS.

I'm asking that someone make sure that -reconfigure offer enough information to help someone figure out what's wrong and fix it. It's clear that this is not the case today.

jsoref commented 4 years ago

Seriously: If I (and everyone else) knew what was wrong, we wouldn't be filing issues saying that the tool's output is unhelpful. Because it would be giving us enough information that we could fix things ourselves...

pselle commented 4 years ago

@jsoref I'm reading your comment as "-reconfigure should provide more helpful output" is that correct? If so, I'll mark this as an enhancement request, rather than a bug in existing behavior.

jsoref commented 4 years ago

Sure