Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: provider does not report API errors - even in debug logs #153

Closed
1 task done
xonev opened this issue Sep 12, 2024 · 1 comment · Fixed by #152
Closed
1 task done

[Bug]: provider does not report API errors - even in debug logs #153

xonev opened this issue Sep 12, 2024 · 1 comment · Fixed by #152
Labels
bug Something isn't working needs:triage

Comments

@xonev
Copy link

xonev commented Sep 12, 2024
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Affected Resource(s)

  • applications.azuread.upbound.io/v1beta1 - Application (for sure)
  • probably all resources

Resource MRs required to reproduce the bug

Just follow the example here: https://marketplace.upbound.io/providers/upbound/provider-azuread/v1.4.0

Steps to Reproduce

What happened?

The application was not created. Logs did not report any issues other than that it never reached Ready: true. No errors were reported.

Relevant Error Output Snippet

2024-09-12T20:46:37Z    DEBUG    provider-azuread    Observing the external resource    {"uid": "02799c4d-205f-4524-89d6-fe41edfeb163", "name": "example", "gvk": "applications.azuread.upbound.io/v1beta1, Kind=Application"}
2024-09-12T20:46:37Z    DEBUG    provider-azuread    Diff detected    {"uid": "02799c4d-205f-4524-89d6-fe41edfeb163", "name": "example", "gvk": "applications.azuread.upbound.io/v1beta1, Kind=Application", "instanceDiff": "*terraform.InstanceDiff{mu:sync.Mutex{state:0, sema:0x0}, Attributes:map[string]*terraform.ResourceAttrDiff{\"app_role_ids.%\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"application_id\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"client_id\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"disabled_by_microsoft\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"display_name\":*terraform.ResourceAttrDiff{Old:\"\", New:\"example\", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"feature_tags.#\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"logo_url\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"oauth2_permission_scope_ids.%\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"object_id\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"prevent_duplicate_names\":*terraform.ResourceAttrDiff{Old:\"\", New:\"false\", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"publisher_domain\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"sign_in_audience\":*terraform.ResourceAttrDiff{Old:\"\", New:\"AzureADMyOrg\", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"tags.#\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"template_id\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}}, Destroy:false, DestroyDeposed:false, DestroyTainted:false, RawConfig:cty.NilVal, RawState:cty.NilVal, RawPlan:cty.NilVal, Meta:map[string]interface {}(nil)}"}
2024-09-12T20:46:37Z    DEBUG    provider-azuread    Waiting for external resource existence to be confirmed    {"controller": "managed/applications.azuread.upbound.io/v1beta1, kind=application", "request": {"name":"example"}, "uid": "02799c4d-205f-4524-89d6-fe41edfeb163", "version": "3397677", "external-name": ""}
2024-09-12T20:46:41Z    DEBUG    provider-azuread    Calling the inner handler for Update event.    {"gvk": "applications.azuread.upbound.io/v1beta1, Kind=Application", "name": "example", "queueLength": 0}
2024-09-12T20:46:41Z    DEBUG    provider-azuread    Reconciling    {"controller": "managed/applications.azuread.upbound.io/v1beta1, kind=application", "request": {"name":"example"}}
2024-09-12T20:46:41Z    DEBUG    provider-azuread    Connecting to the service provider    {"uid": "02799c4d-205f-4524-89d6-fe41edfeb163", "name": "example", "gvk": "applications.azuread.upbound.io/v1beta1, Kind=Application"}
2024-09-12T20:46:41Z    DEBUG    provider-azuread    Instance state not found in cache, reconstructing...    {"uid": "02799c4d-205f-4524-89d6-fe41edfeb163", "name": "example", "gvk": "applications.azuread.upbound.io/v1beta1, Kind=Application"}
2024-09-12T20:46:41Z    DEBUG    provider-azuread    Observing the external resource    {"uid": "02799c4d-205f-4524-89d6-fe41edfeb163", "name": "example", "gvk": "applications.azuread.upbound.io/v1beta1, Kind=Application"}
2024-09-12T20:46:41Z    DEBUG    provider-azuread    Diff detected    {"uid": "02799c4d-205f-4524-89d6-fe41edfeb163", "name": "example", "gvk": "applications.azuread.upbound.io/v1beta1, Kind=Application", "instanceDiff": "*terraform.InstanceDiff{mu:sync.Mutex{state:0, sema:0x0}, Attributes:map[string]*terraform.ResourceAttrDiff{\"app_role_ids.%\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"application_id\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"client_id\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"disabled_by_microsoft\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"display_name\":*terraform.ResourceAttrDiff{Old:\"\", New:\"example\", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"feature_tags.#\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"logo_url\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"oauth2_permission_scope_ids.%\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"object_id\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"prevent_duplicate_names\":*terraform.ResourceAttrDiff{Old:\"\", New:\"false\", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"publisher_domain\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"sign_in_audience\":*terraform.ResourceAttrDiff{Old:\"\", New:\"AzureADMyOrg\", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"tags.#\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"template_id\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}}, Destroy:false, DestroyDeposed:false, DestroyTainted:false, RawConfig:cty.NilVal, RawState:cty.NilVal, RawPlan:cty.NilVal, Meta:map[string]interface {}(nil)}"}
2024-09-12T20:46:41Z    DEBUG    provider-azuread    Waiting for external resource existence to be confirmed    {"controller": "managed/applications.azuread.upbound.io/v1beta1, kind=application", "request": {"name":"example"}, "uid": "02799c4d-205f-4524-89d6-fe41edfeb163", "version": "3397763", "external-name": ""}
2024-09-12T20:46:45Z    DEBUG    provider-azuread    Reconciling    {"controller": "managed/applications.azuread.upbound.io/v1beta1, kind=application", "request": {"name":"example"}}
2024-09-12T20:46:45Z    DEBUG    provider-azuread    Connecting to the service provider    {"uid": "02799c4d-205f-4524-89d6-fe41edfeb163", "name": "example", "gvk": "applications.azuread.upbound.io/v1beta1, Kind=Application"}
2024-09-12T20:46:45Z    DEBUG    provider-azuread    Instance state not found in cache, reconstructing...    {"uid": "02799c4d-205f-4524-89d6-fe41edfeb163", "name": "example", "gvk": "applications.azuread.upbound.io/v1beta1, Kind=Application"}
2024-09-12T20:46:45Z    DEBUG    provider-azuread    Observing the external resource    {"uid": "02799c4d-205f-4524-89d6-fe41edfeb163", "name": "example", "gvk": "applications.azuread.upbound.io/v1beta1, Kind=Application"}
2024-09-12T20:46:45Z    DEBUG    provider-azuread    Diff detected    {"uid": "02799c4d-205f-4524-89d6-fe41edfeb163", "name": "example", "gvk": "applications.azuread.upbound.io/v1beta1, Kind=Application", "instanceDiff": "*terraform.InstanceDiff{mu:sync.Mutex{state:0, sema:0x0}, Attributes:map[string]*terraform.ResourceAttrDiff{\"app_role_ids.%\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"application_id\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"client_id\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"disabled_by_microsoft\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"display_name\":*terraform.ResourceAttrDiff{Old:\"\", New:\"example\", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"feature_tags.#\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"logo_url\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"oauth2_permission_scope_ids.%\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"object_id\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"prevent_duplicate_names\":*terraform.ResourceAttrDiff{Old:\"\", New:\"false\", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"publisher_domain\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"sign_in_audience\":*terraform.ResourceAttrDiff{Old:\"\", New:\"AzureADMyOrg\", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"tags.#\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"template_id\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}}, Destroy:false, DestroyDeposed:false, DestroyTainted:false, RawConfig:cty.NilVal, RawState:cty.NilVal, RawPlan:cty.NilVal, Meta:map[string]interface {}(nil)}"}
2024-09-12T20:46:45Z    DEBUG    provider-azuread    Waiting for external resource existence to be confirmed    {"controller": "managed/applications.azuread.upbound.io/v1beta1, kind=application", "request": {"name":"example"}, "uid": "02799c4d-205f-4524-89d6-fe41edfeb163", "version": "3397763", "external-name": ""}
2024-09-12T20:47:17Z    DEBUG    provider-azuread    Reconciling    {"controller": "managed/applications.azuread.upbound.io/v1beta1, kind=application", "request": {"name":"example"}}
2024-09-12T20:47:17Z    DEBUG    provider-azuread    Connecting to the service provider    {"uid": "02799c4d-205f-4524-89d6-fe41edfeb163", "name": "example", "gvk": "applications.azuread.upbound.io/v1beta1, Kind=Application"}
2024-09-12T20:47:17Z    DEBUG    provider-azuread    Instance state not found in cache, reconstructing...    {"uid": "02799c4d-205f-4524-89d6-fe41edfeb163", "name": "example", "gvk": "applications.azuread.upbound.io/v1beta1, Kind=Application"}

Crossplane Version

1.16.0

Provider Version

1.4.0

Kubernetes Version

Client Version: v1.27.11 Kustomize Version: v5.0.1 Server Version: v1.29.8-eks-a737599

Kubernetes Distribution

EKS

Additional Info

I also reported this in a discussion and on slack and got no help:
crossplane/crossplane#5959
https://crossplane.slack.com/archives/C05E4LDNNG5/p1726123612088749

I was able to figure out that the service principal doesn't actually have any API permissions. Once I added permissions to be able to create an application via the API, it worked. I was able to find out that was the problem by using the Microsoft Graph Python SDK to make the same type of request using the same service principal and I got a 403 error that was clearly reported.
@xonev xonev added bug Something isn't working needs:triage labels Sep 12, 2024
@stevendborrelli
Copy link

I think I am seeing this too. It's likely related to crossplane/upjet#435 in upjet.

@turkenf turkenf mentioned this issue Sep 13, 2024
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working needs:triage
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Bump upjet to the commit 3afbb77 turkenf/provider-azuread
2 participants
@xonev @stevendborrelli