flux-iac/tofu-controller

Unable to Increase Log Level for Runners

TarasLykhenko opened this issue · 1 comments

TarasLykhenko commented

Description

Currently, there is no way to increase the log level of the runner, or I am not aware of how to do it. When setting the TF_LOG=trace environment variable, the following error occurs:

setting env for Terraform: rpc error: code = Unknown desc = manual setting of env var "TF_LOG" detected.

Expected Behavior

There should be a way to set the log level of the runner.

Terraform-exec supports setting the log level, as seen in the source code.

Why This is Needed

These logs are useful when troubleshooting issues or when providing detailed information to support for assistance.

Steps to Reproduce

  • Attempt to set TF_LOG=trace environment variable.

  • Observe the error message: setting env for Terraform: rpc error: code = Unknown desc = manual setting of env var "TF_LOG" detected.

Environment

Runner version: v0.16.0-rc.4
Terraform version: v1.5.7

Related issues:

#393

dgem commented

Hi @TarasLykhenko,
as a random traveller, I found your comment and the link to the closed issue (on Nov 2, 2023) along with the comment:

Closing to take this off the radar for now. We do still care about having visibility into the terraform logs, so it may be dealt with elsewhere.

I'm not sure, being a random traveller, if https://github.com/flux-iac/tofu-controller?tab=readme-ov-file#q2-2024 is accurate / up to date. It seems to probably necessitate the ability to set a TF_LOG level (and perhaps other TF_ prefixed vars) to the runner (eg. output to file).

I wonder if a regex filter on the permitted "TF_" env vars might be a useful feature, the regex could be configured in the via the controller's dd with "if not set be as you were" as a ff.

There haven't been any comments since 5th July, is this still a concern or did you "give up and move on" (genuine question) or hopefully "spotted the bug in my TF code, so didn't need to set the TF_LOG level" ?

I did do a quick grep on the main branch for TF_LOG. There were only references to disabling TF logs and enable sensitive logs. Based on that, looks like an issue (in main at least) that hasn't been addressed.

lmk, got no idea what the effort involved would be, or if it's possible ... do you ?

wdyt of my suggestion?

thanks & hope to hear back