Frequent 404s on "gsuite_group_member"
ryno75 opened this issue · comments
Occasionally I will get 404s when attempting to add a group member that is definitely a valid address in the gsuite domain. In fact... I may be able to add that address just fine to one group but it will fail on others in the same terraform run.
Here is a typical response:
2 errors occurred:
* gsuite_group_members.dev: 1 error occurred:
* gsuite_group_members.dev: [ERROR] Error updating memberships: [ERROR] Error updating groupMember: googleapi: Error 404: Resource Not Found: memberKey, notFound, dat.dude@example.com
* gsuite_group_members.staging: 1 error occurred:
* gsuite_group_members.staging: [ERROR] Error updating memberships: [ERROR] Error updating groupMember: googleapi: Error 404: Resource Not Found: memberKey, notFound, dat.dude@example.com
Meanwhile... that very same member was added to the prod group without issue.
My intuition say it might be an issue with the pagination of results. That could definitely explain intermittent 404s. I'm not seeing anything obvious in a TF_LOG=debug run either.
If I manually add the user in the web console and re-run, the errors goes away.
possible gsuite API bug/behavior?
googleapis/google-api-nodejs-client#166
In this case... perhaps adding a timeout attribute to the provider def would solve this?
We've been adding retries to a bunch of things on 404's, but it slows down everything else. #53
I don't know of a great solution.
My intuition say it might be an issue with the pagination of results.
Did we verify it's not this? I don't think there is pagination in the way here.
I'm not sure exactly when, but I've noticed this issue has completely gone away sometime over the past 4-8 weeks. I've updated to the latest release a few times over that span so I'm not sure which version did it but it is working quite well now.
Just encountered this again. I guess it hasn't been resolved.
I'm facing this as well. I did try to set the timeout_minutes to 4 in the provider definition, but it didn't help.
The amusing part is that the group was created and all other members were part of it, only one member could not be added somehow. Adding it manually made it work (but clearly is not a good/tenable solution).
Are the members being added external to the domain? Is the error message still exactly the same?
I haven't seen it for quite a while, and use the provider extensively.
@DeviaVir sorry for the delay, the notification must have slipped through the cracks.
Yes, the message is still the same. And not every time is the same member of that group.
And no, the member are not external. All the same domain.
Hi @DeviaVir
Is there any progress on this issue?
We are also running in this error and it quite blocks us right now.
we are using the provider:
gsuite = {
source = "DeviaVir/gsuite"
version = "~> 0.1.54"
}
and trying to add a member to a group via the resource gsuite_group_members.
The members are internal and also available within gsuite.
Yet it fails with the error:
Error updating memberships: [ERROR] Error updating groupMember: googleapi: Error 404: Resource Not Found: memberKey, notFound, someone@domain.com
Another update from my side.
We have a other gsuite group within the group I want to add members to.
The member I want to add is already within the group in the group. so hasMember.IsMember is true.
Therefore an update will be performed.
Which - of course - will fail as the member is not a direkt member of the gsuite group but is only a member of the sub-group.
Edit:
Link to problematic part: