Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Stackdriver Error reporting for Ruby, running on GKE

Which steps are required to collect errors from a Rails app running on GKE?

I have added the stackdriver gem to my Rails app and I have created a custom role with the errorreporting.errorEvents.create permission. That role is given to the Compute Engine default service account

I interpret the docs that one does not have to do the following setup when running on GKE:

# Add this to config/environments/*.rb
Rails.application.configure do |config|
  # Stackdriver Error Reporting specific parameters
  config.google_cloud.error_reporting.project_id = "YOUR-PROJECT-ID"
  config.google_cloud.error_reporting.keyfile    = "/path/to/service-account.json"
end

I manually created an exception

That gave me valuable information:

irb(main):001:0> Google::Cloud::ErrorReporting.report Exception.new(msg: "from console")
=> nil
irb(main):002:0> {:msg=>"from console"} (Exception)
Google::Cloud::PermissionDeniedError: 7:Stackdriver Error Reporting API has not been used in project NNNNN before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/clouderrorreporting.googleapis.com/overview?project=NNNN then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.

After enabling the API, then I get this error:

irb(main):004:0> {:msg=>"from console"} (Exception)
Google::Cloud::PermissionDeniedError: 7:User not authorized.

So, which permission do I have to give to which user to make this work? :-|

like image 777
martins Avatar asked Jan 03 '19 09:01

martins


1 Answers

This seems permission issue, so after installing and configuring google-cloud-ruby.

Then, you need to Enable the Stackdriver Error Reporting API.

Then you need to add the role "roles/errorreporting.writer" to the default compute service account.

gcloud container clusters create example-cluster-name --scopes https://www.googleapis.com/auth/cloud-platform

When you create the cluster you need to add --scope flag for platform see above an example:

like image 52
Alioua Avatar answered Sep 28 '22 05:09

Alioua