I'm running a NodeJS app that utilizes the @google-cloud/logging library (version 11.0.0). I package this app into a Docker image stored in the Artifact Registry. Subsequently, I use Terraform to create a cloud_run_v2_job resource that references this image.
Within my app, I initialize the logging client like this:
const logging = new Logging();
const log = logging.log('myLog');
Then, I write logs like this:
const message = "My message"
const entry = log.entry({ severity: 'INFO' }, { message });
log.write(entry);
Surprisingly, these logs are not visible in the Logs Explorer. In contrast, if I employ a console.log statement, it appears as expected. To troubleshoot, I wrapped the logging code in a try-catch block:
try {
const message = "My message"
const entry = log.entry({ severity: 'INFO' }, { message });
log.write(entry);
} catch (err) {
console.log(err)
}
No errors are logged, which suggests that the logging code is executed without issues.
Given these observations, I'm leaning towards a permissions issue. In my Terraform configuration, I attempted to add the appropriate permissions:
data "google_project" "current" {}
resource "google_project_iam_member" "cloudrun_logging_permission" {
project = data.google_project.current.project_id
role = "roles/logging.logWriter"
member = "serviceAccount:${data.google_project.current.number}[email protected]"
}
However, this didn't resolve the issue. I'm not very experienced with IAM and permissions in Google Cloud. Could someone point out if I'm missing something?