Reputation: 125
Terraform: Docker provider does not respect insecure-registries?
I am trying to pull a Docker image from a local Artifactory when the digest of the image changed. But I am confused about Terrform configuration and its relation to the installed Docker Desktop.
The Terrform script starts with:
terraform {
required_providers {
docker = {
source = "terraform-providers/docker"
}
}
}
provider "docker" {
host = "npipe:////.//pipe//docker_engine"
registry_auth {
address= "ip:port"
username = "my-username"
password = "my-password"
}
}
data "docker_registry_image" "my-image" {
name = "ip:port/repository-name/my-image:version"
}
resource "docker_image" "my-image" {
name = "my-image-name"
pull_triggers = ["data.docker_registry_image.my-image.sha256_digest"]
keep_locally = true
}
I added the registry ip:port to the insecure-registries so that also Terraform has access to it.
The problem is that the insecure-registries from Docker Desktop is somehow ignored by Terraform (Docker provider) because I get the response:
Error: Got error when attempting to fetch image version from registry: Error during registry request: Get https://ip:port/v2/repository-name/my-image:version: http: server gave HTTP response to HTTPS client.
on script.tf line 20, in data "docker_registry_image" "my-image":
20: data "docker_registry_image" "my-image" {
Can anyone help? Does somebody know why insecue-registries set in Docker Desktop does not apply here?
Upvotes: 1
Views: 541
Answers (1)
Reputation: 125
I think I have found out the answer. Here is the link https://github.com/terraform-providers/terraform-provider-docker/blob/ccb7c6e8abe0fae89d115347c0677b5c0f45e2bf/docker/data_source_docker_registry_image.go#L85-L96 to the source code of the terraform-provider-docker plugin where we can see in the line 98 that the protocol https is hardcoded, when getting the image digest:
req, err := http.NewRequest("GET", "https://"+registry+"/v2/"+image+"/manifests/"+tag, nil)
This is the answer why the insecure-registries property is not taken into the account.
Upvotes: 1
Related Questions
- Terraform with docker provider , can't pull the image
- Error initializing Docker client: protocol not available running terraform import command
- how to build docker images with terraform providers preinstalled
- Terraform docker_registry_image error: 'unable to get digest: Got bad response from registry: 400 Bad Request'
- Error with terraform init in a docker container -- x509: certificate signed by unknown authority
- How to select correct docker provider in terraform 0.14
- How to use a docker file with terraform
- Terraform docker cannot authenticate with container registry for remote host
- No valid credential sources found for AWS Provider when using environment vars
- terraform kubernetes provider - tls secret not created properly