Comments (5)
cosmotek
commented on July 26, 2024
2
Here's an example I got working:
locals {
docker_image_name = "my_docker_image"
}
resource "aws_ecr_repository" "ecr_repo" {
name = local.docker_image_name
image_tag_mutability = "IMMUTABLE"
image_scanning_configuration {
scan_on_push = true
}
}
resource "aws_ecr_repository_policy" "ecr_repo_policy" {
repository = aws_ecr_repository.ecr_repo.name
policy = <<EOF
{
"Version": "2008-10-17",
"Statement": [
{
"Sid": "new policy",
"Effect": "Allow",
"Principal": "*",
"Action": [
"ecr:GetAuthorizationToken",
"ecr:GetDownloadUrlForLayer",
"ecr:BatchGetImage",
"ecr:BatchCheckLayerAvailability",
"ecr:PutImage",
"ecr:InitiateLayerUpload",
"ecr:UploadLayerPart",
"ecr:CompleteLayerUpload",
"ecr:DescribeRepositories",
"ecr:GetRepositoryPolicy",
"ecr:ListImages",
"ecr:DeleteRepository",
"ecr:BatchDeleteImage",
"ecr:SetRepositoryPolicy",
"ecr:DeleteRepositoryPolicy"
]
}
]
}
EOF
}
provider "docker" {
registry_auth {
address = data.aws_ecr_authorization_token.container_registry_token.proxy_endpoint
username = data.aws_ecr_authorization_token.container_registry_token.user_name
password = data.aws_ecr_authorization_token.container_registry_token.password
}
}
data "aws_ecr_authorization_token" "container_registry_token" {}
resource "time_static" "now" {}
resource "docker_registry_image" "my_docker_image" {
name = "${aws_ecr_repository.ecr_repo.repository_url}:build-${time_static.now.unix}"
build {
context = "${path.module}/src"
labels = {
dir_sha1 = sha1(join("", [for f in fileset("${path.module}/src", "*") : filesha1("${path.module}/src/${f}")]))
}
}
}from terraform-provider-docker.
suzuki-shunsuke
commented on July 26, 2024
This may have nothing to do with the error, but your configuration file is wrong.
https://registry.terraform.io/providers/kreuzwerker/docker/latest/docs#config_file_content
Cannot be used with the username/password or config_file options.
from terraform-provider-docker.
suzuki-shunsuke
commented on July 26, 2024
I could reproduce the error.
resource "docker_registry_image" "helloworld" {
name = "something-amazing/helloworld:2.0"
build {
context = "context"
}
}
data "aws_ecr_authorization_token" "token" {
}
provider "docker" {
registry_auth {
address = "<aws account id>.dkr.ecr.ap-northeast-1.amazonaws.com"
username = data.aws_ecr_authorization_token.token.user_name
password = data.aws_ecr_authorization_token.token.password
}
}
provider "aws" {
region = "ap-northeast-1"
}$ terraform version
Terraform v0.13.5
+ provider registry.terraform.io/hashicorp/aws v3.19.0
+ provider registry.terraform.io/kreuzwerker/docker v2.8.0
$ terraform apply
data.aws_ecr_authorization_token.token: Refreshing state...
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# docker_registry_image.helloworld will be created
+ resource "docker_registry_image" "helloworld" {
+ id = (known after apply)
+ keep_remotely = false
+ name = "something-amazing/helloworld:2.0"
+ sha256_digest = (known after apply)
+ build {
+ context = "context:a1094ea0c6474f9d4eee107593ef19211a9009797363cd598a44daaf8abc75de"
+ dockerfile = "Dockerfile"
}
}
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
docker_registry_image.helloworld: Creating...
Error: Error pushing docker image: Error response from daemon: Bad parameters and missing X-Registry-Auth: EOF
on main.tf line 1, in resource "docker_registry_image" "helloworld":
1: resource "docker_registry_image" "helloworld" {
from terraform-provider-docker.
suzuki-shunsuke
commented on July 26, 2024
It succeeded to push a Docker image by adding the registry path to docker_registry_image's name.
resource "docker_registry_image" "helloworld" {
# name = "something-amazing/helloworld:2.0"
name = "<aws account id>.dkr.ecr.ap-northeast-1.amazonaws.com/something-amazing/helloworld:2.0"
build {
context = "context"
}
}from terraform-provider-docker.
antonbabenko
commented on July 26, 2024
Thank you, this works as expected.
I have just updated the Terraform AWS Lambda module and reference to this provider - https://github.com/terraform-aws-modules/terraform-aws-lambda/pull/80/files#diff-b71ad04f644acd7192bbc30fcb3f747a785983233f38a333c93c9f4541f7989a
from terraform-provider-docker.
Related Issues (20)
- Feat: Support buildtime Secrets
- docker_container devices forces resource replacement at all times HOT 11
- Support for detachable containers
- Conditionally rebuild image
- feat: Add support for additional docker_image build contexts
- Flaky `Error response from daemon: Conflict, cannot remove the default link name of the container` on `terraform destroy`
- Support for VolumeOptions.Subpath in docker_container.mounts.volume_options HOT 1
- Support for Docker Cluster Volumes HOT 1
- Error during pushing image to GCP Artifact Registry, Unable to create image, image not found: unable to get digest: Got bad response from registry: 405 Method Not Allowed HOT 1
- Error when pushing ECR public registry: `unable to get digest: Got bad response from registry: 400 Bad Request`
- Support for error message when service didn't converge
- Docker image trigger is not working
- Using a file for storing environment variables
- Support for `triggers` or `run_when_changed` or something like it on `docker_container` or a new `docker_container_ephemeral` resource
- Support `extra_hosts`, `secrets` attribute for `docker_container` resource
- Support for using Data Sources without access to a Docker Daemon
- DOCKER_CONFIG is incompatible w/ docker CLI variable of same name
- Support for platform emulation in docker_container
- Allow provider override for SSH HOT 1
- "One-shot tasks" via `docker_container` fail with "Error: No such container: xxx"
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-provider-docker.