Comments (18)
Any chance that some brave soul would be willing to contribute this?
from terraform-provider-docker.
This comment was originally opened by @superseb as hashicorp/terraform#4934 (comment). It was migrated here as part of the provider split. The original comment is below.
Used library should be using $HOME/.dockercfg
or $HOME/.docker/config.json
. Can you provide some more info on the used resources (dummy out the sensitive stuff) and some debug logging?
from terraform-provider-docker.
This comment was originally opened by @jmprusi as hashicorp/terraform#4934 (comment). It was migrated here as part of the provider split. The original comment is below.
I've been looking at the Terraform code.. I see you are using go-dockerclient, but just using an empty instance of "AuthConfiguration"
There's this go-dockerclient function called "NewAuthConfigurationsFromDockerCfg()" (https://godoc.org/github.com/fsouza/go-dockerclient#NewAuthConfigurationsFromDockerCfg) so I've modified the previous file.. and replaced line 110, with this:
splitImage := strings.Split(image, "/")
auths, _ := dc.NewAuthConfigurationsFromDockerCfg()
auth := auths.Configs[splitImage[0]]
if err := client.PullImage(pullOpts, auth); err != nil {
return fmt.Errorf("Error pulling image %s: %s\n", splitImage[0], err)
}
And it works fine..
There's this issue hashicorp/nomad/issues/660 , that seem to be related.
My example tf file:
provider "docker" {
host = "tcp://${aws_instance.dockertesting.public_dns}:2375/"
}
resource "docker_container" "dockerImage" {
image = "${docker_image.dockerImage.latest}"
name = "echoapi"
}
resource "docker_image" "dockerImage" {
name = "quay.io/Company/dockerImage"
}
The provider just returns a 403 when trying to pull the image..
2016/02/02 15:02:25 [ERROR] root: eval: *terraform.EvalRefresh, err: docker_image.DockerImage: Unable to read Docker image into resource: Unable to pull image quay.io/Company/DockerImage: Error pulling image quay.io/Company/DockerImage: Error: Status 403 trying to pull repository Company/DockerImage: "{\"error\": \"Permission Denied\"}"
2016/02/02 15:02:25 [ERROR] root: eval: *terraform.EvalSequence, err: docker_image.DockerImage: Unable to read Docker image into resource: Unable to pull image quay.io/Company/DockerImage: Error pulling image quay.io/Company/DockerImage: Error: Status 403 trying to pull repository Company/DockerImage: "{\"error\": \"Permission Denied\"}"
2016/02/02 15:02:25 [ERROR] root: eval: *terraform.EvalOpFilter, err: docker_image.DockerImage: Unable to read Docker image into resource: Unable to pull image quay.io/Company/DockerImage: Error pulling image quay.io/Company/DockerImage: Error: Status 403 trying to pull repository Company/DockerImage: "{\"error\": \"Permission Denied\"}"
2016/02/02 15:02:25 [ERROR] root: eval: *terraform.EvalSequence, err: docker_image.DockerImage: Unable to read Docker image into resource: Unable to pull image quay.io/Company/DockerImage: Error pulling image quay.io/Company/DockerImage: Error: Status 403 trying to pull repository Company/DockerImage: "{\"error\": \"Permission Denied\"}"
2016/02/02 15:02:25 [TRACE] Exiting eval tree: docker_image.DockerImage
2016/02/02 15:02:25 [DEBUG] vertex docker_container.DockerImage, got dep: docker_image.DockerImage
2016/02/02 15:02:25 [DEBUG] vertex provider.docker (close), got dep: docker_container.DockerImage
2016/02/02 15:02:25 [DEBUG] vertex root, got dep: provider.docker (close)
Error refreshing state: 1 error(s) occurred:
2016/02/02 15:02:25 [DEBUG] vertex root, got dep: provisioner.local-exec
2016/02/02 15:02:25 [DEBUG] vertex root, got dep: provisioner.file
2016/02/02 15:02:25 [DEBUG] vertex root, got dep: provisioner.chef
2016/02/02 15:02:25 [DEBUG] vertex root, got dep: var.aws_key_path
2016/02/02 15:02:25 [DEBUG] vertex root, got dep: var.rds-link_eip1
2016/02/02 15:02:25 [DEBUG] wa* docker_image.DockerImage: Unable to read Docker image into resource: Unable to pull image quay.io/Company/DockerImage: Error pulling image quay.io/Company/DockerImage: Error: Status 403 trying to pull repository Company/DockerImage: "{\"error\": \"Permission Denied\"}"
Thanks!
from terraform-provider-docker.
This comment was originally opened by @jpsecher as hashicorp/terraform#4934 (comment). It was migrated here as part of the provider split. The original comment is below.
I have the same problem.
from terraform-provider-docker.
This comment was originally opened by @markovuksanovic as hashicorp/terraform#4934 (comment). It was migrated here as part of the provider split. The original comment is below.
+1
from terraform-provider-docker.
This comment was originally opened by @jonbrouse as hashicorp/terraform#4934 (comment). It was migrated here as part of the provider split. The original comment is below.
I can also confirm this bug. This is a WAG but I'm wondering if the image is getting parsed correctly.
from terraform-provider-docker.
This comment was originally opened by @rhyas as hashicorp/terraform#4934 (comment). It was migrated here as part of the provider split. The original comment is below.
@jonbrouse That was my thought at first as well, but it's actually parsing stuff OK near as I can tell. The issue seems to be the authentication. I saw the option for including the docker env file for the go-dockerclient library as @jmprusi notes, but I've been investigating a different route and playing with some code that lets you put user/pass in the image resource definition. This seems like it would be better, in that it would keep the configuration for credentials within the terraform configuration instead of adding another env/external dependency. But maybe it should do both? take terra resource config first, then env??
from terraform-provider-docker.
This comment was originally opened by @mecorusfc as hashicorp/terraform#4934 (comment). It was migrated here as part of the provider split. The original comment is below.
Is there a workaround? Terraform is completely non-functional for Docker without the capability of using your credentials to access a registry. Seems like a big miss. I used up a lot of time setting up some stuff only to find out Terraform is a no-go for Docker. Any workaround is acceptable if we know that you are fixing the issue. By the way, my error message is slightly different. It gets a 500 on the pull with the error: 'no basic auth credentials'. I think it is the same thing though.
from terraform-provider-docker.
This comment was originally opened by @iahmad-khan as hashicorp/terraform#4934 (comment). It was migrated here as part of the provider split. The original comment is below.
Facing the same issue , any workaround?
from terraform-provider-docker.
This comment was originally opened by @iahmad-khan as hashicorp/terraform#4934 (comment). It was migrated here as part of the provider split. The original comment is below.
In my case it pull the image , but still results in this error:
docker_image.ubuntu: Creating...
latest: "" => "<computed>"
name: "" => "ubuntu:precise"
Error applying plan:
1 error(s) occurred:
* docker_image.ubuntu: **Unable to read Docker image into resource** Unable to find or pull image ubuntu:precise
Terraform does not automatically rollback in the face of errors.
Instead, your Terraform state file has been partially updated with
any resources that successfully completed. Please address the error
above and apply again to incrementally change your infrastructure.
from terraform-provider-docker.
This comment was originally opened by @mecorusfc as hashicorp/terraform#4934 (comment). It was migrated here as part of the provider split. The original comment is below.
There was a pull request. I rebuilt my terraform with the change from the pull request and things worked. However, there are plenty of other things in the Docker world that terraform hasn’t kept up with. I stopped using it. I’m watching to see if they support the other providers the way they support Amazon.
Michael Corum
VP, Technical Architecture Solutions
RGA Reinsurance Company
16600 Swingley Ridge Road
Chesterfield, Missouri 6301701706
T 636.736.7066
www.rgare.com
From: Ijaz ahmad khan <[email protected]mailto:[email protected]>
Reply-To: hashicorp/terraform <[email protected]mailto:[email protected]>
Date: Wednesday, January 11, 2017 at 3:34 PM
To: hashicorp/terraform <[email protected]mailto:[email protected]>
Cc: Corum Michael <[email protected]mailto:[email protected]>, Comment <[email protected]mailto:[email protected]>
Subject: Re: [hashicorp/terraform] Cannot pull images from private registry with docker provider (#4934)
In my case it pull the image , but still results in this error:
docker_image.ubuntu: Creating...
latest: "" => ""
name: "" => "ubuntu:precise"
Error applying plan:
1 error(s) occurred:
- docker_image.ubuntu: Unable to read Docker image into resource Unable to find or pull image ubuntu:precise
Terraform does not automatically rollback in the face of errors.
Instead, your Terraform state file has been partially updated with
any resources that successfully completed. Please address the error
above and apply again to incrementally change your infrastructure.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHubhashicorp/terraform#4934 (comment), or mute the threadhttps://github.com/notifications/unsubscribe-auth/AFo5lVNb8y5SxWe5j3-rz5gBboR3aaJPks5rRUrXgaJpZM4HQrfO.
from terraform-provider-docker.
This comment was originally opened by @krm1 as hashicorp/terraform#4934 (comment). It was migrated here as part of the provider split. The original comment is below.
Any update on this issue?
from terraform-provider-docker.
This comment was originally opened by @mbukosky as hashicorp/terraform#4934 (comment). It was migrated here as part of the provider split. The original comment is below.
+1
from terraform-provider-docker.
+1
from terraform-provider-docker.
+1
from terraform-provider-docker.
+1
from terraform-provider-docker.
+1
from terraform-provider-docker.
@OverlyExcessive ✅ see #21
from terraform-provider-docker.
Related Issues (20)
- ci: update to go 1.15 HOT 1
- Make docker_registry_image datasource independent of docker host endpoint HOT 4
- Missing security_opt option for docker_container resource
- How can I pass private_key for ssh connection? HOT 1
- Alias fails when passed to child module.
- Image value in docker_service state doesn't stick
- Image argument after v2.6.0 always replaces resources (mismatch between image name vs sha image id) HOT 2
- Modifying labels does not recreate container
- How to use provider with simple get from https://hub.docker.com/search?q=&type=image HOT 1
- [docker_network] - check_duplicate not working
- Unable to remove Docker image: image is referenced in multiple repositories HOT 1
- Swarm Secret Data Source
- Provider can't connect to Docker daemon in WSL 2
- Crash Import service docker module with hosts include
- Call for future maintainers HOT 8
- Add support for docker plugins
- terraform destroy does not respect stop_grace_period for docker swarm services running on DOCKER_HOST
- OCI images are not supported
- Null user should not force a replacement
- Non existent or null workdir should not force replacement
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-provider-docker.