terraform-provider-docker
terraform-provider-docker copied to clipboard
kreuzwerker
Multiple docker_image resources with different tags seems broken?
Here's my Terraform:
resource "docker_image" "arm64" {
name = "build-python3.9-openssl"
build {
context = "."
tag = ["build-python3.9-openssl:latest-arm64"]
dockerfile = "${path.module}/../Dockerfile.build.arm64"
platform = "linux/arm64"
}
}
resource "docker_image" "x86_64" {
name = "build-python3.9-openssl"
build {
context = "."
tag = ["build-python3.9-openssl:latest-x86_64"]
dockerfile = "${path.module}/../Dockerfile.build.x86_64"
platform = "linux/amd64"
}
}
And here's the images that get created:
dave@mbp ~ % docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
build-python3.9-openssl latest ff1eb3f6d366 40 minutes ago 1.86GB
build-python3.9-openssl latest-arm64 ff1eb3f6d366 40 minutes ago 1.86GB
build-python3.9-openssl latest-x86_64 950808b62861 41 minutes ago 1.93GB
Yet for some reason, docker_image.x86_64 is pointing to the image_id of docker_image.arm64, which is definitely wrong.
Results in:
# docker_image.arm64:
resource "docker_image" "arm64" {
id = "sha256:ff1eb3f6d366f68540f59bf2c3448e0d931a289ccd8ad3cc462086b106b1cc35build-python3.9-openssl"
image_id = "sha256:ff1eb3f6d366f68540f59bf2c3448e0d931a289ccd8ad3cc462086b106b1cc35"
name = "build-python3.9-openssl"
build {
build_arg = {}
build_args = {}
cache_from = []
context = "."
cpu_period = 0
cpu_quota = 0
cpu_shares = 0
dockerfile = "./../Dockerfile.build.arm64"
extra_hosts = []
force_remove = false
label = {}
labels = {}
memory = 0
memory_swap = 0
no_cache = false
platform = "linux/arm64"
pull_parent = false
remove = true
security_opt = []
shm_size = 0
squash = false
suppress_output = false
tag = [
"build-python3.9-openssl:latest-arm64",
]
}
}
# docker_image.x86_64:
resource "docker_image" "x86_64" {
id = "sha256:ff1eb3f6d366f68540f59bf2c3448e0d931a289ccd8ad3cc462086b106b1cc35build-python3.9-openssl"
image_id = "sha256:ff1eb3f6d366f68540f59bf2c3448e0d931a289ccd8ad3cc462086b106b1cc35"
name = "build-python3.9-openssl"
build {
build_arg = {}
build_args = {}
cache_from = []
context = "."
cpu_period = 0
cpu_quota = 0
cpu_shares = 0
dockerfile = "./../Dockerfile.build.x86_64"
extra_hosts = []
force_remove = false
label = {}
labels = {}
memory = 0
memory_swap = 0
no_cache = false
platform = "linux/amd64"
pull_parent = false
remove = true
security_opt = []
shm_size = 0
squash = false
suppress_output = false
tag = [
"build-python3.9-openssl:latest-x86_64",
]
}
}
My guess at the moment is that somewhere in this provider it's grabbing latest and using that for image_id, but I have not dug much into this.
I just tested it. The creation did work for me, but running terraform destroy resulted in an error.
Internally we are using only the name to identify the image and retrieve its information. In your case we have the same name with two tags => our code gets confused.
I think I was just lucky that the creation worked...
You can also test it yourself: docker inspect build-python3.9-openssl should output Error: No such object.
It actually works if you append the tag also to the name: name = "build-python3.9-openssl:latest-arm64" because then it uses the full image identifier when communicating with the docker daemon