stackoom
  简体   繁体   中英

How to push a docker image to Azure container registry using terraform?

 原文  2021-07-29 17:06:58       azure/ docker/ terraform/ docker-image

Question

I am a beginner in Terraform/Azure and I want to deploy a docker image in ACR using terraform but was unable to find internet solutions. So, if anybody knows how to deploy a docker image to an azure container registry using Terraform, please share. Tell me whether this is possible or not.

2 answers

solution1
 5 ACCPTED  2021-07-30 07:45:15

You may use Terraform resource null_resource and execute your own logic in Terraform.

Example:

resource "azurerm_resource_group" "rg" {
  name     = "example-resources"
  location = "West Europe"
}

resource "azurerm_container_registry" "acr" {
  name                     = "containerRegistry1"
  resource_group_name      = azurerm_resource_group.rg.name
  location                 = azurerm_resource_group.rg.location
  sku                      = "Premium"
  admin_enabled            = true
  georeplication_locations = ["East US", "West Europe"]
}

resource "azurerm_azuread_application" "acr-app" {
  name = "acr-app"
}

resource "azurerm_azuread_service_principal" "acr-sp" {
  application_id = "${azurerm_azuread_application.acr-app.application_id}"
}

resource "azurerm_azuread_service_principal_password" "acr-sp-pass" {
  service_principal_id = "${azurerm_azuread_service_principal.acr-sp.id}"
  value                = "Password12"
  end_date             = "2022-01-01T01:02:03Z"
}

resource "azurerm_role_assignment" "acr-assignment" {
  scope                = "${azurerm_container_registry.acr.id}"
  role_definition_name = "Contributor"
  principal_id         = "${azurerm_azuread_service_principal_password.acr-sp-pass.service_principal_id}"
}

   resource "null_resource" "docker_push" {
      provisioner "local-exec" {
      command = <<-EOT
        docker login ${azurerm_container_registry.acr.login_server} 
        docker push ${azurerm_container_registry.acr.login_server}
      EOT
      }
    }

solution2
 1  2022-06-13 22:10:29

Just figured this out with the docker_registry_image resource. I do not like using a null resource, since it requires a dependency to local system packages. Furthermore, I made it so that you can both deploy with local authentication as well as authentication with credentials stored as secret in a Github repository for example.

main.tf

terraform {
  required_version = ">= 1.1.7"

  required_providers {
    docker = {
      source  = "kreuzwerker/docker"
      version = ">= 2.16.0"
    }
  }

  backend "azurerm" {}
}

provider "docker" {
  // Used when deploying locally
  dynamic "registry_auth" {
    for_each = var.docker_config_file_path == "" ? [] : [1]
    content {
      address     = var.docker_registry_url
      config_file = pathexpand(var.docker_config_file_path)
    }
  }

  // Used when deploying from a build pipeline
  dynamic "registry_auth" {
    for_each = (var.docker_registry_username == "" || var.docker_registry_password == "") ? [] : [1]
    content {
      address  = var.docker_registry_url
      username = var.docker_registry_username
      password = var.docker_registry_password
    }
  }
}

resource "docker_registry_image" "image" {
  name          = "${var.docker_image_name}:${var.docker_image_tag}"
  keep_remotely = var.keep_remotely

  build {
    context    = var.docker_file_path
    build_args = var.build_args
  }
}

variables.tf

variable "docker_registry_url" {
  description = "Address of ACR container registry."
  type        = string
}

variable "docker_registry_username" {
  description = "Username for authenticating with the container registry. Required if docker_config_file_path is not set."
  type        = string
  default     = ""
}

variable "docker_registry_password" {
  description = "Password for authenticating with the container registry. Required if docker_config_file_path is not set."
  type        = string
  default     = ""
  sensitive   = true
}

variable "docker_config_file_path" {
  description = "Path to config.json containing docker configuration."
  type        = string
  default     = ""
}

variable "docker_image_name" {
  description = "Name of docker image to build."
  type        = string
}

variable "docker_image_tag" {
  description = "Tag to use for the docker image."
  type        = string
  default     = "latest"
}

variable "source_path" {
  description = "Path to folder containing application code"
  type        = string
  default     = null
}

variable "docker_file_path" {
  description = "Path to Dockerfile in source package"
  type        = string
}

variable "build_args" {
  description = "A map of Docker build arguments."
  type        = map(string)
  default     = {}
}

variable "keep_remotely" {
  description = "Whether to keep Docker image in the remote registry on destroy operation."
  type        = bool
  default     = false
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to pull and deploy a docker image from azure container registry using Terraform? Azure DevOps Pipelines push Docker image to Container Registry Denied How to pull container image from docker registry to deploy azure container Docker Push to Azure Container Registry: Access Denied Azure Container Registry Permissions Using Terraform Azure DevOps Pipeline - build and push Docker Image to Azure container registry with restricted network access Docker image fails to push to azure registry Deploying a Docker Image from Azure Container Registry Unable to push docker images to Azure Registry Container using docker-compose file How do I authenticate using a managed identity from gitlab-ci to push a docker container from gitlab registry to Azure web service?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM