feat: disable_docker_daemon_check for provider (#703)

2026-02-03 20:29:30 -05:00 · 2025-04-18 19:25:13 +02:00 · 2025-04-18 19:25:13 +02:00 · e47077458c
commit e47077458c
parent 5aced9fca7
5 changed files with 61 additions and 27 deletions
--- a/docs/index.md
+++ b/docs/index.md
@ -46,26 +46,6 @@ resource "docker_container" "foo" {
 }
 ```

-Terraform 0.12 and earlier:
-
-```terraform
-provider "docker" {
-  version = "~> 3.2.0"
-  host    = "unix:///var/run/docker.sock"
-}
-
-# Pulls the image
-resource "docker_image" "ubuntu" {
-  name = "ubuntu:latest"
-}
-
-# Create a container
-resource "docker_container" "foo" {
-  image = docker_image.ubuntu.image_id
-  name  = "foo"
-}
-```
-
 ## Remote Hosts
 You can also use the `ssh` protocol to connect to the docker host on a remote machine.
 The configuration would look as follows:
@ -79,6 +59,11 @@ provider "docker" {

 When using a remote host, the daemon configuration on the remote host can apply default configuration to your resources when running `terraform apply`, for example by appling log options to containers. When running `terraform plan` the next time, it will show up as a diff. In such cases it is recommended to use the `ignore_changes` lifecycle meta-argument to ignore the changing attribute (See [this issue](https://github.com/kreuzwerker/terraform-provider-docker/issues/473) for more information).

+## Disabling Docker Daemon Checking
+
+The `docker_registry_image` `data_source` and `resource` do not require a connection to the Docker daemon. If you want to use those in an environment without a Docker daemon, you can disable the
+connection check by setting the `disable_docker_daemon_check` argument to `true`. Be careful, this will break the provider for any resources that require a connection to the Docker daemon.
+
 ## Registry credentials

 Registry credentials can be provided on a per-registry basis with the `registry_auth`
@ -169,6 +154,7 @@ provider "docker" {
 - `ca_material` (String) PEM-encoded content of Docker host CA certificate
 - `cert_material` (String) PEM-encoded content of Docker client certificate
 - `cert_path` (String) Path to directory with Docker TLS config
+- `disable_docker_daemon_check` (Boolean) If set to `true`, the provider will not check if the Docker daemon is running. This is useful for resources/data_sourcess that do not require a running Docker daemon, such as the data source `docker_registry_image`.
 - `host` (String) The Docker daemon address
 - `key_material` (String) PEM-encoded content of Docker client private key
 - `registry_auth` (Block Set) (see [below for nested schema](#nestedblock--registry_auth))
--- a/internal/provider/data_source_docker_registry_image_test.go
+++ b/internal/provider/data_source_docker_registry_image_test.go
@ -45,6 +45,26 @@ func TestAccDockerRegistryImage_private(t *testing.T) {
 	})
 }

+func TestAccDockerRegistryImage_WithoutDaemon(t *testing.T) {
+	registry := "127.0.0.1:15000"
+	image := "127.0.0.1:15000/tftest-service:v1"
+	ctx := context.Background()
+	resource.Test(t, resource.TestCase{
+		PreCheck:          func() { testAccPreCheck(t) },
+		ProviderFactories: providerFactories,
+		Steps: []resource.TestStep{
+			{
+				Config: fmt.Sprintf(loadTestConfiguration(t, DATA_SOURCE, "docker_registry_image", "testAccDockerImageDataSource_WithoutDaemon"), registry, image),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestMatchResourceAttr("data.docker_registry_image.foobar", "sha256_digest", registryDigestRegexp),
+				),
+			},
+		},
+		CheckDestroy: func(state *terraform.State) error {
+			return checkAndRemoveImages(ctx, state)
+		},
+	})
+}
 func TestAccDockerRegistryImage_auth(t *testing.T) {
 	registry := "127.0.0.1:15000"
 	image := "127.0.0.1:15000/tftest-service:v1"
--- a/internal/provider/provider.go
+++ b/internal/provider/provider.go
@ -140,6 +140,12 @@ func New(version string) func() *schema.Provider {
 						},
 					},
 				},
+				"disable_docker_daemon_check": {
+					Type:        schema.TypeBool,
+					Optional:    true,
+					Default:     false,
+					Description: "If set to `true`, the provider will not check if the Docker daemon is running. This is useful for resources/data_sourcess that do not require a running Docker daemon, such as the data source `docker_registry_image`.",
+				},
 			},

 			ResourcesMap: map[string]*schema.Resource{
@ -191,9 +197,18 @@ func configure(version string, p *schema.Provider) func(context.Context, *schema
 			return nil, diag.Errorf("Error initializing Docker client: %s", err)
 		}

-		_, err = client.Ping(ctx)
-		if err != nil {
-			return nil, diag.Errorf("Error pinging Docker server: %s", err)
+		// Check if the Docker daemon is running
+		if !d.Get("disable_docker_daemon_check").(bool) {
+			_, err = client.ServerVersion(ctx)
+			if err != nil {
+				return nil, diag.Errorf("Error connecting to Docker daemon: %s", err)
+			}
+			_, err = client.Ping(ctx)
+			if err != nil {
+				return nil, diag.Errorf("Error pinging Docker server: %s", err)
+			}
+		} else {
+			log.Printf("[DEBUG] Skipping Docker daemon check")
 		}

 		authConfigs := &AuthConfigs{}
--- a/templates/index.md.tmpl
+++ b/templates/index.md.tmpl
@ -22,10 +22,6 @@ Terraform 0.13 and later:

 {{tffile "examples/provider/provider-tf13.tf"}}

-Terraform 0.12 and earlier:
-
-{{tffile "examples/provider/provider-tf12.tf"}}
-
 ## Remote Hosts
 You can also use the `ssh` protocol to connect to the docker host on a remote machine.
 The configuration would look as follows:
@ -34,6 +30,11 @@ The configuration would look as follows:

 When using a remote host, the daemon configuration on the remote host can apply default configuration to your resources when running `terraform apply`, for example by appling log options to containers. When running `terraform plan` the next time, it will show up as a diff. In such cases it is recommended to use the `ignore_changes` lifecycle meta-argument to ignore the changing attribute (See [this issue](https://github.com/kreuzwerker/terraform-provider-docker/issues/473) for more information).

+## Disabling Docker Daemon Checking
+
+The `docker_registry_image` `data_source` and `resource` do not require a connection to the Docker daemon. If you want to use those in an environment without a Docker daemon, you can disable the
+connection check by setting the `disable_docker_daemon_check` argument to `true`. Be careful, this will break the provider for any resources that require a connection to the Docker daemon.
+
 ## Registry credentials

 Registry credentials can be provided on a per-registry basis with the `registry_auth`
--- a/testdata/data-sources/docker_registry_image/testAccDockerImageDataSource_WithoutDaemon.tf
+++ b/testdata/data-sources/docker_registry_image/testAccDockerImageDataSource_WithoutDaemon.tf
@ -0,0 +1,12 @@
+provider "docker" {
+  alias = "private"
+  disable_docker_daemon_check = true
+  registry_auth {
+    address = "%s"
+  }
+}
+data "docker_registry_image" "foobar" {
+  provider             = "docker.private"
+  name                 = "%s"
+  insecure_skip_verify = true
+}