From e47077458ca9dc783eccdaec9c33290a8e823458 Mon Sep 17 00:00:00 2001 From: Martin Date: Fri, 18 Apr 2025 19:25:13 +0200 Subject: [PATCH] feat: disable_docker_daemon_check for provider (#703) --- docs/index.md | 26 +++++-------------- .../data_source_docker_registry_image_test.go | 20 ++++++++++++++ internal/provider/provider.go | 21 ++++++++++++--- templates/index.md.tmpl | 9 ++++--- ...tAccDockerImageDataSource_WithoutDaemon.tf | 12 +++++++++ 5 files changed, 61 insertions(+), 27 deletions(-) create mode 100644 testdata/data-sources/docker_registry_image/testAccDockerImageDataSource_WithoutDaemon.tf diff --git a/docs/index.md b/docs/index.md index 71d6e0bf..1ee5cfc0 100644 --- a/docs/index.md +++ b/docs/index.md @@ -46,26 +46,6 @@ resource "docker_container" "foo" { } ``` -Terraform 0.12 and earlier: - -```terraform -provider "docker" { - version = "~> 3.2.0" - host = "unix:///var/run/docker.sock" -} - -# Pulls the image -resource "docker_image" "ubuntu" { - name = "ubuntu:latest" -} - -# Create a container -resource "docker_container" "foo" { - image = docker_image.ubuntu.image_id - name = "foo" -} -``` - ## Remote Hosts You can also use the `ssh` protocol to connect to the docker host on a remote machine. The configuration would look as follows: @@ -79,6 +59,11 @@ provider "docker" { When using a remote host, the daemon configuration on the remote host can apply default configuration to your resources when running `terraform apply`, for example by appling log options to containers. When running `terraform plan` the next time, it will show up as a diff. In such cases it is recommended to use the `ignore_changes` lifecycle meta-argument to ignore the changing attribute (See [this issue](https://github.com/kreuzwerker/terraform-provider-docker/issues/473) for more information). +## Disabling Docker Daemon Checking + +The `docker_registry_image` `data_source` and `resource` do not require a connection to the Docker daemon. If you want to use those in an environment without a Docker daemon, you can disable the +connection check by setting the `disable_docker_daemon_check` argument to `true`. Be careful, this will break the provider for any resources that require a connection to the Docker daemon. + ## Registry credentials Registry credentials can be provided on a per-registry basis with the `registry_auth` @@ -169,6 +154,7 @@ provider "docker" { - `ca_material` (String) PEM-encoded content of Docker host CA certificate - `cert_material` (String) PEM-encoded content of Docker client certificate - `cert_path` (String) Path to directory with Docker TLS config +- `disable_docker_daemon_check` (Boolean) If set to `true`, the provider will not check if the Docker daemon is running. This is useful for resources/data_sourcess that do not require a running Docker daemon, such as the data source `docker_registry_image`. - `host` (String) The Docker daemon address - `key_material` (String) PEM-encoded content of Docker client private key - `registry_auth` (Block Set) (see [below for nested schema](#nestedblock--registry_auth)) diff --git a/internal/provider/data_source_docker_registry_image_test.go b/internal/provider/data_source_docker_registry_image_test.go index 84a7aaf6..0c8ce561 100644 --- a/internal/provider/data_source_docker_registry_image_test.go +++ b/internal/provider/data_source_docker_registry_image_test.go @@ -45,6 +45,26 @@ func TestAccDockerRegistryImage_private(t *testing.T) { }) } +func TestAccDockerRegistryImage_WithoutDaemon(t *testing.T) { + registry := "127.0.0.1:15000" + image := "127.0.0.1:15000/tftest-service:v1" + ctx := context.Background() + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProviderFactories: providerFactories, + Steps: []resource.TestStep{ + { + Config: fmt.Sprintf(loadTestConfiguration(t, DATA_SOURCE, "docker_registry_image", "testAccDockerImageDataSource_WithoutDaemon"), registry, image), + Check: resource.ComposeTestCheckFunc( + resource.TestMatchResourceAttr("data.docker_registry_image.foobar", "sha256_digest", registryDigestRegexp), + ), + }, + }, + CheckDestroy: func(state *terraform.State) error { + return checkAndRemoveImages(ctx, state) + }, + }) +} func TestAccDockerRegistryImage_auth(t *testing.T) { registry := "127.0.0.1:15000" image := "127.0.0.1:15000/tftest-service:v1" diff --git a/internal/provider/provider.go b/internal/provider/provider.go index 29fcba31..80e2d3c8 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -140,6 +140,12 @@ func New(version string) func() *schema.Provider { }, }, }, + "disable_docker_daemon_check": { + Type: schema.TypeBool, + Optional: true, + Default: false, + Description: "If set to `true`, the provider will not check if the Docker daemon is running. This is useful for resources/data_sourcess that do not require a running Docker daemon, such as the data source `docker_registry_image`.", + }, }, ResourcesMap: map[string]*schema.Resource{ @@ -191,9 +197,18 @@ func configure(version string, p *schema.Provider) func(context.Context, *schema return nil, diag.Errorf("Error initializing Docker client: %s", err) } - _, err = client.Ping(ctx) - if err != nil { - return nil, diag.Errorf("Error pinging Docker server: %s", err) + // Check if the Docker daemon is running + if !d.Get("disable_docker_daemon_check").(bool) { + _, err = client.ServerVersion(ctx) + if err != nil { + return nil, diag.Errorf("Error connecting to Docker daemon: %s", err) + } + _, err = client.Ping(ctx) + if err != nil { + return nil, diag.Errorf("Error pinging Docker server: %s", err) + } + } else { + log.Printf("[DEBUG] Skipping Docker daemon check") } authConfigs := &AuthConfigs{} diff --git a/templates/index.md.tmpl b/templates/index.md.tmpl index e5fc4539..a5b86696 100644 --- a/templates/index.md.tmpl +++ b/templates/index.md.tmpl @@ -22,10 +22,6 @@ Terraform 0.13 and later: {{tffile "examples/provider/provider-tf13.tf"}} -Terraform 0.12 and earlier: - -{{tffile "examples/provider/provider-tf12.tf"}} - ## Remote Hosts You can also use the `ssh` protocol to connect to the docker host on a remote machine. The configuration would look as follows: @@ -34,6 +30,11 @@ The configuration would look as follows: When using a remote host, the daemon configuration on the remote host can apply default configuration to your resources when running `terraform apply`, for example by appling log options to containers. When running `terraform plan` the next time, it will show up as a diff. In such cases it is recommended to use the `ignore_changes` lifecycle meta-argument to ignore the changing attribute (See [this issue](https://github.com/kreuzwerker/terraform-provider-docker/issues/473) for more information). +## Disabling Docker Daemon Checking + +The `docker_registry_image` `data_source` and `resource` do not require a connection to the Docker daemon. If you want to use those in an environment without a Docker daemon, you can disable the +connection check by setting the `disable_docker_daemon_check` argument to `true`. Be careful, this will break the provider for any resources that require a connection to the Docker daemon. + ## Registry credentials Registry credentials can be provided on a per-registry basis with the `registry_auth` diff --git a/testdata/data-sources/docker_registry_image/testAccDockerImageDataSource_WithoutDaemon.tf b/testdata/data-sources/docker_registry_image/testAccDockerImageDataSource_WithoutDaemon.tf new file mode 100644 index 00000000..39c65621 --- /dev/null +++ b/testdata/data-sources/docker_registry_image/testAccDockerImageDataSource_WithoutDaemon.tf @@ -0,0 +1,12 @@ +provider "docker" { + alias = "private" + disable_docker_daemon_check = true + registry_auth { + address = "%s" + } +} +data "docker_registry_image" "foobar" { + provider = "docker.private" + name = "%s" + insecure_skip_verify = true +} \ No newline at end of file