如何使用terraform将Docker镜像推送到Azure容器注册表?

g2ieeal7  于 2023-06-24  发布在  Docker
关注(0)|答案(3)|浏览(150)

我是Terraform/Azure的初学者,我想使用Terraform在ACR中部署一个docker镜像,但无法找到互联网解决方案。所以,如果有人知道如何使用Terraform将docker镜像部署到Azure容器注册表,请分享。告诉我这是否可能。

Azure

3条答案

按热度按时间
luaexgnf

luaexgnf1#

您可以使用Terraform资源null_resource并在Terraform中执行自己的逻辑。
示例:

resource "azurerm_resource_group" "rg" {
  name     = "example-resources"
  location = "West Europe"
}

resource "azurerm_container_registry" "acr" {
  name                     = "containerRegistry1"
  resource_group_name      = azurerm_resource_group.rg.name
  location                 = azurerm_resource_group.rg.location
  sku                      = "Premium"
  admin_enabled            = true
  georeplication_locations = ["East US", "West Europe"]
}

resource "azurerm_azuread_application" "acr-app" {
  name = "acr-app"
}

resource "azurerm_azuread_service_principal" "acr-sp" {
  application_id = "${azurerm_azuread_application.acr-app.application_id}"
}

resource "azurerm_azuread_service_principal_password" "acr-sp-pass" {
  service_principal_id = "${azurerm_azuread_service_principal.acr-sp.id}"
  value                = "Password12"
  end_date             = "2022-01-01T01:02:03Z"
}

resource "azurerm_role_assignment" "acr-assignment" {
  scope                = "${azurerm_container_registry.acr.id}"
  role_definition_name = "Contributor"
  principal_id         = "${azurerm_azuread_service_principal_password.acr-sp-pass.service_principal_id}"
}

   resource "null_resource" "docker_push" {
      provisioner "local-exec" {
      command = <<-EOT
        docker login ${azurerm_container_registry.acr.login_server} 
        docker push ${azurerm_container_registry.acr.login_server}
      EOT
      }
    }
赞(0)分享  回复(0)举报  2023-06-24
bmvo0sr5

bmvo0sr52#

这一点,我在docker_registry_image资源中找到了答案。我不喜欢使用空资源,因为它需要依赖于本地系统包。此外,我使它既可以使用本地身份验证进行部署,也可以使用在Github存储库中存储为秘密的凭证进行身份验证。

main.tf

terraform {
  required_version = ">= 1.1.7"

  required_providers {
    docker = {
      source  = "kreuzwerker/docker"
      version = ">= 2.16.0"
    }
  }

  backend "azurerm" {}
}

provider "docker" {
  // Used when deploying locally
  dynamic "registry_auth" {
    for_each = var.docker_config_file_path == "" ? [] : [1]
    content {
      address     = var.docker_registry_url
      config_file = pathexpand(var.docker_config_file_path)
    }
  }

  // Used when deploying from a build pipeline
  dynamic "registry_auth" {
    for_each = (var.docker_registry_username == "" || var.docker_registry_password == "") ? [] : [1]
    content {
      address  = var.docker_registry_url
      username = var.docker_registry_username
      password = var.docker_registry_password
    }
  }
}

resource "docker_registry_image" "image" {
  name          = "${var.docker_image_name}:${var.docker_image_tag}"
  keep_remotely = var.keep_remotely

  build {
    context    = var.docker_file_path
    build_args = var.build_args
  }
}

variables.tf

variable "docker_registry_url" {
  description = "Address of ACR container registry."
  type        = string
}

variable "docker_registry_username" {
  description = "Username for authenticating with the container registry. Required if docker_config_file_path is not set."
  type        = string
  default     = ""
}

variable "docker_registry_password" {
  description = "Password for authenticating with the container registry. Required if docker_config_file_path is not set."
  type        = string
  default     = ""
  sensitive   = true
}

variable "docker_config_file_path" {
  description = "Path to config.json containing docker configuration."
  type        = string
  default     = ""
}

variable "docker_image_name" {
  description = "Name of docker image to build."
  type        = string
}

variable "docker_image_tag" {
  description = "Tag to use for the docker image."
  type        = string
  default     = "latest"
}

variable "source_path" {
  description = "Path to folder containing application code"
  type        = string
  default     = null
}

variable "docker_file_path" {
  description = "Path to Dockerfile in source package"
  type        = string
}

variable "build_args" {
  description = "A map of Docker build arguments."
  type        = map(string)
  default     = {}
}

variable "keep_remotely" {
  description = "Whether to keep Docker image in the remote registry on destroy operation."
  type        = bool
  default     = false
}
赞(0)分享  回复(0)举报  2023-06-24
gcuhipw9

gcuhipw93#

我尝试使用Terraform将存储在GitHub中的Dockerfile推送到Azure容器注册表(ACR),并遇到以下错误消息:

provider "docker" {
host = "https://${azurerm_container_registry.acrtest.login_server}"
registry_auth {
          address  = "acrtest.azurecr.io"
          username = "acrtest"
          password = "4hyrd/hf+ACRApCucP"
          }
        }
resource "docker_registry_image" "helloworld" {
          provider      = docker
          name          = docker_image.image.name
          keep_remotely = true
}
    
resource "docker_image" "image" {
         provider = docker
         name     = "helloworld:latest"
         build {
          context    = "https://github.com/AcordTest/repo.git#branch"
          dockerfile = "dockerDirinGithub/dockerfile"
        }
 }

在我拥有Dockerfile的存储库中从GitActions运行Terraform apply。

Error:
    docker_image.image: Creating...
    ╷
    │ Error: error during connect: Post "https://azure.microsoft.com/services/container-registry/": unexpected redirect in response
    │
赞(0)分享  回复(0)举报  2023-06-24
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com