Search code examples
azuredockerterraformazure-aks

Unable to push image to ACR from terraform - could not get auth config (the credentialhelper did not work or was not found):


I have a terraform project that creates an ACR registry, I am also using a Docker provider to build a node project locally, then push it to the ACR.

After running terraform init and trying to apply the changes, I get this error:

 Error: Error loading registry auth config: could not get auth config (the credentialhelper did not work or was not found): error getting credentials - err: no credentials server URL, out: `no credentials server URL`       
│
│   with provider["registry.terraform.io/kreuzwerker/docker"],
│   on providers.tf line 29, in provider "docker":
│   29: provider "docker" {

This is my current code


resource "random_string" "random" {
  length  = 8
  upper   = false
  special = false
}

locals {
  acr_name = "acr${random_string.random.result}"
}

module "resource_group" {
  source = "..//..//modules/resource_group"
  name_prefix = var.resource_group_name_prefix
  location = var.resource_group_location
}

resource "azurerm_container_registry" "acr" {
  name = local.acr_name
  location         = module.resource_group.location
  resource_group_name = module.resource_group.name
  sku = "Premium"
}

data "azurerm_container_registry" "acr" {
  name                = azurerm_container_registry.acr.name
  resource_group_name = module.resource_group.name
} 

resource "docker_image" "image" {
  name = "${data.azurerm_container_registry.acr.login_server}/my-app:v1"
  build {
    context = "./node-hello-world"
  }

}

resource "docker_registry_image" "helloworld" {
  name          = docker_image.image.name
  keep_remotely = true
}

I am using this Docker provider

    docker = {
      source = "kreuzwerker/docker"
      version = "~>3.0.2"
    }

and have my auth information

provider "docker" {
  registry_auth {
    address  = data.azurerm_container_registry.acr.login_server
    username = data.azurerm_container_registry.acr.admin_username
    password = data.azurerm_container_registry.acr.admin_password
  }
}

Does anyone know why this is happening please?


Solution

  •  Error: Error loading registry auth config: could not get auth config (the credentialhelper did not work or was not found): error getting credentials - err: no credentials server URL, out: `no credentials server URL`
    

    The above error is caused because the ACR login server details are not being retrieved from the ACR registry correctly. You can use the code below to get the ACR login server in the Docker provider.

        provider "docker" {
          registry_auth {
            address  = "${azurerm_container_registry.acr.name}.azurecr.io"
            username = azurerm_container_registry.acr.admin_username
            password = azurerm_container_registry.acr.admin_password
          }
        }
    

    If you are facing any errors with the Docker provider, you can use an alternative method to push the image to ACR using Terraform.

    Here is the updated Terraform code to push the image to ACR

    Note: In my case, I used a public image for testing, as I don't have a custom image

    provider "azurerm" {
      features {}
      subscription_id = "89a9"
    }
    
    terraform {
      required_providers {
        docker = {
          source  = "kreuzwerker/docker"
          version = "3.0.2"
        }
        azurerm = {
          source = "hashicorp/azurerm"
          version = "4.14.0"
        }
      }
    }
    
    resource "azurerm_resource_group" "rg" {
      name     = "${var.resource_group_name_prefix}-rg"
      location = var.resource_group_location
      lifecycle {
      ignore_changes = all 
      }
    }
    
    resource "azurerm_container_registry" "acr" {
      name                     = "venkatfacrtest"
      location                 = azurerm_resource_group.rg.location
      resource_group_name      = azurerm_resource_group.rg.name
      sku                       = "Premium"
      admin_enabled            = true
      depends_on               = [azurerm_resource_group.rg]
    }
    
    
    resource "docker_image" "nginx_image" {
      name = "nginx:latest"
      depends_on = [azurerm_container_registry.acr]
    }
    
    resource "null_resource" "dockerpush" {
      provisioner "local-exec" {
        command = <<-EOT
          az acr login --name ${azurerm_container_registry.acr.name}
          docker tag ${docker_image.nginx_image.image_id} ${azurerm_container_registry.acr.name}.azurecr.io/demoimage/nginx:v3 | tr -d '\r'
          docker push ${azurerm_container_registry.acr.name}.azurecr.io/demoimage/nginx:v3 | tr -d '\r'
        EOT
        interpreter = ["bash", "-c"]
      }
    
      depends_on = [docker_image.nginx_image, azurerm_container_registry.acr]
    }
    

    terraform apply

    enter image description here

    After running the code, the Docker image, along with the tag, was changed and pushed to ACR successfully

    enter image description here

    ACR result

    enter image description here