What is the simplest way to get GCR image digest through terraform?

  docker, terraform, terraform-provider-gcp

Terraform GCR provider has data source called google_container_registry_image which has an argument digest, but it will be null since it is stated that data source works completely offline.

data "google_container_registry_image" "image" {
  project = "foo"
  name = "bar"
  tag = "baz"
}
output "digest" {
  value = data.google_container_registry_image.image.digest // this is null
}

Current workaround I use uses docker provider and looks like this:

terraform {
  required_providers {
    docker = {
      source = "kreuzwerker/docker"
      version = "2.11.0"
    }
  }
}

provider "docker" {
  registry_auth {
    address = "gcr.io"
    config_file = pathexpand("~/.docker/config.json")
  }
}

data "google_container_registry_image" "image" {
  project = "foo"
  name = "bar"
  tag = "baz"
}

data "docker_registry_image" "image" {
  name = data.google_container_registry_image.image.image_url
}
output "digest" {
  value = data.docker_registry_image.image.sha256_digest
}

Using two providers and additional docker credentials seems pretty complicated for such a simple use case, is there some easier way to do it?

Source: Docker Questions

LEAVE A COMMENT