Modifying labels does not recreate container about terraform-provider-docker HOT 16 CLOSED

@suzuki-shunsuke
You're right I'm off-topic here. Sorry about that.

from terraform-provider-docker.

I understand i didn't think it mattered because it could be any string. It was not related to the bug. But i'll try better next time.

Anyways... Thank you really much for your work!

from terraform-provider-docker.

Just ran into this and adding my vote. If I can get a few pointers to how this could be fixed, I can try to make a PR.

from terraform-provider-docker.

I think this issue has already been solved.

from terraform-provider-docker.

It looks that labels's ForceNew is true from the first time. 🤔
8f9b151

from terraform-provider-docker.

Hmm, do we have a test for this? It should re-create, right?

from terraform-provider-docker.

Same here - any updates on this?

from terraform-provider-docker.

@fabianschurz Would you tell us how to reproduce?

• Terraform version
• This Provider version
• Terraform configuration (.tf)
• command and output

The code should be runnable for maintainers to reproduce the problem.
We can't reproduce the problem with partial code.
Don't include unknown input variables, local values, resources, etc.
If you can reproduce the problem with public Docker images, please don't use private Docker images.
Don't include unneeded resources to reproduce the problem.
Don't set unneeded attributes to reproduce the problem.

from terraform-provider-docker.

I there sorry to barge in but I have the same issue updating an image. So here is my details:

• Terraform v0.14.7
• kreuzwerker/docker 2.11.0

Terraform configuration

terraform {
  backend "http" {
  }
}

terraform {
  required_providers {
    docker = {
      source  = "kreuzwerker/docker"
      version = "2.11.0"
    }
  }
}

provider "docker" {
  host = "ssh://${var.docker_host}"
}

resource "docker_image" "gitlab_runner" {
  name = "myregistry.net/gitlab-runner:1.0.1"
}

resource "docker_container" "test-01-gitlab-runner" {
  image   = docker_image.gitlab_runner.latest
  name    = "test-01-gitlab-runner"
  restart = "always"

  env = [
    "GITLAB_REGISTRATION_TOKEN=${var.test_gitlab_registration_token}",
    "GITLAB_RUNNER_DESCRIPTION=test-01-gitlab-runner",
    "GITLAB_RUNNER_TAG_LIST=test"
  ]

  volumes {
    host_path      = "/var/run/docker.sock"
    container_path = "/var/run/docker.sock"
  }
}

Ouput from terraform plan

Resource actions are indicated with the following symbols:
  ~ update in-place
Terraform will perform the following actions:
  # docker_image.gitlab_runner will be updated in-place
  ~ resource "docker_image" "gitlab_runner" {
        id     = "sha256:e4f59e3ff6f5e27d6a349ec97bd40397a4b49fd5b121b9af2170e875bbfbeeb6myregistry.net/gitlab-runner:1.0.0"
      ~ name   = "myregistry.net/gitlab-runner:1.0.0" -> "myregistry.net/gitlab-runner:1.0.1"
        # (1 unchanged attribute hidden)
    }
Plan: 0 to add, 1 to change, 0 to destroy.

Thanks for looking into this <3

from terraform-provider-docker.

@Awea
I think your problem has nothing to do with this issue.
In your Terraform configuration labels isn't used, and Docker image name is changed.
This issue is about labels of docker_container resource.

from terraform-provider-docker.

No problem.
Please create a new issue if you need.

from terraform-provider-docker.

@suzuki-shunsuke

Terraform v0.14.9

• provider registry.terraform.io/kreuzwerker/docker v2.11.0

Can be reproduced with every tf configuration you can imagine. It just needs a minimum of one label. Adding or removing labels triggers the container to be renewed. Changing a label's name or its value does not trigger a refresh.

Example file:

locals {
  portainer = "portainer"
}

resource "docker_container" "portainer" {
  image = "sha256:96a1c6cc3d158fac0b5be75382b9b24d0a89ed5db7a59a3442d01556c139fff1" # portainer/portainer-ce:2.1.1

  # Arguments
  name  = local.portainer
  restart = "always"

  # Mounts
  mounts  {
    type = "volume"
    source = "portainer"
    target = "/data"
  }
  mounts {
    type = "bind"
    source = "/var/run/docker.sock"
    target = "/var/run/docker.sock"
  }

  # Networks
  networks_advanced {
    name = local.traefikNet
  }
  networks_advanced {
    name = local.ldapNet
  }

  # Labels
  labels {
    label = "traefik.enable"
    value = true
  }
  labels {
    label = "traefik.http.routers.${local.portainer}.rule"
    value = "Host(`portainer.example.com`)"
  }
  labels {
    label = "traefik.http.routers.${local.portainer}.tls.certresolver"
    value = "le"
  }
  labels {
    label = "traefik.http.services.${local.portainer}.loadbalancer.server.port"
    value = 9000
  }
}

Example change in the configuration:

 labels {
    label = "traefik.enable"
    value = true
  }

to

 labels {
    label = "traefik.someotherlabel"
    value = true
  }

or

 labels {
    label = "traefik.enabled"
    value = false
  }

The first snippet is our current configuration. So i'm changing the label to 'traefik.someotherlabel' to show the issue.

terraform apply:

 docker_container.portainer will be updated in-place
  ~ resource "docker_container" "portainer" {
        id                = "08a5d75edf414aa5f2a687b9d55ff477ec64099b2060ac80eadd98d44f3e16e1"
        name              = "portainer"
        # (40 unchanged attributes hidden)

      + labels {
          + label = "traefik.asdf"
          + value = "true"
        }
      - labels {
          - label = "traefik.enable" -> null
          - value = "true" -> null
        }


        # (7 unchanged blocks hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

docker_container.portainer: Modifying... [id=08a5d75edf414aa5f2a687b9d55ff477ec64099b2060ac80eadd98d44f3e16e1]
docker_container.portainer: Modifications complete after 0s [id=08a5d75edf414aa5f2a687b9d55ff477ec64099b2060ac80eadd98d44f3e16e1]

Apply complete! Resources: 0 added, 1 changed, 0 destroyed.

docker inspect (still the same):

"Labels": {
                "traefik.enable": "true",
                "traefik.http.routers.portainer.rule": "Host(`portainer.example.com`)",
                "traefik.http.routers.portainer.tls.certresolver": "le",
                "traefik.http.services.portainer.loadbalancer.server.port": "9000"
            }

Expected behaviour: Label is applied

My guess is that it's a problem caused by the design. As far as i know a container's labels cannot be "updated". Instead the container has to be recreated completely.

from terraform-provider-docker.

@fabianschurz Thanks.
Unfortunately, your code doesn't work.

$ terraform validate

Error: Reference to undeclared local value

  on main.tf line 38, in resource "docker_container" "portainer":
  38:     name = local.traefikNet

A local value with the name "traefikNet" has not been declared.


Error: Reference to undeclared local value

  on main.tf line 41, in resource "docker_container" "portainer":
  41:     name = local.ldapNet

A local value with the name "ldapNet" has not been declared.

But I could reproduce the problem.

$ terraform version
Terraform v0.14.9
+ provider registry.terraform.io/kreuzwerker/docker v2.11.0

terraform {
  required_providers {
    docker = {
      source  = "kreuzwerker/docker"
      version = "2.11.0"
    }
  }
}

provider "docker" {
}

resource "docker_image" "nginx" {
  name = "nginx:1.17.0-alpine"
}

resource "docker_container" "nginx" {
  image = docker_image.nginx.latest
  name  = "nginx-alpine"

  labels {
    label = "foo"
    value = "foo"
  }
}

$ terraform apply -auto-approve
docker_image.nginx: Creating...
docker_image.nginx: Creation complete after 7s [id=sha256:bfba26ca350c153700592ebd7e4613f25a7a8779289e041eb68a97623277de82nginx:1.17.0-alpine]
docker_container.nginx: Creating...
docker_container.nginx: Creation complete after 0s [id=e0b8ccb7c867403b2662840819c978148c74b641d777fedbbfe4a3b54f470eb2]

Apply complete! Resources: 2 added, 0 changed, 0 destroyed.

$ terraform plan
docker_image.nginx: Refreshing state... [id=sha256:bfba26ca350c153700592ebd7e4613f25a7a8779289e041eb68a97623277de82nginx:1.17.0-alpine]
docker_container.nginx: Refreshing state... [id=e0b8ccb7c867403b2662840819c978148c74b641d777fedbbfe4a3b54f470eb2]

No changes. Infrastructure is up-to-date.

This means that Terraform did not detect any differences between your
configuration and real physical resources that exist. As a result, no
actions need to be performed.

$ vi main.tf # fix label value
$ terraform plan
docker_image.nginx: Refreshing state... [id=sha256:bfba26ca350c153700592ebd7e4613f25a7a8779289e041eb68a97623277de82nginx:1.17.0-alpine]
docker_container.nginx: Refreshing state... [id=e0b8ccb7c867403b2662840819c978148c74b641d777fedbbfe4a3b54f470eb2]

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # docker_container.nginx will be updated in-place
  ~ resource "docker_container" "nginx" {
        id                = "e0b8ccb7c867403b2662840819c978148c74b641d777fedbbfe4a3b54f470eb2"
        name              = "nginx-alpine"
        # (39 unchanged attributes hidden)

      + labels {
          + label = "foo"
          + value = "bar"
        }
      - labels {
          - label = "foo" -> null
          - value = "foo" -> null
        }
    }

Plan: 0 to add, 1 to change, 0 to destroy.

I expected the container would be recreated but actually would be updated in-place.

As I said #48 (comment)
ForceNew: true is being set, but it doesn't work as expected.

We have to investigate the cause.

https://pkg.go.dev/github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema#Schema

from terraform-provider-docker.

I have created a pull request to fix #48 (comment)

#152

from terraform-provider-docker.

Thats because the variable is defined in another file that i didn't post @suzuki-shunsuke

from terraform-provider-docker.

Thats because the variable is defined in another file that i didn't post

I see. Please see #48 (comment) .
I wrote the same guide to CONTRIBUTING and Issue Template.

Anyway, thank you for your report.
The problem would be solved by #152

from terraform-provider-docker.