[SOLVED] When I used Terraform to organize Docker for deployment, pulling the image failed

When I used Terraform to organize Docker for deployment, pulling the image failed

Successfully pulled public image, but failed to pull nex3 private image

terraform version

Terraform v1.8.5 on darwin_arm64

Terraform Configuration Files

terraform {
  required_providers {
    docker = {
      source  = "kreuzwerker/docker"
      version = "~> 3.0.1"
    }
  }
}

resource "docker_image" "demo_terraform" {
  name = var.image_name
  keep_locally = false 

}

variable "image_name" {
  description = "Value of the name for the Docker container"
  type        = string
  default     = "192.168.1.106:8083/repository/docker-nexus/demo-terraform:0.0.1-SNAPSHOT"
}

Debug Output

│ Error: Unable to read Docker image into resource: unable to pull image 192.168.1.106:8083/repository/docker-nexus/demo-terraform:0.0.1-SNAPSHOT: error pulling image 192.168.1.106:8083/repository/docker-nexus/demo-terraform:0.0.1-SNAPSHOT: Error response from daemon: Head "http://192.168.1.106:8083/v2/repository/docker-nexus/demo-terraform/manifests/0.0.1-SNAPSHOT": unauthorized: access to the requested resource is not authorized
│
│ with module.terraform_container_debian.docker_image.demo_terraform,
│ on test_container/main.tf line 10, in resource "docker_image" "demo_terraform":
│ 10: resource "docker_image" "demo_terraform" {

question

I cannot pull Docker images from my Nexus3 private server, I can pull it on the target host using the Docker pull command

Do Terraform require any special configuration when I pull Docker images from my private server Nexus3?

Solution

This issue has been resolved

provider "docker" {
  alias = "debian"
  host = "tcp://192.168.1.88:2375"
  
  registry_auth {
    address  = "http://192.168.1.106:8083"
    username = "xxxxx"
    password = "xxxxx"
  }
}

data "docker_registry_image" "demo-terraform" {
  name = var.image_name
  insecure_skip_verify = true 
}
 
resource "docker_image" "demo-terraform" {
  name          = "${data.docker_registry_image.demo-terraform.name}"
  pull_triggers = ["${data.docker_registry_image.demo-terraform.sha256_digest}"]
  
  keep_locally = false 

}