- Notifications
You must be signed in to change notification settings - Fork914
Description
When multipledocker-devcontainer workspaces are running, deleting one of them will trigger the following issue:
Terraform 1.9.8coder_agent.main: Plan to deletedocker_volume.workspaces: Plan to deletedocker_image.devcontainer_builder_image: Plan to deletecoder_agent.main: Destroying... [id=d87332f6-93ab-420d-bf3d-5818bc0fc18c]coder_agent.main: Destruction complete after 0sdocker_volume.workspaces: Destroying... [id=coder-aee29e12-d241-40e5-a075-f617b500a947]docker_image.devcontainer_builder_image: Destroying... [id=sha256:0043aade3996c429a302de5f79050c63bf2a56a7286c5aef2cd65387bc870db5ghcr.io/coder/envbuilder:latest]docker_image.devcontainer_builder_image: Destruction errored after 1sdocker_volume.workspaces: Destruction complete after 3sError: Unable to remove Docker image: Error response from daemon: conflict: unable to remove repository reference "ghcr.io/coder/envbuilder:latest" (must force) - container 7e439682639e is using its referenced image 0043aade3996This is due to the fact that deleting a workspace will try to delete all of its resources, except theenvbuilder image is shared between all the workspaces of that same template, which will make any workspace deletion fail.
Possible workaround
This could be fixed by adding thelifecycle.prevent_destroy attribute to thedocker_image resource:
resource "docker_image" "devcontainer_builder_image" { name = local.devcontainer_builder_image+ lifecycle {+ prevent_destroy = true+ }}But then you'll run into this issue when deleting the workspace:
Error: Instance cannot be destroyedon main.tf line 156: 156: resource "docker_image" "devcontainer_builder_image" {Resource docker_image.devcontainer_builder_image has lifecycle.prevent_destroy set, but the plan calls for this resource to be destroyed. To avoid this error and continue with the plan, either disable lifecycle.prevent_destroy or reduce the scope of the plan using the -target option.