Auto-updating Docker images (from private registries) not working

[saitho]

By running terraform apply periodically it should pull new containers when they are available and the "latest" tag is used.
It should then start up the new containers and update the webserver configuration (port numbers).
Then the new application should be served.

There seem to be issues, at least with private registries. After pushing a new "latest" image to the registry, terraform apply will do something, but not pull the new image? I have to run docker pull manually and then terraform apply again, to get the latest image running.

How to reproduce

I want to get the latest image of "myregistry.com:6443/myimage:latest"

docker_container

~ image = "sha256:8d8adb0c6006bb896796554e8e6220c5b394f542552097205249a743a2af319e" -> (known after apply) # forces replacement

docker_image

~ pull_triggers = [ # forces replacement
- "sha256:2dab7d4ae4052603c972c497feaaadda2ba11091f9bcd084e8600d4e0c3bfacb",
+ "sha256:f203c08336d066723f505eed25232df65d82ac9e897bc468c98aeeb16f8769d9",
]

New image hash is correct. Running docker images will yield:

myregistry.com:6443/myimage    latest       8d8adb0c6006   2 days ago     44.8MB
myregistry.com:6443/myimage <none>       5325c84777ec   2 days ago     44.8MB

Then I pull the image manually and run docker images:

docker.saitho.me:6443/simuldub_de/hugo   latest       35b55c54f1d8   10 minutes ago   45.7MB
docker.saitho.me:6443/simuldub_de/hugo   <none>       8d8adb0c6006   2 days ago       44.8MB
docker.saitho.me:6443/simuldub_de/hugo   <none>       5325c84777ec   2 days ago       44.8MB

The image is downloaded correctly. Running terraform apply again will recreate the containers and provide the latest version of the application.

[saitho]

The issue is not limited to private registries. Reproduced on a new server with latest Terraform version.
Reported here: kreuzwerker/terraform-provider-docker#172