DEV Community

rndmh3ro
rndmh3ro

Posted on • Originally published at zufallsheld.de on

TIL how to work with Gitlab-CI’s Pull Policy

In a .gitlab-ci.yml job, if you do not specify a tag for an image, the latest tag is used by default.

The default configuration of the gitlab-runner to pull Docker images is if-not-present, which means the image is only loaded if it is not already present. This in turn means that the image used is not updated. So if you use latest or no tag at all,, the image used is the one that was current at the time it was pulled, any updates afterwards will be ignored.

To change this behavior, you can use one of the following methods:

  • Change the pull-policy in GitLab Runner and in the job. This can be done by following the instructions in the official documentation: https://docs.gitlab.com/ee/ci/yaml/#imagepull_policy
  • update the image manually on the server of the runner (with docker pull foo:latest)
  • use ephemeral runners that are always rebuilt

Top comments (3)

Collapse
 
bcouetil profile image
Benoit COUETIL 💫

Sorry, but the documentation say otherwise, always is the default behavior : docs.gitlab.com/runner/executors/d...

And that is what I've experienced myself numerous times.

Collapse
 
rndmh3ro profile image
rndmh3ro

We get our runners automatically created by our central operations team. I'll have to ask them if they don't override the defaults.

Thanks for this!

Collapse
 
bcouetil profile image
Benoit COUETIL 💫 • Edited

You're welcome my friend.

So your team as configured the best default of all, if-not-present. They save you some precious time at job startup, and maybe help the company with Dockerhub quotas.

This should be perfect for every scenario, considering that latest tag is a bad practice that should be always avoided (unstable behavior and inconsistency on major changes).