Can't pull docker image on already deployed pod

We have setup gitlab pipeline and k8s deploy using gitlab agent on our cluster.
The deployment is always working fine when executed by the pipeline scripts.

But sometimes, after a certain time, the cluster can’t pull again the image with this error :

Failed to pull image "registry.xxxxxx.com/groupe/dsi/integration:1.2.0-alpha.31@sha256:3da493c133c45324ab562b57db4b7401b523757b6e0441de6eead7d671bb1dcd": 
failed to pull and unpack image "registry.xxxxxx.com/groupe/dsi/integration@sha256:3da493c133c45324ab562b57db4b7401b523757b6e0441de6eead7d671bb1dcd": 
failed to resolve reference "[registry.xxxxxx.com/groupe/dsi/integration](http://registry.xxxxxx.com/groupe/dsi/integration)@sha256:3da493c133c45324ab562b57db4b7401b523757b6e0441de6eead7d671bb1dcd": 
failed to authorize: failed to fetch oauth token: unexpected status: 401 Unauthorized

It happens after node restart or reprovisionned (a new node), sometimes on pod restart too, only on specific pods (3 pods actually). The secret (with dockerconfigjson entry) is still there.

We are using gitlab v16.3 and gitlab-agent v16.4.0

I finally found out what was the problem !
The “not working” projects had not the same auto-devops configuration.

If you choose : “Continuous deployment to production” the generated deploy token is not the same.

The good working solution is this one (on the picture) :

image1165×423 41.4 KB