Is my Gitlab Runner pull_policy correct? Why does it re-download Docker Image?


I have the following setup:

  • 1 self-managed Gitlab Runner as Docker executor with pull_policy = [“always”, “always”]
  • I’m using this pull_policy to always check that I have the correct version of Docker Image and to only download when needed (e.g. only if a layer in the Docker Image has changed and not when there is no change in layers)

I have the following pipeline:

  • first stage → docker-build which builds my Docker Image from a Dockerfile and upload to Container Registry with Docker tag = $CI_COMMIT_REF_SLUG using Kaniko
  • second stage → build-app which builds my application using the freshly built Docker Image in previous stage

My issue:

  • build_app job is redownloading the Docker Image even if it has been built on the same Gitlab Runner in the previous job (i.e. all layers are already in the Docker local registry)

I would expect that it only downloads the metadata of the new Docker tag generated which should be very fast.

Is my config wrong? Or is it the expected behavior?

Thanks for your help,