Second stage of a pipeline not honoring general image directive?

Hi everyone :wave:

I’m working on a sample pipeline to build some container images using Docker. We are using a K8s executor runner hosted in our EKS cluster, configured to run Docker as described in Use Docker to build Docker images | GitLab

Our runner pod is configured to use an Ubuntu image as default (the one set in the runner’s Helm chart values.yaml file)

With that in mind…

  • What are you seeing, and how does that differ from what you expect to see?
  1. If I do a repository checkout in one stage, and then in the next stage (build), I switch the image to docker:20.10.22 (as instructed in the documentation link I provided above), I get the error message:

unable to resolve docker endpoint: open /certs/client/ca.pem: no such file or directory

  1. I get the same error if, instead of specifying the same image in the build stage, I override the pipeline’s default image with it
  • Consider including screenshots, error messages, and/or other helpful visuals


  • What version are you on? Are you using self-managed or

    • GitLab (Hint: /help):
    • Runner (Hint: /admin/runners): Kubernetes executor, CHART: gitlab-runner-0.48.0, APP VERSION: 15.7.0
  • Add the CI configuration from .gitlab-ci.yml and other configuration if relevant (e.g. docker-compose.yml)

    - if: '$CI_PIPELINE_SOURCE == "web"'  # Avoid automatic pipeline trigger when saving changes

image: docker:20.10.22

  APPNAME: myapp

  - checkout
  - build

Checkout Repository:
  stage: checkout
    - apk add git --update-cache
    - git version
    - git clone https://gitlab-ci-token:$

  stage: build
  # when: manual
  environment: development
    # Use the Kubernetes executor with Docker-in-Docker
    DOCKER_HOST: tcp://docker:2376
    DOCKER_TLS_CERTDIR: "/certs"
    DOCKERFILE: 'path/to/Dockerfile'
    - docker:20.10.22-dind
  # extends: .checkout
    - |
      docker info

      docker build --pull \
      --build-arg arg1=1 \
      --build-arg arg2=2 \
      --target development \
      --tag $APPNAME \
      --file $DOCKERFILE .
  • What troubleshooting steps have you already taken? Can you link to any docs or other resources so we know where you have been?

Everything works fine if using just one stage for everything!

1 Like


I switched from DinD to Buildah (, Quay), and now the pipeline works as expected.

1 Like