I want to know whether it’s possible to make a FROM instruction in a Dockerfile pull the most recent image (e.g. image:latest) before proceeding with the build?
Currently, the image is only pulled if it’s not already stored locally.
docker build --pull OTHER_OPTIONS PATH
From https://docs.docker.com/engine/reference/commandline/build/
--pull Always attempt to pull a newer version of the imageAlthough there might be genuine use case for this for development pupose, I strongly suggest avoid depending on this option in production builds. Docker images must be immutable. Using this option can lead to situations where different images are generated from same source code and any behaviour changes resulting from such builds without corresponding changes in code are hard to debug.
Say there is a project called "derived project" which uses the base image myBaseImage:latest
FROM myBaseImage:latest
<snipped>
CMD xyzdocker build --pull -t myDerivedImage:<version of source code> .Assuming the tag of derived image is based on it's source code version (a git commit hash for example) which is the most common way to tag the images, if a new base image under latest tag is published while there are no changes in derived project, the build of derived project will produce different images under same name before and after the base image change. Once an image is published under a name, it should not be mutated.
In order to build a docker image by updating the base image, you must use the option:
--pullI leave you the official documentation where this option is discussed and many more: official docker documentation