I am learning GitLab-ci and a few things puzzle me. So here is a build job I found while googling:

.build:
  before_script:
    - echo "$CI_REGISTRY_PASSWORD" | docker login --username $CI_REGISTRY_USER --password-stdin $CI_REGISTRY
  script:
    - docker pull $CI_REGISTRY_IMAGE/$IMAGE_NAME:latest || true
    - docker build --ssh default --cache-from $CI_REGISTRY_IMAGE/$IMAGE_NAME:latest --build-arg BUILDKIT_INLINE_CACHE=1 --tag $CI_REGISTRY_IMAGE/$IMAGE_NAME:latest --tag $CI_REGISTRY_IMAGE/$IMAGE_NAME:$CI_COMMIT_SHORT_SHA .
    - docker push $CI_REGISTRY_IMAGE/$IMAGE_NAME:$CI_COMMIT_SHORT_SHA
    - docker push $CI_REGISTRY_IMAGE/$IMAGE_NAME:latest
  stage: build
  image: docker:stable
  services:
    - docker:dind
  needs: []

Why before the building image is being pulled and pipe to true? I imagine it has something to do with caching but I am not sure why to use a pipe to true.

Also, what is the purpose of --ssh default and BUILDKIT?

CodePudding user response：

You should pull the image to take advantage of cached layers so that you don't build layers again unnecessarily. This results in faster builds, faster updates for people pulling new images, and more efficient use of storage in your container registry.

You can read more about this in the GitLab docs: Make Docker-in-Docker builds faster with Docker layer caching

For your additional questions:

Regarding --ssh default: see the docker documentation on this.

Regarding BUILDKIT, in short, in enables faster and more efficient builds.