Docker Community Forums

Share and learn in the Docker community.

Tag without pull/push?


(Jeremypumphrey) #1

After testing has completed I’d like to take my image:latest image and create a release tag like image:1.3.1. Is it possible to tag from dockerhub to dockerhub without doing a pull, tag, and push? I don’t have any reason to download and upload it other than to change the tag.

(Nathan Le Claire) #2

No, it’s not possible.

Do you see how this could wreak havoc with access control levels if allowed? Just because I have access to registry A and B, does not imply that registry A or B should have access to the other.

Check out the docker tag command, which might well solve your problem in the first place. If you docker tag jeremypumphrey/foo:latest jeremypumphrey/foo:1.3.1, docker push of both of those images to the same registry will do the lion’s share of the work only one time.

(Jeremypumphrey) #3

I’m not following your answer. For a single registry I can do a pull, tag (no build), and push. I’d like to do exactly that without pulling and pushing. I’m not insterested in crossing two registries. I run create and upload my :latest on one server, and if they pass the tag logic is on another server. That second server has no need to pull and push other than what is required in order to update the tag in dockerhub. I’m sure there are others wasting bandwidth and time pulling and pushing just to update a tag. I thought it might be a good feature request.

(Nathan Le Claire) #4

If the layers already exist and you docker push with a different tag Docker will figure out there is nothing to push and report Layer already exists for those layers.

Why do you need to tag and push from a different server than the one you originally build and push on? Wouldn’t it be easier to just tag and push always from the original server?

(In general I recommend always tagging your images and never relying on latest).

(Jeremypumphrey) #5

In a CI/CD flow I build the image in one travisci step and deploy it to a test server. Then in a second travisci step I run some tests on the test server and if they pass I want to tag the :latest to :deployable-timestamp. The second step doesn’t have the image so I’m downloading, tagging, and uploading just to accomplish the tag.

(Nathan Le Claire) #6

Why not just tag the first image with the unique tag in the first place?

(Malcolm Greaves) #7

Would loved to have found a solution on this thread. Such is life.

@nathanleclaire because it’s common to want to rely on a specific type of version. Perhaps the idea is to always be using the “latest” version of some internal published thing by another team. One wants to know immediately when the most up-to-date dependency version breaks the downstream project. A different scenario is when wants to have the most up-to-date latest and stable version.

Of course, such strategies have drawbacks: every strategy does. For instance, the common, super-stable, production-grade strategy of depending on a specific version (e.g. commit hash or semver 2.0 scheme) gives repeatability at the cost of always delaying fixes and updates for newer dependency versions.

Different solutions for different problems.