Overwrite docker image with latest tag in artifactory

Question

I am currently Pushing same image twice one with tag number and another with latest tag to artifactory.

For the next release I would like to overwrite the image with latest tag with the new image that contains latest tag. Below is the way I am trying from Azure devops build

Docker Build Command:
     $(docker_registry)/$(Build.Repository.Name):$(BuildNbr)
Docker Push Command
      $(docker_registry)/$(Build.Repository.Name):$(BuildNbr)

Same above with latest tag, then

docker pull $(docker_registry)/imageName:latest

docker rmi --force $(docker_registry)/imageName:latest   //removing latest image from artifactory NOT WORKING

docker pull $(docker_registry)/imageName:$(BuildNbr)

docker tag $(docker_registry)/imageName:$(BuildNbr) $(docker_registry)/imageName:latest

docker push $(docker_registry)/imageName:latest

Somehow the above flow is not working and the latest image is not getting overwritten.

Am I doing any mistake ? I believe rmi command will not delete the image from artifactory.

Answer 1

You can achieve it through the include/exclude pattern for your permissions. You can create a new Permission Target that gives overwrite/delete permissions to tags with "latest" in it:

1. Remove the include pattern **
2. Add the include pattern **/latest/*
3. Add only the required docker repositories (for example "docker local")
4. Add anyone to this permission target that needs to be able to overwrite/delete.

Then, for all other permission targets, which defines the remainder of the tags (1.1, 1.2, etc), do not provide overwrite/delete permissions. With this, you will be able to overwrite the latest and not other tags.

You can read about include/exclude patterns as they relate to permission targets here.