I've noticed that the Docker images for Atlassian products in Docker do not leverage immutable Docker tags. Instead the tags are republished on a regular basis. In addition, some versions with lower numbers are published AFTER versions with higher numbers. For example, under https://hub.docker.com/r/atlassian/confluence I see:
8.5.0 - last published 12 hours ago
8.5.1 - last published 12 hours ago
8.5.2 - last published 13 hours ago
8.5.3 - last published 13 hours ago
8.5.4 - last published 14 hours ago
I also see that 8.3.4, which we have been using for several weeks, was last published 17 hours ago.
Are previously published versions being republished regularly for a reason? This causes two problems:
- If the pullPolicy is set to always and new instance of a container starts a week or two (or whatever) later on a different node, then the second container instance may not be the same version as the already running container instance.
- If the pullPolicy is set to IfNotPresent, and the container restarts on the same node, that container will not receive the updated version with the security fixes.
Or are the newly published versions with existing tags just the same code being updated over and over but there are not real changes to the code? If that is the case, why republish something that has not changed?
