Ensure image pull policy is set to Always
Error: Image pull policy is not set to Always
Bridgecrew Policy ID: BC_K8S_14
Checkov Check ID: CKV_K8S_15
Image pull policy is not set to Always
The Image Pull Policy of a container is set using the imagePullPolicy. The imagePullPolicy and the tag of the image are triggered when the kubelet attempts to pull the specified image. When the imagePullPolicy is set to Always, you ensure the latest version of the image is deployed every time the pod is started. Avoid using the :latest tag when deploying containers in production, it is harder to track which version of the image is running and more difficult to roll back correctly.
Fix - Buildtime
Argument: imagePullPolicy (Optional)
Defines for the kubelet when he should attempt to pull the specified image.
apiVersion: v1 kind: Pod metadata: name: <name> spec: containers: - name: <container name> + imagePullPolicy: Always
Updated 4 months ago