explicitly pull the latest docker image in jenkins (#3760)

* explicitly pull the latest docker image in jenkins

Right now we don't need to do this since the same jenkins instance that
builds the images and tags them also pushes them, so it is guaranteed to
always have the latest. However, if we want to add another docker
builder that is no longer true, so let's always pull

* mos(t) def

* also this one

2 files changed, 6 insertions, 2 deletions

diff --git a/.jenkins/Jenkinsfile-cryptography-wheel-builder b/.jenkins/Jenkinsfile-cryptography-wheel-builder
index e784f426..c4404c25 100644
--- a/.jenkins/Jenkinsfile-cryptography-wheel-builder
+++ b/.jenkins/Jenkinsfile-cryptography-wheel-builder
@@ -167,7 +167,9 @@ for (config in configs) {
             builders[combinedName] = {
                 node(label) {
                     stage(combinedName) {
-                        docker.image(imageName).inside("-u root") {
+                        def buildImage = docker.image(imageName)
+                        buildImage.pull()
+                        buildImage.inside("-u root") {
                             build(version, label, imageName)
                         }
                     }
diff --git a/Jenkinsfile b/Jenkinsfile
index 3492b54b..c7710d64 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -306,7 +306,9 @@ for (config in configs) {
             builders[combinedName] = {
                 node(label) {
                     stage(combinedName) {
-                        docker.image(imageName).inside {
+                        def buildImage = docker.image(imageName)
+                        buildImage.pull()
+                        buildImage.inside {
                             build(toxenv, label, imageName, artifacts, artifactExcludes)
                         }
                     }