Add --pull flag to all Docker build scripts to ensure fresh base images

[coderabbitai]

Description

Currently, Docker build scripts across the repository do not use the --pull flag, which means they may use stale cached base images instead of pulling the latest versions. This can lead to builds using outdated base images with potential security vulnerabilities or missing updates.

Affected Files

The following build scripts need to be updated to include the --pull flag:

Components Core Docker Images

• components/core/tools/docker-images/clp-core-ubuntu-jammy/build.sh
• components/core/tools/docker-images/clp-env-base-centos-stream-9/build.sh
• components/core/tools/docker-images/clp-env-base-manylinux-2.28-aarch64/build.sh
• components/core/tools/docker-images/clp-env-base-manylinux-2.28-x86_64/build.sh
• components/core/tools/docker-images/clp-env-base-ubuntu-jammy/build.sh

Tools Docker Images

• tools/docker-images/clp-execution-base-ubuntu-jammy/build.sh

Proposed Solution

Add the --pull flag to all docker build and docker buildx build commands in the build scripts. This ensures that:

1. Base images are always pulled fresh from the registry
2. Builds use the latest security updates and patches
3. Consistent behavior across different environments
4. Reduced risk of builds succeeding locally but failing in CI due to image differences

Example

For scripts using docker build:

docker build --pull --tag ... 

For scripts using docker buildx build:

docker buildx build --pull --platform ... --tag ...

References

• Original discussion: feat(core): Add support for building and running on manylinux_2_28; Add manylinux_2_28 dependency container images. #1041 (comment)
• Related PR: feat(core): Add support for building and running on manylinux_2_28; Add manylinux_2_28 dependency container images. #1041

Acceptance Criteria

• All 6 build scripts listed above include the --pull flag
• Build scripts continue to work correctly with the added flag
• Documentation is updated if necessary