## Running License Compliance in an offline environment
License Compliance can be executed on an offline GitLab Ultimate installation by using the following
process:
For self-managed GitLab instances in an environment with limited, restricted, or intermittent access
to external resources through the internet, some adjustments are required for the License Compliance job to
successfully run.
1. Host the License Compliance image
`registry.gitlab.com/gitlab-org/security-products/license-management:latest` in your local Docker
container registry.
1. Add the following configuration to your `.gitlab-ci.yml` file. You must replace the value of `image` to refer
to the License Compliance Docker image hosted on your local Docker container registry:
### Requirements for offline License Compliance
```yaml
include:
To use License Compliance in an offline environment, you need:
- GitLab Runner with the [`docker` or `kubernetes` executor](#requirements).
- Docker Container Registry with locally available copies of License Compliance [analyzer](https://gitlab.com/gitlab-org/security-products/analyzers) images.
NOTE: **Note:**
GitLab Runner has a [default `pull policy` of `always`](https://docs.gitlab.com/runner/executors/docker.html#using-the-always-pull-policy),
meaning the runner will try to pull Docker images from the GitLab container registry even if a local
copy is available. GitLab Runner's [`pull_policy` can be set to `if-not-present`](https://docs.gitlab.com/runner/executors/docker.html#using-the-if-not-present-pull-policy)
in an offline environment if you prefer using only locally available Docker images. However, we
recommend leaving the pull policy set to `always`, as it better enables updated scanners to be used
within your CI/CD pipelines.
### Make GitLab License Compliance analyzer images available inside your Docker registry
For License Compliance with all [supported languages and package managers](#supported-languages-and-package-managers),
import the following default License Compliance analyzer images from `registry.gitlab.com` to your
The process for importing Docker images into a local offline Docker registry depends on
**your network security policy**. Please consult your IT staff to find an accepted and approved
process by which external resources can be imported or temporarily accessed. Note that these scanners are [updated periodically](../../application_security/index.md#maintenance-and-update-of-the-vulnerabilities-database)
with new definitions, so consider if you are able to make periodic updates yourself.
For details on saving and transporting Docker images as a file, see Docker's documentation on
[`docker export`](https://docs.docker.com/engine/reference/commandline/export/), and [`docker import`](https://docs.docker.com/engine/reference/commandline/import/).
### Set License Compliance CI job variables to use local License Compliance analyzers
Override License Compliance environment variables to use to your local container registry
as the source for License Compliance analyzer images.
For example, this assumes a local Docker registry repository of `localhost:5000/analyzers`: