Hello team, I'm pleased to announce a new GitHub Actions workflow that automatically monitors and upgrades container image versions used in our test infrastructure.
The workflow scans all `container.properties` files in the test-infra modules and checks for newer versions of container images in their respective registries. When outdated images are found, it automatically creates individual pull requests for each container update, making it easier to review and test changes independently. - How It Works 1. Scheduled Execution: Runs every Monday at 6:00 AM UTC (can also be triggered manually) 2. Registry Support: Checks Docker Hub, Quay.io, GCR, GHCR, MCR, and other 3. Individual PRs: Creates a separate pull request for each outdated container, allowing granular review and testing 4. Automatic Branches: Each PR uses a unique branch name following the pattern: `automated/upgrade-<property>-<version>-<run-number>` 5. Each PR includes the property name, image name, file path, old/new versions, and verification instructions - Version Filtering (Whitelist/Blacklist) To give us control over which version tags are acceptable, the workflow supports optional version filtering using whitelist and blacklist patterns. - Whitelist (Include Filter) Only versions containing specific words will be considered: postgres.container=postgres:17.2-alpine postgres.container.version.include=alpine This ensures only Alpine-based versions are selected (e.g., 17.3-alpine, 18.0-alpine) - Blacklist (Exclude Filter) Versions containing specific words will be excluded: kafka.container=quay.io/strimzi/kafka:latest-kafka-3.9.1 kafka.container.version.exclude=rc,beta,alpha,snapshot This excludes pre-release versions containing "rc", "beta", "alpha", or "snapshot" - Common Use Cases Only numeric versions (no distribution suffixes): mysql.container=mysql:8.0.35 mysql.container.version.exclude=alpine,slim,debian,bookworm Specific distribution only: redis.container=redis:7.2.4-bookworm redis.container.version.include=bookworm Exclude problematic versions: nginx.container=nginx:1.25.3 nginx.container.version.exclude=1.26,experimental - Filter Rules - Filters are case-insensitive - Exclude filter (blacklist) is checked first - if version contains ANY excluded word, it's rejected - Include filter (whitelist) is checked second - if specified, version must contain at least ONE included word - Multiple words are comma-separated (no spaces) - If no filters are specified, all versions are considered - Configuration Add filter properties directly in your `container.properties` files: # Format: <property>.version.include=word1,word2,word3 <property>.version.exclude=word1,word2,word3 Obviously, we'll need some time to tune the exclude/include list for each image, but we'll do that. Please help by adding the exclusion, inclusion filters in container.properties, if you have time. This is the first iteration results: https://github.com/apache/camel/pulls?q=is%3Aopen+is%3Apr+label%3Aautomated+label%3Acontainer-images I hope this will help. But we'll need to tune it a bit. Any feedback is always welcome.
