Hi Great work, we have 40+ test-infra modules now so its good to let them be kept up to date in this kind of way. Also its a bit of a hazzle as a human to find out what the latest image is in different registries as they each have their own web site / CLI tool or API to do that.
On Tue, Dec 2, 2025 at 2:07 PM Andrea Cosentino <[email protected]> wrote: > Hello team, > > I'm pleased to announce a new GitHub Actions workflow that automatically > monitors and upgrades container image versions used in our test > infrastructure. > > The workflow scans all `container.properties` files in the test-infra > modules and checks for newer versions of container images in their > respective registries. When outdated images are found, it automatically > creates individual pull requests for each container update, making it > easier to review and test changes independently. > > - How It Works > > 1. Scheduled Execution: Runs every Monday at 6:00 AM UTC (can also be > triggered manually) > 2. Registry Support: Checks Docker Hub, Quay.io, GCR, GHCR, MCR, and other > 3. Individual PRs: Creates a separate pull request for each outdated > container, allowing granular review and testing > 4. Automatic Branches: Each PR uses a unique branch name following the > pattern: `automated/upgrade-<property>-<version>-<run-number>` > 5. Each PR includes the property name, image name, file path, old/new > versions, and verification instructions > > - Version Filtering (Whitelist/Blacklist) > > To give us control over which version tags are acceptable, the workflow > supports optional version filtering using whitelist and blacklist patterns. > > - Whitelist (Include Filter) > Only versions containing specific words will be considered: > > postgres.container=postgres:17.2-alpine > postgres.container.version.include=alpine > > This ensures only Alpine-based versions are selected (e.g., 17.3-alpine, > 18.0-alpine) > > - Blacklist (Exclude Filter) > Versions containing specific words will be excluded: > > kafka.container=quay.io/strimzi/kafka:latest-kafka-3.9.1 > kafka.container.version.exclude=rc,beta,alpha,snapshot > > This excludes pre-release versions containing "rc", "beta", "alpha", or > "snapshot" > > - Common Use Cases > > Only numeric versions (no distribution suffixes): > mysql.container=mysql:8.0.35 > mysql.container.version.exclude=alpine,slim,debian,bookworm > > Specific distribution only: > redis.container=redis:7.2.4-bookworm > redis.container.version.include=bookworm > > Exclude problematic versions: > nginx.container=nginx:1.25.3 > nginx.container.version.exclude=1.26,experimental > > - Filter Rules > > - Filters are case-insensitive > - Exclude filter (blacklist) is checked first - if version contains ANY > excluded word, it's rejected > - Include filter (whitelist) is checked second - if specified, version must > contain at least ONE included word > - Multiple words are comma-separated (no spaces) > - If no filters are specified, all versions are considered > > - Configuration > > Add filter properties directly in your `container.properties` files: > > # Format: > <property>.version.include=word1,word2,word3 > <property>.version.exclude=word1,word2,word3 > > Obviously, we'll need some time to tune the exclude/include list for each > image, but we'll do that. Please help by adding the exclusion, inclusion > filters in container.properties, if you have time. > > This is the first iteration results: > > https://github.com/apache/camel/pulls?q=is%3Aopen+is%3Apr+label%3Aautomated+label%3Acontainer-images > > I hope this will help. But we'll need to tune it a bit. > > Any feedback is always welcome. > -- Claus Ibsen
