Skip to content

Automatically update image references in consuming repos #1321

New issue
New issue
Open
Feature
Open
Automatically update image references in consuming repos#1321
Feature
Assignees
mthalman
Labels
area-infrastructure
@mthalman

Description

@mthalman
mthalman
opened on Jan 14, 2025

Keeping all the product repos that consume the images produced by this repo updated is a challenge. There are numerous such repos and multiple branches for each, all with image references sprinkled within the infrastructure. We want to ensure that those images are always referencing supported images. When new versions are released and others become EOL several times throughout the year across all the distros represented in this repo, all of the consuming repos need to be updated appropriately.

To ease the burden of manually updating these image reference, we should invest in automation that can automatically create PRs that apply these updates. #1279 is another solution to this problem by using a versionless tag but that is not appropriate for all repos due to the potential for breaking changes. This issue caters to those repos which need to reference a specific distro version.

The repo maintainers can choose the granularity they want for the image reference, whether it be exclusively by tag or by digest. The automation should handle either case.

Examples

Update Tag Reference

Update to the latest version of a distro.

-mcr.microsoft.com/dotnet-buildtools/prereqs:debian-11-helix-amd64
+mcr.microsoft.com/dotnet-buildtools/prereqs:debian-12-helix-amd64

Update Digest Reference

Update to the latest digest of a given tag.

-mcr.microsoft.com/dotnet-buildtools/prereqs:debian-12-helix-amd64@sha256:b99da50c4cb425e72ee69c2b8c1fdf99e0f71059aee19798e2f9310141ea48fb
+mcr.microsoft.com/dotnet-buildtools/prereqs:debian-12-helix-amd64@sha256:6bb6fef390e6f09a018f385e346b0fe5999d7662acd84ca2655e9a3c3e622b71

Tools

One tool that has been explored for this is https://github.com/renovatebot/renovate. It supports the ability to update digest reference scenario. It doesn't currently support the tag reference scenario in a general way (it can support it if you hardcode the debian or helix-amd64 portions of the tags in your configuration, which is not ideal). There's an existing issue for this: renovatebot/renovate#33217

Metadata

Metadata

Assignees

Labels

area-infrastructure

Type

Feature

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions