prow-image-bump-keep-variant

star 20

Bump container image tags in Prow job YAMLs under prow-jobs/ while keeping the tag variant suffix (e.g. -dind, -alpine). Use when asked to update or refresh Prow job images, or to bump container/initContainer tags to a newer version without changing variants.

PingCAP-QE By PingCAP-QE schedule Updated 3/4/2026
play_arrow Run Skill in Manus View GitHub

name: prow-image-bump-keep-variant description: "Bump container image tags in Prow job YAMLs under prow-jobs/ while keeping the tag variant suffix (e.g. -dind, -alpine). Use when asked to update or refresh Prow job images, or to bump container/initContainer tags to a newer version without changing variants."

Prow Image Bump (Keep Variant)

Quick workflow

  1. Identify the target image repo and the new base version (without variant).
  2. Update spec.containers[].image and spec.initContainers[].image in prow-jobs/**.
  3. Keep the existing tag variant suffix (text after the first -) while bumping the version.
  4. Validate with a quick rg search and review the changed YAML.

Preferred automation (shell only)

Use the bundled script to update only container and initContainer images under prow-jobs/. It auto-discovers newer tags using crane or oras and preserves the tag variant suffix.

skills/prow-image-bump-keep-variant/scripts/bump_prow_job_images.sh \
  --image docker \
  --tool crane \
  --dry-run --verbose

skills/prow-image-bump-keep-variant/scripts/bump_prow_job_images.sh \
  --image docker \
  --tool crane

Behavior:

  • Keeps tag variants by preserving everything after the -g<commit-sha> segment when present.
    • Example: ghcr.io/pingcap-qe/ci/base:v2026.1.18-8-gbb5ada9-go1.25 -> ...:v2026.2.1-<new>-go1.25
  • For tags without -g<commit-sha>, preserves everything after the first - (legacy behavior).
    • Example: docker:28.1-dind -> docker:28.2-dind
  • If the old tag has no - variant, only the version changes.
  • Only updates image: lines that are under containers: or initContainers: blocks.
  • Skips digest-pinned images (e.g. image@sha256:...).
  • Resolves "newer" by sorting tags with sort -V (semver-ish).

Manual fallback

If you need to update only a subset or the script is too broad:

  1. Find candidates:
rg --glob 'prow-jobs/**/*.yaml' -n "image:" prow-jobs
  1. Edit only the image: lines under containers: or initContainers:.
  2. Keep the existing tag variant suffix.

Notes and edge cases

  • Variant definition: everything after the -g<commit-sha> segment when present; otherwise everything after the first -.
  • If the image includes a registry with a port (e.g. registry:5000/repo:tag), the script still matches the repo name before the tag.
  • For multi-image updates, run the script once per image repo/version.
  • Requirements: yq plus either crane or oras.
Install via CLI
npx skills add https://github.com/PingCAP-QE/ci --skill prow-image-bump-keep-variant
Repository Details
star Stars 20
call_split Forks 113
navigation Branch main
article Path SKILL.md
More from Creator
PingCAP-QE
PingCAP-QE Explore all skills →