What

As explained in the Versioning Chromium Images design document, tag Chromium versions in the format <semver>-Chromium-<Chromium Version> like 1.0.0-Chromium-126.0.6478.127 (this is an example).

Why

Security Scans: Allow images to be automatically scanned for security vulnerabilities.
Reproducibility: Provide unique artifacts for each build to ensure reproducible builds (this will also contribute to the reproducibility of the browser-based SM checks).
Debuggability: Make it easy to see which Chromium version an image is shipped with.
Consistency: Standardize Chromium-image versioning throughout the k6 teams.

Possible downsides:

Using “-” makes an image’s version a prerelease version, which might not work nicely with some tools (this is to be determined because we have never witnessed such a problem yet).
Pre-release versions are considered lower versions than non-pre-release versions. For example, 1.0.2 is considered a newer version than 1.0.2-Chromium-1.0.0. So, it’s vital to use the formatting explained in Proposal 3 consistently for incremental security scans.

How

Possible solution: Every release might automatically tag a Chromium image incrementally and attach the Chromium version information.

Note

Add an image_name as explained here for vulnerability scans.

grafana / crocochrome

Tag Chromium images #28

What

Why

How

Note