diff --git a/.github/workflows/update-ubuntu-version.yml b/.github/workflows/update-ubuntu-version.yml
new file mode 100644
index 0000000000..cb4f10fe9f
--- /dev/null
+++ b/.github/workflows/update-ubuntu-version.yml
@@ -0,0 +1,59 @@
+name: "update-ubuntu-version"
+on:
+  workflow_dispatch:
+  schedule:
+    # every Monday at around 3 am pacific/10 am UTC
+    - cron: "0 10 * * 1"
+env:
+  GOPROXY: https://proxy.golang.org
+  GO_VERSION: '1.20.3'
+permissions:
+  contents: read
+
+jobs:
+  bump-ubuntu-version:
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3
+      - uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9
+        with:
+          go-version: ${{env.GO_VERSION}}
+          cache-dependency-path: ./go.sum
+      - name: Bump Ubuntu version
+        id: bumpUbuntu
+        run: |
+          make update-ubuntu-version
+          c=$(git status --porcelain)
+          c="${c//$'\n'/'%0A'}"
+          c="${c//$'\r'/'%0D'}"
+          echo "changes<<EOF" >> $GITHUB_OUTPUT
+          echo "$c" >> $GITHUB_OUTPUT
+          echo "EOF" >> $GITHUB_OUTPUT
+      - name: Create PR
+        id: createPR
+        if: ${{ steps.bumpUbuntu.outputs.changes != '' }}
+        uses: peter-evans/create-pull-request@5b4a9f6a9e2af26e5f02351490b90d01eb8ec1e5
+        with:
+          token: ${{ secrets.MINIKUBE_BOT_PAT }}
+          commit-message: update ubuntu:focal image version
+          committer: minikube-bot <minikube-bot@google.com>
+          author: minikube-bot <minikube-bot@google.com>
+          branch: auto_bump_ubuntu_version
+          push-to-fork: minikube-bot/minikube
+          base: master
+          delete-branch: true
+          title: 'Kicbase: Bump ubuntu:focal image version'
+          body: |
+            The ubuntu:focal image released a new version
+
+            This PR was auto-generated by `make update-ubuntu-version` using [update-ubuntu-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-ubuntu-version.yml) CI Workflow.
+      - uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410
+        with:
+          github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+          script: |
+            github.rest.issues.createComment({
+              issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: 'ok-to-build-image'
+            })
diff --git a/Makefile b/Makefile
index fff776203c..7ffff9dc46 100644
--- a/Makefile
+++ b/Makefile
@@ -1107,6 +1107,11 @@ update-docker-version:
 	(cd hack/update/docker_version && \
 	 go run update_docker_version.go)
 
+.PHONY: update-ubuntu-version
+update-ubuntu-version:
+	(cd hack/update/ubuntu_version && \
+	 go run update_ubuntu_version.go)
+
 .PHONY: get-dependency-verison
 get-dependency-version:
 	@(cd hack/update/get_version && \
diff --git a/deploy/kicbase/Dockerfile b/deploy/kicbase/Dockerfile
index 22e015366f..c9e090a1cd 100644
--- a/deploy/kicbase/Dockerfile
+++ b/deploy/kicbase/Dockerfile
@@ -18,6 +18,8 @@
 # https://systemd.io/CONTAINER_INTERFACE/
 
 
+# this ARG needs to be global to use it in `FROM` & is updated for new versions of ubuntu:focal-*
+ARG UBUNTU_FOCAL_IMAGE="ubuntu:focal-20230308"
 # multi-stage docker build so we can build auto-pause for arm64
 FROM golang:1.20.3 as auto-pause
 WORKDIR /src
@@ -37,7 +39,7 @@ RUN if [ "$PREBUILT_AUTO_PAUSE" != "true" ]; then cd ./cmd/auto-pause/ && go bui
 
 # start from ubuntu 20.04, this image is reasonably small as a starting point
 # for a kubernetes node image, it doesn't contain much we don't need
-FROM ubuntu:focal-20230308 as kicbase
+FROM ${UBUNTU_FOCAL_IMAGE} as kicbase
 
 ARG BUILDKIT_VERSION="v0.11.4"
 ARG FUSE_OVERLAYFS_VERSION="v1.7.1"
diff --git a/hack/update/golang_version/update_golang_version.go b/hack/update/golang_version/update_golang_version.go
index f21e6513b0..5e6f12a030 100644
--- a/hack/update/golang_version/update_golang_version.go
+++ b/hack/update/golang_version/update_golang_version.go
@@ -110,6 +110,11 @@ var (
 				`GO_VERSION: .*`: `GO_VERSION: '{{.StableVersion}}'`,
 			},
 		},
+		".github/workflows/update-ubuntu-version.yml": {
+			Replace: map[string]string{
+				`GO_VERSION: .*`: `GO_VERSION: '{{.StableVersion}}'`,
+			},
+		},
 		".github/workflows/update-cloud-spanner-emulator-version.yml": {
 			Replace: map[string]string{
 				`GO_VERSION: .*`: `GO_VERSION: '{{.StableVersion}}'`,
diff --git a/hack/update/ubuntu_version/update_ubuntu_version.go b/hack/update/ubuntu_version/update_ubuntu_version.go
new file mode 100644
index 0000000000..48768e88e0
--- /dev/null
+++ b/hack/update/ubuntu_version/update_ubuntu_version.go
@@ -0,0 +1,107 @@
+/*
+Copyright 2023 The Kubernetes Authors All rights reserved.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+/*
+Copyright 2022 The Kubernetes Authors All rights reserved.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+    http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"strings"
+
+	"k8s.io/klog/v2"
+
+	"k8s.io/minikube/hack/update"
+)
+
+const (
+	dockerHubUbuntuBaseURL = "https://hub.docker.com/v2/repositories/library/ubuntu/tags"
+)
+
+var (
+	schema = map[string]update.Item{
+		"deploy/kicbase/Dockerfile": {
+			Replace: map[string]string{
+				`UBUNTU_FOCAL_IMAGE=.*`: `UBUNTU_FOCAL_IMAGE="{{.LatestVersion}}"`,
+			},
+		},
+	}
+)
+
+// Data holds latest Ubuntu focal version in semver format.
+type Data struct {
+	LatestVersion string
+}
+
+// Response is used to unmarshal the response from Docker Hub
+type Response struct {
+	Results []struct {
+		Name string `json:"name"`
+	}
+}
+
+func getLatestVersion() (string, error) {
+	resp, err := http.Get(dockerHubUbuntuBaseURL)
+	if err != nil {
+		return "", fmt.Errorf("unable to get Ubuntu focal's latest version: %v", err)
+	}
+	defer resp.Body.Close()
+
+	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return "", fmt.Errorf("unable to read HTTP response from Docker Hub: %v", err)
+	}
+
+	var content Response
+	err = json.Unmarshal(body, &content)
+	if err != nil {
+		return "", fmt.Errorf("unable to unmarshal response from Docker Hub: %v", err)
+	}
+
+	for _, i := range content.Results {
+		if strings.Contains(i.Name, "focal-") {
+			return i.Name, nil
+		}
+	}
+
+	return "", fmt.Errorf("response from Docker Hub does not contain a latest focal image")
+}
+
+func main() {
+	// get Ubuntu Focal latest version
+	latest, err := getLatestVersion()
+	if err != nil {
+		klog.Fatalf("Unable to find latest ubuntu:focal version: %v\n", err)
+	}
+	data := Data{LatestVersion: fmt.Sprintf("ubuntu:%s", latest)}
+	klog.Infof("Ubuntu focal latest version: %s", latest)
+
+	update.Apply(schema, data)
+}