github.com/jetstack/version-checker

version-checker

version-checker is a Kubernetes utility for observing the current versions of images running in the cluster, as well as the latest available upstream. These checks get exposed as Prometheus metrics to be viewed on a dashboard, or soft alert cluster operators.

Why Use version-checker?

• Improved Security: Ensures images are up-to-date, reducing the risk of using vulnerable or compromised versions.
• Enhanced Visibility: Provides a clear overview of all running container versions across clusters.
• Operational Efficiency: Automates image tracking and reduces manual intervention in version management.
• Compliance and Policy: Enforcement: Helps maintain version consistency and adherence to organizational policies.
• Incremental Upgrades: Facilitates frequent, incremental updates to reduce the risk of large, disruptive upgrades.
• Add-On Compatibility: Ensures compatibility with the latest versions of Kubernetes add-ons and dependencies.

Registries Supported

version-checker supports the following registries:

• ACR
• Docker Hub
• ECR
• GCR (inc gcr facades such as k8s.gcr.io)
• Quay
• Self Hosted (Docker V2 API compliant registries, e.g. registry, artifactory etc.). Multiple self hosted registries can be configured at once.

These registries support authentication.

Documentation

• Installation Guide
• Metrics

Grafana Dashboard

A grafana dashboard is also available to view the image versions as a table.

Grafana Dashboard

Known configurations

From time to time, version-checker may need some of the above options applied to determine the latest version, depending on how the maintainers publish their images. We are making a conscious effort to collate some of these configurations.

See known-configurations.md for more details.