The Kubernetes Image Version Checker (k8s IVC) is small go binary, that checks if any of your Deployments, DaemonSets, StatefulSets and CronJobs in your cluster have a new version for the container images available. Currently, only images on Dockerhub are supported. It is possible, though, to configure a custom registry host, which will be stripped away.
It notifies the configured email address when new versions are available.
You can install the k8s IVC as cronjob type in k8s or download this repo and run the binary by hand. The container image is hosted on hub.docker.com under the name iulbricht/kubernetes-deployment-version-checker
.
Version v2 introduced the option to use a config file instead of environment variables. The main change is, that you can provide authentication tokens for hub.docker.com, quay.io and custom registries based on quay. Apart from that you can now specify multiple recipients for the update notice emails and define custom quay hosts.
A sample configuration can be found in the file config.yaml.sample
.
There are a few configuration options. These option control the mailing system and a few image related options.
Variable | Description |
---|---|
MAILING_TO |
The mail address the updates should be sent to |
MAILING_FROM |
The mail address sending the updates |
MAILING_USERNAME |
The username for the mail server |
MAILING_PASSWORD |
The password for the mail server |
MAILING_HOST |
The host of the mail server |
MAILING_PORT |
The port of the mail server |
IGNORE_NAMESPACES |
A comma separated list of namespaces to skip. When using microk8s recommend namespaces to exclude are kube-system , kube-public , ingress and kube-node-lease |
CUSTOM_REGISTRY_HOST |
The host of a proxy registry, like Sonatype Nexus. This host is automatically removed from the images |
MODE |
If set to out the configuration from ~/.kube-config will be used, if left unset the kubernetes secret mounted at /var/run/secrets/kubernetes.io/serviceaccount |
The configuration via environment variables is deprecated and will be removed in v3.
apiVersion: batch/v1
kind: CronJob
metadata:
name: kubernetes-deployment-version-checker
spec:
schedule: "0 0 * * *"
jobTemplate:
spec:
template:
spec:
containers:
- name: kubernetes-deployment-version-checker
image: iulbricht/kubernetes-deployment-version-checker:2
env:
- name: MAILING_TO
value: [email protected]
- name: MAILING_FROM
value: [email protected]
- name: MAILING_USERNAME
value: [email protected]
- name: MAILING_PASSWORD
value: password
- name: MAILING_HOST
value: mail.example.com
- name: MAILING_PORT
value: "587"
- name: IGNORE_NAMESPACES
value: kube-system,kube-public,ingress,kube-node-lease
- name: CUSTOM_REGISTRY_HOST
value: registry.example.com
restartPolicy: OnFailure
If you found a bug feel free to create an issue on Github or on my personal Taiga instance: https://taiga.imanuel.dev/project/kubernetes-version-check/
Like all other projects I create, the k8s IVC is distributed under the MIT License.