kritis-validation-hook is a key component that is used to verify the signatures of container images. This topic describes the features, usage notes, and release notes for kritis-validation-hook.
Introduction
kritis-validation-hook is a key component that is used to verify the signatures of container images. You can use the signature verification feature to ensure that only images signed by trusted authorities are deployed. This reduces the risk of malicious code execution. For more information about kritis-validation-hook, see Introduction to kritis-validation-hook.
Usage notes
For more information about how to work with kritis-validation-hook, see Use kritis-validation-hook to automatically verify the signatures of container images.
Release notes
August 2024
Version number | Image address | Release date | Description | Impact |
v0.11.0.0-gf0617391-aliyun | registry-cn-hangzhou.ack.aliyuncs.com/acs/kritis-server:v0.11.0.0-gf0617391-aliyun | 2024-08-29 | This version is in canary release.
| If exceptions occur when the system updates kritis-validation-hook, cluster resources may fail to be updated. We recommend that you update the component during off-peak hours. |
July 2024
Version number | Image address | Release date | Description | Impact |
v0.10.0.0-gde6f9437-aliyun | registry-cn-hangzhou.ack.aliyuncs.com/acs/kritis-server:v0.10.0.0-gde6f9437-aliyun | 2024-07-04 |
| If exceptions occur when the system updates kritis-validation-hook, cluster resources may fail to be updated. We recommend that you update the component during off-peak hours. |
April 2023
Version number | Image address | Release date | Description | Impact |
v0.9.0.0-gb7aa45c7-aliyun | registry.cn-hangzhou.aliyuncs.com/acs/kritis-server:v0.9.0.0-gb7aa45c7-aliyun | 2023-04-17 | Kubernetes 1.26 is supported. | If exceptions occur when the system updates kritis-validation-hook, cluster resources may fail to be updated. We recommend that you update the component during off-peak hours. |
August 2022
Version number | Image address | Release date | Description | Impact |
v0.8.0.4-g61d3531e-aliyun | registry.cn-hangzhou.aliyuncs.com/acs/kritis-server:v0.8.0.4-g61d3531e-aliyun | 2022-08-05 |
| If exceptions occur when the system updates kritis-validation-hook, cluster resources may fail to be updated. We recommend that you update the component during off-peak hours. |
December 2021
Version number | Image address | Release date | Description | Impact |
v0.6.0.5-gce1cc2d-aliyun | registry.cn-hangzhou.aliyuncs.com/acs/kritis-server:v0.6.0.5-gce1cc2d-aliyun | 2021-12-17 | Kubernetes 1.22 is supported. v0.6.0.5-gce1cc2d-aliyun and later versions support only Kubernetes 1.16 and later. | If exceptions occur when the system updates kritis-validation-hook, cluster resources may fail to be updated. We recommend that you update the component during off-peak hours. |
November 2021
Version number | Image address | Release date | Description | Impact |
v0.5.0.6-g525daee-aliyun | registry.cn-hangzhou.aliyuncs.com/acs/kritis-server:v0.5.0.6-g525daee-aliyun | 2021-11-15 |
| If exceptions occur when the system updates kritis-validation-hook, cluster resources may fail to be updated. We recommend that you update the component during off-peak hours. |
June 2021
Version number | Image address | Release date | Description | Impact |
v0.4.0.1-gb2862c4-aliyun | registry.cn-hangzhou.aliyuncs.com/acs/kritis-server:v0.4.0.1-gb2862c4-aliyun | 2021-06-10 | New feature: kritis-validation-hook can be installed in registered clusters. | If exceptions occur when the system updates kritis-validation-hook, cluster resources may fail to be updated. We recommend that you update the component during off-peak hours. |
March 2021
Version number | Image address | Release date | Description | Impact |
v0.3.1.4-ga89b624-aliyun | registry.cn-hangzhou.aliyuncs.com/acs/kritis-server:v0.3.1.4-ga89b624-aliyun | 2021-03-24 | New feature: The signatures of images stored in repositories whose names contain forward slashes (/) can be verified. | If exceptions occur when the system updates kritis-validation-hook, cluster resources may fail to be updated. We recommend that you update the component during off-peak hours. |
November 2020
Version number | Image address | Release date | Description | Impact |
v0.2.7.2-g5fa671a-aliyun | registry.cn-hangzhou.aliyuncs.com/acs/kritis-server:v0.2.7.2-g5fa671a-aliyun | 2020-11-24 | The signature verification whitelist feature is supported. kritis-validation-hook does not verify the signatures of images that are included in a signature verification whitelist. | If exceptions occur when the system updates kritis-validation-hook, cluster resources may fail to be updated. We recommend that you update the component during off-peak hours. |
v0.2.6.4-g94b0940-aliyun | registry.cn-hangzhou.aliyuncs.com/acs/kritis-server:v0.2.6.4-g94b0940-aliyun | 2020-11-16 | New features: Signature verification is supported for Container Service for Kubernetes (ACK) images whose versions are immutable. For more information, see Configure a repository to be immutable. | If exceptions occur when the system updates kritis-validation-hook, cluster resources may fail to be updated. We recommend that you update the component during off-peak hours. |
August 2020
Version number | Image address | Release date | Description | Impact |
v0.2.5.26-g75d5297-aliyun | registry.cn-hangzhou.aliyuncs.com/acs/kritis-server:v0.2.5.26-g75d5297-aliyun | 2020-08-12 |
| If exceptions occur when the system updates kritis-validation-hook, cluster resources may fail to be updated. We recommend that you update the component during off-peak hours. |
June 2020
Version number | Image address | Release date | Description | Impact |
v0.2.4.1-ge5c1265-aliyun | registry.cn-hangzhou.aliyuncs.com/acs/kritis-server:v0.2.4.1-ge5c1265-aliyun | 2020-06-22 | The signatures of Container Registry images stored in regions other than the current region can be verified. | If exceptions occur when the system updates kritis-validation-hook, cluster resources may fail to be updated. We recommend that you update the component during off-peak hours. |
April 2020
Version number | Image address | Release date | Description | Impact |
v0.2.3.1-00e70883-aliyun | registry.cn-hangzhou.aliyuncs.com/acs/kritis-server:v0.2.3.1-00e70883-aliyun | 2020-04-07 | Performance is improved and log content is optimized. | If exceptions occur when the system updates kritis-validation-hook, cluster resources may fail to be updated. We recommend that you update the component during off-peak hours. |
March 2020
Version number | Image address | Release date | Description | Impact |
v0.2.2.3-fe8a6319-aliyun | registry.cn-hangzhou.aliyuncs.com/acs/kritis-server:v0.2.2.3-fe8a6319-aliyun | 2020-03-18 | kritis-validation-hook is integrated with Container Registry. You can verify the signatures of images that are signed by Key Management Service (KMS). This ensures that only trusted images are deployed in ACK clusters. | If exceptions occur when the system updates kritis-validation-hook, cluster resources may fail to be updated. We recommend that you update the component during off-peak hours. |