Kubewarden 1.4.0 Release | SUSE Communities
< Back to Blog

Kubewarden 1.4.0 Release

December 5, 2022 | By: Flavio Castelli

Share

Today we’re pleased to announce the availability of Kubewarden 1.4.0. Kubewarden is an open source security policy engine. This 1.4.0 version brings some minor fixes to our controller and helm charts and two new interesting features.

Sigstore certificate verification

Kubewarden integration with Sigstore keeps growing. Starting from this release, verifying signatures that have been produced with certificates is possible.

This can be useful to organizations that are using hardware tokens and KMS solutions to sign their container images via Sigstore.

Take a look at this dedicated blog post to learn more about this feature.

Policy benchmarking

Starting with this release, kwctl gains a new command called bench.

This command benchmarks the execution times of the validate_settings and the validate functions.

By using this command, policy authors can better understand how their code behaves once compiled into WebAssembly.

The bench command takes the same set of parameters as the run one and provides a quick overview of the execution times of these two core functions:


kwctl bench -r verify-image-signatures/test_data/pod_creation_signed_with_certificate.json \
            -s verify-image-signatures/test_data/settings-pod_signed_with_cert_and_rekor.yaml \
            verify-image-signatures/policy.wasm
validate_settings warming up for 3.00s
validate_settings mean warm up execution time 615.52µs running 10.1 thousand iterations
validate_settings [10.1 thousand iterations in 6.13s with 100.0 samples]:
	elapsed	[min mean max]:	[603.17µs 607.30µs 628.31µs] (sample data: med = 606.19µs, var = 12.73ms², stddev = 3.57µs)
validate warming up for 3.00s
validate mean warm up execution time 3.51s running 5.0 thousand iterations
validate [5.0 thousand iterations in 2.06s with 100.0 samples]:
	elapsed	[min mean max]:	[375.99µs 412.94µs 534.05µs] (sample data: med = 415.81µs, var = 623.37ms², stddev = 24.97µs)

Stay tuned for a dedicated blog post about this specific command of kwctl.

Go grab it!

We are eager to know what you think about Kubewarden and this release.

As usual, you can reach out to us over our slack channel.

Related Articles

Mar 01st, 2023

Epinio Meets s3gw

Oct 20th, 2022

Gain Competitive Advantage Through Cloud Native Technology

Sep 19th, 2023

Announcing the Harvester v1.2.0 Release

Oct 06th, 2022

Why is Open Source Important to Enterprise IT Leaders?