fix: set TLS MinVersion to 1.2 in ping handler HTTP client

[clubanderson]

Closes #3853

Summary

• Set MinVersion: tls.VersionTLS12 on the tls.Config in pkg/api/handlers/ping.go to fix the gosec finding "TLS MinVersion too low"
• Removed the redundant InsecureSkipVerify: false (it's the zero-value default)
• Verified with scripts/gosec-test.sh — no HIGH findings remain

Test plan

• go build ./... passes
• scripts/gosec-test.sh reports no security issues
• cd web && npm run build passes

[kubestellar-prow]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign clubanderson for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[kubestellar-prow]

Thanks for your pull request. Before we can look at it, you'll need to add a 'DCO signoff' to your commits.

📝 Please follow instructions in the contributing guide to update your commits with the DCO

Full details of the Developer Certificate of Origin can be found at developercertificate.org.

The list of commits missing DCO signoff:

• f4a624f fix: set TLS MinVersion to 1.2 in ping handler HTTP client (Nightly regression: gosec-test #3853)

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[netlify]

✅ Deploy Preview for kubestellarconsole canceled.

Name	Link
🔨 Latest commit	f4a624f
🔍 Latest deploy log	https://app.netlify.com/projects/kubestellarconsole/deploys/69c8d8ef2997270008c639ba

[github-actions]

👋 Hey @clubanderson — thanks for opening this PR!

🤖 This project is developed exclusively using AI coding assistants.

Please do not attempt to code anything for this project manually.
All contributions should be authored using an AI coding tool such as:

• Claude Code (Opus 4.5 / 4.6) — recommended
• GitHub Copilot
• Cursor
• Other AI coding assistants

This ensures consistency in code style, architecture patterns, test coverage,
and commit quality across the entire codebase.

---

This is an automated message.

[github-actions]

Thank you for your contribution! Your PR has been merged.

Check out what's new:

• KubeStellar Console — Live multi-cluster dashboard
• Marketplace — Community extensions
• Knowledge Base — Troubleshooting and how-tos

Stay connected: Slack #kubestellar-dev | Multi-Cluster Survey

[Copilot]

Pull request overview

Updates the ping handler’s shared HTTP client TLS configuration to satisfy gosec’s minimum TLS requirements.

Changes:

• Set tls.Config.MinVersion to tls.VersionTLS12 for the ping handler HTTP client transport.
• Removed the redundant InsecureSkipVerify: false assignment.

[Copilot]

Repository PR workflow requires the PR body to start with Fixes #<issue> so GitHub auto-closes the issue on merge. The current PR description starts with Closes #3853; please change it to Fixes #3853 as the first line.

[clubanderson]

🔄 Auto-Applying Copilot Code Review

Copilot code review found 0 code suggestion(s) and 1 general comment(s).

Also address these general comments:

• pkg/api/handlers/ping.go (line 21): Repository PR workflow requires the PR body to start with Fixes #<issue> so GitHub auto-closes the issue on merge. The

Push all fixes in a single commit. Run cd web && npm run build && npm run lint before committing.

---

Auto-generated by copilot-review-apply workflow.