New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
operator/ingress: Only TLS 1.1 or 1.2 can be used #488
operator/ingress: Only TLS 1.1 or 1.2 can be used #488
Conversation
@Miciah: This pull request references Bugzilla bug 1763639, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/hold |
I thought TLS 1.2 is the maximum until haproxy is built with OpenSSL 1.1.1? |
Add a note to the IngressController documentation that the minimum and maximum TLS versions for ingress controllers are TLS 1.1 and TLS 1.2, respectively, and that the Modern TLS profile type therefore cannot be used. This commit is related to bug 1763639 and bug 1763605. https://bugzilla.redhat.com/show_bug.cgi?id=1763639 https://bugzilla.redhat.com/show_bug.cgi?id=1763605# * operator/v1/types_ingress.go (IngressControllerSpec): Document restrictions on the TLS protocol version and profile type. * operator/v1/0000_50_ingress-operator_00-custom-resource-definition.yaml: * operator/v1/zz_generated.swagger_doc_generated.go: Regenerate.
519c51d
to
05fa477
Compare
Yes, sorry, my earlier comment had a typo. I've update the PR. |
@Miciah: No Bugzilla bug is referenced in the title of this pull request. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/hold cancel |
/lgtm |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/approve
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: danehans, Miciah, soltysh The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Add a note to the IngressController documentation that the minimum and maximum TLS versions for ingress controllers are TLS 1.1 and TLS 1.2, respectively, and that the Modern TLS profile type therefore cannot be used.
This commit is related to bug 1763639 and bug 1763605.
operator/v1/types_ingress.go
(IngressControllerSpec
): Document restrictions on the TLS protocol version and profile type.operator/v1/0000_50_ingress-operator_00-custom-resource-definition.yaml:
operator/v1/zz_generated.swagger_doc_generated.go:
Regenerate.