operator/ingress: Only TLS 1.1 or 1.2 can be used #488
Conversation
openshift-ci-robot
added
the
bugzilla/valid-bug
|
@Miciah: This pull request references Bugzilla bug 1763639, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
openshift-ci-robot
added
the
size/XS
|
/hold |
openshift-ci-robot
added
the
do-not-merge/hold
|
I thought TLS 1.2 is the maximum until haproxy is built with OpenSSL 1.1.1? |
Add a note to the IngressController documentation that the minimum and maximum TLS versions for ingress controllers are TLS 1.1 and TLS 1.2, respectively, and that the Modern TLS profile type therefore cannot be used. This commit is related to bug 1763639 and bug 1763605. https://bugzilla.redhat.com/show_bug.cgi?id=1763639 https://bugzilla.redhat.com/show_bug.cgi?id=1763605# * operator/v1/types_ingress.go (IngressControllerSpec): Document restrictions on the TLS protocol version and profile type. * operator/v1/0000_50_ingress-operator_00-custom-resource-definition.yaml: * operator/v1/zz_generated.swagger_doc_generated.go: Regenerate.
Miciah
force-pushed
the
BZ1763639-operator-slash-ingress-note-minimum-TLS-version-is-1.1
branch
from
519c51d
to
05fa477
Compare
openshift-ci-robot
added
size/S
Miciah
changed the title
openshift-ci-robot
removed
the
bugzilla/valid-bug
Yes, sorry, my earlier comment had a typo. I've update the PR. |
|
@Miciah: No Bugzilla bug is referenced in the title of this pull request. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/hold cancel |
openshift-ci-robot
removed
the
do-not-merge/hold
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: danehans, Miciah, soltysh The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
approved
Add a note to the IngressController documentation that the minimum and maximum TLS versions for ingress controllers are TLS 1.1 and TLS 1.2, respectively, and that the Modern TLS profile type therefore cannot be used.
This commit is related to bug 1763639 and bug 1763605.
operator/v1/types_ingress.go(IngressControllerSpec): Document restrictions on the TLS protocol version and profile type.operator/v1/0000_50_ingress-operator_00-custom-resource-definition.yaml:operator/v1/zz_generated.swagger_doc_generated.go:Regenerate.