Skip to content

Commit

Permalink
Merge pull request #826 from pgier/bz1847318
Browse files Browse the repository at this point in the history 
Bug 1847318: set TLS min version to 1.2
  • Loading branch information
@openshift-merge-robot
openshift-merge-robot committed Jul 4, 2020
2 parents 57d3e97 + b641192 commit 6c2ec7a
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 2 deletions.
1 change: 1 addition & 0 deletions assets/prometheus-operator/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ spec:
- --config-reloader-memory=0
- --web.enable-tls=true
- --web.tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- --web.tls-min-version=VersionTLS12
- --manage-crds=false
image: quay.io/coreos/prometheus-operator:v0.38.1
name: prometheus-operator
Expand Down
1 change: 1 addition & 0 deletions jsonnet/prometheus-operator.jsonnet
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ local certsCAVolumeName = 'operator-certs-ca-bundle';
'--config-reloader-memory=0',
'--web.enable-tls=true',
'--web.tls-cipher-suites=' + std.join(',', $._config.tlsCipherSuites),
'--web.tls-min-version=VersionTLS12',
'--manage-crds=false',
],
securityContext: {},
Expand Down
4 changes: 2 additions & 2 deletions pkg/manifests/bindata.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 6c2ec7a

Please sign in to comment.