Skip to content
Switch branches/tags

Latest commit


* internal/httpsvc: set TLSv1.3 for optional TLS for contour metrics

This change was accidentally left out from #3707.  It updates minimum TLS
version to TLSv1.3 for Contour metrics endpoint when optional TLS support
is used to protect the endpoint.

Added test cases for httsvc.

Updates #3594

Signed-off-by: Tero Saarni <>

Git stats


Failed to load latest commit information.
Latest commit message
Commit time
Oct 31, 2017

Contour Build and Test Pull Request Go Report Card GitHub release License Slack CII Best Practices

Contour is fun at parties!


Contour is an Ingress controller for Kubernetes that works by deploying the Envoy proxy as a reverse proxy and load balancer. Contour supports dynamic configuration updates out of the box while maintaining a lightweight profile.

Contour also introduces a new ingress API (HTTPProxy) which is implemented via a Custom Resource Definition (CRD). Its goal is to expand upon the functionality of the Ingress API to allow for a richer user experience as well as solve shortcomings in the original design.


See the compatibility matrix for the Kubernetes versions Contour is supported with.

RBAC must be enabled on your cluster.

Get started

Getting started with Contour is as simple as one command. See the Getting Started document.


If you encounter issues, review the Troubleshooting section of the docs, file an issue, or talk to us on the #contour channel on the Kubernetes Slack server.


Thanks for taking the time to join our community and start contributing!


See Contour's roadmap to learn more about where we are headed.


Security Audit

A third party security audit was performed by Cure53 in December of 2020. You can see the full report here.

Reporting security vulnerabilities

If you've found a security related issue, a vulnerability, or a potential vulnerability in Contour please let the Contour Security Team know with the details of the vulnerability. We'll send a confirmation email to acknowledge your report, and we'll send an additional email when we've identified the issue positively or negatively.

For further details please see our security policy.


See the list of releases to find out about feature changes.