Skip to content

Commit

Permalink
Merge pull request #738 from tesshuflower/rbac-proxy-tls1.3
Browse files Browse the repository at this point in the history
Restrict rbac proxy to tls1.3 minimum

(cherry picked from commit 499df0e)
Signed-off-by: Tesshu Flower <tflower@redhat.com>
  • Loading branch information
openshift-merge-robot authored and tesshuflower committed May 16, 2023
1 parent 750dc2d commit e4281e3
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 0 deletions.
1 change: 1 addition & 0 deletions bundle/manifests/volsync.clusterserviceversion.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -417,6 +417,7 @@ spec:
- --secure-listen-address=0.0.0.0:8443
- --upstream=http://127.0.0.1:8080/
- --logtostderr=true
- --tls-min-version=VersionTLS13
- --v=0
image: quay.io/brancz/kube-rbac-proxy:v0.14.0
name: kube-rbac-proxy
Expand Down
1 change: 1 addition & 0 deletions config/default/manager_auth_proxy_patch.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ spec:
- "--secure-listen-address=0.0.0.0:8443"
- "--upstream=http://127.0.0.1:8080/"
- "--logtostderr=true"
- "--tls-min-version=VersionTLS13"
- "--v=0"
ports:
- containerPort: 8443
Expand Down
1 change: 1 addition & 0 deletions helm/volsync/templates/deployment-controller.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@ spec:
- --secure-listen-address=0.0.0.0:8443
- --upstream=http://127.0.0.1:8080/
- --logtostderr=true
- "--tls-min-version=VersionTLS13"
- --v=0
{{- if .Values.metrics.disableAuth }}
- --ignore-paths=/metrics
Expand Down

0 comments on commit e4281e3

Please sign in to comment.