Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set TLS minimum version to 1.3 for Ingress to Activator #14074

Merged
merged 1 commit into from
Aug 3, 2023
Merged

Set TLS minimum version to 1.3 for Ingress to Activator #14074

merged 1 commit into from
Aug 3, 2023

Conversation

nak3
Copy link
Contributor

@nak3 nak3 commented Jun 7, 2023

Proposed Changes

This patch sets TLS minimum version to 1.3 for Ingress to Activator

Release Note

Traffic from Ingress to Activator/QP uses TLS 1.3 when internal encryption is enabled.

Fix #14057

@knative-prow knative-prow bot requested review from kauana and KauzClay June 7, 2023 01:02
@knative-prow knative-prow bot added size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. approved Indicates a PR has been approved by an approver from all required OWNERS files. area/API API objects and controllers area/autoscale area/networking labels Jun 7, 2023
@codecov
Copy link

codecov bot commented Jun 7, 2023
edited
Loading

Codecov Report

Patch coverage has no change and project coverage change: -0.04% ⚠️

Comparison is base (e8b6f05) 86.24% compared to head (8bd66c9) 86.21%.
Report is 86 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #14074      +/-   ##
==========================================
- Coverage   86.24%   86.21%   -0.04%     
==========================================
  Files         199      199              
  Lines       14767    14767              
==========================================
- Hits        12736    12731       -5     
- Misses       1729     1734       +5     
  Partials      302      302
Files Changed Coverage Δ
cmd/activator/main.go 0.00% <0.00%> (ø)

... and 1 file with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@nak3
Copy link
Contributor Author

nak3 commented Jun 7, 2023

This will conflict with #13969
I'm fine to merge this after #13969

@dprotaso
Copy link
Member

dprotaso commented Jun 7, 2023

I'm fine to merge this after #13969

/hold

@knative-prow knative-prow bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jun 7, 2023
@ReToCode
Copy link
Member

ReToCode commented Aug 3, 2023

This should be fine to merge?
@dprotaso , @nak3

@nak3
Copy link
Contributor Author

nak3 commented Aug 3, 2023

Yes, I think so 👍

ReToCode
ReToCode approved these changes Aug 3, 2023
View reviewed changes
Copy link
Member

@ReToCode ReToCode left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@knative-prow knative-prow bot added the lgtm Indicates that a PR is ready to be merged. label Aug 3, 2023
@knative-prow
Copy link

knative-prow bot commented Aug 3, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: nak3, ReToCode

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@ReToCode
Copy link
Member

ReToCode commented Aug 3, 2023

I'll do the same here then.

@dprotaso
Copy link
Member

dprotaso commented Aug 3, 2023

/hold cancel

@knative-prow knative-prow bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Aug 3, 2023
@knative-prow knative-prow bot merged commit 8ea1cb6 into knative:main Aug 3, 2023
1 check passed
nak3 added a commit to nak3/serving that referenced this pull request Aug 9, 2023
@nak3
Revert "Set TLS minimum version to 1.3 for Ingress to Activator (knat…
017dae1 
…ive#14074)"

This reverts commit 8ea1cb6.
nak3 added a commit to nak3/serving that referenced this pull request Aug 10, 2023
@nak3
Revert "Set TLS minimum version to 1.3 for Ingress to Activator (knat…
3b415c5 
…ive#14074)"

This reverts commit 8ea1cb6.
nak3 added a commit to nak3/serving that referenced this pull request Aug 11, 2023
@nak3
Revert "Set TLS minimum version to 1.3 for Ingress to Activator (knat…
acad7c0 
…ive#14074)"

This reverts commit 8ea1cb6.
@nak3 nak3 mentioned this pull request Aug 14, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ReToCode ReToCode ReToCode approved these changes

@kauana kauana Awaiting requested review from kauana

@KauzClay KauzClay Awaiting requested review from KauzClay

Assignees

@ReToCode ReToCode

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/API API objects and controllers area/autoscale area/networking lgtm Indicates that a PR is ready to be merged. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Cannot change TLS minimum version to 1.3 for internal encryption (between Ingress to Activator)
3 participants
@nak3 @dprotaso @ReToCode