-
Notifications
You must be signed in to change notification settings - Fork 21
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(istio): add configurable TLS version #624
Conversation
d5a0ee2
to
d67d022
Compare
I originally ran into issues with this (before using the ternary) where the lack of Additionally I wasn't sure if more tests need-be added here, but if they do let me know! |
- Introduced support for configuring the minimum TLS version for UDS Core. - Added 'supportTLSV1_2' boolean flag in values file to allow selection between TLS 1.2 and TLS 1.3. - Updated Helm templates to conditionally set 'minProtocolVersion' based on 'supportTLSV1_2' value. - Ensured backward compatibility by defaulting to TLS 1.3. - Commented and documented the new configuration option for clarity. Closes #599 Signed-off-by: jamestexas <jamestexasgardner@gmail.com>
d67d022
to
f80d4b8
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM - thanks for the contribution @jamestexas !
🤖 I have created a release *beep* *boop* --- ## [0.25.0](v0.24.1...v0.25.0) (2024-08-02) ### ⚠ BREAKING CHANGES * change metric server to optional (#611) ### Features * add json logging for keycloak ([#610](#610)) ([29ed934](29ed934)) * **istio:** add configurable TLS version ([#624](#624)) ([cd2b87e](cd2b87e)) ### Bug Fixes * account for keycloak HA ports ([#619](#619)) ([434f349](434f349)) * add google saml to slim-dev ([#613](#613)) ([f2164e1](f2164e1)) * address network policy generation inter-namespace bug ([#564](#564)) ([9b14c2c](9b14c2c)) * reference root scope ([#633](#633)) ([5de6915](5de6915)) ### Miscellaneous * change metric server to optional (#611) ([bc2d673](bc2d673)) * **deps:** update dependency defenseunicorns/uds-common to v0.9.0 ([#592](#592)) ([44ea2d7](44ea2d7)) * **deps:** update dependency weaveworks/eksctl to v0.187.0 ([#539](#539)) ([9002a94](9002a94)) * **deps:** update githubactions ([#553](#553)) ([2a9e29a](2a9e29a)) * **deps:** update grafana curl image to v8.9.0 ([#596](#596)) ([64f9408](64f9408)) * **deps:** update grafana helm chart to v8.3.6 ([#594](#594)) ([1f2005b](1f2005b)) * **deps:** update istio to v1.22.3 ([#580](#580)) ([7aba89e](7aba89e)) * **deps:** update lula to v0.4.4 ([#615](#615)) ([b02b305](b02b305)) * **deps:** update neuvector-updater/curl to v8.9.0 ([#597](#597)) ([b4bd660](b4bd660)) * **deps:** update promtail configmap-reload to v0.13.1 ([#608](#608)) ([d98bbae](d98bbae)) * **deps:** update promtail helm chart to v6.16.4 ([#574](#574)) ([bf9f65c](bf9f65c)) * **deps:** update to identity-config 0.5.2 ([#635](#635)) ([6474d16](6474d16)) * **deps:** update uds cli to v0.13.1 ([#569](#569)) ([4339c89](4339c89)) * **deps:** update zarf to v0.36.1 ([#562](#562)) ([058cfb3](058cfb3)) * disable telemetry/analytics for loki/grafana ([#601](#601)) ([ad785bc](ad785bc)) * update zarf to new repo location, 0.37.0 ([#631](#631)) ([29f9fd0](29f9fd0)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Description
supportTLSV1_2
boolean flag in values file to allow selection between TLS 1.2 and TLS 1.3.minProtocolVersion
based onsupportTLSV1_2
value.Related Issue
Fixes #599
Relates to #
Type of change
Checklist before merging