🌱 set webhook min TLS version to 1.3

[tuminoid]

Webhook is connected to by kube-apiserver, and it has supported TLS 1.3 connections since Go 1.14, over 4 years ago. By default, the connection has been negoatiated to TLS 1.3 anyways between the client and webhook. Turning it to TLS 1.3 should not affect anything, but it shouldn't also break anything.

In case this is an issue for some consumer, they can always use the --tls-min-version TLS12 to turn it back to TLS 1.2.

[tuminoid]

/test metal3-bmo-e2e-test-pull

[tuminoid]

/test metal3-bmo-e2e-test-pull
Flake, docker hub down .... :)

[tuminoid]

/cc @kashifest @elfosardo

[kashifest]

We should probably remove from https://github.com/metal3-io/baremetal-operator/blob/main/main.go#L67 as well.

[tuminoid]

We should probably remove from https://github.com/metal3-io/baremetal-operator/blob/main/main.go#L67 as well.

No no, we are supporting it still, we're only changing the default to be 1.3. As mentioned in description, we need to have ability to downgrade to 1.2 still.

[kashifest]

We should probably remove from https://github.com/metal3-io/baremetal-operator/blob/main/main.go#L67 as well.

No no, we are supporting it still, we're only changing the default to be 1.3. As mentioned in description, we need to have ability to downgrade to 1.2 still.

my bad, sorry.
/lgtm

[tuminoid]

/cc @lentzi90 @dtantsur

[lentzi90]

/approve

[metal3-io-bot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: lentzi90

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [lentzi90]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment