search

kubernetes-sigs / cluster-api

Home for Cluster API, a subproject of sig-cluster-lifecycle
https://cluster-api.sigs.k8s.io
Apache License 2.0
3.48k stars 1.29k forks source link

Diagnostics endpoint/address ignores TLS options #10882

Closed awprice closed 1 month ago

awprice commented 1 month ago

What steps did you take and what happened?

We configured the TLS options (--tls-cipher-suites and --tls-min-version) on the cluster-api manager and found that the diagnostics endpoint/address does not use this TLS options and there is no way to change what TLS options it uses.

What did you expect to happen?

For the provided TLS options to apply to both the webhook server and diagnostics server.

Cluster API version

v1.6.1

Kubernetes version

No response

Anything else you would like to add?

No response

Label(s) to be applied

/kind bug One or more /area label. See https://github.com/kubernetes-sigs/cluster-api/labels?q=area for the list of labels.

chrischdi commented 1 month ago

Thanks for reporting!

/triage accepted