Migrate Deprecated TLSMinVersion to TLSOption for webhook.
Co-authored-by: RainbowMango <qdurenhongcai@gmail.com> Signed-off-by: Lan Liang <gcslyp@gmail.com>
This commit is contained in:
Lan Liang
parent
04779a27cc
commit
f75377ce3b
|
|
@ -18,6 +18,7 @@ package app
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
"crypto/tls"
|
||||||
"flag"
|
"flag"
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
|
@ -117,12 +118,28 @@ func Run(ctx context.Context, opts *options.Options) error {
|
||||||
Logger: klog.Background(),
|
Logger: klog.Background(),
|
||||||
Scheme: gclient.NewSchema(),
|
Scheme: gclient.NewSchema(),
|
||||||
WebhookServer: webhook.NewServer(webhook.Options{
|
WebhookServer: webhook.NewServer(webhook.Options{
|
||||||
Host: opts.BindAddress,
|
Host: opts.BindAddress,
|
||||||
Port: opts.SecurePort,
|
Port: opts.SecurePort,
|
||||||
CertDir: opts.CertDir,
|
CertDir: opts.CertDir,
|
||||||
CertName: opts.CertName,
|
CertName: opts.CertName,
|
||||||
KeyName: opts.KeyName,
|
KeyName: opts.KeyName,
|
||||||
TLSMinVersion: opts.TLSMinVersion,
|
TLSOpts: []func(*tls.Config){
|
||||||
|
func(config *tls.Config) {
|
||||||
|
// Just transform the valid options as opts.TLSMinVersion
|
||||||
|
// can only accept "1.0", "1.1", "1.2", "1.3" and has default
|
||||||
|
// value,
|
||||||
|
switch opts.TLSMinVersion {
|
||||||
|
case "1.0":
|
||||||
|
config.MinVersion = tls.VersionTLS10
|
||||||
|
case "1.1":
|
||||||
|
config.MinVersion = tls.VersionTLS11
|
||||||
|
case "1.2":
|
||||||
|
config.MinVersion = tls.VersionTLS12
|
||||||
|
case "1.3":
|
||||||
|
config.MinVersion = tls.VersionTLS13
|
||||||
|
}
|
||||||
|
},
|
||||||
|
},
|
||||||
}),
|
}),
|
||||||
LeaderElection: false,
|
LeaderElection: false,
|
||||||
MetricsBindAddress: opts.MetricsBindAddress,
|
MetricsBindAddress: opts.MetricsBindAddress,
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue