Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add tls_protocols_allowed option documentation #11251

Merged
merged 5 commits into from
Feb 4, 2022
Merged

Add tls_protocols_allowed option documentation #11251

merged 5 commits into from
Feb 4, 2022

Conversation

coignetp
Copy link
Contributor

@coignetp coignetp commented Feb 1, 2022
edited
Loading

What does this PR do?

Add tls_protocols_allowed configuration documentation

Motivation

Additional Notes

Needs #11237

This is a breaking change since TLSv1 and TLSv1.1 are not allowed anymore by default. To go back to the old behaviour, use:

instances:
- arg1: val1
  ...
  tls_protocols_allowed:
  - SSLv3
  - TLSv1
  - TLSv1.1
  - TLSv1.2
  - TLSv1.3

Review checklist (to be filled by reviewers)

  • Feature or bugfix MUST have appropriate tests (unit, integration, e2e)
  • PR title must be written as a CHANGELOG entry (see why)
  • Files changes must correspond to the primary purpose of the PR as described in the title (small unrelated changes should have their own PR)
  • PR must have changelog/ and integration/ labels attached

@github-actions
Copy link

github-actions bot commented Feb 1, 2022

Label changelog/Changed was added to this Pull Request, so the next release will bump major version. Please make sure this is a breaking change, or use the changelog/Fixed label.

@coignetp coignetp mentioned this pull request Feb 2, 2022
Merged
4 tasks
@coignetp coignetp force-pushed the paul/http-protocol-config branch from 2202f2b to 1746d40 Compare February 2, 2022 16:25
@coignetp coignetp marked this pull request as ready for review February 2, 2022 16:29
@coignetp coignetp requested review from a team as code owners February 2, 2022 16:29
jtappa
jtappa reviewed Feb 2, 2022
View reviewed changes
activemq_xml/datadog_checks/activemq_xml/data/conf.yaml.example
Comment on lines +321 to +322
## TLSv1
## TLSv1.1
Copy link
Contributor

@jtappa jtappa Feb 2, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are these versions supposed to be here? if <1.2 is deprecated, why are we saying it's supported?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

They are supported but not by default. I'll rephrase because it's not clear, but this list is the list of possible values for this option, and only SSLv3, TLSv1.2, TLSv1.3 are by default

@coignetp coignetp requested a review from jtappa February 3, 2022 16:50
@coignetp coignetp merged commit 3e129cc into master Feb 4, 2022
@coignetp coignetp deleted the paul/http-protocol-config branch February 4, 2022 09:17
@github-actions
Copy link

github-actions bot commented Feb 7, 2022

Label changelog/Changed was added to this Pull Request, so the next release will bump major version. Please make sure this is a breaking change, or use the changelog/Fixed label.

@hithwen hithwen mentioned this pull request Feb 22, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hithwen hithwen hithwen approved these changes

@jtappa jtappa jtappa approved these changes

Assignees
No one assigned
Labels
dev/tooling integration/activemq_xml integration/airflow integration/amazon_msk integration/ambari integration/apache integration/avi_vantage integration/azure_iot_edge integration/cilium integration/cisco_aci integration/citrix_hypervisor integration/cloud_foundry_api integration/cockroachdb integration/consul integration/coredns integration/couch integration/couchbase integration/crio integration/datadog_checks_dev integration/datadog_cluster_agent integration/druid integration/ecs_fargate integration/eks_fargate integration/elastic integration/envoy integration/etcd integration/external_dns integration/fluentd integration/gitlab_runner integration/gitlab integration/go_expvar integration/haproxy integration/harbor integration/hazelcast integration/hdfs_datanode integration/hdfs_namenode integration/http_check integration/ibm_was integration/istio integration/kong integration/kube_apiserver_metrics integration/kube_controller_manager integration/kube_dns integration/kube_metrics_server integration/kube_proxy integration/kube_scheduler integration/kyototycoon integration/lighttpd integration/linkerd integration/mapreduce integration/marathon integration/marklogic integration/mesos_master integration/mesos_slave integration/nginx_ingress_controller integration/nginx integration/openmetrics integration/openstack_controller integration/php_fpm integration/powerdns_recursor integration/rabbitmq integration/riak integration/scylla integration/sonarqube integration/spark integration/squid integration/teamcity integration/twistlock integration/vault integration/voltdb integration/vsphere integration/yarn
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@coignetp @jtappa @hithwen @ofek