From 8590a648acff121eb0644b3430df4b81ea49f2e9 Mon Sep 17 00:00:00 2001 From: Jorge Turrado Date: Fri, 3 Feb 2023 17:54:06 +0100 Subject: [PATCH 1/2] chore: add support to KEDA_HTTP_MIN_TLS_VERSION Signed-off-by: Jorge Turrado --- keda/templates/14-keda-deployment.yaml | 4 ++-- keda/templates/22-metrics-deployment.yaml | 4 ++-- keda/values.yaml | 1 + 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/keda/templates/14-keda-deployment.yaml b/keda/templates/14-keda-deployment.yaml index cbe7a44d..c9104dae 100644 --- a/keda/templates/14-keda-deployment.yaml +++ b/keda/templates/14-keda-deployment.yaml @@ -110,10 +110,10 @@ spec: fieldPath: metadata.name - name: OPERATOR_NAME value: {{ .Values.operator.name }} - {{- if .Values.http.timeout }} - name: KEDA_HTTP_DEFAULT_TIMEOUT value: {{ .Values.http.timeout | quote }} - {{- end }} + - name: KEDA_HTTP_MIN_TLS_VERSION + value: {{ .Values.http.minTlsVersion }} {{- if ( not .Values.http.keepAlive.enabled ) }} - name: KEDA_HTTP_DISABLE_KEEP_ALIVE value: "true" diff --git a/keda/templates/22-metrics-deployment.yaml b/keda/templates/22-metrics-deployment.yaml index e59b3375..0741c2a3 100644 --- a/keda/templates/22-metrics-deployment.yaml +++ b/keda/templates/22-metrics-deployment.yaml @@ -86,10 +86,10 @@ spec: env: - name: WATCH_NAMESPACE value: {{ .Values.watchNamespace | quote }} - {{- if .Values.http.timeout }} - name: KEDA_HTTP_DEFAULT_TIMEOUT value: {{ .Values.http.timeout | quote }} - {{- end }} + - name: KEDA_HTTP_MIN_TLS_VERSION + value: {{ .Values.http.minTlsVersion }} {{- if ( not .Values.http.keepAlive.enabled ) }} - name: KEDA_HTTP_DISABLE_KEEP_ALIVE value: "true" diff --git a/keda/values.yaml b/keda/values.yaml index 051ead33..412a6f8a 100644 --- a/keda/values.yaml +++ b/keda/values.yaml @@ -325,6 +325,7 @@ http: timeout: 3000 keepAlive: enabled: true + minTlsVersion: TLS12 ## Extra KEDA Operator and Metrics Adapter container arguments extraArgs: From 556ac66e439bc0b160b5cee8b99412c6b422d0c7 Mon Sep 17 00:00:00 2001 From: Jorge Turrado Date: Wed, 8 Feb 2023 14:53:20 +0100 Subject: [PATCH 2/2] add minTlsVersion to readme Signed-off-by: Jorge Turrado --- keda/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/keda/README.md b/keda/README.md index 3a4caa65..b67061a2 100644 --- a/keda/README.md +++ b/keda/README.md @@ -138,6 +138,7 @@ their default values. | `extraArgs.metricsAdapter` | Additional Metrics Adapter container arguments | `{}` | | `env` | Additional environment variables that will be passed onto KEDA operator and metrics api service | `` | | `http.timeout` | The default HTTP timeout to use for all scalers that use raw HTTP clients (some scalers use SDKs to access target services. These have built-in HTTP clients, and the timeout does not necessarily apply to them) | `` | +| `http.minTlsVersion` | The minimum TLS version to use for all scalers that use raw HTTP clients (some scalers use SDKs to access target services. These have built-in HTTP clients, and this value does not necessarily apply to them) | `` | | `service.annotations` | Annotations to add the KEDA Metric Server service | `{}` | | `service.portHttp` | Service HTTP port for KEDA Metric Server service | `80` | | `service.portHttpTarget` | Service HTTP port for KEDA Metric Server container | `8080` |