kube-prometheus: Remove duplicate TLS cipher suites config

2019-01-17 16:27:57 +01:00
parent 63746f5933
commit 79712b6b95
1 changed files with 0 additions and 25 deletions
--- a/jsonnet/kube-prometheus/kube-state-metrics/kube-state-metrics.libsonnet
+++ b/jsonnet/kube-prometheus/kube-state-metrics/kube-state-metrics.libsonnet
@@ -4,31 +4,6 @@ local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
  _config+:: {
    namespace: 'default',

-    tlsCipherSuites: [
-      // 'TLS_RSA_WITH_RC4_128_SHA',            // insecure: https://access.redhat.com/security/cve/cve-2013-2566
-      // 'TLS_RSA_WITH_3DES_EDE_CBC_SHA',       // insecure: https://access.redhat.com/articles/2548661
-      'TLS_RSA_WITH_AES_128_CBC_SHA',
-      'TLS_RSA_WITH_AES_256_CBC_SHA',
-      'TLS_RSA_WITH_AES_128_CBC_SHA256',
-      'TLS_RSA_WITH_AES_128_GCM_SHA256',
-      'TLS_RSA_WITH_AES_256_GCM_SHA384',
-      // 'TLS_ECDHE_ECDSA_WITH_RC4_128_SHA',    // insecure: https://access.redhat.com/security/cve/cve-2013-2566
-      'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA',
-      'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA',
-      // 'TLS_ECDHE_RSA_WITH_RC4_128_SHA',      // insecure: https://access.redhat.com/security/cve/cve-2013-2566
-      // 'TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA', // insecure: https://access.redhat.com/articles/2548661
-      'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA',
-      'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA',
-      'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256',
-      'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256',
-      'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256',
-      'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256',
-      'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384',
-      'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384',
-      'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305',
-      'TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305',
-    ],
-
    kubeStateMetrics+:: {
      collectors: '',  // empty string gets a default set
      scrapeInterval: '30s',