-
Bug
-
Resolution: Unresolved
-
Undefined
-
None
-
4.13.z, 4.12.z, 4.11.z, 4.10.z, 4.9.z, 4.14.z
-
None
-
No
-
False
-
Description of problem:
when explaining the tlsSecurityProfiles, a NOTE: currently unsupported is shown. In the docs the unsupported Note was removed with OCP 4.9 (see: https://docs.openshift.com/container-platform/4.8/security/tls-security-profiles.html#tls-profiles-kubelet-configuring_tls-security-profiles and https://docs.openshift.com/container-platform/4.9/security/tls-security-profiles.html )
Version-Release number of selected component (if applicable):
How reproducible:
always
Steps to Reproduce:
1. `oc explain apiserver.spec.tlsSecurityProfile.modern` 2. `oc explain ingresscontroller.spec.tlsSecurityProfile.modern` 3. `oc explain kubeletconfig.spec.tlsSecurityProfile.modern`
Actual results:
DESCRIPTION: modern is a TLS security profile based on: https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility and looks like this (yaml): ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3 NOTE: Currently unsupported.
Expected results:
DESCRIPTION: modern is a TLS security profile based on: https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility and looks like this (yaml): ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3
Additional info:
I don't know which is wrong, the docs or the api. I suspect the API
