diff --git a/control-plane/api-gateway/binding/validation.go b/control-plane/api-gateway/binding/validation.go index 02e6db8438..6029c10b24 100644 --- a/control-plane/api-gateway/binding/validation.go +++ b/control-plane/api-gateway/binding/validation.go @@ -51,7 +51,7 @@ var ( } allTLSVersionsWithConfigurableCipherSuites = map[string]struct{}{ - // Remove these two if Envoy ever sets TLS 1.3 as default minimum + // Remove "" and "TLS_AUTO" if Envoy ever sets TLS 1.3 as default minimum "": {}, "TLS_AUTO": {}, "TLSv1_0": {}, diff --git a/control-plane/api-gateway/common/constants.go b/control-plane/api-gateway/common/constants.go index 5076407bc5..04701662b7 100644 --- a/control-plane/api-gateway/common/constants.go +++ b/control-plane/api-gateway/common/constants.go @@ -8,7 +8,7 @@ const ( AnnotationGatewayClassConfig = "consul.hashicorp.com/gateway-class-config" - // The following annotation keys are used in the v1beta1.GatewayTLSConfig's Options on a v1beta1.Listener + // The following annotation keys are used in the v1beta1.GatewayTLSConfig's Options on a v1beta1.Listener. TLSCipherSuitesAnnotationKey = "api-gateway.consul.hashicorp.com/tls_cipher_suites" TLSMaxVersionAnnotationKey = "api-gateway.consul.hashicorp.com/tls_max_version" TLSMinVersionAnnotationKey = "api-gateway.consul.hashicorp.com/tls_min_version" diff --git a/control-plane/api-gateway/common/translation.go b/control-plane/api-gateway/common/translation.go index d6481f78cf..9303540e82 100644 --- a/control-plane/api-gateway/common/translation.go +++ b/control-plane/api-gateway/common/translation.go @@ -89,9 +89,9 @@ func (t ResourceTranslator) toAPIGatewayListener(gateway gwv1beta1.Gateway, list var maxVersion, minVersion string if listener.TLS != nil { - cipherSuitsVal := string(listener.TLS.Options[TLSCipherSuitesAnnotationKey]) - if cipherSuitsVal != "" { - cipherSuites = strings.Split(cipherSuitsVal, ",") + cipherSuitesVal := string(listener.TLS.Options[TLSCipherSuitesAnnotationKey]) + if cipherSuitesVal != "" { + cipherSuites = strings.Split(cipherSuitesVal, ",") } maxVersion = string(listener.TLS.Options[TLSMaxVersionAnnotationKey]) minVersion = string(listener.TLS.Options[TLSMinVersionAnnotationKey])