Add support for TLS curves in TLSProfile

Signed-off-by: Davide Salerno <[email protected]>

Author: davidesalerno

config/v1/types_tlssecurityprofile.go

@@ -213,6 +213,15 @@ type TLSProfileSpec struct {
 	//
 	// +listType=atomic
 	Ciphers []string `json:"ciphers"`
+	// curves is used to specify the elliptic curves that are used during
+	// the TLS handshake.  Operators may remove entries their operands do
+	// not support.  For example, to use X25519 and P-256 (yaml):
+	//
+	//   curves:
+	//     - X25519
+	//     - P-256
+	// +optional
+	Curves []string `json:"curves,omitempty"`
 	// minTLSVersion is used to specify the minimal version of the TLS protocol
 	// that is negotiated during the TLS handshake. For example, to use TLS
 	// versions 1.1, 1.2 and 1.3 (yaml):

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_apiservers-CustomNoUpgrade.crd.yaml

@@ -330,6 +330,18 @@ spec:
                           type: string
                         type: array
                         x-kubernetes-list-type: atomic
+                      curves:
+                        description: |-
+                          curves is used to specify the elliptic curves that are used during
+                          the TLS handshake.  Operators may remove entries their operands do
+                          not support.  For example, to use X25519 and P-256 (yaml):
+
+                            curves:
+                              - X25519
+                              - P-256
+                        items:
+                          type: string
+                        type: array
                       minTLSVersion:
                         description: |-
                           minTLSVersion is used to specify the minimal version of the TLS protocol

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_apiservers-Default.crd.yaml

@@ -261,6 +261,18 @@ spec:
                           type: string
                         type: array
                         x-kubernetes-list-type: atomic
+                      curves:
+                        description: |-
+                          curves is used to specify the elliptic curves that are used during
+                          the TLS handshake.  Operators may remove entries their operands do
+                          not support.  For example, to use X25519 and P-256 (yaml):
+
+                            curves:
+                              - X25519
+                              - P-256
+                        items:
+                          type: string
+                        type: array
                       minTLSVersion:
                         description: |-
                           minTLSVersion is used to specify the minimal version of the TLS protocol

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_apiservers-DevPreviewNoUpgrade.crd.yaml

@@ -330,6 +330,18 @@ spec:
                           type: string
                         type: array
                         x-kubernetes-list-type: atomic
+                      curves:
+                        description: |-
+                          curves is used to specify the elliptic curves that are used during
+                          the TLS handshake.  Operators may remove entries their operands do
+                          not support.  For example, to use X25519 and P-256 (yaml):
+
+                            curves:
+                              - X25519
+                              - P-256
+                        items:
+                          type: string
+                        type: array
                       minTLSVersion:
                         description: |-
                           minTLSVersion is used to specify the minimal version of the TLS protocol

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_apiservers-TechPreviewNoUpgrade.crd.yaml

@@ -330,6 +330,18 @@ spec:
                           type: string
                         type: array
                         x-kubernetes-list-type: atomic
+                      curves:
+                        description: |-
+                          curves is used to specify the elliptic curves that are used during
+                          the TLS handshake.  Operators may remove entries their operands do
+                          not support.  For example, to use X25519 and P-256 (yaml):
+
+                            curves:
+                              - X25519
+                              - P-256
+                        items:
+                          type: string
+                        type: array
                       minTLSVersion:
                         description: |-
                           minTLSVersion is used to specify the minimal version of the TLS protocol

config/v1/zz_generated.deepcopy.go

@@ -261,6 +261,18 @@ spec:
                           type: string
                         type: array
                         x-kubernetes-list-type: atomic
+                      curves:
+                        description: |-
+                          curves is used to specify the elliptic curves that are used during
+                          the TLS handshake.  Operators may remove entries their operands do
+                          not support.  For example, to use X25519 and P-256 (yaml):
+
+                            curves:
+                              - X25519
+                              - P-256
+                        items:
+                          type: string
+                        type: array
                       minTLSVersion:
                         description: |-
                           minTLSVersion is used to specify the minimal version of the TLS protocol

config/v1/zz_generated.featuregated-crd-manifests/apiservers.config.openshift.io/AAA_ungated.yaml

@@ -330,6 +330,18 @@ spec:
                           type: string
                         type: array
                         x-kubernetes-list-type: atomic
+                      curves:
+                        description: |-
+                          curves is used to specify the elliptic curves that are used during
+                          the TLS handshake.  Operators may remove entries their operands do
+                          not support.  For example, to use X25519 and P-256 (yaml):
+
+                            curves:
+                              - X25519
+                              - P-256
+                        items:
+                          type: string
+                        type: array
                       minTLSVersion:
                         description: |-
                           minTLSVersion is used to specify the minimal version of the TLS protocol

config/v1/zz_generated.featuregated-crd-manifests/apiservers.config.openshift.io/KMSEncryptionProvider.yaml

@@ -144,6 +144,18 @@ spec:
                           type: string
                         type: array
                         x-kubernetes-list-type: atomic
+                      curves:
+                        description: |-
+                          curves is used to specify the elliptic curves that are used during
+                          the TLS handshake.  Operators may remove entries their operands do
+                          not support.  For example, to use X25519 and P-256 (yaml):
+
+                            curves:
+                              - X25519
+                              - P-256
+                        items:
+                          type: string
+                        type: array
                       minTLSVersion:
                         description: |-
                           minTLSVersion is used to specify the minimal version of the TLS protocol