Skip to content

Disallow disabling of peer TLS #1254

New issue
New issue
Open
Bug
Open
Disallow disabling of peer TLS#1254
Bug
Labels
area/high-availabilityHigh availability relatedarea/securitySecurity relatedkind/bugBug
@CaptainIRS

Description

@CaptainIRS
CaptainIRS
opened on Jan 8, 2026

How to categorize this issue?

/area high-availability security
/kind bug

What happened:

The Etcd CR allows for peer TLS configuration to be removed, suggesting that we support this transition, but in reality this is not supported.

What you expected to happen:

The transition should be disabled using CEL validations causing a validation error when a user tries to remove the TLS configuration.

Note:

Add appropriate test cases to e2e test suites like TestScaleOut and TestTLSAndLabelUpdates once disabling of peer TLS is supported.

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/high-availabilityHigh availability relatedarea/securitySecurity relatedkind/bugBug

    Type

    Bug

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions