mirror of
https://github.com/siderolabs/talos.git
synced 2026-05-04 20:06:18 +02:00
4f11f021de
This replaces existing fixed field for etcd encryption with a completely flexible configuration which exactly matches upstream kube-apiserver configuration. The default machine configuration generated still retains previous defaults. New configuration allows: * rotating etcd encryption secrets * implementing any encryption policies (e.g. encrypting configmaps). Fixes #10899 Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>