mirror of
https://github.com/siderolabs/talos.git
synced 2025-08-20 06:01:13 +02:00
09fbe2d9ad
This pulls in an update from our bootkube fork that adds security hardening to the control plane. The following was changed: - API server now uses an EncryptionConfig for encrypting secrets - API server now has an audit policy - Profiling was disabled on all control plane components - PodSecurityPolicy is enabled - API server TLS cipher suites were set to the recommended ciphers by CIS Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>