From 603b92ac0e763d414f4f7321bad6f91e467ced7c Mon Sep 17 00:00:00 2001
From: carlory <baofa.fan@daocloud.io>
Date: Wed, 19 Jan 2022 12:28:13 +0800
Subject: [PATCH] Update cmd/webhook/app/options/options.go

Co-authored-by: Hongcai Ren <renhongcai@huawei.com>
Signed-off-by: carlory <baofa.fan@daocloud.io>
---
 cmd/webhook/app/options/options.go | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/cmd/webhook/app/options/options.go b/cmd/webhook/app/options/options.go
index f472ce72db71..e435b57e64da 100644
--- a/cmd/webhook/app/options/options.go
+++ b/cmd/webhook/app/options/options.go
@@ -23,8 +23,10 @@ type Options struct {
 	// if not set, webhook server would look up the server key and certificate in {TempDir}/k8s-webhook-server/serving-certs.
 	// The server key and certificate must be named `tls.key` and `tls.crt`, respectively.
 	CertDir string
-	// TLSMinVersion contains the minimum TLS version that is acceptable. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13.
-	// Default is VersionTLS13.
+	// TLSMinVersion is the minimum version of TLS supported. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13.
+	// Some environments have automated security scans that trigger on TLS versions or insecure cipher suites, and
+	// setting TLS to 1.3 would solve both problems.
+	// Defaults to VersionTLS13.
 	TLSMinVersion string
 	// KubeAPIQPS is the QPS to use while talking with karmada-apiserver.
 	KubeAPIQPS float32