Improve UX to enable TLS to KAS externally and internally
Summary
We've recently introduced a way to mount certificate volumes into KAS pods. This enables KAS to talk internally and externally through TLS.
But the implementation is only simply to use for the privateApi
via the privateApi.tls.enabled
attribute.
We should make it also simple to other KAS endpoints to enable TLS, instead of relying on them to use gitlab.kas.customConfig
and privateApi.tls.enabled
.
Proposal
Maybe a global key that tells KAS to enable it for all its components would make more sense.