fix cipher_suites for rhcos (#264)

* fix cipher_suites for rhcos

Signed-off-by: Ashima-Ashima1 <[email protected]>

---------

Signed-off-by: Ashima-Ashima1 <[email protected]>

Author: ashimagarg27

.secrets.baseline

@@ -3,7 +3,7 @@
     "files": "go.sum|^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2025-09-04T09:22:05Z",
+  "generated_at": "2025-09-05T07:59:11Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"

pkg/driver/s3-driver.go

@@ -158,7 +158,7 @@ func newNodeServer(d *S3Driver, statsUtil pkgUtils.StatsUtils, nodeID string, mo
 		maxVolumesPerNode = int64(constants.DefaultVolumesPerNode)
 	}
 
-	ciphersuite := "default"
+	ciphersuite := ""
 	if strings.Contains(strings.ToLower(data.OS), "ubuntu") {
 		ciphersuite = "AESGCM"
 	}

pkg/mounter/mounter-s3fs.go

@@ -286,9 +286,13 @@ func updateS3FSMountOptions(defaultMountOp []string, secretMap map[string]string
 	}
 
 	// Mount options which are not present in secret mountOptions and need to be set by nodeserver
-	if _, ok := mountOptsMap[constants.CipherSuitesKey]; !ok {
-		option := fmt.Sprintf("%s=%s", constants.CipherSuitesKey, defaultParams[constants.CipherSuitesKey])
-		updatedOptions = append(updatedOptions, option)
+	for key, value := range defaultParams {
+		if value != "" {
+			if _, ok := mountOptsMap[key]; !ok {
+				option := fmt.Sprintf("%s=%s", key, value)
+				updatedOptions = append(updatedOptions, option)
+			}
+		}
 	}
 
 	klog.Infof("updated S3fsMounter Options: %v", updatedOptions)