expose traefik via ingress

harbor/application.yml

@@ -1,4 +1,3 @@
----
 # Source: harbor/templates/core/core-cm.yaml
 apiVersion: v1
 kind: ConfigMap
@@ -13,7 +12,7 @@ metadata:
     app.kubernetes.io/name: harbor
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
+    app.kubernetes.io/version: "2.11.1"
 data:
   app.conf: |+
     appname = Harbor
@@ -73,7 +72,7 @@ metadata:
     app.kubernetes.io/name: harbor
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
+    app.kubernetes.io/version: "2.11.1"
 data:
   HTTP_PROXY: ""
   HTTPS_PROXY: ""
@@ -114,7 +113,7 @@ metadata:
     app.kubernetes.io/name: harbor
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
+    app.kubernetes.io/version: "2.11.1"
 data:
   CORE_URL: "http://harbor-core:80"
   TOKEN_SERVICE_URL: "http://harbor-core:80/service/token"
@@ -144,7 +143,7 @@ metadata:
     app.kubernetes.io/name: harbor
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
+    app.kubernetes.io/version: "2.11.1"
 data:
   config.yml: |+
     #Server listening port
@@ -180,180 +179,6 @@ data:
       # the max time for execution in running state without new task created
       max_dangling_hours: 168
 ---
-# Source: harbor/templates/nginx/configmap-https.yaml
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: harbor-nginx
-  labels:
-    heritage: Helm
-    release: harbor
-    chart: harbor
-    app: "harbor"
-    app.kubernetes.io/instance: harbor
-    app.kubernetes.io/name: harbor
-    app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
-data:
-  nginx.conf: |+
-    worker_processes auto;
-    pid /tmp/nginx.pid;
-
-    events {
-      worker_connections 3096;
-      use epoll;
-      multi_accept on;
-    }
-
-    http {
-      client_body_temp_path /tmp/client_body_temp;
-      proxy_temp_path /tmp/proxy_temp;
-      fastcgi_temp_path /tmp/fastcgi_temp;
-      uwsgi_temp_path /tmp/uwsgi_temp;
-      scgi_temp_path /tmp/scgi_temp;
-      tcp_nodelay on;
-
-      # this is necessary for us to be able to disable request buffering in all cases
-      proxy_http_version 1.1;
-
-      upstream core {
-        server "harbor-core:80";
-      }
-
-      upstream portal {
-        server "harbor-portal:80";
-      }
-
-      log_format timed_combined '[$time_local]:$remote_addr - '
-        '"$request" $status $body_bytes_sent '
-        '"$http_referer" "$http_user_agent" '
-        '$request_time $upstream_response_time $pipe';
-
-      access_log /dev/stdout timed_combined;
-
-      map $http_x_forwarded_proto $x_forwarded_proto {
-        default $http_x_forwarded_proto;
-        ""      $scheme;
-      }
-
-      server {
-        listen 8443 ssl;
-        listen [::]:8443 ssl;
-    #    server_name harbordomain.com;
-        server_tokens off;
-        # SSL
-        ssl_certificate /etc/nginx/cert/tls.crt;
-        ssl_certificate_key /etc/nginx/cert/tls.key;
-
-        # Recommendations from https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
-        ssl_protocols TLSv1.2 TLSv1.3;
-        ssl_ciphers '!aNULL:kECDH+AESGCM:ECDH+AESGCM:RSA+AESGCM:kECDH+AES:ECDH+AES:RSA+AES:';
-        ssl_prefer_server_ciphers on;
-        ssl_session_cache shared:SSL:10m;
-
-        # disable any limits to avoid HTTP 413 for large image uploads
-        client_max_body_size 0;
-
-        # required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
-        chunked_transfer_encoding on;
-
-        # Add extra headers
-        add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
-        add_header X-Frame-Options DENY;
-        add_header Content-Security-Policy "frame-ancestors 'none'";
-
-        location / {
-          proxy_pass http://portal/;
-          proxy_set_header Host $http_host;
-          proxy_set_header X-Real-IP $remote_addr;
-          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-          proxy_set_header X-Forwarded-Proto $x_forwarded_proto;
-
-          proxy_cookie_path / "/; HttpOnly; Secure";
-
-          proxy_buffering off;
-          proxy_request_buffering off;
-        }
-
-        location /api/ {
-          proxy_pass http://core/api/;
-          proxy_set_header Host $host;
-          proxy_set_header X-Real-IP $remote_addr;
-          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-          proxy_set_header X-Forwarded-Proto $x_forwarded_proto;
-
-          proxy_cookie_path / "/; Secure";
-
-          proxy_buffering off;
-          proxy_request_buffering off;
-        }
-
-        location /chartrepo/ {
-          proxy_pass http://core/chartrepo/;
-          proxy_set_header Host $host;
-          proxy_set_header X-Real-IP $remote_addr;
-          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-          proxy_set_header X-Forwarded-Proto $x_forwarded_proto;
-
-          proxy_cookie_path / "/; Secure";
-
-          proxy_buffering off;
-          proxy_request_buffering off;
-        }
-
-        location /c/ {
-          proxy_pass http://core/c/;
-          proxy_set_header Host $host;
-          proxy_set_header X-Real-IP $remote_addr;
-          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-          proxy_set_header X-Forwarded-Proto $x_forwarded_proto;
-
-          proxy_cookie_path / "/; Secure";
-
-          proxy_buffering off;
-          proxy_request_buffering off;
-        }
-
-        location /v1/ {
-          return 404;
-        }
-
-        location /v2/ {
-          proxy_pass http://core/v2/;
-          proxy_set_header Host $http_host;
-          proxy_set_header X-Real-IP $remote_addr;
-          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-          proxy_set_header X-Forwarded-Proto $x_forwarded_proto;
-          proxy_buffering off;
-          proxy_request_buffering off;
-        }
-
-        location /service/ {
-          proxy_pass http://core/service/;
-          proxy_set_header Host $http_host;
-          proxy_set_header X-Real-IP $remote_addr;
-          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-          proxy_set_header X-Forwarded-Proto $x_forwarded_proto;
-
-          proxy_cookie_path / "/; Secure";
-
-          proxy_buffering off;
-          proxy_request_buffering off;
-        }
-
-      location /service/notifications {
-          return 404;
-        }
-      }
-        server {
-          listen 8080;
-          listen [::]:8080;
-          #server_name harbordomain.com;
-          return 301 https://$host$request_uri;
-      }
-    }
----
 # Source: harbor/templates/portal/configmap.yaml
 apiVersion: v1
 kind: ConfigMap
@@ -368,7 +193,7 @@ metadata:
     app.kubernetes.io/name: harbor
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
+    app.kubernetes.io/version: "2.11.1"
 data:
   nginx.conf: |+
     worker_processes auto;
@@ -419,7 +244,7 @@ metadata:
     app.kubernetes.io/name: harbor
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
+    app.kubernetes.io/version: "2.11.1"
 data:
   config.yml: |+
     version: 0.1
@@ -443,7 +268,7 @@ data:
       delete:
         enabled: true
       redirect:
-        disable: true
+        disable: false
     redis:
       addr: dragonfly:6379
       db: 2
@@ -495,7 +320,7 @@ metadata:
     app.kubernetes.io/name: harbor
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
+    app.kubernetes.io/version: "2.11.1"
 data:
 ---
 # Source: harbor/templates/jobservice/jobservice-pvc.yaml
@@ -514,7 +339,7 @@ metadata:
     app.kubernetes.io/name: harbor
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
+    app.kubernetes.io/version: "2.11.1"
     component: jobservice
     app.kubernetes.io/component: jobservice
 spec:
@@ -539,7 +364,7 @@ metadata:
     app.kubernetes.io/name: harbor
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
+    app.kubernetes.io/version: "2.11.1"
 spec:
   ports:
     - name: http-web
@@ -566,7 +391,7 @@ metadata:
     app.kubernetes.io/name: harbor
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
+    app.kubernetes.io/version: "2.11.1"
 spec:
   ports:
     - name: http-metrics
@@ -590,7 +415,7 @@ metadata:
     app.kubernetes.io/name: harbor
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
+    app.kubernetes.io/version: "2.11.1"
 spec:
   ports:
     - name: http-jobservice
@@ -603,39 +428,6 @@ spec:
     app: "harbor"
     component: jobservice
 ---
-# Source: harbor/templates/nginx/service.yaml
-apiVersion: v1
-kind: Service
-metadata:
-  name: harbor
-  labels:
-    heritage: Helm
-    release: harbor
-    chart: harbor
-    app: "harbor"
-    app.kubernetes.io/instance: harbor
-    app.kubernetes.io/name: harbor
-    app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
-  annotations:
-    cert-manager.io/cluster-issuer: default
-    external-dns.alpha.kubernetes.io/hostname: harbor.k-space.ee
-    metallb.universe.tf/address-pool: elisa
-spec:
-  type: LoadBalancer
-  ports:
-    - name: http
-      port: 80
-      targetPort: 8080
-    - name: https
-      port: 443
-      targetPort: 8443
-  selector:
-    release: harbor
-    app: "harbor"
-    component: nginx
----
 # Source: harbor/templates/portal/service.yaml
 apiVersion: v1
 kind: Service
@@ -650,7 +442,7 @@ metadata:
     app.kubernetes.io/name: harbor
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
+    app.kubernetes.io/version: "2.11.1"
 spec:
   ports:
     - port: 80
@@ -674,7 +466,7 @@ metadata:
     app.kubernetes.io/name: harbor
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
+    app.kubernetes.io/version: "2.11.1"
 spec:
   ports:
     - name: http-registry
@@ -703,7 +495,7 @@ metadata:
     app.kubernetes.io/name: harbor
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
+    app.kubernetes.io/version: "2.11.1"
     component: core
     app.kubernetes.io/component: core
 spec:
@@ -725,13 +517,13 @@ spec:
         app.kubernetes.io/name: harbor
         app.kubernetes.io/managed-by: Helm
         app.kubernetes.io/part-of: harbor
-        app.kubernetes.io/version: "2.11.0"
+        app.kubernetes.io/version: "2.11.1"
         component: core
         app.kubernetes.io/component: core
       annotations:
-        checksum/configmap: 9ea7f1881e4fe5b908355ee28e246b67c8c498d2f719dd74a5536a51ee2d9865
+        checksum/configmap: 459defa5f990e3b5029d62cfdb86ca9a4191544419bdac39dac6eabc20a1d07c
-        checksum/secret: 0d2219f91d2afe8594c0136b9b35ea5048724958d8c76a501028f770b34398df
+        checksum/secret: d5281f549a139365b09eb4bc8e2376155c5a67d037b5a2e1fcb1d51a2d321615
-        checksum/secret-jobservice: 555460412a789ff6b5f107e7a44d6deb7ce9d069b97350b3e9e088e4e5d15330
+        checksum/secret-jobservice: 86e7ec26365fbc33f4c2ecf695d2934a23308e08c76a71be7d190763914a8e1b
     spec:
       securityContext:
         runAsUser: 10000
@@ -740,7 +532,7 @@ spec:
       terminationGracePeriodSeconds: 120
       containers:
       - name: core
-        image: goharbor/harbor-core:v2.11.0
+        image: goharbor/harbor-core:v2.11.1
         imagePullPolicy: IfNotPresent
         startupProbe:
           httpGet:
@@ -828,6 +620,7 @@ spec:
           secretName: harbor-core
       - name: ca-download
         secret:
+          secretName: "harbor-ingress"
       - name: psc
         emptyDir: {}
 ---
@@ -845,7 +638,7 @@ metadata:
     app.kubernetes.io/name: harbor
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
+    app.kubernetes.io/version: "2.11.1"
     component: exporter
     app.kubernetes.io/component: exporter
 spec:
@@ -867,12 +660,12 @@ spec:
         app.kubernetes.io/name: harbor
         app.kubernetes.io/managed-by: Helm
         app.kubernetes.io/part-of: harbor
-        app.kubernetes.io/version: "2.11.0"
+        app.kubernetes.io/version: "2.11.1"
         component: exporter
         app.kubernetes.io/component: exporter
       annotations:
-        checksum/configmap: 79f5dcd087513f8f1d03fca430907faeb9bd7df805dbb251b750fb49ccb0f0b5
+        checksum/configmap: 7175588df9aea5ad07381b9e28514d0f3506380b511be090b7d2ddc40beb5ab0
-        checksum/secret: 55bad27b07dca97c644c9977eb8c3da9c08c8b8bbda2854878d2936a8da28508
+        checksum/secret: be1b09e9e24f666fd357cca51bb49abd966708df0bd2e97078bf88db7ffddf85
     spec:
       securityContext:
         runAsUser: 10000
@@ -880,7 +673,7 @@ spec:
       automountServiceAccountToken: false
       containers:
       - name: exporter
-        image: goharbor/harbor-exporter:v2.11.0
+        image: goharbor/harbor-exporter:v2.11.1
         imagePullPolicy: IfNotPresent
         livenessProbe:
           httpGet:
@@ -937,7 +730,7 @@ metadata:
     app.kubernetes.io/name: harbor
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
+    app.kubernetes.io/version: "2.11.1"
     component: jobservice
     app.kubernetes.io/component: jobservice
 spec:
@@ -961,14 +754,14 @@ spec:
         app.kubernetes.io/name: harbor
         app.kubernetes.io/managed-by: Helm
         app.kubernetes.io/part-of: harbor
-        app.kubernetes.io/version: "2.11.0"
+        app.kubernetes.io/version: "2.11.1"
         component: jobservice
         app.kubernetes.io/component: jobservice
       annotations:
-        checksum/configmap: 3a35bef831e58536bf86670117b43e2913a4c1a60d0e74d948559d7a7d564684
+        checksum/configmap: 5af691ab7fd728ad91fbd355f03ea709d69f58a32e405436cec9056617490bb3
-        checksum/configmap-env: 80e8b81abf755707210d6112ad65167a7d53088b209f63c603d308ef68c4cfad
+        checksum/configmap-env: f86af5d5cdbf21c00a2721265d7db84c8cda8ef1b2ac4da29aff32dbdf0a875d
-        checksum/secret: 66cf8ec37ca1e006ea224e0913c9deb407300393d221fe0564dee44e6b0174cd
+        checksum/secret: 5c1da09046fad8a9360c25063c6f994ff2b3ef91838f4d82f319994cfde74bfe
-        checksum/secret-core: a4bf7ecaeb201e06638a18b9e941a4b0e66668e484d6084fd1844d2c25a6492c
+        checksum/secret-core: b5644ea6869f9d895c16fe1ec9f6f7d83311c61aee4468b501d3f227e3e2de7e
     spec:
       securityContext:
         runAsUser: 10000
@@ -977,7 +770,7 @@ spec:
       terminationGracePeriodSeconds: 120
       containers:
       - name: jobservice
-        image: goharbor/harbor-jobservice:v2.11.0
+        image: goharbor/harbor-jobservice:v2.11.1
         imagePullPolicy: IfNotPresent
         livenessProbe:
           httpGet:
@@ -1030,96 +823,6 @@ spec:
         persistentVolumeClaim:
           claimName: harbor-jobservice
 ---
-# Source: harbor/templates/nginx/deployment.yaml
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: harbor-nginx
-  labels:
-    heritage: Helm
-    release: harbor
-    chart: harbor
-    app: "harbor"
-    app.kubernetes.io/instance: harbor
-    app.kubernetes.io/name: harbor
-    app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
-    component: nginx
-    app.kubernetes.io/component: nginx
-spec:
-  replicas: 1
-  revisionHistoryLimit: 10
-  selector:
-    matchLabels:
-      release: harbor
-      app: "harbor"
-      component: nginx
-  template:
-    metadata:
-      labels:
-        heritage: Helm
-        release: harbor
-        chart: harbor
-        app: "harbor"
-        app.kubernetes.io/instance: harbor
-        app.kubernetes.io/name: harbor
-        app.kubernetes.io/managed-by: Helm
-        app.kubernetes.io/part-of: harbor
-        app.kubernetes.io/version: "2.11.0"
-        component: nginx
-        app.kubernetes.io/component: nginx
-      annotations:
-        checksum/configmap: 7114a5d89af834358c44d0e87c66e2c69da2e3dd545c02472a416c8a7857b983
-    spec:
-      securityContext:
-        runAsUser: 10000
-        fsGroup: 10000
-      automountServiceAccountToken: false
-      containers:
-      - name: nginx
-        image: "goharbor/nginx-photon:v2.11.0"
-        imagePullPolicy: "IfNotPresent"
-        livenessProbe:
-          httpGet:
-            scheme: HTTPS
-            path: /
-            port: 8443
-          initialDelaySeconds: 300
-          periodSeconds: 10
-        readinessProbe:
-          httpGet:
-            scheme: HTTPS
-            path: /
-            port: 8443
-          initialDelaySeconds: 1
-          periodSeconds: 10
-        securityContext: 
-          allowPrivilegeEscalation: false
-          capabilities:
-            drop:
-            - ALL
-          privileged: false
-          runAsNonRoot: true
-          seccompProfile:
-            type: RuntimeDefault
-        ports:
-        - containerPort: 8080
-        - containerPort: 8443
-        volumeMounts:
-        - name: config
-          mountPath: /etc/nginx/nginx.conf
-          subPath: nginx.conf
-        - name: certificate
-          mountPath: /etc/nginx/cert
-      volumes:
-      - name: config
-        configMap:
-          name: harbor-nginx
-      - name: certificate
-        secret:
-          secretName: harbor-ingress
----
 # Source: harbor/templates/portal/deployment.yaml
 apiVersion: apps/v1
 kind: Deployment
@@ -1134,7 +837,7 @@ metadata:
     app.kubernetes.io/name: harbor
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
+    app.kubernetes.io/version: "2.11.1"
     component: portal
     app.kubernetes.io/component: portal
 spec:
@@ -1156,11 +859,11 @@ spec:
         app.kubernetes.io/name: harbor
         app.kubernetes.io/managed-by: Helm
         app.kubernetes.io/part-of: harbor
-        app.kubernetes.io/version: "2.11.0"
+        app.kubernetes.io/version: "2.11.1"
         component: portal
         app.kubernetes.io/component: portal
       annotations:
-        checksum/configmap: d1b4818dc76aa5b382b435491e437f3c5f9795bf1fb019c82b003f75e7bc3d8f
+        checksum/configmap: 24d858ac32ea0ba10f15274a5dc08a307a5bb9f3577cab5a58d086976c36aee5
     spec:
       securityContext:
         runAsUser: 10000
@@ -1168,7 +871,7 @@ spec:
       automountServiceAccountToken: false
       containers:
       - name: portal
-        image: goharbor/harbor-portal:v2.11.0
+        image: goharbor/harbor-portal:v2.11.1
         imagePullPolicy: IfNotPresent
         securityContext: 
           allowPrivilegeEscalation: false
@@ -1218,7 +921,7 @@ metadata:
     app.kubernetes.io/name: harbor
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
+    app.kubernetes.io/version: "2.11.1"
     component: registry
     app.kubernetes.io/component: registry
 spec:
@@ -1242,14 +945,14 @@ spec:
         app.kubernetes.io/name: harbor
         app.kubernetes.io/managed-by: Helm
         app.kubernetes.io/part-of: harbor
-        app.kubernetes.io/version: "2.11.0"
+        app.kubernetes.io/version: "2.11.1"
         component: registry
         app.kubernetes.io/component: registry
       annotations:
-        checksum/configmap: b6973055b0a56022c00f9460283665c292d00f4ec15c0b36ae334781fd72ff93
+        checksum/configmap: 275b555209ecc9f8ff34a171d588f4030db27ae049e605ccf3cfa3c75d1acb6d
-        checksum/secret: fbad596b28ac7eacc5280d30c332e45f389746bc7bd4fe312d81d20d787aa608
+        checksum/secret: ac3e3bb685db5fdc3d29fe7b464139e5bf5acbd831d0278960f1b05e1addf1ca
-        checksum/secret-jobservice: 50e965ac72128c882e5371663c8a24d54936984ec4596ee0beb3f5a35708571e
+        checksum/secret-jobservice: 45de3984a60f56d5ba07d509d8e1023ae3eb9991a15d42aaf973d7d2f7801ce9
-        checksum/secret-core: f16bee9ef108e28e08e2d059c96c79edefb3daeb36709e49be6d0a9971247651
+        checksum/secret-core: 8960ab140ede9fdba5036954428d37ab14d2398379516989d3acd370472c9b1a
     spec:
       securityContext:
         runAsUser: 10000
@@ -1259,7 +962,7 @@ spec:
       terminationGracePeriodSeconds: 120
       containers:
       - name: registry
-        image: goharbor/registry-photon:v2.11.0
+        image: goharbor/registry-photon:v2.11.1
         imagePullPolicy: IfNotPresent
         livenessProbe:
           httpGet:
@@ -1305,7 +1008,7 @@ spec:
           mountPath: /etc/registry/config.yml
           subPath: config.yml
       - name: registryctl
-        image: goharbor/harbor-registryctl:v2.11.0
+        image: goharbor/harbor-registryctl:v2.11.1
         imagePullPolicy: IfNotPresent
         livenessProbe:
           httpGet:
@@ -1376,6 +1079,83 @@ spec:
       - name: registry-data
         emptyDir: {}
 ---
+# Source: harbor/templates/ingress/ingress.yaml
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: "harbor-ingress"
+  labels:
+    heritage: Helm
+    release: harbor
+    chart: harbor
+    app: "harbor"
+    app.kubernetes.io/instance: harbor
+    app.kubernetes.io/name: harbor
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/part-of: harbor
+    app.kubernetes.io/version: "2.11.1"
+  annotations:
+    cert-manager.io/cluster-issuer: default
+    external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
+    ingress.kubernetes.io/proxy-body-size: "0"
+    ingress.kubernetes.io/ssl-redirect: "true"
+    kubernetes.io/ingress.class: traefik
+    nginx.ingress.kubernetes.io/proxy-body-size: "0"
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+    traefik.ingress.kubernetes.io/router.tls: "true"
+spec:
+  tls:
+  - secretName: harbor-ingress
+    hosts:
+    - harbor.k-space.ee
+  rules:
+  - http:
+      paths:
+      - path: /api/
+        pathType: Prefix
+        backend:
+          service:
+            name: harbor-core
+            port:
+              number: 80
+      - path: /service/
+        pathType: Prefix
+        backend:
+          service:
+            name: harbor-core
+            port:
+              number: 80
+      - path: /v2/
+        pathType: Prefix
+        backend:
+          service:
+            name: harbor-core
+            port:
+              number: 80
+      - path: /chartrepo/
+        pathType: Prefix
+        backend:
+          service:
+            name: harbor-core
+            port:
+              number: 80
+      - path: /c/
+        pathType: Prefix
+        backend:
+          service:
+            name: harbor-core
+            port:
+              number: 80
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: harbor-portal
+            port:
+              number: 80
+    host: harbor.k-space.ee
+---
 # Source: harbor/templates/metrics/metrics-svcmon.yaml
 apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
@@ -1390,7 +1170,7 @@ metadata:
     app.kubernetes.io/name: harbor
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/part-of: harbor
-    app.kubernetes.io/version: "2.11.0"
+    app.kubernetes.io/version: "2.11.1"
 spec:
   jobLabel: app.kubernetes.io/name
   endpoints: