Skip to content

Feature Request: Reduce external exposure overhead for registry-adapter #616

Description

@allexistence

Is your feature request related to a problem?

Deploying the registry-adapter for Harbor integration requires a fully separate Service, ingress, hostname, and TLS cert from the manager/controller endpoint (cve.adapter.svc / cve.adapter.ingress in the core chart), even in deployments that already expose the manager via ingress. This means maintaining two external hostnames and two certs to reach what is functionally a proxy in front of the same controller API — extra DNS records, extra cert-manager Issuers, extra ingress objects to keep in sync.

Solution you'd like

Support routing the adapter's endpoint through the existing manager/controller ingress as a sub-path (e.g. https:///adapter/endpoint) instead of requiring a fully separate Service + ingress. This would cut external hostnames/certs needed for Harbor integration from two to one.

Alternatives you've considered

No response

Anything else?

Happy to test a chart change

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions