Kubernetes ingress hsts not enabled

my current ingress configuration is:

apiVersion: "networking.k8s.io/v1"
kind: "Ingress"
metadata:
  name: "app-ingress"
  annotations:
    kubernetes.io/ingress.global-static-ip-name: "app-external-ip"
    kubernetes.io/ingress.class: "gce"
spec:
  tls:
    - hosts:
        - "example.app"
      secretName: "app-tls"
  rules:
    - host: "example.app"
      http:
        paths:
          - path: "/"
            pathType: "Prefix"
            backend:
              service:
                name: "app-service"
                port:
                  number: 80

now i struggle with not HSTS enabled. I can enter example.app with http and https protocol, but i want to strict it to https only. I tried:

• using nginx.ingress.kubernetes.io/force-ssl-redirect: "true" - still http available
• using kubernetes.io/ingress.allow-http: "false" - creates google managed certificate (im using self signed one app-tls) which makes ssl cert error in browser. I'm pretty sure second one should be the option and i'm doing something wrong or misconfigure something.

Your ingress class is GCE and might be using the GCE ingress so Nginx annotation should not work.

So you have to create the

apiVersion: networking.gke.io/v1beta1
kind: FrontendConfig
metadata:
  name: my-frontend-config
spec:
  redirectToHttps:
    enabled: true
    responseCodeName: MOVED_PERMANENTLY_DEFAULT

Read more at : Doc ref