diff --git a/apps/k8s01/goharbor/certificate.yaml b/apps/k8s01/goharbor/certificate.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..207ddd017ee3848fff841e82f57cd2513e0abd03
--- /dev/null
+++ b/apps/k8s01/goharbor/certificate.yaml
@@ -0,0 +1,65 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+ name: harbor-tls
+ namespace: goharbor
+spec:
+ dnsNames:
+ - ENC[AES256_GCM,data:ZtUXr41oIIX403VyGeG+nqeYIf8eMCZy8NDZAQ==,iv:MfFZvBXsmP3ZhdNlvS/XiOFcg3A/0Om9vytYkBkUu7E=,tag:VmfzgjbLGGmS26nKZhd4ig==,type:str]
+ - ENC[AES256_GCM,data:8rfIG+UWYwqKJw3R5HHbP9uCLerVnssEfdpJTt80Ql63N7I=,iv:NS9i7dzHiguI+2hs7Wvdp2BqJpoe7hc6kuLyIpJ5i6c=,tag:MpDmQb/hXhYIi+MHlvhyzg==,type:str]
+ issuerRef:
+ name: letsencrypt
+ kind: ClusterIssuer
+ secretName: ingress-harbor-tls
+sops:
+ kms: []
+ gcp_kms: []
+ azure_kv: []
+ hc_vault: []
+ age: []
+ lastmodified: "2022-01-21T18:21:04Z"
+ mac: ENC[AES256_GCM,data:ZOoIJhoRcSBWLcIzqzTI/fGQC0Q+vdilsBnlsvp5jufvfu3XgdWkAP2PalGfu2ZBMU62D5rqMPWoBCPr9xYBWvqYcykzllZzlMXQdFMHnri6xWqa+2mq+qbkZwgyCdcS9hc4Uug6etD7IgG9lgcYu8Qu3q80GykF8D6SergPx2M=,iv:z8ANTe/fnJgcQX+q5N7kq8+XyLQqOAl/2SL+wA3MFAE=,tag:iQXsycXXdwQuOreS4lCtbQ==,type:str]
+ pgp:
+ - created_at: "2022-01-21T18:13:48Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ wcFMA7kpg2bgzVHcARAAHhDshl1OJqNRUolNvbIXzOuDzssJnvyi6cIZuMmVMsxf
+ a6wAWAtYOehvtn1ODL7/h4fIpBtfp7d8VuwfJSrh3ghUeiOl3zRzQbmaFA2L5/iG
+ Jd94tFAVwIl30qjcYqGVB2RF27VF1RElzgDLQh3hiXn1hDC+WmNSnBF5hwnwCFOL
+ wM4BHuE2AB4TX3PlYSo1n71VSzcCqRzbIxelZasYLnJQVL0VE6AjEd/fHS468R8N
+ aZ3mhmHW3sWzuLHNREMD2Q3ghkguLhau0VoETlYRI9103I4k7/khFrhAj5l2/PUr
+ 2SWgpXyRqXVaKPeTiQs3QR8B5jNq3BlZj6Celw5Ig/wx3LY0EhI9e9WFgtSlZxM+
+ 2yk65HQGvTIgsbys/z/0skA9vqik9csFRsH9iK42E/+XLvoAT6yxyl0cv1kBEyAS
+ ggPmKOq8+CT+voHzuh8kZHq9Sa8kH5xL1DQLzX2yIruV3OhTPSK+VlDpjUbycmI2
+ qR1oCo/snOJwwwvfl9vu0B8FCwhrz8554ZQBErFfJl6GFiUV8LElRlZh5S9Jiysr
+ nYJS5gxrcvjF/0Y6EHEfWDRDxvCHoWQpWhl2hRkh5UlQKH0ab+QWLYpISyNJxjfl
+ orQJdaVX3BQwhqMLwiMLGoaNGrSpmxXveLOZmsdK0obXC67lyE6ZM/Wy6gx2dFnS
+ 5gFdXCLzQmmjYK8gIlsejQdnxZI2qWavZIN9T70OZQGaDE/S+U1uxKjuGBM7HTcP
+ 7f1nUa6z96A9ydWs1xHjtm7k172V16PMSrvjQ8KLhFJd9eJDq3ksAA==
+ =XgF6
+ -----END PGP MESSAGE-----
+ fp: 286791FB6648539775DB31B8FCB98C2A3EC6F601
+ - created_at: "2022-01-21T18:13:48Z"
+ enc: |
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA4oYbIHZIrAPAQ//S/9rOkbd3beNH20dxgZ7VuZxgnjiV3Hd3om717njcMm2
+ kCfTJ3AmpLtQsT2s1W221tIyCwtHOobj82ANP9KzNi4e6v3LlNTIVHTQiHXk9KJP
+ AX6JoCOLu3bAI0xcdApNBU2wAlHBVC+T4BUfhPqD5AdHpW++e1qUIsM/6TViunHj
+ BWoIA0bpXqyOhTm1GbkJrHMgczJn2qgR5lBf8wgGmASd8jlNyfA7SxoKHj8sl/Ji
+ nucP/90dmyD2eBIJYdYS3anJYa2uP96oioG5xxIyfppnL5dwozDAit3Z5vvnBZNb
+ 1rrpUnN8H0cCcaj7tmDEmjGfjGwxLKegQRZX7Pg5hwaaOOPGheXf8Ip/DpDf6T0n
+ Sq24X6DC5gD1RBU+YY6ZayMt/OKpVVVwRlY4BTDIUe4M+ecK/fve5vpDW2M+KWMc
+ pOkO1B09/prsX0w5XjFh8hb/6HlDDhomiB+BszcRCUDzocRzSEIFwMf7/iTaExe8
+ 2fKCCHB4kHo6GHpydlQOpnGMOvDmiNKopXxTkFQUFQjyRmHGXf/u79JNXBjHkniv
+ ZiokjTEarwMp68dyiaL4L/5Uk+4NG3MetobqSaeW2TbeBwif3G2eFleYscz7QPIR
+ 5ZBBhU/CoUEz2Xge6t8rlp8PNcQ1yq/R+tZjaeqIIT4++ZxCErhA0lsxyFrgLefU
+ aAEJAhD7hR3IMDGN2zOZSiw1IBz9P8Jss/oERQiuVpe/eTv5Vqj9vuL+koKftwnF
+ vSVkNo0fLwNLtnU659Mkoj9utoUL9tAhcCMpP3NehKkBG5RjF9crnIP6zT3lvVU0
+ GYyW4Lsfrt/a
+ =FfV+
+ -----END PGP MESSAGE-----
+ fp: B137EE1549DFAF960DD1E2B15147025FB9F09E07
+ encrypted_regex: ^(data|stringData|email|dnsZones?|dnsNames?|hosts?|tang|externalURL)$
+ version: 3.7.1
diff --git a/apps/k8s01/goharbor/goharbor-values.yaml b/apps/k8s01/goharbor/goharbor-values.yaml
index 0b2ae4c93dd8a3736eee9557cb644cbb12060ed4..1ac04573d79a5d56bd855efefee1fb1850576e82 100644
--- a/apps/k8s01/goharbor/goharbor-values.yaml
+++ b/apps/k8s01/goharbor/goharbor-values.yaml
@@ -10,12 +10,9 @@ spec:
tls:
certSource: secret
secret:
- secretName: harbor-tls
- notarySecretName: harbor-notary-tls
+ secretName: ingress-harbor-tls
+ notarySecretName: ingress-harbor-tls
ingress:
- annotations:
- cert-manager.io/cluster-issuer: letsencrypt
- cert-manager.io/issue-temporary-certificate: "true"
hosts:
core: ENC[AES256_GCM,data:XZQcRdMZuipxq8ZXYCZ9CoOVE6KFcO6OqGBx7w==,iv:Y+E1yMHN7OPVSSk7jcPH4UhcLqBSjRgevfkoc3Hlw1U=,tag:IQN1pTq0JhqvCiLV8/ytoQ==,type:str]
notary: ENC[AES256_GCM,data:ojLU8tw8zh22Rmw5MsZMgAsfun7uF/1I+MErLKZTWDUS79k=,iv:hLku/snVK/vxyxeSfOFhZSlnv7zg3J5Z6vpmCNnssug=,tag:0EqjAjVm2fd9c7tKH5P5UQ==,type:str]
@@ -29,8 +26,8 @@ sops:
azure_kv: []
hc_vault: []
age: []
- lastmodified: "2022-01-21T17:52:46Z"
- mac: ENC[AES256_GCM,data:NIsMl1nPaztgBl63NbJHU07C2xjpIj2u2PW6817OuE85H95qcC84RcIhk748FoCJept/PIj48sacUboC59LtsBbUEEmoqBrcSDpL1FQ8ZYtOZnrBwiMPV1j6lNBB3dwDuXobPdQ+ZmX5y5By982XADznXG9kY/N0CZ0WF6AMWLg=,iv:DcbZayzir1BbQTHIfJYpxktfmXb7iW+tWGEZ0r3e0YU=,tag:7xHF5qOV0nfTt3Myiq7LVw==,type:str]
+ lastmodified: "2022-01-21T18:21:35Z"
+ mac: ENC[AES256_GCM,data:e5EHHH7sy1IpAQLFiLqlVbuJuU9sJjeJLw7goSNRyRRMCJBeQBCHV7OFyVMwG2dxbbgWB0bUw7VXLBRbajDRoQy3jctltM9mGcwZBsyn66ncQCPi/Cl1raUb3PP84BzdEsElDWjenG1RFiVwhF5bPcnoQL14X8JJ0yrl8Pq+qhg=,iv:HCwkj6uVYkjWHqVcxo+dmqg6VBnA7qqeYGWc4L2AWz0=,tag:bXtLk5syxISv3B4a/JBcmg==,type:str]
pgp:
- created_at: "2022-01-21T00:21:42Z"
enc: |-
diff --git a/apps/k8s01/goharbor/kustomization.yaml b/apps/k8s01/goharbor/kustomization.yaml
index 9f002ee774e5a53cbaa7d83c867e7cef58b6514b..909d1fef248e770b469378c9f2d0722a857dd3f6 100644
--- a/apps/k8s01/goharbor/kustomization.yaml
+++ b/apps/k8s01/goharbor/kustomization.yaml
@@ -4,3 +4,4 @@ resources:
- ../../base/goharbor
patchesStrategicMerge:
- goharbor-values.yaml
+ - certificate.yaml