diff --git a/apps/base/goharbor/namespace.yaml b/apps/base/goharbor/namespace.yaml
index 3d1dead4976cccd5f66bb774a46080afea03ef91..15df40ed4d0f5d6abb615b64d3b96cd428196022 100644
--- a/apps/base/goharbor/namespace.yaml
+++ b/apps/base/goharbor/namespace.yaml
@@ -4,3 +4,33 @@ metadata:
   name: goharbor
   labels:
     name: goharbor
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: flux-reconciler
+  namespace: goharbor
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: flux-reconciler
+  namespace: goharbor
+rules:
+  - apiGroups: ["*"]
+    resources: ["*"]
+    verbs: ["*"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: flux-reconciler
+  namespace: goharbor
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: flux-reconciler
+subjects:
+  - kind: ServiceAccount
+    name: flux-reconciler
+    namespace: goharbor
diff --git a/apps/base/goharbor/release.yaml b/apps/base/goharbor/release.yaml
index 8b7bb65a9b18fd8fa4069202b49467f3e6e604f1..da005c550a0f7007cf1dae475e8806aa06a3342d 100644
--- a/apps/base/goharbor/release.yaml
+++ b/apps/base/goharbor/release.yaml
@@ -4,6 +4,7 @@ metadata:
   name: goharbor
   namespace: goharbor
 spec:
+  serviceAccountName: flux-reconciler
   timeout: 15m
   releaseName: harbor
   chart: