diff --git a/.sops.yaml b/.sops.yaml
index f3e7a05093716520ed79be8539af1588c3a156af..d9ea3b0a2e31db9d9e5e49c066ab4911bbb6f442 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -1,6 +1,6 @@
creation_rules:
- path_regex: (clusters|apps)/k8s01/.*.yaml
- encrypted_regex: ^(data|stringData|email|dnsZones?|dnsNames?|hosts?|tang)$
+ encrypted_regex: ^(data|stringData|email|dnsZones?|dnsNames?|hosts?|tang|externalURL)$
pgp: >-
286791FB6648539775DB31B8FCB98C2A3EC6F601,
B137EE1549DFAF960DD1E2B15147025FB9F09E07
diff --git a/apps/base/goharbor/kustomization.yaml b/apps/base/goharbor/kustomization.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..16a58318b984ff57e96b23e66f64fe7797a4d2d8
--- /dev/null
+++ b/apps/base/goharbor/kustomization.yaml
@@ -0,0 +1,7 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: metallb-system
+resources:
+ - namespace.yaml
+ - repository.yaml
+ - release.yaml
diff --git a/apps/base/goharbor/namespace.yaml b/apps/base/goharbor/namespace.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..3d1dead4976cccd5f66bb774a46080afea03ef91
--- /dev/null
+++ b/apps/base/goharbor/namespace.yaml
@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: goharbor
+ labels:
+ name: goharbor
diff --git a/apps/base/goharbor/release.yaml b/apps/base/goharbor/release.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..010cb3240c679e011a97a0c5b568adcbde5a3f30
--- /dev/null
+++ b/apps/base/goharbor/release.yaml
@@ -0,0 +1,29 @@
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+ name: goharbor
+ namespace: goharbor
+spec:
+ releaseName: goharbor
+ chart:
+ spec:
+ chart: goharbor
+ sourceRef:
+ kind: HelmRepository
+ name: goharbor
+ version: 1.8.1
+ interval: 5m
+ values:
+ metrics:
+ enabled: true
+ serviceMonitor:
+ enabled: true
+ # expose:
+ # ingress:
+ # hosts:
+ # core: core.harbor.domain
+ # notary: notary.harbor.domain
+ # persistence:
+ # persistentVolumeClaim:
+ # registry:
+ # size: 5G
diff --git a/apps/base/goharbor/repository.yaml b/apps/base/goharbor/repository.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..fff1657723f097aea188f2154434485c0e07ec15
--- /dev/null
+++ b/apps/base/goharbor/repository.yaml
@@ -0,0 +1,8 @@
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: HelmRepository
+metadata:
+ name: goharbor
+ namespace: goharbor
+spec:
+ interval: 30m
+ url: https://helm.goharbor.io
diff --git a/apps/k8s01/goharbor/goharbor-values.yaml b/apps/k8s01/goharbor/goharbor-values.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..08d0986965b88442e768fd4604c86e8247afd6e1
--- /dev/null
+++ b/apps/k8s01/goharbor/goharbor-values.yaml
@@ -0,0 +1,71 @@
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+ name: goharbor
+ namespace: goharbor
+spec:
+ values:
+ externalURL: ENC[AES256_GCM,data:mvKSE2Snv3r7SoNVmtvoapw+d2uowij5T1Mpa+schBS4Avvu,iv:VxKeqVRV384Bsckl8hgpQxY/EQoFr9tCmwPAkqivqCc=,tag:jznu2NsOfQAPuqOcCos+Jg==,type:str]
+ expose:
+ ingress:
+ annotations:
+ cert-manager.io/cluster-issuer: letsencrypt
+ hosts:
+ core: ENC[AES256_GCM,data:XZQcRdMZuipxq8ZXYCZ9CoOVE6KFcO6OqGBx7w==,iv:Y+E1yMHN7OPVSSk7jcPH4UhcLqBSjRgevfkoc3Hlw1U=,tag:IQN1pTq0JhqvCiLV8/ytoQ==,type:str]
+ notary: ENC[AES256_GCM,data:ojLU8tw8zh22Rmw5MsZMgAsfun7uF/1I+MErLKZTWDUS79k=,iv:hLku/snVK/vxyxeSfOFhZSlnv7zg3J5Z6vpmCNnssug=,tag:0EqjAjVm2fd9c7tKH5P5UQ==,type:str]
+ persistence:
+ persistentVolumeClaim:
+ registry:
+ size: 20G
+sops:
+ kms: []
+ gcp_kms: []
+ azure_kv: []
+ hc_vault: []
+ age: []
+ lastmodified: "2022-01-21T00:21:42Z"
+ mac: ENC[AES256_GCM,data:hBZspechW8wtp3+ekoO07+G14FRWX09r3qQTMBw4v7eJuKhExIXuvPYFAZBepCJeH89jLhK3SRs9B0jYIlZAf34XqAQnlGvRRWLiRWZh3u/QuuRbtM63r6IWEd4URfK+hNBuq1D4nDViEjHgS7M+Yt5oBfKIGU0vYPRDCi5gzNU=,iv:EwjMOCvU0n9YoCjaqDZB37abGk2lH6zM262tR8Ioq5g=,tag:FTi/mLGuStCmAorJbalO8Q==,type:str]
+ pgp:
+ - created_at: "2022-01-21T00:21:42Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ wcFMA7kpg2bgzVHcARAAIowqC8OXUZWJCDmFa8k2EFvYwEVjCPRe8YCWBF+EJxcI
+ 91w5Ji2ETRcp/KWD0UgpSxp9oB89UjRDLQAmRKn5PkzbiebRBTOeN3JWkwjMhCo1
+ Axm9drrOMXXssQJYUhiA02IGadDyiBo9P6Gb7MZYsJhFJhSFfVRHb2XkbGuQX9R0
+ RioxFh/pl24Ypw4sZZk68r5LQUa5QCsa6rusnOlZ10QIb4ubw+dQg6NcyQDqmb7f
+ EOuWHj8MjMvfz3n+bsXWiozME1ciGrrZk7lvXxLNnS65CtAB0hqR67KLyG6uNjAX
+ lyP433NjbtFsBPXIlOt8QI1y0ESs6jfIeq78+UlxfRtyqgia98objREsvsXYkUFF
+ fTWquxKDy8lGe8iERxYgQdXOryv7a+bXiUF94TU3RVn0Y3p4IL4sMAIZAaaYiLpX
+ 5BvjsuhjcMneyPMVrICAdFz7CkGCKww6ZaCuvl4R4rvDvI+86TLRFp/IYYT5L0h8
+ 97QwFFgttNCl9NB05OttkFxEj/aOZvlZQhMA9LWbnF5K9L8fu4nA52NlCui8qGks
+ uDDBI0v4qrd+jCuCCL0F7XTqWgWWzZFcipcCPAP1opOmHM7GUMbakvMp7XjFV+EC
+ yLSI2tmBo68fdTffIO2pqGukZ7iqsDVNJuFaPqUvw3aqRvHeqAcyCCATexSlJjXS
+ 5gHodc9mB9LnFHXd/pflOAWaidAzNLvAoTDCm0apYWdcNu3SSzp6QnZfaNzr8TC6
+ M4FtxIXKCPmYySU7c7ELSX3kJh7XpcZo9dV+RB6BhXcYfeKEILjYAA==
+ =yXAT
+ -----END PGP MESSAGE-----
+ fp: 286791FB6648539775DB31B8FCB98C2A3EC6F601
+ - created_at: "2022-01-21T00:21:42Z"
+ enc: |
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA4oYbIHZIrAPAQ//a6c4178RnafGvEiP1mXjXDm3BwwpzVUuPV+iNdss5Hyv
+ 09MEv3VcBnqg7rDsRZOq3J2P6U9PCVaAVoGxIwebL2dNSkA2T1fCowaElISpUZk7
+ a2SbdqU1dE0l7LgnyEHHtHWl/R+B2yQ0C9taNEBYFEEdgvCC01so1NELOfwy99yt
+ ATIg/flZNskP9lyux08N8MdFB6ISJCNo64/Qz7+cvyrTS6swLcBLOur9gh6agmPl
+ hnie7HUSbpKzzWtHe8Py2J19/KzRqXp2H/6IbjD3IT08YcYFftBcKDPpCCP5a00N
+ 2/s9xVH3wMfvyLnE4ZtPoG8Qnk38kcuWI5wC5Hj7cSai3LvDqSHA/gVZF+f07DW3
+ FBx/7unAm6VEPFtmfK8sbyO0hyNzyFAQbe2N1kZb0B4HzfQr6LSo80gb+usq8TyD
+ fLSsnNmFTB9v3fc6krECRdZHD4qA+CdJVlTPbmZNItauUUmdJ6K5tbSiWtag3EaP
+ Jj8GFiBYlN31CKuY/Jm5QrMDY1CkOwaH9kMjLkvXsUTXyPFJHiNEiT4BhBH3Epmc
+ KA3ymxFLzvYXD/5p3p4DMbM7uXeWAF4/aNG3lg9RMx2IKBPWIVGz8YaoiujhAHAa
+ 1VWxHG3o+YeIaOKQsGH2ViDkte0J7rdY00k8PAxdtPh76jhhHZPKbUxeUGbdFNTU
+ aAEJAhBeK6wKcyyCwb7oNLon6RahRMtGsCvVPIZ+yfMLeCnkT/zPvk1rjOQ3Gmbw
+ ErnXFWUmFwyqpWCigGTB7lNwZGJT+VJRZiVryQ6UL5DrKTsswxWAuAZBGrii4ZOv
+ k452MemknFsT
+ =Uop7
+ -----END PGP MESSAGE-----
+ fp: B137EE1549DFAF960DD1E2B15147025FB9F09E07
+ encrypted_regex: ^(data|stringData|email|dnsZones?|dnsNames?|hosts?|tang|externalURL)$
+ version: 3.7.1
diff --git a/apps/k8s01/goharbor/kustomization.yaml b/apps/k8s01/goharbor/kustomization.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..26e6778ee63967486723f958fbb9fe8b12456c65
--- /dev/null
+++ b/apps/k8s01/goharbor/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+ - ../base/goharbor
+patchesStrategicMerge:
+ - goharbor-values.yaml