From f7610c9a3e110ff3fbd4910ee43c2ee978d8bee8 Mon Sep 17 00:00:00 2001
From: Mayne0213 <bluemayne0213@icloud.com>
Date: Mon, 29 Dec 2025 13:42:21 +0900
Subject: [PATCH] FEAT(cert-manager): integrate cert-manager,

- vault, velero
---
 velero/argocd-velero.yaml              | 47 --------------------
 velero/{argocd-ui.yaml => argocd.yaml} | 61 +++++++++++++++++++++-----
 velero/kustomization.yaml              |  4 --
 3 files changed, 49 insertions(+), 63 deletions(-)
 delete mode 100644 velero/argocd-velero.yaml
 rename velero/{argocd-ui.yaml => argocd.yaml} (62%)

diff --git a/velero/argocd-velero.yaml b/velero/argocd-velero.yaml
deleted file mode 100644
index d026225..0000000
--- a/velero/argocd-velero.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: velero
-  namespace: argocd
-  finalizers:
-    - resources-finalizer.argocd.argoproj.io
-spec:
-  project: default
-
-  sources:
-    # Helm chart from VMware Tanzu repository
-    - repoURL: https://vmware-tanzu.github.io/helm-charts
-      chart: velero
-      targetRevision: 11.2.0
-      helm:
-        valueFiles:
-          - $values/velero/helm-values.yaml
-    # Values file from Git repository
-    - repoURL: https://gitea0213.kro.kr/bluemayne/cluster-infrastructure.git
-      targetRevision: main
-      ref: values
-
-  destination:
-    server: https://kubernetes.default.svc
-    namespace: velero
-
-  syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-      allowEmpty: false
-
-    syncOptions:
-      - CreateNamespace=true
-      - PrunePropagationPolicy=foreground
-      - PruneLast=true
-      - ServerSideApply=true
-
-    retry:
-      limit: 5
-      backoff:
-        duration: 5s
-        factor: 2
-        maxDuration: 3m
-
-  revisionHistoryLimit: 10
diff --git a/velero/argocd-ui.yaml b/velero/argocd.yaml
similarity index 62%
rename from velero/argocd-ui.yaml
rename to velero/argocd.yaml
index a427567..8bd0855 100644
--- a/velero/argocd-ui.yaml
+++ b/velero/argocd.yaml
@@ -1,5 +1,52 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
+metadata:
+  name: velero
+  namespace: argocd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+
+  sources:
+    - repoURL: https://vmware-tanzu.github.io/helm-charts
+      chart: velero
+      targetRevision: 11.2.0
+      helm:
+        valueFiles:
+          - $values/velero/helm-values.yaml
+    - repoURL: https://gitea0213.kro.kr/bluemayne/cluster-infrastructure.git
+      targetRevision: main
+      ref: values
+
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: velero
+
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+      allowEmpty: false
+
+    syncOptions:
+      - CreateNamespace=true
+      - PrunePropagationPolicy=foreground
+      - PruneLast=true
+      - ServerSideApply=true
+
+    retry:
+      limit: 5
+      backoff:
+        duration: 5s
+        factor: 2
+        maxDuration: 3m
+
+  revisionHistoryLimit: 10
+
+---
+apiVersion: argoproj.io/v1alpha1
+kind: Application
 metadata:
   name: velero-ui
   namespace: argocd
@@ -9,36 +56,29 @@ spec:
   project: default
 
   source:
-    # Helm chart from OTWLD repository
     repoURL: https://helm.otwld.com/
     chart: velero-ui
-    targetRevision: "*"  # Use latest version
+    targetRevision: "*"
     helm:
       values: |
-        # Image configuration
         image:
           repository: otwld/velero-ui
           tag: latest
           pullPolicy: IfNotPresent
 
-        # Replica count
         replicaCount: 1
 
-        # Resources
         resources:
           requests:
             cpu: 30m
             memory: 128Mi
           limits:
-            # cpu: removed to prevent throttling
             memory: 256Mi
 
-        # Service configuration
         service:
           type: ClusterIP
           port: 3000
 
-        # Environment variables
         env:
           - name: BASIC_AUTH_USERNAME
             valueFrom:
@@ -52,18 +92,15 @@ spec:
                 key: password
         envFrom: []
 
-        # Pod security context
         podSecurityContext:
           runAsNonRoot: true
           runAsUser: 1000
           fsGroup: 1000
 
-        # Container security context
         securityContext:
           allowPrivilegeEscalation: false
           readOnlyRootFilesystem: false
 
-        # Service account
         serviceAccount:
           create: true
           name: velero-ui
@@ -79,7 +116,7 @@ spec:
       allowEmpty: false
 
     syncOptions:
-      - CreateNamespace=false  # velero namespace already exists
+      - CreateNamespace=false
       - PrunePropagationPolicy=foreground
       - PruneLast=true
       - ServerSideApply=true
diff --git a/velero/kustomization.yaml b/velero/kustomization.yaml
index 5255442..60924e2 100644
--- a/velero/kustomization.yaml
+++ b/velero/kustomization.yaml
@@ -3,11 +3,7 @@ kind: Kustomization
 
 resources:
   # argocd.yaml files은 수동으로 관리 (순환 참조 방지)
-  # - argocd-velero.yaml
-  # - argocd-ui.yaml
   - namespace.yaml
-
-  # Velero credentials from Vault
   - external-secret.yaml
   - vault/velero-ui-secret.yaml
   - ingress.yaml