The official gitlab helm chart for pages does not support a cert manager for
*.pages.example.org as this is officially
not supported. Thus you have to create the
wildcard certificate manually
like described in the docs.
So how to update this regulary? I think there are multiple options (using a different tool then cert manager, running a cronjob in k8s doing acme.sh or others), but I choose today: a scheduled pipeline in gitlab.