Migrate to multi-cluster repo structure using kustomize (#270)

* migrate to multi-cluster repo structure with kustomize Signed-off-by: Michael Fornaro <[email protected]> * remove velero prefix Signed-off-by: Michael Fornaro <[email protected]> * update velero schedules to include persistent volume data Signed-off-by: Michael Fornaro <[email protected]> * update scripts with new dir structure Signed-off-by: Michael Fornaro <[email protected]> * temp disable kubeval Signed-off-by: Michael Fornaro <[email protected]>
xunholy · Jan 23, 2021 · 19fe48a · 19fe48a
1 parent 79b5642
commit 19fe48a
Show file tree

Hide file tree

Showing 196 changed files with 388 additions and 15 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -30,10 +30,11 @@ jobs:
         uses: actions/checkout@v2
         with:
           submodules: true
-      - name: Kubeval
-        uses: instrumenta/kubeval-action@master
-        with:
-          files: 'cluster/'
+      # TODO: enable with new dir stucture
+      # - name: Kubeval
+      #   uses: instrumenta/kubeval-action@master
+      #   with:
+      #     files: 'cluster/'
   compliance:
     runs-on: ubuntu-latest
     steps:
@@ -48,7 +49,7 @@ jobs:
           result=$(docker run --rm --workdir /github/workspace \
             -v $(pwd):/github/workspace \
             instrumenta/conftest:v0.18.2 \
-            test -o table -p security-policies/policies/ --all-namespaces --combine cluster/ --no-color || exit 0)
+            test -o table -p security-policies/policies/ --all-namespaces --combine namespaces/ --no-color || exit 0)
           result="${result//'%'/'%25'}"
           result="${result//$'\n'/'%0A'}"
           result="${result//$'\r'/'%0D'}"
@@ -61,7 +62,7 @@ jobs:
           result=$(docker run --rm --workdir /github/workspace \
             -v $(pwd):/github/workspace \
             instrumenta/conftest:v0.18.2 \
-            test -o stdout -p security-policies/policies/ --all-namespaces cluster/ --no-color || exit 0)
+            test -o stdout -p security-policies/policies/ --all-namespaces namespaces/ --no-color || exit 0)
           result="${result//'%'/'%25'}"
           result="${result//$'\n'/'%0A'}"
           result="${result//$'\r'/'%0D'}"

diff --git a/bootstrap/install.sh b/bootstrap/install.sh
@@ -28,7 +28,8 @@ if [[ -f .secrets/git-crypt/k8s-secret-sealed-secret-private-key.yaml ]]; then
   kubectl apply -f .secrets/git-crypt/k8s-secret-sealed-secret-private-key.yaml
 fi
 
-if [[ -f cluster/flux-system/repo.yaml ]]; then
+# TODO: add cluster ARG to script
+if [[ -f clusters/production/repo.yaml ]]; then
   echo "Applying Repo Sync"
-  kubectl apply -f cluster/flux-system/repo.yaml
+  kubectl apply -f clusters/production/repo.yaml
 fi
diff --git a/bootstrap/renovate-helm-releases.sh b/bootstrap/renovate-helm-releases.sh
@@ -6,8 +6,8 @@ shopt -s extglob
 
 # shellcheck disable=SC2155
 REPO_ROOT=$(git rev-parse --show-toplevel)
-CLUSTER_ROOT="${REPO_ROOT}/cluster"
-HELM_REPO_FILES=$(find "$CLUSTER_ROOT/flux-system/helm-chart-repositories" -name '*.yaml')
+CLUSTER_ROOT="${REPO_ROOT}/namespaces"
+HELM_REPO_FILES=$(find "$CLUSTER_ROOT/base/flux-system/helm-chart-repositories" -name '*.yaml')
 HELM_RELEASE_FILES=$(find "$CLUSTER_ROOT" -name '*.yaml')
 
 for HELM_REPO_FILE in $HELM_REPO_FILES; do

diff --git a/bootstrap/update.sh b/bootstrap/update.sh
@@ -14,7 +14,7 @@ flux install \
   --network-policy=false \
   --arch=arm64 \
   --log-level=info \
-  --export > "./cluster/flux-system/toolkit-components.yaml"
+  --export > "./namespaces/base/flux-system/toolkit-components.yaml"
 
 # Uncomment for local useage
 # git add -A && git commit -sam "update toolkit version to latest" && git push
diff --git a/clusters/production/repo.yaml b/clusters/production/repo.yaml
@@ -0,0 +1,30 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: GitRepository
+metadata:
+  name: k8s-gitops
+  namespace: flux-system
+spec:
+  interval: 5m
+  ref:
+    branch: main
+  url: https://github.com/raspbernetes/k8s-gitops.git
+  ignore: |
+    # exclude all
+    /*
+    # include deploy dir
+    !/cluster/
+    /cluster/**/*.md
+---
+apiVersion: kustomize.toolkit.fluxcd.io/v1beta1
+kind: Kustomization
+metadata:
+  name: k8s-gitops
+  namespace: flux-system
+spec:
+  interval: 5m
+  path: './namespaces/production'
+  sourceRef:
+    kind: GitRepository
+    name: k8s-gitops
+  prune: true
diff --git a/cluster/flux-system/repo.yaml → clusters/staging/repo.yaml b/cluster/flux-system/repo.yaml → clusters/staging/repo.yaml
@@ -23,7 +23,7 @@ metadata:
   namespace: flux-system
 spec:
   interval: 5m
-  path: './cluster/'
+  path: './namespaces/staging'
   sourceRef:
     kind: GitRepository
     name: k8s-gitops

diff --git a/cluster/actions-runner-system/README.md → ...aces/base/actions-runner-system/README.md b/cluster/actions-runner-system/README.md → ...aces/base/actions-runner-system/README.md
diff --git a/...ner-system/actions-runner-controller.yaml → ...ner-system/actions-runner-controller.yaml b/...ner-system/actions-runner-controller.yaml → ...ner-system/actions-runner-controller.yaml
diff --git a/namespaces/base/actions-runner-system/kustomization.yaml b/namespaces/base/actions-runner-system/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - actions-runner-controller.yaml
+  - runner.yaml
+  - secret.encrypted.yaml
diff --git a/cluster/actions-runner-system/runner.yaml → ...es/base/actions-runner-system/runner.yaml b/cluster/actions-runner-system/runner.yaml → ...es/base/actions-runner-system/runner.yaml
diff --git a/...tions-runner-system/secret.encrypted.yaml → ...tions-runner-system/secret.encrypted.yaml b/...tions-runner-system/secret.encrypted.yaml → ...tions-runner-system/secret.encrypted.yaml
diff --git a/cluster/flux-system/README.md → namespaces/base/flux-system/README.md b/cluster/flux-system/README.md → namespaces/base/flux-system/README.md
diff --git a/...x-system/github-notifications/alerts.yaml → ...x-system/github-notifications/alerts.yaml b/...x-system/github-notifications/alerts.yaml → ...x-system/github-notifications/alerts.yaml
diff --git a/namespaces/base/flux-system/github-notifications/kustomization.yaml b/namespaces/base/flux-system/github-notifications/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - alerts.yaml
+  - provider.yaml
+  - secret.encrypted.yaml
diff --git a/...system/github-notifications/provider.yaml → ...system/github-notifications/provider.yaml b/...system/github-notifications/provider.yaml → ...system/github-notifications/provider.yaml
diff --git a/...ithub-notifications/secret.encrypted.yaml → ...ithub-notifications/secret.encrypted.yaml b/...ithub-notifications/secret.encrypted.yaml → ...ithub-notifications/secret.encrypted.yaml
diff --git a/...hart-repositories/banzaicloud-charts.yaml → ...hart-repositories/banzaicloud-charts.yaml b/...hart-repositories/banzaicloud-charts.yaml → ...hart-repositories/banzaicloud-charts.yaml
diff --git a/...lm-chart-repositories/bitnami-charts.yaml → ...lm-chart-repositories/bitnami-charts.yaml b/...lm-chart-repositories/bitnami-charts.yaml → ...lm-chart-repositories/bitnami-charts.yaml
diff --git a/...lm-chart-repositories/coredns-charts.yaml → ...lm-chart-repositories/coredns-charts.yaml b/...lm-chart-repositories/coredns-charts.yaml → ...lm-chart-repositories/coredns-charts.yaml
diff --git a/...lm-chart-repositories/flagger-charts.yaml → ...lm-chart-repositories/flagger-charts.yaml b/...lm-chart-repositories/flagger-charts.yaml → ...lm-chart-repositories/flagger-charts.yaml
diff --git a/...chart-repositories/gatekeeper-charts.yaml → ...chart-repositories/gatekeeper-charts.yaml b/...chart-repositories/gatekeeper-charts.yaml → ...chart-repositories/gatekeeper-charts.yaml
diff --git a/...helm-chart-repositories/grafana-loki.yaml → ...helm-chart-repositories/grafana-loki.yaml b/...helm-chart-repositories/grafana-loki.yaml → ...helm-chart-repositories/grafana-loki.yaml
diff --git a/...m-chart-repositories/jetstack-charts.yaml → ...m-chart-repositories/jetstack-charts.yaml b/...m-chart-repositories/jetstack-charts.yaml → ...m-chart-repositories/jetstack-charts.yaml
diff --git a/...hart-repositories/k8s-at-home-charts.yaml → ...hart-repositories/k8s-at-home-charts.yaml b/...hart-repositories/k8s-at-home-charts.yaml → ...hart-repositories/k8s-at-home-charts.yaml
diff --git a/...-repositories/kubernetes-sigs-charts.yaml → ...-repositories/kubernetes-sigs-charts.yaml b/...-repositories/kubernetes-sigs-charts.yaml → ...-repositories/kubernetes-sigs-charts.yaml
diff --git a/...epositories/kubernetes-stable-charts.yaml → ...epositories/kubernetes-stable-charts.yaml b/...epositories/kubernetes-stable-charts.yaml → ...epositories/kubernetes-stable-charts.yaml
diff --git a/namespaces/base/flux-system/helm-chart-repositories/kustomization.yaml b/namespaces/base/flux-system/helm-chart-repositories/kustomization.yaml
@@ -0,0 +1,22 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - banzaicloud-charts.yaml
+  - bitnami-charts.yaml
+  - coredns-charts.yaml
+  - flagger-charts.yaml
+  - gatekeeper-charts.yaml
+  - grafana-loki.yaml
+  - jetstack-charts.yaml
+  - k8s-at-home-charts.yaml
+  - kubernetes-sigs-charts.yaml
+  - kubernetes-stable-charts.yaml
+  - litmuschaos-charts.yaml
+  - openebs-charts.yaml
+  - openebs-cstor-charts.yaml
+  - openfaas-charts.yaml
+  - prometheus-community-charts.yaml
+  - sealed-secrets-charts.yaml
+  - vernemq-charts.yaml
+  - vmware-charts.yaml
+  - weaveworks-kured-charts.yaml
diff --git a/...hart-repositories/litmuschaos-charts.yaml → ...hart-repositories/litmuschaos-charts.yaml b/...hart-repositories/litmuschaos-charts.yaml → ...hart-repositories/litmuschaos-charts.yaml
diff --git a/...lm-chart-repositories/openebs-charts.yaml → ...lm-chart-repositories/openebs-charts.yaml b/...lm-chart-repositories/openebs-charts.yaml → ...lm-chart-repositories/openebs-charts.yaml
diff --git a/...rt-repositories/openebs-cstor-charts.yaml → ...rt-repositories/openebs-cstor-charts.yaml b/...rt-repositories/openebs-cstor-charts.yaml → ...rt-repositories/openebs-cstor-charts.yaml
diff --git a/...m-chart-repositories/openfaas-charts.yaml → ...m-chart-repositories/openfaas-charts.yaml b/...m-chart-repositories/openfaas-charts.yaml → ...m-chart-repositories/openfaas-charts.yaml
diff --git a/...sitories/prometheus-community-charts.yaml → ...sitories/prometheus-community-charts.yaml b/...sitories/prometheus-community-charts.yaml → ...sitories/prometheus-community-charts.yaml
diff --git a/...t-repositories/sealed-secrets-charts.yaml → ...t-repositories/sealed-secrets-charts.yaml b/...t-repositories/sealed-secrets-charts.yaml → ...t-repositories/sealed-secrets-charts.yaml
diff --git a/...lm-chart-repositories/vernemq-charts.yaml → ...lm-chart-repositories/vernemq-charts.yaml b/...lm-chart-repositories/vernemq-charts.yaml → ...lm-chart-repositories/vernemq-charts.yaml
diff --git a/...elm-chart-repositories/vmware-charts.yaml → ...elm-chart-repositories/vmware-charts.yaml b/...elm-chart-repositories/vmware-charts.yaml → ...elm-chart-repositories/vmware-charts.yaml
diff --git a/...repositories/weaveworks-kured-charts.yaml → ...repositories/weaveworks-kured-charts.yaml b/...repositories/weaveworks-kured-charts.yaml → ...repositories/weaveworks-kured-charts.yaml
diff --git a/namespaces/base/flux-system/kustomization.yaml b/namespaces/base/flux-system/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - podmonitor.yaml
+  - toolkit-components.yaml
+  - webhook-receiver
diff --git a/cluster/flux-system/podmonitor.yaml → namespaces/base/flux-system/podmonitor.yaml b/cluster/flux-system/podmonitor.yaml → namespaces/base/flux-system/podmonitor.yaml
diff --git a/...ux-system/slack-notifications/alerts.yaml → ...ux-system/slack-notifications/alerts.yaml b/...ux-system/slack-notifications/alerts.yaml → ...ux-system/slack-notifications/alerts.yaml
diff --git a/namespaces/base/flux-system/slack-notifications/kustomization.yaml b/namespaces/base/flux-system/slack-notifications/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - alerts.yaml
+  - provider.yaml
+  - secret.encrypted.yaml
diff --git a/...-system/slack-notifications/provider.yaml → ...-system/slack-notifications/provider.yaml b/...-system/slack-notifications/provider.yaml → ...-system/slack-notifications/provider.yaml
diff --git a/...slack-notifications/secret.encrypted.yaml → ...slack-notifications/secret.encrypted.yaml b/...slack-notifications/secret.encrypted.yaml → ...slack-notifications/secret.encrypted.yaml
diff --git a/cluster/flux-system/toolkit-components.yaml → .../base/flux-system/toolkit-components.yaml b/cluster/flux-system/toolkit-components.yaml → .../base/flux-system/toolkit-components.yaml
diff --git a/namespaces/base/flux-system/webhook-receiver/kustomization.yaml b/namespaces/base/flux-system/webhook-receiver/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - receiver.yaml
+  - secret.encrypted.yaml
+  - virtualservice.yaml
diff --git a/...lux-system/webhook-receiver/receiver.yaml → ...lux-system/webhook-receiver/receiver.yaml b/...lux-system/webhook-receiver/receiver.yaml → ...lux-system/webhook-receiver/receiver.yaml
diff --git a/...em/webhook-receiver/secret.encrypted.yaml → ...em/webhook-receiver/secret.encrypted.yaml b/...em/webhook-receiver/secret.encrypted.yaml → ...em/webhook-receiver/secret.encrypted.yaml
diff --git a/...stem/webhook-receiver/virtualservice.yaml → ...stem/webhook-receiver/virtualservice.yaml b/...stem/webhook-receiver/virtualservice.yaml → ...stem/webhook-receiver/virtualservice.yaml
diff --git a/...system/home-assistant/home-assistant.yaml → ...me-system/home-assistant/helmrelease.yaml b/...system/home-assistant/home-assistant.yaml → ...me-system/home-assistant/helmrelease.yaml
diff --git a/namespaces/base/home-system/home-assistant/kustomization.yaml b/namespaces/base/home-system/home-assistant/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
+  - virtualservice.yaml
diff --git a/...system/home-assistant/virtualservice.yaml → ...system/home-assistant/virtualservice.yaml b/...system/home-assistant/virtualservice.yaml → ...system/home-assistant/virtualservice.yaml
diff --git a/namespaces/base/home-system/kustomization.yaml b/namespaces/base/home-system/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - namespace.yaml
+  - networkpolicy.yaml
diff --git a/cluster/home-system/mosquitto/mosquitto.yaml → ...se/home-system/mosquitto/helmrelease.yaml b/cluster/home-system/mosquitto/mosquitto.yaml → ...se/home-system/mosquitto/helmrelease.yaml
diff --git a/namespaces/base/home-system/mosquitto/kustomization.yaml b/namespaces/base/home-system/mosquitto/kustomization.yaml
@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
diff --git a/cluster/home-system/namespace.yaml → namespaces/base/home-system/namespace.yaml b/cluster/home-system/namespace.yaml → namespaces/base/home-system/namespace.yaml
diff --git a/cluster/home-system/networkpolicy.yaml → ...paces/base/home-system/networkpolicy.yaml b/cluster/home-system/networkpolicy.yaml → ...paces/base/home-system/networkpolicy.yaml
diff --git a/.../home-system/zigbee2mqtt/zigbee2mqtt.yaml → .../home-system/zigbee2mqtt/helmrelease.yaml b/.../home-system/zigbee2mqtt/zigbee2mqtt.yaml → .../home-system/zigbee2mqtt/helmrelease.yaml
diff --git a/namespaces/base/home-system/zigbee2mqtt/kustomization.yaml b/namespaces/base/home-system/zigbee2mqtt/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
+  - virtualservice.yaml
diff --git a/...me-system/zigbee2mqtt/virtualservice.yaml → ...me-system/zigbee2mqtt/virtualservice.yaml b/...me-system/zigbee2mqtt/virtualservice.yaml → ...me-system/zigbee2mqtt/virtualservice.yaml
diff --git a/...system/zigbee2mqtt/zigbee2mqtt-debug.yaml → ...system/zigbee2mqtt/zigbee2mqtt-debug.yaml b/...system/zigbee2mqtt/zigbee2mqtt-debug.yaml → ...system/zigbee2mqtt/zigbee2mqtt-debug.yaml
diff --git a/namespaces/base/istio-operator/kustomization.yaml b/namespaces/base/istio-operator/kustomization.yaml
@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - operator.yaml
diff --git a/cluster/istio-operator/operator.yaml → namespaces/base/istio-operator/operator.yaml b/cluster/istio-operator/operator.yaml → namespaces/base/istio-operator/operator.yaml
diff --git a/cluster/istio-system/README.md → namespaces/base/istio-system/README.md b/cluster/istio-system/README.md → namespaces/base/istio-system/README.md
diff --git a/cluster/istio-system/certificate.yaml → ...spaces/base/istio-system/certificate.yaml b/cluster/istio-system/certificate.yaml → ...spaces/base/istio-system/certificate.yaml
diff --git a/cluster/istio-system/envoyfilter-authn.yaml → .../base/istio-system/envoyfilter-authn.yaml b/cluster/istio-system/envoyfilter-authn.yaml → .../base/istio-system/envoyfilter-authn.yaml
diff --git a/cluster/istio-system/gateway.yaml → namespaces/base/istio-system/gateway.yaml b/cluster/istio-system/gateway.yaml → namespaces/base/istio-system/gateway.yaml
diff --git a/cluster/istio-system/istio/istio.yaml → ...spaces/base/istio-system/istio/istio.yaml b/cluster/istio-system/istio/istio.yaml → ...spaces/base/istio-system/istio/istio.yaml
diff --git a/namespaces/base/istio-system/istio/kustomization.yaml b/namespaces/base/istio-system/istio/kustomization.yaml
@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - istio.yaml
diff --git a/namespaces/base/istio-system/kustomization.yaml b/namespaces/base/istio-system/kustomization.yaml
@@ -0,0 +1,14 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - certificate.yaml
+  - envoyfilter-authn.yaml
+  - gateway.yaml
+  - namespace.yaml
+  - networkpolicy.yaml
+  - originissuer.yaml
+  - peerauthentication.yaml
+  - secret.encrypted.yaml
+  - serviceentry.yaml
+  - servicemonitor.yaml
+  - virtualservice.yaml
diff --git a/cluster/istio-system/namespace.yaml → namespaces/base/istio-system/namespace.yaml b/cluster/istio-system/namespace.yaml → namespaces/base/istio-system/namespace.yaml
diff --git a/cluster/istio-system/networkpolicy.yaml → ...aces/base/istio-system/networkpolicy.yaml b/cluster/istio-system/networkpolicy.yaml → ...aces/base/istio-system/networkpolicy.yaml
diff --git a/cluster/istio-system/originissuer.yaml → ...paces/base/istio-system/originissuer.yaml b/cluster/istio-system/originissuer.yaml → ...paces/base/istio-system/originissuer.yaml
diff --git a/cluster/istio-system/peerauthentication.yaml → ...base/istio-system/peerauthentication.yaml b/cluster/istio-system/peerauthentication.yaml → ...base/istio-system/peerauthentication.yaml
diff --git a/cluster/istio-system/secret.encrypted.yaml → ...s/base/istio-system/secret.encrypted.yaml b/cluster/istio-system/secret.encrypted.yaml → ...s/base/istio-system/secret.encrypted.yaml
diff --git a/cluster/istio-system/serviceentry.yaml → ...paces/base/istio-system/serviceentry.yaml b/cluster/istio-system/serviceentry.yaml → ...paces/base/istio-system/serviceentry.yaml
diff --git a/cluster/istio-system/servicemonitor.yaml → ...ces/base/istio-system/servicemonitor.yaml b/cluster/istio-system/servicemonitor.yaml → ...ces/base/istio-system/servicemonitor.yaml
diff --git a/cluster/istio-system/virtualservice.yaml → ...ces/base/istio-system/virtualservice.yaml b/cluster/istio-system/virtualservice.yaml → ...ces/base/istio-system/virtualservice.yaml
diff --git a/namespaces/base/kube-system/cilium/kustomization.yaml b/namespaces/base/kube-system/cilium/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - service.yaml
+  - servicemonitor.yaml
+  - virtualservice.yaml
diff --git a/cluster/kube-system/cilium/service.yaml → ...aces/base/kube-system/cilium/service.yaml b/cluster/kube-system/cilium/service.yaml → ...aces/base/kube-system/cilium/service.yaml
diff --git a/...er/kube-system/cilium/servicemonitor.yaml → ...se/kube-system/cilium/servicemonitor.yaml b/...er/kube-system/cilium/servicemonitor.yaml → ...se/kube-system/cilium/servicemonitor.yaml
diff --git a/...er/kube-system/cilium/virtualservice.yaml → ...se/kube-system/cilium/virtualservice.yaml b/...er/kube-system/cilium/virtualservice.yaml → ...se/kube-system/cilium/virtualservice.yaml
diff --git a/.../kube-system/descheduler/descheduler.yaml → .../kube-system/descheduler/helmrelease.yaml b/.../kube-system/descheduler/descheduler.yaml → .../kube-system/descheduler/helmrelease.yaml
diff --git a/namespaces/base/kube-system/descheduler/kustomization.yaml b/namespaces/base/kube-system/descheduler/kustomization.yaml
@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
diff --git a/cluster/kube-system/kured/kured.yaml → ...s/base/kube-system/kured/helmrelease.yaml b/cluster/kube-system/kured/kured.yaml → ...s/base/kube-system/kured/helmrelease.yaml
diff --git a/namespaces/base/kube-system/kured/kustomization.yaml b/namespaces/base/kube-system/kured/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
+  - servicemonitor.yaml
diff --git a/...ter/kube-system/kured/servicemonitor.yaml → ...ase/kube-system/kured/servicemonitor.yaml b/...ter/kube-system/kured/servicemonitor.yaml → ...ase/kube-system/kured/servicemonitor.yaml
diff --git a/namespaces/base/kube-system/kustomization.yaml b/namespaces/base/kube-system/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - namespace.yaml
+  - networkpolicy.yaml
diff --git a/...system/metrics-server/metrics-server.yaml → ...be-system/metrics-server/helmrelease.yaml b/...system/metrics-server/metrics-server.yaml → ...be-system/metrics-server/helmrelease.yaml
diff --git a/namespaces/base/kube-system/metrics-server/kustomization.yaml b/namespaces/base/kube-system/metrics-server/kustomization.yaml
@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
diff --git a/cluster/kube-system/namespace.yaml → namespaces/base/kube-system/namespace.yaml b/cluster/kube-system/namespace.yaml → namespaces/base/kube-system/namespace.yaml
diff --git a/cluster/kube-system/networkpolicy.yaml → ...paces/base/kube-system/networkpolicy.yaml b/cluster/kube-system/networkpolicy.yaml → ...paces/base/kube-system/networkpolicy.yaml
diff --git a/...system/sealed-secrets/sealed-secrets.yaml → ...be-system/sealed-secrets/helmrelease.yaml b/...system/sealed-secrets/sealed-secrets.yaml → ...be-system/sealed-secrets/helmrelease.yaml
@@ -4,7 +4,6 @@ kind: HelmRelease
 metadata:
   name: sealed-secrets
   namespace: kube-system
-  creationTimestamp: null
 spec:
   interval: 5m
   chart:

diff --git a/namespaces/base/kube-system/sealed-secrets/kustomization.yaml b/namespaces/base/kube-system/sealed-secrets/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
+  - servicemonitor.yaml
+  - virtualservice.yaml
diff --git a/...system/sealed-secrets/servicemonitor.yaml → ...system/sealed-secrets/servicemonitor.yaml b/...system/sealed-secrets/servicemonitor.yaml → ...system/sealed-secrets/servicemonitor.yaml
diff --git a/...system/sealed-secrets/virtualservice.yaml → ...system/sealed-secrets/virtualservice.yaml b/...system/sealed-secrets/virtualservice.yaml → ...system/sealed-secrets/virtualservice.yaml
diff --git a/cluster/litmus/litmus/litmus.yaml → namespaces/base/litmus/helmrelease.yaml b/cluster/litmus/litmus/litmus.yaml → namespaces/base/litmus/helmrelease.yaml
diff --git a/namespaces/base/litmus/kustomization.yaml b/namespaces/base/litmus/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - namespace.yaml
+  - networkpolicy.yaml
+  - helmrelease.yaml
diff --git a/cluster/litmus/namespace.yaml → namespaces/base/litmus/namespace.yaml b/cluster/litmus/namespace.yaml → namespaces/base/litmus/namespace.yaml
diff --git a/cluster/litmus/networkpolicy.yaml → namespaces/base/litmus/networkpolicy.yaml b/cluster/litmus/networkpolicy.yaml → namespaces/base/litmus/networkpolicy.yaml
diff --git a/cluster/network/README.md → namespaces/base/network/README.md b/cluster/network/README.md → namespaces/base/network/README.md
diff --git a/...work/cert-manager/clusterissuer-prod.yaml → ...work/cert-manager/clusterissuer-prod.yaml b/...work/cert-manager/clusterissuer-prod.yaml → ...work/cert-manager/clusterissuer-prod.yaml
diff --git a/...twork/cert-manager/clusterissuer-stg.yaml → ...twork/cert-manager/clusterissuer-stg.yaml b/...twork/cert-manager/clusterissuer-stg.yaml → ...twork/cert-manager/clusterissuer-stg.yaml
diff --git a/...er/network/cert-manager/cert-manager.yaml → ...ase/network/cert-manager/helmrelease.yaml b/...er/network/cert-manager/cert-manager.yaml → ...ase/network/cert-manager/helmrelease.yaml
diff --git a/namespaces/base/network/cert-manager/kustomization.yaml b/namespaces/base/network/cert-manager/kustomization.yaml
@@ -0,0 +1,8 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
+  - servicemonitor.yaml
+  - secret.encrypted.yaml
+  - clusterissuer-prod.yaml
+  - clusterissuer-stg.yaml
diff --git a/...etwork/cert-manager/secret.encrypted.yaml → ...etwork/cert-manager/secret.encrypted.yaml b/...etwork/cert-manager/secret.encrypted.yaml → ...etwork/cert-manager/secret.encrypted.yaml
diff --git a/.../network/cert-manager/servicemonitor.yaml → .../network/cert-manager/servicemonitor.yaml b/.../network/cert-manager/servicemonitor.yaml → .../network/cert-manager/servicemonitor.yaml
diff --git a/...r/network/cloudflare-ddns/deployment.yaml → ...e/network/cloudflare-ddns/deployment.yaml b/...r/network/cloudflare-ddns/deployment.yaml → ...e/network/cloudflare-ddns/deployment.yaml
diff --git a/namespaces/base/network/cloudflare-ddns/kustomization.yaml b/namespaces/base/network/cloudflare-ddns/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - deployment.yaml
+  - secret.encrypted.yaml
diff --git a/...ork/cloudflare-ddns/secret.encrypted.yaml → ...ork/cloudflare-ddns/secret.encrypted.yaml b/...ork/cloudflare-ddns/secret.encrypted.yaml → ...ork/cloudflare-ddns/secret.encrypted.yaml
diff --git a/cluster/network/coredns/coredns-debug.yaml → ...s/base/network/coredns/coredns-debug.yaml b/cluster/network/coredns/coredns-debug.yaml → ...s/base/network/coredns/coredns-debug.yaml
diff --git a/cluster/network/coredns/coredns.yaml → ...ces/base/network/coredns/helmrelease.yaml b/cluster/network/coredns/coredns.yaml → ...ces/base/network/coredns/helmrelease.yaml
diff --git a/namespaces/base/network/coredns/kustomization.yaml b/namespaces/base/network/coredns/kustomization.yaml
@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
diff --git a/cluster/network/dex/README.md → namespaces/base/network/dex/README.md b/cluster/network/dex/README.md → namespaces/base/network/dex/README.md
diff --git a/cluster/network/dex/dex.yaml → namespaces/base/network/dex/helmrelease.yaml b/cluster/network/dex/dex.yaml → namespaces/base/network/dex/helmrelease.yaml
diff --git a/namespaces/base/network/dex/kustomization.yaml b/namespaces/base/network/dex/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
+  - secret.encrypted.yaml
+  - virtualservice.yaml
diff --git a/cluster/network/dex/secret.encrypted.yaml → ...es/base/network/dex/secret.encrypted.yaml b/cluster/network/dex/secret.encrypted.yaml → ...es/base/network/dex/secret.encrypted.yaml
diff --git a/cluster/network/dex/virtualservice.yaml → ...aces/base/network/dex/virtualservice.yaml b/cluster/network/dex/virtualservice.yaml → ...aces/base/network/dex/virtualservice.yaml
diff --git a/...er/network/external-dns/external-dns.yaml → ...ase/network/external-dns/helmrelease.yaml b/...er/network/external-dns/external-dns.yaml → ...ase/network/external-dns/helmrelease.yaml
diff --git a/namespaces/base/network/external-dns/kustomization.yaml b/namespaces/base/network/external-dns/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
+  - secret.encrypted.yaml
+  - servicemonitor.yaml
diff --git a/...etwork/external-dns/secret.encrypted.yaml → ...etwork/external-dns/secret.encrypted.yaml b/...etwork/external-dns/secret.encrypted.yaml → ...etwork/external-dns/secret.encrypted.yaml
diff --git a/.../network/external-dns/servicemonitor.yaml → .../network/external-dns/servicemonitor.yaml b/.../network/external-dns/servicemonitor.yaml → .../network/external-dns/servicemonitor.yaml
diff --git a/namespaces/base/network/kustomization.yaml b/namespaces/base/network/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - namespace.yaml
+  - networkpolicy.yaml
diff --git a/cluster/network/metallb/metallb.yaml → ...ces/base/network/metallb/helmrelease.yaml b/cluster/network/metallb/metallb.yaml → ...ces/base/network/metallb/helmrelease.yaml
diff --git a/namespaces/base/network/metallb/kustomization.yaml b/namespaces/base/network/metallb/kustomization.yaml
@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
diff --git a/cluster/network/namespace.yaml → namespaces/base/network/namespace.yaml b/cluster/network/namespace.yaml → namespaces/base/network/namespace.yaml
diff --git a/cluster/network/networkpolicy.yaml → namespaces/base/network/networkpolicy.yaml b/cluster/network/networkpolicy.yaml → namespaces/base/network/networkpolicy.yaml
diff --git a/...ure-discovery/node-feature-discovery.yaml → ...k/node-feature-discovery/helmrelease.yaml b/...ure-discovery/node-feature-discovery.yaml → ...k/node-feature-discovery/helmrelease.yaml
diff --git a/namespaces/base/network/node-feature-discovery/kustomization.yaml b/namespaces/base/network/node-feature-discovery/kustomization.yaml
@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
diff --git a/...er/network/oauth2-proxy/oauth2-proxy.yaml → ...ase/network/oauth2-proxy/helmrelease.yaml b/...er/network/oauth2-proxy/oauth2-proxy.yaml → ...ase/network/oauth2-proxy/helmrelease.yaml
diff --git a/namespaces/base/network/oauth2-proxy/kustomization.yaml b/namespaces/base/network/oauth2-proxy/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
+  - secret.encrypted.yaml
+  - virtualservice.yaml
diff --git a/...etwork/oauth2-proxy/secret.encrypted.yaml → ...etwork/oauth2-proxy/secret.encrypted.yaml b/...etwork/oauth2-proxy/secret.encrypted.yaml → ...etwork/oauth2-proxy/secret.encrypted.yaml
diff --git a/.../network/oauth2-proxy/virtualservice.yaml → .../network/oauth2-proxy/virtualservice.yaml b/.../network/oauth2-proxy/virtualservice.yaml → .../network/oauth2-proxy/virtualservice.yaml
diff --git a/cluster/network/origin-ca-issuer/README.md → ...s/base/network/origin-ca-issuer/README.md b/cluster/network/origin-ca-issuer/README.md → ...s/base/network/origin-ca-issuer/README.md
diff --git a/...network/origin-ca-issuer/clusterrole.yaml → ...network/origin-ca-issuer/clusterrole.yaml b/...network/origin-ca-issuer/clusterrole.yaml → ...network/origin-ca-issuer/clusterrole.yaml
diff --git a/.../origin-ca-issuer/clusterrolebinding.yaml → .../origin-ca-issuer/clusterrolebinding.yaml b/.../origin-ca-issuer/clusterrolebinding.yaml → .../origin-ca-issuer/clusterrolebinding.yaml
diff --git a/...n-ca-issuer/customresourcedefinition.yaml → ...n-ca-issuer/customresourcedefinition.yaml b/...n-ca-issuer/customresourcedefinition.yaml → ...n-ca-issuer/customresourcedefinition.yaml
diff --git a/.../network/origin-ca-issuer/deployment.yaml → .../network/origin-ca-issuer/deployment.yaml b/.../network/origin-ca-issuer/deployment.yaml → .../network/origin-ca-issuer/deployment.yaml
diff --git a/namespaces/base/network/origin-ca-issuer/kustomization.yaml b/namespaces/base/network/origin-ca-issuer/kustomization.yaml
@@ -0,0 +1,8 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - deployment.yaml
+  - clusterrole.yaml
+  - clusterrolebinding.yaml
+  - customresourcedefinition.yaml
+  - serviceaccount.yaml
diff --git a/...work/origin-ca-issuer/serviceaccount.yaml → ...work/origin-ca-issuer/serviceaccount.yaml b/...work/origin-ca-issuer/serviceaccount.yaml → ...work/origin-ca-issuer/serviceaccount.yaml
diff --git a/cluster/observability/README.md → namespaces/base/observability/README.md b/cluster/observability/README.md → namespaces/base/observability/README.md
diff --git a/...ter/observability/kiali/kiali-server.yaml → ...base/observability/kiali/helmrelease.yaml b/...ter/observability/kiali/kiali-server.yaml → ...base/observability/kiali/helmrelease.yaml
diff --git a/namespaces/base/observability/kiali/kustomization.yaml b/namespaces/base/observability/kiali/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
+  - virtualservice.yaml
diff --git a/...r/observability/kiali/virtualservice.yaml → ...e/observability/kiali/virtualservice.yaml b/...r/observability/kiali/virtualservice.yaml → ...e/observability/kiali/virtualservice.yaml
diff --git a/...ometheus-stack/kube-prometheus-stack.yaml → ...ty/kube-prometheus-stack/helmrelease.yaml b/...ometheus-stack/kube-prometheus-stack.yaml → ...ty/kube-prometheus-stack/helmrelease.yaml
diff --git a/namespaces/base/observability/kube-prometheus-stack/kustomization.yaml b/namespaces/base/observability/kube-prometheus-stack/kustomization.yaml
@@ -0,0 +1,8 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
+  - secret.encrypted.yaml
+  - secret.encrypted-grafana.yaml
+  - secret.oauth2.encrypted.yaml
+  - virtualservice.yaml
diff --git a/...theus-stack/secret.encrypted-grafana.yaml → ...theus-stack/secret.encrypted-grafana.yaml b/...theus-stack/secret.encrypted-grafana.yaml → ...theus-stack/secret.encrypted-grafana.yaml
diff --git a/...be-prometheus-stack/secret.encrypted.yaml → ...be-prometheus-stack/secret.encrypted.yaml b/...be-prometheus-stack/secret.encrypted.yaml → ...be-prometheus-stack/secret.encrypted.yaml
diff --git a/...etheus-stack/secret.oauth2.encrypted.yaml → ...etheus-stack/secret.oauth2.encrypted.yaml b/...etheus-stack/secret.oauth2.encrypted.yaml → ...etheus-stack/secret.oauth2.encrypted.yaml
diff --git a/...kube-prometheus-stack/virtualservice.yaml → ...kube-prometheus-stack/virtualservice.yaml b/...kube-prometheus-stack/virtualservice.yaml → ...kube-prometheus-stack/virtualservice.yaml
diff --git a/namespaces/base/observability/kustomization.yaml b/namespaces/base/observability/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - namespace.yaml
+  - networkpolicy.yaml
diff --git a/.../observability/loki-stack/loki-stack.yaml → ...observability/loki-stack/helmrelease.yaml b/.../observability/loki-stack/loki-stack.yaml → ...observability/loki-stack/helmrelease.yaml
diff --git a/namespaces/base/observability/loki-stack/kustomization.yaml b/namespaces/base/observability/loki-stack/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
+  - servicemonitor.yaml
diff --git a/...ervability/loki-stack/servicemonitor.yaml → ...ervability/loki-stack/servicemonitor.yaml b/...ervability/loki-stack/servicemonitor.yaml → ...ervability/loki-stack/servicemonitor.yaml
diff --git a/cluster/observability/namespace.yaml → namespaces/base/observability/namespace.yaml b/cluster/observability/namespace.yaml → namespaces/base/observability/namespace.yaml
diff --git a/cluster/observability/networkpolicy.yaml → ...ces/base/observability/networkpolicy.yaml b/cluster/observability/networkpolicy.yaml → ...ces/base/observability/networkpolicy.yaml
diff --git a/...er/observability/speedtest/speedtest.yaml → .../observability/speedtest/helmrelease.yaml b/...er/observability/speedtest/speedtest.yaml → .../observability/speedtest/helmrelease.yaml
diff --git a/namespaces/base/observability/speedtest/kustomization.yaml b/namespaces/base/observability/speedtest/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
+  - servicemonitor.yaml
diff --git a/...servability/speedtest/servicemonitor.yaml → ...servability/speedtest/servicemonitor.yaml b/...servability/speedtest/servicemonitor.yaml → ...servability/speedtest/servicemonitor.yaml
diff --git a/cluster/observability/thanos/thanos.yaml → ...ase/observability/thanos/helmrelease.yaml b/cluster/observability/thanos/thanos.yaml → ...ase/observability/thanos/helmrelease.yaml
diff --git a/namespaces/base/observability/thanos/kustomization.yaml b/namespaces/base/observability/thanos/kustomization.yaml
@@ -0,0 +1,7 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
+  - secret.encrypted.yaml
+  - servicemonitor.yaml
+  - virtualservice.yaml
diff --git a/...bservability/thanos/secret.encrypted.yaml → ...bservability/thanos/secret.encrypted.yaml b/...bservability/thanos/secret.encrypted.yaml → ...bservability/thanos/secret.encrypted.yaml
diff --git a/.../observability/thanos/servicemonitor.yaml → .../observability/thanos/servicemonitor.yaml b/.../observability/thanos/servicemonitor.yaml → .../observability/thanos/servicemonitor.yaml
diff --git a/.../observability/thanos/virtualservice.yaml → .../observability/thanos/virtualservice.yaml b/.../observability/thanos/virtualservice.yaml → .../observability/thanos/virtualservice.yaml
diff --git a/namespaces/base/openfaas-fn/kustomization.yaml b/namespaces/base/openfaas-fn/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - namespace.yaml
+  - networkpolicy.yaml
diff --git a/cluster/openfaas-fn/namespace.yaml → namespaces/base/openfaas-fn/namespace.yaml b/cluster/openfaas-fn/namespace.yaml → namespaces/base/openfaas-fn/namespace.yaml
diff --git a/cluster/openfaas-fn/networkpolicy.yaml → ...paces/base/openfaas-fn/networkpolicy.yaml b/cluster/openfaas-fn/networkpolicy.yaml → ...paces/base/openfaas-fn/networkpolicy.yaml
diff --git a/cluster/openfaas/README.md → namespaces/base/openfaas/README.md b/cluster/openfaas/README.md → namespaces/base/openfaas/README.md
diff --git a/namespaces/base/openfaas/kustomization.yaml b/namespaces/base/openfaas/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - namespace.yaml
+  - networkpolicy.yaml
diff --git a/cluster/openfaas/namespace.yaml → namespaces/base/openfaas/namespace.yaml b/cluster/openfaas/namespace.yaml → namespaces/base/openfaas/namespace.yaml
diff --git a/cluster/openfaas/networkpolicy.yaml → namespaces/base/openfaas/networkpolicy.yaml b/cluster/openfaas/networkpolicy.yaml → namespaces/base/openfaas/networkpolicy.yaml
diff --git a/cluster/openfaas/openfaas/openfaas.yaml → ...s/base/openfaas/openfaas/helmrelease.yaml b/cluster/openfaas/openfaas/openfaas.yaml → ...s/base/openfaas/openfaas/helmrelease.yaml
diff --git a/namespaces/base/openfaas/openfaas/kustomization.yaml b/namespaces/base/openfaas/openfaas/kustomization.yaml
@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
diff --git a/cluster/security/README.md → namespaces/base/security/README.md b/cluster/security/README.md → namespaces/base/security/README.md
diff --git a/cluster/security/gatekeeper/gatekeeper.yaml → ...base/security/gatekeeper/helmrelease.yaml b/cluster/security/gatekeeper/gatekeeper.yaml → ...base/security/gatekeeper/helmrelease.yaml
diff --git a/namespaces/base/security/gatekeeper/kustomization.yaml b/namespaces/base/security/gatekeeper/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrelease.yaml
+  - podmonitor.yaml
diff --git a/cluster/security/gatekeeper/podmonitor.yaml → .../base/security/gatekeeper/podmonitor.yaml b/cluster/security/gatekeeper/podmonitor.yaml → .../base/security/gatekeeper/podmonitor.yaml
diff --git a/namespaces/base/security/kustomization.yaml b/namespaces/base/security/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - namespace.yaml
+  - networkpolicy.yaml
diff --git a/cluster/security/namespace.yaml → namespaces/base/security/namespace.yaml b/cluster/security/namespace.yaml → namespaces/base/security/namespace.yaml
diff --git a/cluster/security/networkpolicy.yaml → namespaces/base/security/networkpolicy.yaml b/cluster/security/networkpolicy.yaml → namespaces/base/security/networkpolicy.yaml
diff --git a/cluster/storage/openebs/README.md → namespaces/base/storage/openebs/README.md b/cluster/storage/openebs/README.md → namespaces/base/storage/openebs/README.md
diff --git a/cluster/storage/openebs/cstor-pool.yaml → ...aces/base/storage/openebs/cstor-pool.yaml b/cluster/storage/openebs/cstor-pool.yaml → ...aces/base/storage/openebs/cstor-pool.yaml
diff --git a/cluster/storage/openebs/cstor.yaml → ...ces/base/storage/openebs/helmrelease.yaml b/cluster/storage/openebs/cstor.yaml → ...ces/base/storage/openebs/helmrelease.yaml