feat: new repo structure to support kubernetes resources (#2)

* feat: new repo structure to support kubernetes resources

* adding bookmarks

* adressing comments

README.md

@@ -2,32 +2,33 @@
 
 A repository that includes YAML manifests. Manifests can define GCP resources in `config connector` format or the Kubernetes components and resources. Refer to this repo for additionnal information. TODO: add link
 
+- The `/*/configcontroller` folder is where GCP resources are defined using their `config connector` schema.
+- The `/*/kubernetes/<x-fleet-id>/**/<namespace>` folder is where resources that have to be provisionned in a kubernetes `namespace` are defined. The `x-fleet-id` is the GCP project-id where the kubernetes clusters are deployed with character "x" as the environment code because this folder will contain the configuration for all environments.
+
+  The GKE clusters are joined to an [Anthos Fleet](https://cloud.google.com/anthos/fleet-management/docs). This enables Anthos policy controller, Anthos config management and Anthos service mesh(future).
+
 ## csync
 
 The `/csync` contains the configuration for what the ConfigSync operator should be observing. For example, It is within this configuration that you specify the `repo url`, the `folder`, the `branch` and the `tag`.
 
-Contributing:
+### Contributing
 
 - Any modification should be implemented within the `source-customization` folder.
 
 ## tier2
 
 The `/tier2` folder is where the client resources that enables the underneath structure to work. This functionality is also known as the `client` landing zone.
 
-Contributing:
+### Contributing
 
 - Any modification should be implemented within the `source-customization` folder.
 
-## Permissions
+### Permissions
 
 A pull request affecting `/*` will include the Platform admin as required reviewers.
 
-## Tags
-
-Tags are generated only when changes are affecting the `/tier2` folder. This functionality is possible because of the `version-tagging` pipeline.
-
-The tags will be created by that pipeline job after commits are merge to the `main` branch.
+## Branch Protection
 
-### **IMPORTANT**
+The main branch of this repository is protected meaning that pushing a new commit to it will be denied. To implement changes, A Pull Request has to be completed.
 
-We recommend using those tags in the `setters-version.yaml` under the `/csync/source-customization` folder to define what has to be observed by the configsync operator.
+Every other branches configured to be observed by ConfigSync will also have a branch protection rule defined.

csync/tier2/configcontroller/csync-tier2-ctlr.md

@@ -0,0 +1,3 @@
+# Bookmark
+
+A simple bookmark to help you identify the parent folders

csync/source-base/root-sync-git/Kptfile → csync/tier2/configcontroller/source-base/root-sync-git/Kptfile

@@ -7,7 +7,7 @@ metadata:
 info:
   description: |
     Landing Zone v2 package
-    A package to setup a git repository root sync
+    A package to setup a t2 git repository root sync
 pipeline:
   mutators:
     - image: gcr.io/kpt-fn/apply-setters:v0.2

csync/source-base/root-sync-git/root-sync-git.yaml → csync/tier2/configcontroller/source-base/root-sync-git/root-sync-git.yaml

@@ -2,14 +2,14 @@
 apiVersion: configsync.gke.io/v1beta1
 kind: RootSync
 metadata:
-  name: id-folder # kpt-set: ${id}-${folder}
+  name: id-t2 # kpt-set: ${id}-t2
   namespace: config-management-system
 spec:
   sourceFormat: unstructured
   git:
     repo: https://AZDO-ORG@dev.azure.com/AZDO-ORG/AZDO-PROJECT/_git/REPO-NAME # kpt-set: ${repo-url}
     branch: main # kpt-set: ${repo-branch}
-    dir: deploy/env # kpt-set: ${repo-dir}
+    dir: tier2/configcontroller/deploy/<env> # kpt-set: ${repo-dir}
     revision: HEAD # kpt-set: ${version}
     auth: token
     secretRef:

csync/source-customization/preprod/root-sync-git/setters.yaml → csync/tier2/configcontroller/source-base/root-sync-git/setters.yaml

@@ -6,17 +6,11 @@ metadata:
     config.kubernetes.io/local-config: 'true'
 data:
   # Used for naming of the root-sync
-  ## id :
-  ### tier1: 'experimentation' or 'env'
-	### tier2: [client-name]
-	### tier34: [project-id] (we replace environment code with “x”)
-  id: client-name
-  ## Folder: 'csync' or 'tier1' or 'tier2'
-  ## 'tier3' or 'tier4' are used only with RepoSync
-  folder: tier2
+  ## id is the client-name
+  id: <client-name>
 
   # Git repo values
   repo-url: https://AZDO-ORG@dev.azure.com/AZDO-ORG/AZDO-PROJECT/_git/REPO-NAME
   # repo-url: https://github.com/GITHUB-ORG/REPO-NAME # Alternate, GitHub
   repo-branch: main
-  repo-dir: tier2/deploy/preprod
+  repo-dir: tier2/configcontroller/deploy/<env>

csync/source-base/root-sync-git/setters.yaml → csync/tier2/configcontroller/source-customization/dev/root-sync-git/setters.yaml

@@ -6,17 +6,11 @@ metadata:
     config.kubernetes.io/local-config: 'true'
 data:
   # Used for naming of the root-sync
-  ## id :
-  ### tier1: 'experimentation' or 'env'
-	### tier2: [client-name]
-	### tier34: [project-id] (we replace environment code with “x”)
+  ## id is the client-name
   id: client-name
-  ## Folder: 'csync' or 'tier1' or 'tier2'
-  ## 'tier3' or 'tier4' are used only with RepoSync
-  folder: tier2
 
   # Git repo values
   repo-url: https://AZDO-ORG@dev.azure.com/AZDO-ORG/AZDO-PROJECT/_git/REPO-NAME
   # repo-url: https://github.com/GITHUB-ORG/REPO-NAME # Alternate, GitHub
   repo-branch: main
-  repo-dir: tier2/deploy/env
+  repo-dir: tier2/configcontroller/deploy/dev

csync/source-customization/dev/root-sync-git/setters.yaml → csync/tier2/configcontroller/source-customization/preprod/root-sync-git/setters.yaml

@@ -6,17 +6,11 @@ metadata:
     config.kubernetes.io/local-config: 'true'
 data:
   # Used for naming of the root-sync
-  ## id :
-  ### tier1: 'experimentation' or 'env'
-	### tier2: [client-name]
-	### tier34: [project-id] (we replace environment code with “x”)
+  ## id is the client-name
   id: client-name
-  ## Folder: 'csync' or 'tier1' or 'tier2'
-  ## 'tier3' or 'tier4' are used only with RepoSync
-  folder: tier2
 
   # Git repo values
   repo-url: https://AZDO-ORG@dev.azure.com/AZDO-ORG/AZDO-PROJECT/_git/REPO-NAME
   # repo-url: https://github.com/GITHUB-ORG/REPO-NAME # Alternate, GitHub
   repo-branch: main
-  repo-dir: tier2/deploy/dev
+  repo-dir: tier2/configcontroller/deploy/preprod

csync/source-customization/prod/root-sync-git/setters.yaml → csync/tier2/configcontroller/source-customization/prod/root-sync-git/setters.yaml

@@ -6,17 +6,11 @@ metadata:
     config.kubernetes.io/local-config: 'true'
 data:
   # Used for naming of the root-sync
-  ## id :
-  ### tier1: 'experimentation' or 'env'
-	### tier2: [client-name]
-	### tier34: [project-id] (we replace environment code with “x”)
+  ## id is the client-name
   id: client-name
-  ## Folder: 'csync' or 'tier1' or 'tier2'
-  ## 'tier3' or 'tier4' are used only with RepoSync
-  folder: tier2
 
   # Git repo values
   repo-url: https://AZDO-ORG@dev.azure.com/AZDO-ORG/AZDO-PROJECT/_git/REPO-NAME
   # repo-url: https://github.com/GITHUB-ORG/REPO-NAME # Alternate, GitHub
   repo-branch: main
-  repo-dir: tier2/deploy/prod
+  repo-dir: tier2/configcontroller/deploy/prod

tier2/configcontroller/tier2-ctlr.md

@@ -0,0 +1,3 @@
+# Bookmark
+
+A simple bookmark to help you identify the parent folders